From 71c986adf196ba33b1835b666cc8d1b45902b2e9 Mon Sep 17 00:00:00 2001
From: lfrost <lfrost@localhost>
Date: Tue, 29 Jan 2008 10:37:26 +0000
Subject: [PATCH] Doc changes to Network Groups and Password Configuration docs and some copyright changes. Thanks to Daniel & Matt for the review.

---
 opends/src/admin/defn/org/opends/server/admin/std/CryptPasswordStorageSchemeConfiguration.xml |   12 ++++++++++--
 1 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/opends/src/admin/defn/org/opends/server/admin/std/CryptPasswordStorageSchemeConfiguration.xml b/opends/src/admin/defn/org/opends/server/admin/std/CryptPasswordStorageSchemeConfiguration.xml
index 254dfba..13bc47a 100644
--- a/opends/src/admin/defn/org/opends/server/admin/std/CryptPasswordStorageSchemeConfiguration.xml
+++ b/opends/src/admin/defn/org/opends/server/admin/std/CryptPasswordStorageSchemeConfiguration.xml
@@ -23,7 +23,7 @@
   ! CDDL HEADER END
   !
   !
-  !      Portions Copyright 2007 Sun Microsystems, Inc.
+  !      Portions Copyright 2007-2008 Sun Microsystems, Inc.
   ! -->
 <adm:managed-object name="crypt-password-storage-scheme"
   plural-name="crypt-password-storage-schemes"
@@ -39,7 +39,15 @@
   </adm:synopsis>
   <adm:description>
     This implementation contains only an implementation for the user
-    password syntax, with a storage scheme name of "CRYPT".
+    password syntax, with a storage scheme name of "CRYPT". Even though it 
+    is a one-way digest, the 
+    <adm:user-friendly-name />
+    is relatively weak by today's standards. Because it supports 
+    only a 12-bit salt (meaning that there are only 4096 possible ways to 
+    encode a given password), it is also vulnerable to dictionary attacks. 
+    You should therefore use this storage scheme only in cases where an 
+    external application expects to retrieve the password and verify it 
+    outside of the directory, rather than by performing an LDAP bind.
   </adm:description>
   <adm:profile name="ldap">
     <ldap:object-class>

--
Gitblit v1.10.0