Dieter Klünter wrote: > Am Mon, 12 Feb 2018 18:10:29 -0800 > schrieb Quanah Gibson-Mount <qua...@symas.com>: > >> --On Tuesday, February 13, 2018 9:31 AM +1000 William Brown >> <wibr...@redhat.com> wrote: >> >>> On Mon, 2018-02-12 at 14:30 +0100, Michael Ströder wrote: >>>> HI! >>>> >>>> To me this rationale for SMTP submission with implicit TLS seems >>>> also applicable to LDAPS vs. StartTLS: >>>> >>>> https://tools.ietf.org/html/rfc8314#appendix-A >>>> >>>> So LDAPS should not be considered deprecated. Rather it should be >>>> recommended and the _optional_ use of StartTLS should be strongly >>>> discouraged. >>> >>> Yes, I strongly agree with this. I have evidence to this fact and >>> can provide it if required, >> >> Personally, I'm all for it. I'd suggest using the above RFC as a >> template for one formalizing port 636, so it's finally a documented >> standard. > > We have had discussed this topic some 10 years ago, at that time Kurt > had some concerns with regard to ldaps and port 636. Unfortunately I > can't remember details.
The above mentioned Appendix A references this section which summarizes the concerns: https://tools.ietf.org/html/rfc2595#section-7 IMO all these "issues" were even debatable at that time. Ciao, Michael.
Description: S/MIME Cryptographic Signature