trying to correctly handle account passwords via ldap
Andrew Bartlett
abartlet at samba.org
Tue Mar 28 02:42:40 GMT 2006
On Tue, 2006-03-28 at 11:46 +1000, Luke Howard wrote:
> >You mean they are stored with the old format but wrapped into something
> >else when queried through DRS ?
>
> DRS uses application-level encryption of secret attributes in addition to
> the session encryption provided by the GSS-API. Nonetheless this encryption
> is session-specific and is in addition to the OWF obfuscation.
And remains on my list of crypto challenges to tackle. :-)
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20060328/8837f6ad/attachment.bin
More information about the samba-technical
mailing list