[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#3591) Incorrect man page information
>Since LDAPS is SSL, not TLS.
This statement is incorrect in that SSL == TLS. TLS is the
official name of the data security system also known as SSL.
In OpenLDAP, we generally prefer the official name of this
(and other) systems.
The statement is also incorrect in that ldaps is only
one mechanism for initiating TLS (SSL) in LDAP (the other
being StartTLS).
Don't confuse ldaps://, a mechanism for initiating TLS (SSL),
with TLS (SSL). Likewise, don't confuse StartTLS, a mechanism
for initiating TLS (SSL), with TLS (SSL).
One might clarify the text by saying:
LDAP over TLS (SSL) (ldaps://)
However I note that the "s" in "ldaps://" does actually
stand for SSL (or TLS).
Or
At 08:59 PM 3/8/2005, quanah@stanford.edu wrote:
>Full_Name: Quanah Gibson-Mount
>Version: 2.2.23
>OS: NA
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (171.66.182.82)
>
>
>The man page for "slapd" (section 8C) states:
>
> The URLs should be of LDAP
> (ldap://) or LDAP over TLS (ldaps://) or LDAP over IPC
> (ldapi://) scheme without a DN or other optional param-
> eters, except an experimental extension to indicate the
> permissions of the underlying listeners.
>
>
>It should read:
>
> The URLs should be of LDAP
> (ldap://) or LDAP over SSL (ldaps://) or LDAP over IPC
> (ldapi://) scheme without a DN or other optional param-
> eters, except an experimental extension to indicate the
> permissions of the underlying listeners.
>
>
> This may be why some people reach confusion on
>this issue.