Re: TSL / SSL

To: Informations <test@newpanel.com>
Subject: Re: TSL / SSL
From: David Wright <ichbin@shadlen.org>
Date: Fri, 14 Jun 2002 09:49:51 -0700
Cc: openldap-software@OpenLDAP.org
References: <3D0A1DD8.3040506@newpanel.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020610 Debian/1.0.0-1

if i use only ldaps protocol (openldap compiled with openssl) with crypt Userpassword, is-it secure ?

More secure than storing passwords in the clear and transmitting them in the clear, certainly.

if not what is the better solution ?


MD5 instead of CRYPT.

For the ultimate in security and extra work, set up a Kerberos server.