[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Access control by encryption level?
Use ssf=n were n is the effective cipher key length to require.
e.g:
access to userPassword
by self ssf=128
...
At 04:08 PM 1/10/01 -0800, Jeff Costlow wrote:
>Can I restrict access to an attribute by whether I have an SSL secured connection or not?
>
>something like:
>
>access to userPassword
> by self write if SSL
> by anonymous auth
> by dn="cn=administrator,dc=myorg,dc=com" if SSL
> by * none
>
>
>The idea is to restrict access to that attribute unless the user is using an SSL connection (it doesn't matter to me whether it is a StartTLS, or if the user contacted LDAPS:
>
>I thought I saw something like this on the mailing list, but couldn't find it again.
>
>Muchas Gracias.