manu(a)netbsd.org (Emmanuel Dreyfus) writes:
Quanah Gibson-Mount <quanah(a)zimbra.com> wrote:
> Just note that using SSL over port 636 is not a defined protocol,
> go away in the future. Avoidance of its use when possible recommended.
I have this in /etc/services:
ldaps 636/tcp ldap protocol over TLS/SSL (was sldap)
And checking the authoritative source confirms it's registered.
So what's wrong with LDAP/SSL over port 636?
There is a general trend for all IETF protocols away from using TLS on a
separate port and towards using the standard port and STARTTLS.
Allocating a second port for every major protocol, one with TLS and one
without, was becoming wasteful of additional ports and there's no need for
it given STARTTLS.
Russ Allbery (rra(a)stanford.edu) <http://www.eyrie.org/~eagle/>