Full_Name: Sharath Yadav C Version: OS: URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (125.17.165.38) According to RFC4513 B.2.10. Section 10 ("TLS Ciphersuites") - TLS ciphersuite recommendations are no longer included in this specification. Implementations must now support the TLS_RSA_WITH_3DES_EDE_CBC_SHA ciphersuite and should continue to support the TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA ciphersuite. - Clarified that anonymous authentication involves a name value of zero length and a password value of zero length. The unauthenticated authentication mechanism was added to handle simple Bind requests involving a name value with a non-zero length and a password value of zero length. But actually 3DES is a weak cipher and it should not be used for any version, but still rfc recommends to use the same which may cause security issues.
published 8647 marked public
Hello, Thanks for your report. The IETF is the correct organization to report RFC issues to, rather than the OpenLDAP Foundation. I would suggest you redirect this to them. This ITS will be closed. Regards, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>
IETF issue, not OpenLDAP
changed notes changed state Open to Closed