Quanah, Quanah Gibson-Mount wrote: > > Just note that using SSL over port 636 is not a defined protocol, and > may go away in the future. Avoidance of its use when possible recommended.
- IMO StartTLS ext. op. is flawed because there's no way to mandate the use of it before a misbehaving LDAP client has a chance to send credentials on the wire. - Also StartTLS ext. op. is rarely supported by LDAP clients. => If the OpenLDAP developers were really crazy enough to remove support for LDAPS from OpenLDAP I'd kick OpenLDAP out of my business immediately. Period. Ciao, Michael.
