[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SSL certificate auth without SASL (ITS#3286)
donn@u.washington.edu wrote:
>Full_Name: Donn Cave
>Version: HEAD (Aug 17)
>OS: n/a
>URL: http://staff.washington.edu/donn/donn-cave-040817.ext
>Submission from: (NULL) (128.95.135.150)
>
>
>Allow simple bind with no password, bind DN == SSL certificate DN.
>
>
I had a patch for this 'way back in OpenLDAP 2.0 but I abandoned it.
There is no standard specification (e.g. RFC) for this behavior, and we
really need to have that before a feature like this can be incorporated.
Why can't you just use SASL/EXTERNAL? Alternatively, you can publish an
RFC defining exactly how this feature should be (a) advertised by
servers to clients and (b) used.
--
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support