Next release of CMU SASL - update
alexey.melnikov at isode.com
Thu Apr 9 13:13:54 EDT 2009
Pascal Gienger wrote:
> cmusaslsecretPLAIN is also useful for people doing only cleartext
> logins via SSL/TLS to store only hashes of the password in their
> sasldb ldap database.
While I agree with you, the Cyrus SASL version in CVS has no way of
generating such attributes. The code for generating them was removed
long time ago.
> Is the direction towards which cmu sasl is directing too the sole
> usage of GSSAPI/Kerberos? That would be the only reason to cut down
> the hash usage. "userPassword" is evil for me (stored in cleartext in
> a database).
No, this was never the intent.
More information about the Cyrus-sasl