[Date Prev][Date Next] [Chronological] [Thread] [Top]

Simple auth and TLS (Was: authmeth review notes [long])

Michael Ströder writes:
>Kurt D. Zeilenga wrote:
>>  LDAP implementations SHOULD support the simple DN/password mechanism
>>  of the simple Bind method (as detailed in Section X).
>>  Implementations
>>  which support this mechanism MUST be capable of protecting it by
>>  establishment (as discussed in Section 3) of TLS. 

Still wrong.  Together, these changes require implementations that do
not support TLS, to implement a security hole.