[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
TLS closure alert and auth/authz ID
[authmeth] says:
> 5.2.2. TLS Connection Closure Effects
>
> Closure of the TLS connection MUST cause the LDAP association to
> move to an anonymous authentication and authorization state
> regardless of the state established over TLS and regardless of the
> authentication and authorization state prior to TLS connection
> establishment.
I think this information belongs in [Protocol], except the part about
authz ID. If I have understood it correctly, this should cover it:
[Protocol] 4.13.3.1:
Closure of the TLS connection causes the server to perform an implicit
bind operation with version preserved, an empty name, and simple
authentication with empty password.
[Authmeth]:
A simple bind with a null name cause the LDAP association to
move to an anonymous authentication and authorization state.
I can't find the latter stated explicitly in [Authmeth] - not the part
of about authz id, anyway.
Does the part about simple authentication break anything if more complex
authentication had been in effect?
--
Hallvard