Michael Ströder wrote: > On 3/31/22 19:15, Quanah Gibson-Mount wrote: >> I think the clear text bind issue in fact shows that LDAPS is >> technically superior to startTLS when encryption is required. The >> remaining issue is there's no RFC for it. I'd like to see that >> addressed. > My attempt to resurrect the IETF ldapext WG failed back in 2015. :-/ > > Well, in fact every LDAP server I've tested supports LDAPS. So at least > implementors should not have any objections. > > So if you're eager to write an individual I-D I'd be willing to review, > discuss and support it. But I won't write it.
At this point it could just be an Informational RFC, describing current practice. > > Ciao, Michael. > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
