[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS and client certificates

To: openldap-software@OpenLDAP.org
Subject: TLS and client certificates
From: Michael Simmons <michael@kroner.ecel.uwa.edu.au>
Date: Thu, 11 Jan 2001 18:41:55 +0800

Section 7.1 of RFC 2829 mentions the use of client certificates to authernicate users.
Specially where the client signs its own certificate with its private key. Perhap requesting a passphrase when this occurs.

Does OpenLdap 2.0.7 support or plan to support this?

Is the Servers own Certificate used as a Trusted CA
Can other CA's be used?
What is its relationship to SASL "EXTERNAL".

Am I correct that SASL "PLAIN" and ANONYMOUS" are not used in Openldap (as per 8.0 of RFC2829).
ie DIGEST-MD5,CRAM-MD5,KERBROSE and EXTERNAL are the only options for SASL Mechanism
Openldap can not authernicate via PAM correct. 
Is the SASL library used to hash userPassword?

If I want to use SASL DIGEST-MD5 how do I choose SASL realm and SASL host?

michael@ecel.uwa.edu.au

Prev by Date: groupOfURLs objectClass
Next by Date: Win2K LDAP authentication
Index(es):
- Chronological
- Thread