|
For authmeth -10, the single, consolidated section on anonymous authentication now states that LDAP implementations MUST support anonymous authentication with no other qualifications. The fact that Start TLS is a required-to-implement operation implies that implementations MUST support anonymous authentication when TLS is established.
Roger
>>> Hallvard B Furuseth <h.b.furuseth@usit.uio.no> 1/3/2004 7:34:17 AM >>> authmeth-09 says: > 5. Anonymous Authentication > LDAP implementations MUST support anonymous authentication, as > defined in section 5.1. > > LDAP implementations MAY support anonymous authentication with TLS, > as defined in section 5.2. Huh? Why allow implementations to not support anonymous authentication on secure connections, but support it on insecure ones? I could understand it if it was the other way around - along with not implementing Simple Bind at all without TLS. -- Hallvard |