[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Increase default olcLocalSSF to 128
- To: openldap-devel@openldap.org
- Subject: Increase default olcLocalSSF to 128
- From: Ryan Tandy <ryan@nardis.ca>
- Date: Wed, 25 Jul 2018 19:47:40 -0700
- Content-disposition: inline
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nardis.ca; s=google; h=date:from:to:subject:message-id:mime-version:content-disposition :user-agent; bh=+el1+90HCoqn+x5N8+wIOYGFj8qpauUs67Rxfb2lfnQ=; b=eClMW+0JBWuBAtLYz/c5OhNGHaqttFnu31dA6bdXyRrQJMoWWZP9GEyMRfXE7UewWW FKh1IEdjMsD+CRCOLpfVgAIQm0EsP7Zq0/YCwG8nTC+yQadlReoWB0lTEcabaAQRN6cU 5vJRLaZvAsIJOT7q7tlU051z2EkXp29ZY3aFw=
- User-agent: NeoMutt/20170113 (1.7.2)
I propose increasing the default olcLocalSSF to 128. Mentioned initially
on IRC, now bringing it to the list for completeness and archival.
In typical setups people want to require TLS *or* ldapi, and ssf=128
seems like a pretty common olcSecurity setting for current systems.
thanks
Ryan