[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Disallow ldap operations without start_tls

To: Joshua Schaeffer <jschaeffer0922@gmail.com>, openldap-technical@openldap.org
Subject: Re: Disallow ldap operations without start_tls
From: Quanah Gibson-Mount <quanah@zimbra.com>
Date: Mon, 15 Feb 2016 13:50:13 -0800
Content-disposition: inline
Dkim-filter: OpenDKIM Filter v2.10.3 edge02.zimbra.com ACC76A6299
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zimbra.com; s=C2AA288C-EE47-11E2-9BB0-E820BDD9BDBF; t=1455573072; bh=77D3sj4DH7tPR1iDi3KrIAAxRtFuCKcnXDus9khMEAM=; h=Date:From:To:Message-ID:MIME-Version; b=WB60CWiTrc5HCc8rVG3Kl9NrB2ToiSE8AGypAiteM5ElIPswNkS0ehHTgRscM+Si0 edhvucz9ghfre/OoerwESBQawQwZriX55vB5pyighydXlb1VtMhwFfV/4BPXDj8W/f ysIXTq5GbUdD3KZlt89K1HrHeZuP9Td27j04VXZ0=
In-reply-to: <56C243ED.2070402@gmail.com>
References: <56C243ED.2070402@gmail.com>

--On Monday, February 15, 2016 2:32 PM -0700 Joshua Schaeffer<jschaeffer0922@gmail.com> wrote:

Is there any way to force clients to use start_tls without sending any
credentials over the wire

No, unfortunately that was not taken into consideration when the LDAP v3spec was written.


--Quanah

--

Quanah Gibson-Mount
Platform Architect
Zimbra, Inc.
--------------------
Zimbra ::  the leader in open source messaging and collaboration
A division of Synacor, Inc

Follow-Ups:
- Re: Disallow ldap operations without start_tls
  - From: Joshua Schaeffer <jschaeffer0922@gmail.com>

References:
- Disallow ldap operations without start_tls
  - From: Joshua Schaeffer <jschaeffer0922@gmail.com>

Prev by Date: Disallow ldap operations without start_tls
Next by Date: Re: SSL/TLS passphrase not being prompted for at startup
Index(es):
- Chronological
- Thread