[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Access control by encryption level?

To: Jeff Costlow <j.costlow@f5.com>
Subject: Re: Access control by encryption level?
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Wed, 10 Jan 2001 17:43:42 -0800
Cc: "'openldap-software@openldap.org'" <openldap-software@OpenLDAP.org>
In-reply-to: <A9601C3D40FBD3119E8000508BA55436EC4887@f5-exchange1.win.ne t>

Use ssf=n were n is the effective cipher key length to require.

e.g:
        access to userPassword
                by self ssf=128
                ...

At 04:08 PM 1/10/01 -0800, Jeff Costlow wrote:
>Can I restrict access to an attribute by whether I have an SSL secured connection or not?
>
>something like:
>
>access to userPassword
>        by self write if SSL
>        by anonymous auth
>        by dn="cn=administrator,dc=myorg,dc=com" if SSL
>        by * none
>        
>
>The idea is to restrict access to that attribute unless the user is using an SSL connection (it doesn't matter to me whether it is a StartTLS, or if the user contacted LDAPS:
>
>I thought I saw something like this on the mailing list, but couldn't find it again.
>
>Muchas Gracias.

Prev by Date: Re: configure issue with pthread
Next by Date: Number of users
Index(es):
- Chronological
- Thread