[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: IETF opinion change on "implicit TLS" vs. StartTLS



--On Tuesday, February 13, 2018 9:31 AM +1000 William Brown <wibrown@redhat.com> wrote:

On Mon, 2018-02-12 at 14:30 +0100, Michael Ströder wrote:
HI!

To me this rationale for SMTP submission with implicit TLS seems also
applicable to LDAPS vs. StartTLS:

https://tools.ietf.org/html/rfc8314#appendix-A

So LDAPS should not be considered deprecated. Rather it should be
recommended and the _optional_ use of StartTLS should be strongly
discouraged.

Yes, I strongly agree with this. I have evidence to this fact and can
provide it if required,

Personally, I'm all for it. I'd suggest using the above RFC as a template for one formalizing port 636, so it's finally a documented standard.

--Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>