[EMAIL PROTECTED] wrote: > [EMAIL PROTECTED] writes: >> I suggest that we use option==1 for on, and option>1 for off, to >> minimize the impact of the change. (E.g., to explicitly turn off >> referrals, use ldapsearch -CC.) > > That conflicts with today's -ZZ, which seems a bad option to > create confusion about.
-ZZ should be deprecated, and -Z should simply and strictly require StartTLS. The concept itself of having StartTLS optional (without notice of whether it succeeded or not!) sounds extremely bogus to me. In all the clients I develop, I never provide such alternative, either on or off. p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: [EMAIL PROTECTED] -----------------------------------
