On Tue, Mar 06, 2012 at 09:43:44AM -0500, Prentice Bisbal wrote: > It sounds like you don't full understand TLS and the difference between > TLS and SSL. I hope this brief explanation can help you out. I hope I'm > not making a fool out of myself my telling you something you already know. > > TLS is similar to SSL, except that it happens on the non-encrypted port > address, so for LDAP, that would be on port 389, instead of the LDAP+SSL > port of 636. For TLS the client connects to the "standard" unencrypted
Uh, no. TLS (http://tools.ietf.org/html/rfc5246) is SSLv3 with slight tweaks. SSL was IIRC a Netscape invention, and when IETF standardized it of course they had to change the name and make a few adjustments. STARTTLS (http://en.wikipedia.org/wiki/STARTTLS) is a mechanism (used in a number of protocols, including LDAP and also SMTP) by which two hosts can agree to upgrade an unencrypted connection to (TLS or SSL) encrypted. -- Mark H. Wood, Lead System Programmer [email protected] Asking whether markets are efficient is like asking whether people are smart.
pgp3UpiWk5jUc.pgp
Description: PGP signature
