[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SASL and encrypted connection?
Am Dienstag, 6. Februar 2001 11:44 schrieb Norbert Klasen:
[...]
> > I managed LDAP searches with simple and SASL (Digest MD5) authentication
> > and everything seems to work as expected. However whatching the
> > communication with a network sniffer, the whole communication during and
> > after the simple bind is clear text (as expected) and the whole
> > communitcation with the SASL-bind semms to be encrypted or obscured. I
> > expected an encryped bind commuitcation but what is happening with the
> > search request itself. Is this behaviour configurable?
>
> By default integrity and privacy protection is negotiated when using
> SASL binds. You can keep non-bind operations in clear text if you set
> the maxssf parameter, e.g.: ldapsearch -h host -s base -O maxssf=0
Hi Norbert,
thanks for the information. Does that mean that that the sasl-secprops
settings are valid for the whole request?
What is the difference between "sasl-secprops minssf=112" and "security
ssf=112"?
Yours,
Stephan
--
Stephan Siano Mail: Stephan.Siano@suse.de
SuSE Linux Solutions AG Phone: 06196 50951 31
Mergenthalerallee 45-47 Fax: 06196 409607
D-65760 Eschborn