[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Phpgroupware-developers] md5 question
|
From: |
Chris Weiss |
|
Subject: |
Re: [Phpgroupware-developers] md5 question |
|
Date: |
Sat, 09 Nov 2002 14:26:12 +0000 |
I'm no auth expert, but I don't see how that type of auth could ever possible
work
without storing the pw in either plain text or with reversable encrytption.
Seems
section 3.5.1 is the currently only workable option.
Guillaume Courtois (address@hidden) wrote*:
>
>You can get the .pdf file part of the specs :
>
>http://www.syncml.org/docs/syncml_sync_protocol_v111_20021002.pdf
>
>and check the pages 25 and 26.
>
>Check the SyncML ML for more details. For example :
>
>http://groups.yahoo.com/group/SyncML/message/861
>
>Chris Weiss (address@hidden) wrote*:
>>
>>do you have a url for this part of the protocol spec? this really sounds
>>very badly
>>thought out on syncml's part.
>>
>>Guillaume Courtois (address@hidden) wrote*:
>>>
>>>>ok, i don't understand how this thing is supposed to work. Any password
>>>>storage
>>>>system worth it weight in peanuts will have non-reversable encryption. why
>>>>on
>>>>earth would they make a "standard" that only works when the password on the
>>>>server
>>>>is stored in plain text? I think we're missing sonething here, or maybe
>>>>syncml is
>>>>missing something.
>>>
>>>No no, you did not undestand what I'm saying (sorry, english is not my native
>>tongue !).
>>>
>>>Syncml does the same kind of thing with the password than phpGW, except that
>>>a
>>syncml client will send username + password + nonce all together. My problem
>>is that
>>I should separate the 3 before putting them into the phpGW variables and
>>creating a
>>session. But I can't separate the 3 because I can't decode the md5 ...
>>>
>>>I hope I was clearer in my explanation this time :-)
>>>
>>>
>>>
>>>_______________________________________________
>>>Phpgroupware-developers mailing list
>>>address@hidden
>>>http://mail.gnu.org/mailman/listinfo/phpgroupware-developers
>>>
>>
>>
>>
>>_______________________________________________
>>Phpgroupware-developers mailing list
>>address@hidden
>>http://mail.gnu.org/mailman/listinfo/phpgroupware-developers
>>
>
>
>
>_______________________________________________
>Phpgroupware-developers mailing list
>address@hidden
>http://mail.gnu.org/mailman/listinfo/phpgroupware-developers
>
- Re: [Phpgroupware-developers] md5 question, (continued)
- Re: [Phpgroupware-developers] md5 question, Alex Borges (lex), 2002/11/08
- Re: [Phpgroupware-developers] md5 question, Chris Weiss, 2002/11/08
- Re: [Phpgroupware-developers] md5 question, Guillaume Courtois, 2002/11/08
- Re: [Phpgroupware-developers] md5 question, Guillaume Courtois, 2002/11/08
- Re: [Phpgroupware-developers] md5 question, Chris Weiss, 2002/11/08
- Re: [Phpgroupware-developers] md5 question, Chris Weiss, 2002/11/08
- Re: [Phpgroupware-developers] md5 question, Guillaume Courtois, 2002/11/08
- Re: [Phpgroupware-developers] md5 question, Guillaume Courtois, 2002/11/08
- Re: [Phpgroupware-developers] md5 question, Chris Weiss, 2002/11/08
- Re: [Phpgroupware-developers] md5 question, Guillaume Courtois, 2002/11/09
- Re: [Phpgroupware-developers] md5 question,
Chris Weiss <=
- Re: [Phpgroupware-developers] md5 question, Guillaume Courtois, 2002/11/09