AW: Netscape Communicator SSL Roaming Access?

[Andreas.Greulich@isb.admin.ch]

Thanks for the info, so I need not search anymore. It really
is a pity though... I don't really see the chicken/egg
problem, because it is not primarily client-certificate-
authentication I am looking for (though this would be very
nice to have, of course), but just a method to secure
traffic. An LDAP-over-SSL implementation without certificate
authentication (except maybe server-to-client) would do it,
a standard password could then be sent
over the secured channel. Same as standard HTTP passwords
over standard (non-browser-certificate-authenticated)
https traffic. You see, I am not mainly worried
about easyness of authentication for the moment, but just
sniffer-safe authentication. Well whatever.. guess it
cannot be changed, and an additional stunnel or similar
software is needed. Still, if there's any way to put some
user input into netscape development, I would appreciate
a minimal LDAP-over-SSL support very much! Client
certificates are just a nice-to-have in this context.
Or maybe a built-in SSL-clientside tunnel that could be
used like a local proxy.

		Andy


-----Ursprüngliche Nachricht-----
Von: Michael R Gettes [mailto:gettes@Georgetown.EDU]
Gesendet am: Montag, 15. Mai 2000 17:30
An: openldap-general@OpenLDAP.org
Betreff: Re: Netscape Communicator SSL Roaming Access?

Communicator does not support LDAP or HTTP over SSL
for just the roaming feature of Communicator.  When I spoke
with the product manager about this implementation, I was told
it was a chicken/egg problem regarding any custom certificates.
Although I disagreed because I was more than willing to handle
the customization of communicator, it still went out in this form.
I guess this falls under the heading "the vendor knows more than
we do".  Bummer.

/mrg