Re: LDAP over SSL (Re: multiple listener ports)

[Ludovic Poitou <ludovic.poitou@france.sun.com>]

Kurt,

There's at least one good reason for supporting LDAP over SSL. It's the
only way Netscape Communicator's address book can be secured. And it
works with LDAPv2 and LDAPv3.

Ludovic.



"Kurt D. Zeilenga" wrote:
> 
> At 09:18 AM 5/26/99 -0700, Kurt D. Zeilenga wrote:
> >As Julio pointed out, using TLS/SSL with SASL does not require
> >second port!  LDAP OVER SSL (LDAPv2 style ldaps) does.  Though
> >I am not sure of the need to support LDAP OVER SSL (give
> >TLS/SSL with SASL), adding such, I guess, is no big deal.
> 
> On second thought, there are a few good reasons not to
> support LDAP over SSL.
> 
> 1) LDAP over SSL is deprecated.
> 2) No standard for LDAP over SSL.
> 3) No well-defined API for LDAP over SSL.
> 
> I guess I rather only add LDAP over SSL support AFTER
> LDAPv3/SASL/TLS has been implemented and the developers
> still believe they have a need for it.
> 
> However, I do believe we should add multiple listener
> support now...
> 
> Kurt

-- 
Ludovic Poitou
Sun Microsystems Inc.
Sun-Aol Alliance - Directory Group - Grenoble - France