[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Antw: Re: Openldap support SHA-256 or SHA-3.

To: <quanah@symas.com>
Subject: Re: Antw: Re: Openldap support SHA-256 or SHA-3.
From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>
Date: Wed, 15 Jan 2020 08:00:38 +0100
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <AF994E73E7CA71E6735A3267@[192.168.1.144]>
References: <CALm_Vjh4vgOBu8kZrJzRheAyqbZVL0OoE-nRAvc1z+nb-Eow9Q@mail.gmail. com> <67753E9A5A2A2945F035E0CC@192.168.1.144> <CALm_Vji=Mok7kkZ96+EEAu_Osw0rVjBANBrdejKFs=fEr--3HQ@mail.gmail.com> <1C6038D9E08BE216B90B3FF4@[192.168.1.144]> <7209ad32-c522-bc3e-e863-a5ff72c18e8b@stroeder.com> <7180359711BF1270F919BD53@[192.168.1.144]> <930e4cf3-240f-155e-1cbc-c74f68b9ba3e@stroeder.com> <CABms+Yrhi7PkwV2z99T5W3i6D2jpbo8s8=GESTLYyXb5mh8jdg@mail.gmail.com> <5E1C4F5D020000A1000363EE@gwsmtp.uni-regensburg.de> <071D2235949B1A9339670C6A@[192.168.1.144]> <5E1D76E8020000A1000364BB@gwsmtp.uni-regensburg.de> <AF994E73E7CA71E6735A3267@[192.168.1.144]>

>>> Quanah Gibson-Mount <quanah@symas.com> schrieb am 14.01.2020 um 17:01 in
Nachricht <AF994E73E7CA71E6735A3267@[192.168.1.144]>:

> 
> ‑‑On Tuesday, January 14, 2020 9:08 AM +0100 Ulrich Windl 
> <Ulrich.Windl@rz.uni‑regensburg.de> wrote:
>>> The OS is completely and utterly irrelvant to the discussion. It has no
>>> knowledge of the internal hashing mechanism used by OpenLDAP.
>>
>> So you are assuming all systems are using the extended operation to
>> authenticate? Acually I've see code that reads the LDAP user's password
>> and then "combines" that with a password the user has entered.
>> In the former case the password encoding matters. I'm not saying the
>> pattern is good, but I've seen it.
> 
> Then the application is dependent on clear text passwords, not hashed 
> passwords, and again is irrelevant to this discussion.

If it were cleartext, there would not be issues with the hash algorithm used
IMHO.
No, we were talking about SSHA and sucessors.


> 
> ‑‑Quanah
> 
> 
> ‑‑
> 
> Quanah Gibson‑Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>

Follow-Ups:
- Re: Antw: Re: Openldap support SHA-256 or SHA-3.
  - From: Quanah Gibson-Mount <quanah@symas.com>

References:
- Re: Openldap support SHA-256 or SHA-3.
  - From: Quanah Gibson-Mount <quanah@symas.com>
- Re: Openldap support SHA-256 or SHA-3.
  - From: Michael Ströder <michael@stroeder.com>
- Re: Openldap support SHA-256 or SHA-3.
  - From: Quanah Gibson-Mount <quanah@symas.com>
- Re: Openldap support SHA-256 or SHA-3.
  - From: Michael Ströder <michael@stroeder.com>
- Re: Openldap support SHA-256 or SHA-3.
  - From: Giuseppe De Marco <giuseppe.demarco@unical.it>
- Antw: Re: Openldap support SHA-256 or SHA-3.
  - From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>
- Re: Antw: Re: Openldap support SHA-256 or SHA-3.
  - From: Quanah Gibson-Mount <quanah@symas.com>
- Re: Antw: Re: Openldap support SHA-256 or SHA-3.
  - From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>
- Re: Antw: Re: Openldap support SHA-256 or SHA-3.
  - From: Quanah Gibson-Mount <quanah@symas.com>

Prev by Date: Re: Segmentation Fault on ldap_chain_op
Next by Date: Re: Antw: Re: Openldap support SHA-256 or SHA-3.
Index(es):
- Chronological
- Thread