[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP anonymous and encrypted simple authentication
Hi,
Vegeta <lord.vegeta@ica.luz.ve> writes:
> Tony Earnshaw wrote:
>
>> tir, 20.01.2004 kl. 16.12 skrev Vegeta:
>>
>>> 1. anonymous authentication does not require encryption
>>> 2. simple authentication requires encryption
>>>
>>> Is this possible?
>>
>> Why would you want to? Do you have cracker friends? Think it through
>> again. Read the manuals, follow the Quick start guide and then the Admin
>> guide.
> I currently have ldap (unencrypted) access on loopback (127.0.0.1) interface
> and ldaps access (encrypted) on all interfaces.
> There is some (not all) data I want to make available via anonymous access
> and I don't need SSL/TLS to protect it.
> There is some sensitive data I do not want to make available via anonymous
> access, but through SSL encrypted simple (password) authentication.
> What is the security hole you see?
> I already read the Admin guide and it does not explain this setup.
ssf based access control.
-Dieter
--
Dieter Kluenter | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de
http://www.avci.de