On Jul 15, 2007, at 6:59 AM, Hallvard B Furuseth wrote:
Pierangelo Masarati writes:
> AFAIK, the attribute and so is recognized, but it's not implemented
> (nor won't, as it is no longer needed).
If it's no longer needed - what has changed?
The technical needs haven't changed. Folks now seem to be finally
getting
that they have a choice between: a) stronger (than PLAIN)
authentication mechanisms
(e.g., DIGEST-MD5, SCRAM, YAP, SRP, etc.) (and a single clear text
password)
or b) PLAIN.
I thought it was invented
because the existing scheme of '{hash method}' in userPassword
broke the
LDAP standard. Which it still does. Not that six years of none of us
bothering to implement RFC 3112 gives much hope of that changing.
--
Regards,
Hallvard