httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject Re: Auth LDAP ssl/tls differences
Date Tue, 04 Jan 2005 21:49:55 GMT
At 01:55 PM 1/4/2005, Jim Jagielski wrote:

>On Jan 4, 2005, at 2:40 PM, William A. Rowe, Jr. wrote:
>>
>>Incident http://issues.apache.org/bugzilla/show_bug.cgi?id=31443
>>offers a solution which we should consider adopting.  As I was
>>asking for some offline feedback - Graham mentioned that some
>>implementations use the URL to specify that STARTTLS is desired.
>>But without some references the proposal seems to be a better
>>option - we shouldn't be redefining the ldap:// URI space.
>>
>>Does anyone have any references to specifying STARTTLS as part
>>of the URI to the ldap server?  Any other comments on this patch
>>before I integrate into httpd-2.1?
>
>+1 for adding it in... Even better if it's made into
>a branch for development before folding back into HEAD
>(yeah svn!) but no matter what, let's fold it in an
>start cracking on it.

For httpd-2.1 - the patch is entangled across apr and httpd.
The httpd side shouldn't require a cheap branch, since it should
be forward progress which won't affect existing configurations.
The apr side might need to be twisted off into a temporary branch
but we can see how awkward the code changes come out.

Looking for any other comment or alternative or ldap URI syntax
before we commit the LDAPStartTLS (or AuthLDAPStartTLS which seems
to be where this directive should be, associated with an AuthLDAPURL?)

Bill
Bill 



Mime
View raw message