Preannounce: Kroupware Project started

Tim Jansen tim at tjansen.de
Wed Sep 11 13:25:39 BST 2002


On Wednesday 11 September 2002 03:08, Martin Konold wrote:
> We are going to authenticate against LDAP with regards to the IMAP and the
> SMTP operations. In addition we use SSL/TLS for the transport security.

Doesnt that mean that the LDAP server must store all password in unencrypted 
form, and that all servers that use the passwords must have sufficient rights 
to read them? Otherwise you can implement neither plaintext password 
authentication nor challenge/respond passwords, only signature-based 
authentication. 

While it is great to have a LDAP server for user data, at least for me this is 
not enough, unfortunately. The desktop sharing server runs with user 
permissions, and you dont want to give the user access to all password...

bye...










More information about the kde-core-devel mailing list