Re: Securing Open LDAP & SSL

[Allen Reese <allen@driversoft.com>]

You can use bjorb to do port tunneling.  It'll recv on one port, data,
then encrypt and tunnel it to the other side, which the decrypts and send
s it to the port on the other side.

This doesn't require any mdos to openldap but bjorb has to run on both
sides of the tunnel.

On the RSA side of things, you could just wait until what, september?  I
think their patent expires then, but like THE MOUSE, they will probably
get a patent extension which is complete BS.  ;)

I found bjorb in the Faq-O-Matic a while ago and don't know if it will
help you.  :)

cya.

Allen Reese
VP Engineering
Driversoft, Inc.
allen@driversoft.com
Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread
Hi, I'm an evil mutated signature virus, put me in your .sig or I will
 bite your kneecaps!

On Thu, 10 Feb 2000, Daniel Hanks wrote:

> Unfortunately, (and correct me if I'm wrong...) stunnel uses openssl,
> which uses rsa, and therefore unless you're non-commercial, or outside the
> US, it's illegal to use w/o a license from the RSA people.
> 
> I have built openssl without RSA, but most anything that uses it wont work
> without the RSA stuff...as far as I have seen.
> 
> Has anybody discovered any alternative solutions to this problem?
> 
> Thanks,
> 
> Dan Hanks
> 
> On Thu, 10 Feb 2000, Michael [iso-8859-1] Ströder wrote:
> 
> > OpenLDAP wrote:
> > > 
> > > I'm looking for tips on securing the LDAP software, implementing SSL to
> > > the servers that will utilize it,
> > 
> > You can e.g. use stunnel on both ends (client-/server-mode) for
> > tunneling the LDAP traffic.
> > 
> > Ciao, Michael.
> > 
> 
>