On Wed, 2009-09-23 at 16:06 -0400, Santosh Chokhani wrote: > I think I am digressing, but when you encrypt, you do not need the key > necessarily since both the data and key can be password (the way Unix > used to do, and may be still does). > That is OK if the server has the plain text password, as the server can get the salt, and then hash the password it has with the salt found, to see if the result is the same as was passed. However, this has the disadvantages I outlined. ----- www.x500standard.com: The central source for information on the X.500 Directory Standard.