[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: authmeth: unsupported <TLS+anonymous bind>
That sounds fine.
John McMeeking
"Roger Harrison" <RHARRISON@novell.com> wrote on 02/16/2004 03:08:03 AM:
> For authmeth -10, the single, consolidated section on anonymous
> authentication now states that LDAP implementations MUST support
> anonymous authentication with no other qualifications. The fact that
> Start TLS is a required-to-implement operation implies that
> implementations MUST support anonymous authentication when TLS is
established.
>
> Roger
>
> >>> Hallvard B Furuseth <h.b.furuseth@usit.uio.no> 1/3/2004 7:34:17 AM
>>>
> authmeth-09 says:
>
> > 5. Anonymous Authentication
>
> > LDAP implementations MUST support anonymous authentication, as
> > defined in section 5.1.
> >
> > LDAP implementations MAY support anonymous authentication with TLS,
> > as defined in section 5.2.
>
> Huh? Why allow implementations to not support anonymous
> authentication on secure connections, but support it on insecure
> ones? I could understand it if it was the other way around - along
> with not implementing Simple Bind at all without TLS.
>
> --
> Hallvard