[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Encrypting data during replication?????

To: "syw" <ywshum@2bsure.com>
Subject: Re: Encrypting data during replication?????
From: "Kurt D. Zeilenga" <kurt@boolean.net>
Date: Mon, 27 Dec 1999 19:14:01 -0800
Cc: <openldap-devel@OpenLDAP.org>
In-reply-to: <03cd01bf50da$1a4538e0$6b00a8c0@webserver.lestertech.com>

I believe all replication should be done over an encrypted wire
with secure, mutual authentication. We're getting there...

On the encrypt front, the devel library already supports
ldaps:/// (LDAP over SSL) or ldap:///????starttls (LDAP over TCP
with StartTLS)... someone just needs to write the glue code in
each client application.

We'll also support SASL negotiated integrity and encryption
functionality... such as provided when using DIGEST-MD5 or
GSS-API authentication.

All coming in 2.0 (hopefully)...

Kurt

At 10:20 AM 12/28/99 +0800, syw wrote:
>>>>
hi there,

I'm thinking of putting password data into the open ldap directory and having the
data replicated to a slave machine.

I can't seem to find an option to encrypt this data during replication.

There is the kerberos thing, but it is only for authentication, it does not actually encrypt the data.

Just would like to confirm that there is no way to encrypt data during replication. What other directory should
I use on my linux then?

regards,
syw

<<<<

----
Kurt D. Zeilenga <kurt@boolean.net>
Net Boolean Incorporated <http://www.boolean.net/>

References:
- Encrypting data during replication?????
  - From: "syw" <ywshum@2bsure.com>

Prev by Date: Re: Encrypting data during replication?????
Next by Date: Re: SQL backend -- request for review (ITS#405)
Index(es):
- Chronological
- Thread