[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SASL and encrypted connection?
Hi Stephan,
> Hi Norbert,
> thanks for the information. Does that mean that that the sasl-secprops
> settings are valid for the whole request?
>
> What is the difference between "sasl-secprops minssf=112" and "security
> ssf=112"?
IIRC sasl_secprops is used to determine which SASL mechanisms/ciphers
may used between server and client, and the security parameter gives the
SSFs required for directory operations.
So "security ssf=112" should be fulfilled if the privacy protection
provided by either a SASL security layer or TLS is strong enough. See
also slapd.conf(5).
--
Norbert Klasen
DFN Directory Services tel: +49 7071 29 70335
ZDV, Universität Tübingen fax: +49 7071 29 5912
Wächterstr. 76, 72074 Tübingen http://www.directory.dfn.de
Germany norbert.klasen@zdv.uni-tuebingen.de