Thank you for the quick reply. We're going for the TLS based solution. However, I'd like a better understanding of SASL, so let me post these questions: - What can SASL be used for besides Kerberos integration? The RHDS documentation says that TLS can be used as an authentication mechanism, but doesn't provide much details. - How can I check if SASL is enabled on my LDAP server (RHDS)? On 5/13/08, David Boreham <david_list at boreham.org> wrote: > Kenneth Holter wrote: > > > The DS supports both TLS and SASL. TLS can be used for both > > authentication and encryption, and should therefore cover our security > > needs. > > SASL is quite new to me, and as of now I don't see the benefit of using > > it. Which security or functionality features does SASL provide that TLS > > doesn't? I know that SASL enables integration with Kerberos, but we're most > > likely not going for a Kerberos based solution. > > > > > SASL is primarily needed to support Kerberos clients. > Use TLS unless you already know that you want SASL for some reason. > > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20080513/ab86bdd5/attachment.html
