Quoth [EMAIL PROTECTED] (Sam Hartman):
| >>>>> "Donn" == Donn Cave <[EMAIL PROTECTED]> writes:
|
| Donn> An LDAP service certainly should have its own key, but in my
| Donn> opinion this should actually be a run time option. LDAP
| Donn> services aren't really a distinct category. You might run
| Donn> several LDAP services on the same host whose data and access
| Donn> controls are completely different, and that's what you would
| Donn> like to base the service principals on, not the technicality
| Donn> of the protocol. But you might also run two that are
| Donn> essentially identical, but on separate service ports for
| Donn> testing, so it isn't ideal to just incorporate the service
| Donn> port in the service principal to accomplish this (don't
| Donn> laugh! I believe there are implementations that do exactly
| Donn> that.)
|
| The problem is that you need a secure mechanism to tell the client
| what principal to authenticate against. Specifying that in the
| protocol document is a great way to make sure it is securely known.
If I run separate LDAP services with separate principals like
ldapwhitepages/x.y.edu and ldapaccounts/x.y.edu, the clients
(and the servers) would presumably get that information from
configuration files, just as they currently need to know what
host and service port to connect to.
Could you elaborate on the problem with this as a secure mechanism?
Given that host and port are going to be determined this way.
Donn Cave, [EMAIL PROTECTED]
