[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP

--On Monday, October 13, 2003 5:18 PM -0400 Igor Brezac <igor@ipass.net> wrote:

I stand by my recommendation.  Your advice assumes too many restrictions.
What if you do not have KDC, what if you want to store krb tickets in the
ldap store using heimdal apps, what if you want ldap and/or berkeley
support in sasl, etc...

What you gave was not a recommendation, it was a statement that it wasn't possible. Jim already noted he had a KDC. And storing your krb tickets in an ldap store seems rather the security risk to me. Obviously, how you ultimately want to operate your services will affect how you compile these packages, as with any set of software packages you put together.


Quanah Gibson-Mount
Principal Software Developer
ITSS/TSS/Computing Systems
ITSS/TSS/Infrastructure Operations
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html