Bug 1436973 - [DS 10.1.1] PBKDF2_SHA256 password storage scheme
Summary: [DS 10.1.1] PBKDF2_SHA256 password storage scheme
Alias: None
Product: Red Hat Directory Server
Classification: Red Hat
Component: Doc-release-notes
Version: 10.1
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: ---
Assignee: Marc Muehlfeld
QA Contact: Viktor Ashirov
Marc Muehlfeld
Depends On:
Blocks: 1425467
TreeView+ depends on / blocked
Reported: 2017-03-29 07:09 UTC by Marc Muehlfeld
Modified: 2017-08-02 06:57 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Directory Server now supports the *PBKDF2_SHA256* password storage scheme To increase security, this update adds the 256-bit password-based key derivation function 2 (PBKDF2_SHA256) to the list of supported password-storage schemes in Directory Server. The scheme uses 30,000 iterations to apply the 256-bit secure hash algorithm (SHA256). Note that the network security service (NSS) database in Red Hat Enterprise Linux prior to version 7.4 does not support PBKDF2. Therefore, you cannot use this password scheme in a replication topology with previous Directory Server versions.
Clone Of:
Last Closed: 2017-08-01 08:07:26 UTC
Target Upstream Version:

Attachments (Terms of Use)

Description Marc Muehlfeld 2017-03-29 07:09:06 UTC
Red Hat Directory Server 10.1.1 adds PBKDF2_SHA256 to the list of supported password storage schemes.

Upstream ticket:

This ticket is to document the release note for this feature.

Comment 5 Robert Krátký 2017-04-24 10:10:37 UTC
RN text nitpick fixes.

Comment 7 Marc Muehlfeld 2017-08-01 08:07:26 UTC
The update is now available on the Customer Portal.

Note You need to log in before you can comment on or make changes to this bug.