IETF Logo Mail Archive

Re: [ldapext] Any implementations using userPassword;hash-scheme?

Michael Ströder <michael@stroeder.com> Tue, 29 January 2013 08:05 UTC

Return-Path: <michael@stroeder.com>
X-Original-To: ldapext@ietfa.amsl.com
Delivered-To: ldapext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B66F921F89E1 for <ldapext@ietfa.amsl.com>; Tue, 29 Jan 2013 00:05:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.299
X-Spam-Level:
X-Spam-Status: No, score=-3.299 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id blnB+q8fEDjk for <ldapext@ietfa.amsl.com>; Tue, 29 Jan 2013 00:05:03 -0800 (PST)
Received: from srv1.stroeder.com (srv1.stroeder.com [213.240.180.113]) by ietfa.amsl.com (Postfix) with ESMTP id A349921F890E for <ldapext@ietf.org>; Tue, 29 Jan 2013 00:05:02 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by srv1.stroeder.com (Postfix) with ESMTP id 1A0B96020E; Tue, 29 Jan 2013 09:05:00 +0100 (CET)
X-Virus-Scanned: amavisd-new at stroeder.com
Received: from srv1.stroeder.com ([127.0.0.1]) by localhost (srv1.stroeder.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hn7E7kz0pM_7; Tue, 29 Jan 2013 09:04:56 +0100 (CET)
Received: from [10.1.0.2] (unknown [10.1.0.2]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by srv1.stroeder.com (Postfix) with ESMTPS id 9909F6018A; Tue, 29 Jan 2013 08:04:55 +0000 (UTC)
Message-ID: <510782A6.7050209@stroeder.com>
Date: Tue, 29 Jan 2013 09:04:54 +0100
From: Michael Ströder <michael@stroeder.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0 SeaMonkey/2.15.1
MIME-Version: 1.0
To: Andrew Sciberras <andrew.sciberras@eb2bcom.com>
References: <5103F924.2070800@stroeder.com> <CABBgLkcnK7WfthFOBD5Esfz+g1izcKoGgtxzKKDntc0i=E7LOQ@mail.gmail.com>
In-Reply-To: <CABBgLkcnK7WfthFOBD5Esfz+g1izcKoGgtxzKKDntc0i=E7LOQ@mail.gmail.com>
X-Enigmail-Version: 1.5
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="------------ms010307050600020805030205"
Cc: "ldap@umich.edu" <ldap@umich.edu>, ldapext <ldapext@ietf.org>
Subject: Re: [ldapext] Any implementations using userPassword;hash-scheme?
X-BeenThere: ldapext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: LDAP Extension Working Group <ldapext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ldapext>, <mailto:ldapext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ldapext>
List-Post: <mailto:ldapext@ietf.org>
List-Help: <mailto:ldapext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ldapext>, <mailto:ldapext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jan 2013 08:05:03 -0000

Andrew Sciberras wrote:
> Yes, the ViewDS product does support attribute value hashing using attribute
> options to convey the hash scheme. 

Ok, I will extend the spec described in
draft-stroeder-hashed-userpassword-values
in the next revision.

Ciao, Michael.

> On Sun, Jan 27, 2013 at 2:41 AM, Michael Ströder <michael@stroeder.com
> <mailto:michael@stroeder.com>> wrote:
> 
>     HI!
> 
>     Is anyone here aware of any implementation using userPassword;hash-scheme?
> 
>     It was described in RFC 2307 but starting with a rather vague text:
>     "A future standard may specify LDAP v3 attribute descriptions to represent
>     hashed userPasswords"
> 
>     The text was already dropped in draft-howard-rfc2307bis-02 section 5.2.2.1.
>     but without any further explanation.
> 
>     So I guess there are no implementations but I want to make sure.
> 
>     Ciao, Michael.

v2.23.0 | Report a Bug | By Email