openldap: SASL and/or TLS?
Craig White
craigwhite at azapple.com
Thu Dec 6 14:41:05 UTC 2007
On Thu, 2007-12-06 at 13:09 +0000, Timothy Murphy wrote:
> Still battling with openldap,
> which I actually have working perfectly,
> but which I still don't understand.
>
> What exactly is the relation between SASL and TLS?
> Are they alternative methods of authentication,
> or are they complementary in some way?
>
> Presently I'm just using TLS.
>
> Any illumination gratefully received.
----
TLS is encryption method
SASL is an authentication method
with reference to all recent Fedora versions (6/7/8), the openldap admin
guide is here...
http://www.openldap.org/doc/admin23/
or more specifically (SASL)
http://www.openldap.org/doc/admin23/sasl.html
OpenLDAP clients and servers are capable of authenticating via the
Simple Authentication and Security Layer (SASL) framework, which is
detailed in RFC2222. This chapter describes how to make use of SASL in
OpenLDAP.
and here...
http://www.openldap.org/doc/admin23/tls.html
OpenLDAP clients and servers are capable of using the Transport Layer
Security (TLS) framework to provide integrity and confidentiality
protections and to support LDAP authentication using the SASL EXTERNAL
mechanism.
Craig
More information about the fedora-list
mailing list