[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenSSL + Kerberos + Cyrus-SASL + OpenLDAP

On Mon, 13 Oct 2003, Quanah Gibson-Mount wrote:

> --On Monday, October 13, 2003 5:18 PM -0400 Igor Brezac <igor@ipass.net>
> wrote:
> > I stand by my recommendation.  Your advice assumes too many restrictions.
> > What if you do not have KDC, what if you want to store krb tickets in the
> > ldap store using heimdal apps, what if you want ldap and/or berkeley
> > support in sasl, etc...
> What you gave was not a recommendation,

OK.  I stand corrected.

> it was a statement that it wasn't
> possible.

Not true.  Please explain.

> Jim already noted he had a KDC.  And storing your krb tickets in
> an ldap store seems rather the security risk to me.

I am not arguing security here.  Jim will decide how he wants things

> Obviously, how you ultimately want to operate your services will affect
> how you compile these
> packages, as with any set of software packages you put together.

For once I agree with you.