I agree with Hallvard on this one. Jim, can you add the sentence, "In this case the LDAP session is left without a TLS layer," at the end of section 4.14.2?
Thanks,
Roger
>>> Hallvard B Furuseth <h.b.furuseth@usit.uio.no> 10/19/05 11:12 pm >>> Since Roger said protocol-like issues were moved back to [Protocol], I suggest the last sentence in Authmeth-16 3.1.2 is moved to [Protocol] too:
"Authmeth-16 3.1.2. StartTLS Response
The server will return a resultCode other than success (as documented in [Protocol] section 4.14.2) if it is unwilling or unable to negotiate TLS. In this case the LDAP session is left without a TLS layer."
Then Authmeth does not need to mention non-success StartTLS at all, it can just say that the rest of the section is about TLS issues after a success response.
-- Hallvard
|