Re: CRAM-MD5: syntax for challenge
"Kurt D. Zeilenga" <Kurt@OpenLDAP.org> Mon, 03 December 2001 04:03 UTC
Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fB343vT03322 for ietf-sasl-bks; Sun, 2 Dec 2001 20:03:57 -0800 (PST)
Received: from pretender.boolean.net (root@router.boolean.net [198.144.206.49]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fB343t203317 for <ietf-sasl@imc.org>; Sun, 2 Dec 2001 20:03:55 -0800 (PST)
Received: from nomad.OpenLDAP.org (root@localhost [127.0.0.1]) by pretender.boolean.net (8.11.3/8.11.1/Boolean/Hub) with ESMTP id fB34AAC31276; Mon, 3 Dec 2001 04:10:10 GMT (envelope-from Kurt@OpenLDAP.org)
Message-Id: <5.1.0.14.0.20011202195510.016d4e00@127.0.0.1>
X-Sender: kurt@127.0.0.1
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Sun, 02 Dec 2001 20:03:10 -0800
To: Lyndon Nerenberg <lyndon@atg.aciworldwide.com>
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: CRAM-MD5: syntax for challenge
Cc: ietf-sasl@imc.org
In-Reply-To: <200112030315.fB33FX5I031888@atg.aciworldwide.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ietf-sasl@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-sasl/mail-archive/>
List-ID: <ietf-sasl.imc.org>
List-Unsubscribe: <mailto:ietf-sasl-request@imc.org?body=unsubscribe>
At 07:15 PM 2001-12-02, Lyndon Nerenberg wrote: >RFC2195 defines the challenge as having the syntax of a message-id, >and gives some guidance for building the contents. I don't think >the currently recommended scheme is as robust as it could be. Mobile >clients configured via DHCP tend to re-use hostnames and IP addresses; >this diminshes the uniqueness of the host part of the message-id. It's the server/s FQDN, so why does it matter that the client is using DHCP or not? >I'm leaning towards taking out the recommendation, and instead say the >contents of the challenge must be a random sequence of printable >characters. I would also like to impose a minimum length on the >challenge. I would suggest not mucking with it. Kurt
- CRAM-MD5: syntax for challenge Lyndon Nerenberg
- Re: CRAM-MD5: syntax for challenge Kurt D. Zeilenga
- Re: CRAM-MD5: syntax for challenge Alexey Melnikov
- Re: CRAM-MD5: syntax for challenge Cyrus Daboo
- Re: CRAM-MD5: syntax for challenge Lyndon Nerenberg
- Re: CRAM-MD5: syntax for challenge Lyndon Nerenberg
- Re: CRAM-MD5: syntax for challenge Kurt D. Zeilenga