[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: questions on ldap v3

At 11:48 AM 8/2/99 -0500, Ed Rahn wrote:
>	I have several questions regarding the newest release of openldap.

The latest release of OpenLDAP is 1.2.6.  It doesn't support LDAPv3.

I assume you are referring to the openldap-2.0-alpha (which is
primarily a developer preview release meant for testing purposes only).

>1.) When binding using SASL, what do you use for the credentials.

Depends on the SASL mechanism.

>I only saw MD5 in the code for method. Isn't this a type of hashing for a 

MD5 is one-way hash for generating a message digest.  It commonly used
to generate a "digital signature" of the input.  MD5 is used in a
number of SASL mechanisms such as DIGEST-MD5 and CRAM-MD5.
OpenLDAP-devel will include DIGEST-MD5 support soon.

>2.) What do I need to do to use SSL, I saw some code for TSL. How is this 
>different from SSL? Could someone point me in the right direction for some 
>more information.

TLS is a open protocol specification based upon SSL specification.

To use TLS/SSL with OpenLDAP 1.x, you must use an TLS/SSL wrapper
applications.  See: http://www.openldap.org/faq/index.cgi?file=65

I believe there are still a few rough edges in the TLS/SSL code
included in openldap-2.0-alpha.  Once the developer(s) work these
ought, I suspect they will post (to -devel and/or developer's FAQ)
information on how others may test the code.

>3.) Are both required for secure communications. Or could one just use 

TLS supports SSL.