[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP and SSL

SSL is primarily designed to encrypt the data 'on the wire'. Certs and cert authorities are designed to try bring some level of trust that you are talking to the server you intend to be talking to.

If your network is secure then there's likely little 'need', per se, for SSL - but anyone on the network can do a network packet capture and catch the mailbox user login and app logins - which is not a good idea.

If you're doing this for work and paying users: encrypt the data on the wire.

If you're just monkeying around at home: shave whatever corners you want, but learning SSL is important so take the time.


- chris

Chris Jacobs, Systems Administrator, Technology Services Group
Apollo Group | Apollo Marketing and Product Development | Aptimus, Inc.
1501 4th Ave | Suite 2500 | Seattle, WA 98101
direct 206.839.8245 | cell 206.601.3256 | fax 206.644.0628
email mailto:chris.jacobs@apollogrp.edu

From: openldap-technical-bounces@OpenLDAP.org <openldap-technical-bounces@OpenLDAP.org>
To: openldap-technical@openldap.org <openldap-technical@openldap.org>
Sent: Mon Sep 26 07:18:00 2011
Subject: LDAP and SSL

I'm struggling with the need for SSL...
We will use our new LDAP for apps. These servers are all locally housed so each app server will talk to the LDAP server over our network. (why) Would we need SSL?
What about for mail services? It seems to me that our mail server would also talk directly to the LDAP server...what am I missing here that dictates the use of SSL with LDAP? I could see if one had their LDAP open to be accessible direct access from off-network. Perhaps SSL is used simply as a means to authenitcate?

This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.