[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: SASL??
SASL is not another stuff like Kerberos.
It is a library of so called
'mechanisms' of user authentication.
One of these mechanisms is authentication in Kerberos.
OpenLDAP makes calls from this library.
As of TLS, it should be another SASL mechanism.
Apparently it is not.
Netscape browser reports no supported SASL
mechanisms at URL ldap://servername/?supportedsaslmechanisms .
On the other hand,
you can install OpenLDAP with TLS and without SASL,
then make ''ldapsearch -Z -x'' calls.
SASL RFC 2222 sounds ambiguous to me
about relations between SASL and TLS.
What I said above are my impressions.
See e-mails I posted to openldap-software
and cyrus-sasl lists.
I got no authoritative answer so far.
Rafal.
> it seems to be Yet Another userID scheme like kerberos or NIS+.