> From my interest in applied cryptography, I was surprised to see how > limited are the (open)LDAP directory entry encryption options. > From a security audit perspective, plain text passwords in the LDAP DSA > implementation appears worrysome.
Why? If your DSA(s) is/are breached - your screwed anyway. The worry seems almost entirely theoretical to me. A DSA host should be sufficiently hardened and backups should be encrypted. Physical access to servers should be restricted and monitored. There is lots of sensitive data in most DSAs beyond passwords. > Is there any solution for hardware-assisted solutions, which might > improve the key management vicious circle, i.e. if you encrypt > userPassword attributes, where do you store the master encryption key? If you are using encryption either in the file-system or in the hardware then this isn't really an LDAP related question. > Is there a demand from large organizations for improvements in this area? Several mechanisms, including DIGEST-MD5, require a clear text password. If you aren't using one of those mechanisms you can encrypt the password in the DSA; but I'm not convinced it really buys you much other than a nice feeling. If you don't trust your DSA software or configuration.... > I do not put into question the security on the protocol side (SASL, TLS, > ...).
signature.asc
Description: This is a digitally signed message part
--- You are currently subscribed to ldap@umich.edu as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
