[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5823) clients/tools don't honor ldap.conf defaults

h.b.furuseth@usit.uio.no wrote:
> hyc@OpenLDAP.org writes:
>> I suggest that we use option==1 for on, and option>1 for off, to
>> minimize the impact of the change. (E.g., to explicitly turn off
>> referrals, use ldapsearch -CC.)
> That conflicts with today's -ZZ, which seems a bad option to
> create confusion about.

-ZZ should be deprecated, and -Z should simply and strictly require 
StartTLS.  The concept itself of having StartTLS optional (without 
notice of whether it succeeded or not!) sounds extremely bogus to me. 
In all the clients I develop, I never provide such alternative, either 
on or off.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it