Re: IETF opinion change on "implicit TLS" vs. StartTLS

[Dieter Klünter <dieter@dkluenter.de>]

Am Mon, 12 Feb 2018 18:10:29 -0800
schrieb Quanah Gibson-Mount <quanah@symas.com>:

> --On Tuesday, February 13, 2018 9:31 AM +1000 William Brown 
> <wibrown@redhat.com> wrote:
> 
> > On Mon, 2018-02-12 at 14:30 +0100, Michael Ströder wrote:  
> >> HI!
> >>
> >> To me this rationale for SMTP submission with implicit TLS seems
> >> also applicable to LDAPS vs. StartTLS:
> >>
> >> https://tools.ietf.org/html/rfc8314#appendix-A
> >>
> >> So LDAPS should not be considered deprecated. Rather it should be
> >> recommended and the _optional_ use of StartTLS should be strongly
> >> discouraged.  
> >
> > Yes, I strongly agree with this. I have evidence to this fact and
> > can provide it if required,  
> 
> Personally, I'm all for it.  I'd suggest using the above RFC as a
> template for one formalizing port 636, so it's finally a documented
> standard.

We have had discussed this topic some 10 years ago, at that time Kurt
had some concerns with regard to ldaps and port 636. Unfortunately I
can't remember details.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E