[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: questions on ldap v3

To: "erahn@maxrad.com" <erahn@maxrad.com>
Subject: Re: questions on ldap v3
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Mon, 02 Aug 1999 12:26:17 -0700
Cc: "'openldap-software@OpenLDAP.org'" <openldap-software@OpenLDAP.org>
In-reply-to: <01BEDCDC.F2A57C80.erahn@maxrad.com>

At 11:48 AM 8/2/99 -0500, Ed Rahn wrote:
>Hello,
>	I have several questions regarding the newest release of openldap.

The latest release of OpenLDAP is 1.2.6.  It doesn't support LDAPv3.

I assume you are referring to the openldap-2.0-alpha (which is
primarily a developer preview release meant for testing purposes only).

>1.) When binding using SASL, what do you use for the credentials.

Depends on the SASL mechanism.

>I only saw MD5 in the code for method. Isn't this a type of hashing for a 
>checksum.

MD5 is one-way hash for generating a message digest.  It commonly used
to generate a "digital signature" of the input.  MD5 is used in a
number of SASL mechanisms such as DIGEST-MD5 and CRAM-MD5.
OpenLDAP-devel will include DIGEST-MD5 support soon.

>2.) What do I need to do to use SSL, I saw some code for TSL. How is this 
>different from SSL? Could someone point me in the right direction for some 
>more information.

TLS is a open protocol specification based upon SSL specification.

To use TLS/SSL with OpenLDAP 1.x, you must use an TLS/SSL wrapper
applications.  See: http://www.openldap.org/faq/index.cgi?file=65

I believe there are still a few rough edges in the TLS/SSL code
included in openldap-2.0-alpha.  Once the developer(s) work these
ought, I suspect they will post (to -devel and/or developer's FAQ)
information on how others may test the code.

>3.) Are both required for secure communications. Or could one just use 
>SSL/TSL

TLS supports SSL.

Kurt

References:
- questions on ldap v3
  - From: Ed Rahn <erahn@maxrad.com>

Prev by Date: Re: ldapsearch -D?
Next by Date: Re: open-LDAP on NT with Visual C++
Index(es):
- Chronological
- Thread