15 Jul
2007
15 Jul
'07
7:48 a.m.
On Jul 15, 2007, at 6:59 AM, Hallvard B Furuseth wrote:
Pierangelo Masarati writes:
AFAIK, the attribute and so is recognized, but it's not implemented (nor won't, as it is no longer needed).
If it's no longer needed - what has changed?
The technical needs haven't changed. Folks now seem to be finally getting that they have a choice between: a) stronger (than PLAIN) authentication mechanisms (e.g., DIGEST-MD5, SCRAM, YAP, SRP, etc.) (and a single clear text password) or b) PLAIN.
I thought it was invented because the existing scheme of '{hash method}' in userPassword broke the LDAP standard. Which it still does. Not that six years of none of us bothering to implement RFC 3112 gives much hope of that changing.
-- Regards, Hallvard