[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: Preannounce: Kroupware Project started
From: Marc Mutz <Marc.Mutz () uni-bielefeld ! de>
Date: 2002-09-11 17:54:28
[Download RAW message or body]
On Wednesday 11 September 2002 14:25, Tim Jansen wrote:
> On Wednesday 11 September 2002 03:08, Martin Konold wrote:
> > We are going to authenticate against LDAP with regards to the IMAP
> > and the SMTP operations. In addition we use SSL/TLS for the
> > transport security.
>
> Doesnt that mean that the LDAP server must store all password in
> unencrypted form, and that all servers that use the passwords must
> have sufficient rights to read them? Otherwise you can implement
> neither plaintext password authentication nor challenge/respond
> passwords, only signature-based authentication.
No, there's a mode for LDAP entries where you can write, but not read.
Instead, you can compare with a given string. The passwords themselves
can be (and usually are) stored as e.g. MD5 hash values.
Marc
--
If free-software authors lose the right to disclaim all warranties and
find themselves getting sued over the performance of the programs
they've written, they'll stop contributing free software to the world.
-- Bruce Perens: Open Sources: Voices from the Open Source Revolution
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic