[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TSL / SSL

To: Benoit LEROYER <benoit@gide.net>
Subject: Re: TSL / SSL
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Sat, 15 Jun 2002 18:33:19 -0700
Cc: Informations <test@newpanel.com>, openldap-software@OpenLDAP.org
In-reply-to: <3D0A22BD.2030206@gide.net>
References: <5.1.0.14.0.20020614094324.042b90f8@127.0.0.1>

At 10:07 AM 2002-06-14, Benoit LEROYER wrote:
>What is the difference between starttls et ldaps ?

Start TLS (RFC 2830) is the standard track mechanism,
an LDAP operation, used in to establish TLS.

ldaps:// is a deprecated, non-standard track mechanism
for establishing TLS based upon mutually agreed upon
TCP service ports.

OpenLDAP supports both mechanisms.

Kurt




>Kurt D. Zeilenga wrote:
>
>>At 09:46 AM 2002-06-14, Informations wrote:
>>
>>>if i use only ldaps protocol (openldap compiled with openssl) with crypt Userpassword,  is-it secure ?
>>>if not what is the better solution ?
>>Better, as in stronger?  The strongest authentication
>>mechanism supported by OpenLDAP is StartTLS+SASL/EXTERNAL.
>>
>
>
>-- 
>------------------------------------------
>Benoit LEROYER - G.I.D.E (benoit@gide.net)
>Tél : 02.40.89.92.87
>Web : http://www.gide.net
>------------------------------------------

References:
- Re: TSL / SSL
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: TSL / SSL
  - From: Benoit LEROYER <benoit@gide.net>

Prev by Date: Re: newbie question
Next by Date: RE: Why slapd don't creates replogfile ?
Index(es):
- Chronological
- Thread