[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap_sasl_interactive_bind_s: Local error ???



Hi Tony, I think you have the wrong end of the
stick...  I'm not getting thrown out by anything,
my ldap server is working fine, I was just curious
about what you (and others) said about SSL and TLS being
different.  I think it's quite confusing when people
say that TLS is not the same thing as SSL when on the
openSSL site, they pretty much consistently use
SSL/TLS as one entity.  I was just trying to clarify that in fact
the difference is the startTLS command which can
be issued on the standard listener port to request
to start an encrypted session... and if the application
honours the startTLS command, or if it is older and
has a seperate port for secure startup.

Cheers
Bill



Tony Earnshaw wrote:
ons, 2002-11-20 kl. 14:51 skrev Bill Dossett:


Ok I think that's more or less what I said in that
SSL and TLS both use SSL encryption and the distiguishing
feature is StartTLS which can work on a standard port
by requesting to switch to encryption if the listener
on that port understands how to negotiate a StartTLS
command.


No, you seemed to be trying a SASL bind, which was throwing you out.
SSL/TLS has nothing to do with Openldap's idea of *strong* SASL
authentication.

Best,

Tony