[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL, TLS and SSLv3

To: openldap-devel@openldap.org
Subject: Re: SASL, TLS and SSLv3
From: hartgers@kfm1.phys.tue.nl
Date: Wed, 2 Dec 1998 10:31:52 +0100 (CET)
In-reply-to: <ML-3.3.912536075.3010.patl@asimov>

On  1 Dec, patl@phoenix.volant.org wrote:
> It is my understanding that SASL is not an issue since it involves
> only authentication, not encryption.
> 
Quote from rfc2222 (Simple Authentication and Security Layer):

 During the authentication protocol exchange, the mechanism performs
   authentication, transmits an authorization identity (frequently known
   as a userid) from the client to server, and negotiates the use of a
   mechanism-specific security layer.  If the use of a security layer is
   agreed upon, then the mechanism must also define or negotiate the
   maximum cipher-text buffer size that each side is able to receive.

Bart

-- 
// Bart Hartgers  <Hartgers@kfm1.phys.tue.nl>
// UCE NOT wanted!!

Follow-Ups:
- Re: SASL, TLS and SSLv3
  - From: patl@phoenix.volant.org

References:
- Re: SASL, TLS and SSLv3
  - From: patl@phoenix.volant.org

Prev by Date: Re: ldapsearch command does not use BASE in ldap.conf
Next by Date: RE: SASL, TLS and SSLv3
Index(es):
- Chronological
- Thread