directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Boreham <>
Subject Re: TLS + SASL external and ACLs.
Date Sat, 07 May 2005 14:09:52 GMT

>BTW Can I get some pointers to StartTLS and SASL?  I don't know much about them.
Start TLS :
(Start TLS is easy: client sends a special extended op to the
server that says 'after you send me a postitive response to
this operation, flip the connection over to SSL/TLS').
Start TLS is a mechanism for avoiding the need to listen
on a separate port for SSL connections.

(As we've seen, SASL is a rather complicated mult-functional
thing. I've personally found it necessary to read the source
code from the reference implementation in order to fully
understand how to implement parts of it, because the
RFCs are not 100% clear or complete).
(Not all of the full SASL gamut is needed nor commonly used with

View raw message