[Fedora-directory-users] SSL/TLS vs SASL in Directory Server solution
Kenneth Holter
kenneho.ndu at gmail.com
Tue May 13 14:27:53 UTC 2008
Thank you for the quick reply.
We're going for the TLS based solution. However, I'd like a better
understanding of SASL, so let me post these questions:
- What can SASL be used for besides Kerberos integration? The RHDS
documentation says that TLS can be used as an authentication mechanism, but
doesn't provide much details.
- How can I check if SASL is enabled on my LDAP server (RHDS)?
On 5/13/08, David Boreham <david_list at boreham.org> wrote:
> Kenneth Holter wrote:
>
> > The DS supports both TLS and SASL. TLS can be used for both
> > authentication and encryption, and should therefore cover our security
> > needs.
> > SASL is quite new to me, and as of now I don't see the benefit of using
> > it. Which security or functionality features does SASL provide that TLS
> > doesn't? I know that SASL enables integration with Kerberos, but we're most
> > likely not going for a Kerberos based solution.
> >
> >
> SASL is primarily needed to support Kerberos clients.
> Use TLS unless you already know that you want SASL for some reason.
>
>
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080513/ab86bdd5/attachment.html>
More information about the 389-users
mailing list