[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: start_tls versus ldaps



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Imobach González Sosa wrote:
| First, thanks ViSolve and Axel for your replies.
|
| El Jueves, 12 de Agosto de 2004 13:12, ViSolve OpenLDAP Support escribió:
|
|>StartTLS standard was defined with LDAPv3.Here we can have LDAP requests
|>after a connection is established.With this approach,a single listener can
|>be used for both cleartext and TLS-encrypted sessions.This is more
|>flexible, since we don't need to maintain a separate listener for
encrypted
|>sessions.
|
|
| Ok, I see. But if I wanna "force" encrypted sessions, can I do it
using TLS?
| I've "googled" and I've seen some references, but nothing clear at all.
|

Yes, via ACLs (the *ssf statements).

Regards,
Buchan

- --
Buchan Milne                      Senior Support Technician
Obsidian Systems                  http://www.obsidian.co.za
B.Eng                                RHCE (803004789010797)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBHHuOrJK6UGDSBKcRArAXAKCVOs8zdQin2LO78Gky2cGDzQIEGgCeK0k7
EWic/UKXWkzJMex6rZQrv7c=
=7Wm8
-----END PGP SIGNATURE-----