SASL auth, SSL via StartTLS vs Kerberized SSL via StartTLS

[Predrag Punosevac]

I am trying to get my head wrapped around securing LDAP so please
forgive me this n00b questions. My final goal is to replace our current
NFS+NIS with NFS+LDAP+[Kerberos] set up. 

I see by default OpenLDAP clients are authenticating via SASL. I also
see the Kerberos can be used with SASL. 

Could somebody point me to a document describing pros and cons of
Kerberazing SASL on "secure" network? As described in an earlier e-mail
I opted for OpenBSD stack LDAP server and I would use stack Kerberos
server.

Thanks,
Predrag