> Putting the password over the wire is always a bad idea. If there were no downside to challenge-response, I'd agree. But if the price is storing my passwords unhashed, I'm not willing to pay it. All my sites use MD5 or SHA hashing, which OpenLDAP supports. > Maybe I'm a dork for buying into Kerb, but hey, I'm sold, sue me. Sasl > seems like the best way to abstract kerb out to LDAP, cyrus, etc. Kerberos is the gold standard, I can't disagree there. But if Kerberos abstraction is your only metric for a security layer, why not just have everyone compile in libkrb and forget about the security layer alltogether? :-) > To be fair, I said that. Apologies, Birger.
- Re: LDAP accounts for Cyrus patch questions Michael Bartosh
- Re: LDAP accounts for Cyrus patch questions Birger Toedtmann
- Re: LDAP accounts for Cyrus patch questions Kervin Pierre
- Re: LDAP accounts for Cyrus patch questions David Wright
- Re: LDAP accounts for Cyrus patch questions Birger Toedtmann
- Re: LDAP accounts for Cyrus patch questions David Wright
- Re: LDAP accounts for Cyrus patch questions Birger Toedtmann
- Re: LDAP accounts for Cyrus patch questions Birger Toedtmann
- Re: LDAP accounts for Cyrus patch questions Birger Toedtmann
- Re: LDAP accounts for Cyrus patch questions Michael Bartosh
- Re: LDAP accounts for Cyrus patch questions David Wright
- Re: LDAP accounts for Cyrus patch questions Michael Bartosh
- Re: LDAP accounts for Cyrus patch questions Rob Siemborski
- Re: LDAP accounts for Cyrus patch questions simon
- Re: LDAP accounts for Cyrus patch questions Rob Siemborski
- Re: LDAP accounts for Cyrus patch questions simon
- Re: LDAP accounts for Cyrus patch questions Rob Siemborski
- Re: LDAP accounts for Cyrus patch questions Igor Brezac
- Re: LDAP accounts for Cyrus patch questions Rob Siemborski
- Re: LDAP accounts for Cyrus patch questions Igor Brezac
- Re: LDAP accounts for Cyrus patch questions Rob Siemborski
