[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: HEADS UP: TLS "hard"



The main problem with here is that ldap.conf is a defaulting
mechanism which should have no effect unless the application
asks for default behavior.  Most applications are actually
don't ask for default behavior, they ask for specific behavior.
They generally don't expect the library to be issuing LDAP
operations without their knowledge.

Kurt

At 08:51 AM 5/22/2003, Stephen Frost wrote:
>* Frank Swasey (Frank.Swasey@uvm.edu) wrote:
>> Is there some reason you do not want to use URI ldaps:// in your 
>> ldap.conf file?  That accomplishes the desired activity of making the 
>> connection be secure (by default).
>
>It'd require having another port open on my server and allowing
>connections to it through the firewall and ldaps should be dieing off
>anyway now that there is proper TLS support in the protocol.  I also
>wasn't sure if that did everything TLS does..
>
>        Stephen