[Date Prev][Date Next]
RE: TLS-based authentication?
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Stephen Frost
> * Greg Matthews (firstname.lastname@example.org) wrote:
> > TLS is a method of negotiating encryption and not an authentication
> > method. Therefore you can use simple authentication with
> TLS transport
> > for secure connections or if you're really going to push
> the boat out
> > have a play with sasl and TLS.
> Ah, you can do TLS auth using certificates and sasl external.
> The question was if anyone was doing it. I've received one
> response so far
> indicating they were using it, or working on setting it up.
We use this extensively in Symas Connexitor Enterprise Management System.
Whether our customers realize this or not is a separate issue; we just note
that all Connexitor communications are secured by strong mutual
authentication and encryption...
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
Symas: Premier OpenSource Development and Support