Quanah Gibson-Mount wrote: > --On Wednesday, January 16, 2013 7:39 AM +0100 Michael StrÃder > <michael@stroeder.com> wrote: > >> Quanah Gibson-Mount wrote: >>> --On Tuesday, January 15, 2013 2:35 PM -0800 Ori Bani >>> <oribani@gmail.com> wrote: >>>> Why hasn't the sha2 module been migrated out of the >>>> contrib directory >>> >>> The "core" of OpenLDAP tries to be as RFC compliant as possible. There >>> is no RFC that I'm aware of that adds SHA2 support. >> >> Sorry, this is an artificial argument which is simply not valid! >> >> Can you tell me which RFC specifies how to handle LANMAN hashes >> (--enable-lmpasswd)? There are plenty similar examples... > > OpenLDAP, like many software projects that have existed for numerous years, > has grown in its development practices. Just because something was done > incorrectly in the past is not a reason to continue doing so. I expected this answer but not that SHA-2 userPassword hashes are mainstream in other LDAP server and client implementations for quite a while now. > Feel free to port lanman hashes to a contrib module. That's not my goal and you know that. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature