Nelson B wrote:
Rich Megginson wrote:
Nelson B wrote:
Does LDAP have a "StartTLS" feature (ala IMAP, SMTP) that allows the
connection to start without TLS, then negotiate TLS and switch to it?
Where can I find out more about it, if so?
This is RFC 4513 - http://www.isi.edu/in-notes/rfc4513.txt
Thanks. That RFC is hot off the press, I see.
Am I right in imagining that it's not widely implemented yet?
That RFC is the replacement for the earlier startTLS RFCs which are
referenced in that document and have been implemented for several years
now. I haven't read the new RFC yet but I'm assuming it hasn't changed
the startTLS spec, just cleaned it up and unified the various strands of
other RFCs.
So, yes, it is widely implemented. Netscape/Sun/iPlanet/Red Hat/Fedora
Directory Server has supported it since 2001, and likely OpenLDAP and
others have supported it since around that time.
_______________________________________________
dev-tech-ldap mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-ldap
