[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ldap.conf TLS
Not to muddy the waters too much, but I note that the original intention of
the "TLS" config keyword was to allow multiple degrees of configuration. At
the time it was first implemented, there wasn't a lot of room for
flexibility. Now that we have StartTLS, it's possible to implement the "Try"
and "Demand" levels using StartTLS. Is it worth doing?
(Set to "Try" and a StartTLS request is sent at the beginning of a session;
if it fails the session proceeds normally. Set to "Demand" and if the
StartTLS fails the session fails.)
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support