[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: TLS or plain?

To: "'Michael Stroder'" <michael@stroeder.com>, "'Stephen Frost'" <sfrost@snowman.net>
Subject: RE: TLS or plain?
From: "Howard Chu" <hyc@highlandsun.com>
Date: Tue, 22 Jul 2003 01:34:16 -0700
Cc: <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <3F1CE8BC.2030600@stroeder.com>

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Michael Stroder

> Stephen Frost wrote:
> >
> > That would be ldaps:// vs. ldap:// with TLS, as I said above, yes.
>
> Again you are using TLS as synonym for StartTLS extended
> operation. This is
> not correct. TLS is not part of LDAP. StartTLS extended operation is.
>
> Yes, I'm nitpicking here. But it's important to correctly
> sort that out to avoid confusion.

Yes, that's correct, and I share your need for precision Michael, but please,
this discussion has been done to death already. Use the mailing list
archives.

http://www.openldap.org/lists/openldap-software/200201/msg00042.html

A search thru the archives on "tls;ssl;rfc" will show that this question
comes up at least 2-3 times a year, every year, and (surprise!) the answer is
still the same each time. It would be nice if we could avoid the unnecessary
traffic from here on out.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

Follow-Ups:
- Re: TLS or plain?
  - From: Beast <beast@setuid.com>

References:
- Re: TLS or plain?
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: Re: Error searching DNs with escaped special characters
Next by Date: Problem with ACL 'domain='
Index(es):
- Chronological
- Thread