directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From build...@apache.org
Subject svn commit: r1003981 - in /websites/staging/directory/trunk/content: ./ api/user-guide/5.1-ssl.html
Date Mon, 02 Jan 2017 18:39:37 GMT
Author: buildbot
Date: Mon Jan  2 18:39:37 2017
New Revision: 1003981

Log:
Staging update by buildbot for directory

Modified:
    websites/staging/directory/trunk/content/   (props changed)
    websites/staging/directory/trunk/content/api/user-guide/5.1-ssl.html

Propchange: websites/staging/directory/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Mon Jan  2 18:39:37 2017
@@ -1 +1 @@
-1776943
+1776976

Modified: websites/staging/directory/trunk/content/api/user-guide/5.1-ssl.html
==============================================================================
--- websites/staging/directory/trunk/content/api/user-guide/5.1-ssl.html (original)
+++ websites/staging/directory/trunk/content/api/user-guide/5.1-ssl.html Mon Jan  2 18:39:37
2017
@@ -165,7 +165,7 @@
         </div>
         <div class="nav_next">
         
-            <a href="5.23-start-tls.html">5.2 - StartTLS</a>
+            <a href="5.2-start-tls.html">5.2 - StartTLS</a>
 		
         </div>
         <div class="clearfix"></div>
@@ -184,9 +184,21 @@
 }
 h2:hover > .headerlink, h3:hover > .headerlink, h1:hover > .headerlink, h6:hover
> .headerlink, h4:hover > .headerlink, h5:hover > .headerlink, dt:hover > .elementid-permalink
{ visibility: visible }</style>
 <h1 id="51-ssl">5.1 - SSL<a class="headerlink" href="#51-ssl" title="Permanent link">&para;</a></h1>
-<blockquote>
-<p><strong>Note:</strong> Contents for this page will be added soon...</p>
-</blockquote>
+<p><strong>LDAP</strong> supports <strong>SSL</strong>, it's
called <strong>LDAPS</strong>, and it uses a dedicated port. As of today, and
since 2000, <strong>LDAPS</strong> is deprecated and <strong>StartTLS</strong>
should be used.</p>
+<p>That being said, many servers accept <strong>LDAPS</strong>, and the
Apache LDAP API supports it.</p>
+<h2 id="how-does-it-work">How does it work ?<a class="headerlink" href="#how-does-it-work"
title="Permanent link">&para;</a></h2>
+<p>The <strong>SSL</strong> protocol ensures that data are transmitted
encrypted, and guarantees that the data being received are valid. Nobody can capture those
data and read them, assuming the ciphers being used are strong enough.</p>
+<p>With <strong>SSL</strong>, a dialog between the client and the server
occurs, and when both part agree on the cipher to use, then all subsequent data is encrypted.
This dialog may include a mutual validation. </p>
+<h2 id="protocols">Protocols<a class="headerlink" href="#protocols" title="Permanent
link">&para;</a></h2>
+<p>There are many version that can be used, but the idea is to use tha most recent
one, if the server supports it. In any case, as we depend on <strong>Java</strong>,
we are also limited by the supported version on the client side. Here are all the existing
version, and their status :</p>
+<p>| SSL | Java 7 | Java 8 |
+| version | Client | Server | Client | Server |
+|---|---|---|---|---|
+| 2.0 | N/A | N/A | N/A | N/A |
+| 3.0 | Disabled | Disabled | N/A | N/A |
+| 3.1 (aka TLSv1) | Enabled | Enabled | Enabled | Enabled |
+| 3.2 (aka TLSv1.1 | Disabled | Enabled | Enabled | Enabled |
+| 3.3 (aka TLSv1.2) | Disabled | Enabled | Enabled | Enabled |</p>
 
 
     <div class="nav">
@@ -202,7 +214,7 @@ h2:hover > .headerlink, h3:hover > .head
         </div>
         <div class="nav_next">
         
-            <a href="5.23-start-tls.html">5.2 - StartTLS</a>
+            <a href="5.2-start-tls.html">5.2 - StartTLS</a>
 		
         </div>
         <div class="clearfix"></div>



Mime
View raw message