Benjamin Smee wrote:
heya,
On Saturday 21 May 2005 15:35, Chris S wrote:
Great, thank you very much for the answer. So SASL, in regard to LDAP,
would be the security authentication layer and is a good thing to get
working. I'll give it another go!
Not necessarily. Like I said it depends on your security model. Personally I
use -x myself because I always use either tls or ssl ldap connections. This
way my password is encrypted at all times. Ofcourse if you were worried about
your password traversing the network at ALL then you could use the mechanisms
like cram / digest that make one time hashes and send that instead thus
mitigating the risk in that respect. Its about what fits your security
requirements more, for most people though, -x with tls / ssl is fine.
b
hmm, yes indeed. I did wonder why people wanted sasl when ldap was
running over ssl.
If I am using LDAP without SASL however, then I assume postfix, courier
etc will not use SASL in their authentications either.
this LDAP setup will be for an internet web, email etc server. I'll look
into it further.
thanks again.
-c
--
[email protected] mailing list
