[Fedora-directory-users] SSL/TLS vs SASL in Directory Server solution
David Boreham
david_list at boreham.org
Tue May 13 13:31:13 UTC 2008
Kenneth Holter wrote:
> The DS supports both TLS and SASL. TLS can be used for both
> authentication and encryption, and should therefore cover our security
> needs.
>
> SASL is quite new to me, and as of now I don't see the benefit of
> using it. Which security or functionality features does SASL provide
> that TLS doesn't? I know that SASL enables integration with Kerberos,
> but we're most likely not going for a Kerberos based solution.
>
SASL is primarily needed to support Kerberos clients.
Use TLS unless you already know that you want SASL for some reason.
More information about the Fedora-directory-users
mailing list