manu@netbsd.org (Emmanuel Dreyfus) writes:
Quanah Gibson-Mount quanah@zimbra.com wrote:
Just note that using SSL over port 636 is not a defined protocol, and may go away in the future. Avoidance of its use when possible recommended.
I have this in /etc/services: ldaps 636/tcp ldap protocol over TLS/SSL (was sldap)
And checking the authoritative source confirms it's registered. http://www.iana.org/assignments/port-numbers
So what's wrong with LDAP/SSL over port 636?
There is a general trend for all IETF protocols away from using TLS on a separate port and towards using the standard port and STARTTLS. Allocating a second port for every major protocol, one with TLS and one without, was becoming wasteful of additional ports and there's no need for it given STARTTLS.