[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP DIGEST-MD5 changes in security?



Hi people,

Probably have a simple question. I have set up my openldap-servers-2.1.30-2.1010mdk server using sasl2-digest-md5 and everything is going along swimmingly.

However some significant change seems to have occured. In previous versions I was under the impression that when running the above setup that passwords in clear text were needed. I have my passwords in md5 crypts and they are working perfectly while definitely using the digest-md5 authentication.

I am not complaining at all, I just want to know if this is what is expected or does it point to a security flaw in my setup?

The manual still says to do the setup with clear text. I am not upto date on all the latest openldap developments.

Cheers,

Ben

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/