Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP

[Quanah Gibson-Mount <quanah@stanford.edu>]

--On Monday, October 13, 2003 5:18 PM -0400 Igor Brezac <igor@ipass.net> 
wrote:

> I stand by my recommendation.  Your advice assumes too many restrictions.
> What if you do not have KDC, what if you want to store krb tickets in the
> ldap store using heimdal apps, what if you want ldap and/or berkeley
> support in sasl, etc...

What you gave was not a recommendation, it was a statement that it wasn't 
possible.  Jim already noted he had a KDC.  And storing your krb tickets in 
an ldap store seems rather the security risk to me.  Obviously, how you 
ultimately want to operate your services will affect how you compile these 
packages, as with any set of software packages you put together.

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html