Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 10494 invoked from network); 22 Nov 2010 14:54:44 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 22 Nov 2010 14:54:44 -0000 Received: (qmail 91234 invoked by uid 500); 22 Nov 2010 14:55:16 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 91146 invoked by uid 500); 22 Nov 2010 14:55:15 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 91139 invoked by uid 99); 22 Nov 2010 14:55:15 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 22 Nov 2010 14:55:15 +0000 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests=FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of elecharny@gmail.com designates 74.125.82.42 as permitted sender) Received: from [74.125.82.42] (HELO mail-ww0-f42.google.com) (74.125.82.42) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 22 Nov 2010 14:55:07 +0000 Received: by wwf26 with SMTP id 26so35681wwf.3 for ; Mon, 22 Nov 2010 06:54:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:reply-to :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=tCCLBlkOzYjygpeERywEJRfnLHM64NswIwvKjfX76PY=; b=bN9xbsyeHQvAVzZfMmT9Pm7iP8Iq9YU7yMteuZRli3Y3pIvxC7OZxWpQixx4b80855 kZPL+6StwBS6AK/sUVAy+E0ZvJhebnun47BqHN6mzYofWcsp2+anuzowFsx7HEpIW0ue PPvjrmg0B2/aAW7t+1jhSY+BB+8tmfQgBjmKw= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:user-agent:mime-version:to:subject :references:in-reply-to:content-type:content-transfer-encoding; b=RPCt4DkPQV++6Cjo/dXkNJ1zlo/1p5+2tAC5a16XyNeH2C4AMqUsSSPM14t5VX/ejR XweuJWSRulPuAVdzg4VQ7ifSp3RxISr4ta7n0bFrOUZbpOzsXv/u4b/BGRhJ7CUTpH3n IVGRhN/b6VO3Jql0+8eEqtqaQG83h61yRJ2WA= Received: by 10.216.241.74 with SMTP id f52mr4891866wer.112.1290437674494; Mon, 22 Nov 2010 06:54:34 -0800 (PST) Received: from emmanuel-lecharnys-MacBook-Pro.local (lon92-10-78-226-4-211.fbx.proxad.net [78.226.4.211]) by mx.google.com with ESMTPS id y15sm2311691weq.30.2010.11.22.06.54.33 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 22 Nov 2010 06:54:33 -0800 (PST) Message-ID: <4CEA8428.4000702@gmail.com> Date: Mon, 22 Nov 2010 15:54:32 +0100 From: Emmanuel Lecharny Reply-To: elecharny@apache.org User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.12) Gecko/20101027 Thunderbird/3.1.6 MIME-Version: 1.0 To: Apache Directory Developers List Subject: Re: [ApacheDS] Enablement of LDAPS (SSL) Service in ApacheDS 2.0 configuration References: <6AABB0C6-5237-4270-BF11-0EF0B5542A9B@marcelot.net> <4CEA7EA6.8010603@gmail.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Virus-Checked: Checked by ClamAV on apache.org On 11/22/10 3:37 PM, Pierre-Arnaud Marcelot wrote: > Hi Emmanuel, > > On 22 nov. 2010, at 15:31, Emmanuel Lecharny wrote: > >>> WDYT ? >> IMO, if the SSL transport is present, then LDAPS should be enabled. No need for an extra flag. > I agree with this (transport being present and enabled). > > But I propose we make this a consistent behavior all across the servers > In that case, how about removing the 'ads-enable' attribute from the servers entries and look for the value in the transport ? +1, if everybody agree, of course. -- Regards, Cordialement, Emmanuel L�charny www.iktek.com