[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [authmeth] effect of StartTLS on authentication state

To: "Roger Harrison" <RHARRISON@novell.com>
Subject: Re: [authmeth] effect of StartTLS on authentication state
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Tue, 01 Jul 2003 19:33:47 -0700
Cc: <ietf-ldapbis@OpenLDAP.org>
In-reply-to: <5.2.0.9.0.20030701171553.01da9e50@127.0.0.1>
References: <sf01cca0.066@prv-mail20.provo.novell.com>

At 07:00 PM 7/1/2003, Kurt D. Zeilenga wrote:
>It's my opinion that the RFC 2830, section 5.1.1 absolute
>imperative is inappropriate and actually in conflict with section 3.1.

I misread section 3.1.  It doesn't cover this case (as StartTLS
as been initiated) so is not in conflict with 5.1.1.  Regardless,
I still believe the server is free to return strongAuthRequired
at any time it considers the in force association to be inappropriate
for the requested operation.   Hence, the server may, in effect,
move the association to anonymous after StartTLS.

Kurt

Follow-Ups:
- Re: [authmeth] effect of StartTLS on authentication state
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

References:
- [authmeth] effect of StartTLS on authentication state
  - From: "Roger Harrison" <RHARRISON@novell.com>
- Re: [authmeth] effect of StartTLS on authentication state
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: [authmeth] effect of StartTLS on authentication state
Next by Date: I-D ACTION:draft-ietf-ldapbis-dn-11.txt
Index(es):
- Chronological
- Thread