--On July 23, 2007 10:09:33 PM +0200 Emmanuel Dreyfus manu@netbsd.org wrote:
Quanah Gibson-Mount quanah@zimbra.com wrote:
Just note that using SSL over port 636 is not a defined protocol, and may go away in the future. Avoidance of its use when possible recommended.
I have this in /etc/services: ldaps 636/tcp ldap protocol over TLS/SSL (was sldap)
And checking the authoritative source confirms it's registered. http://www.iana.org/assignments/port-numbers
So what's wrong with LDAP/SSL over port 636?
It is not defined by any RFC, it is simply a hack that was put in to address an issue with LDAPv2. LDAPv3 implements the RFC defined STARTTLS operation (RFC 2830). Just because it is registered with iana doesn't mean it is something that's been truly defined. As such, it faces the possibility of disappearing in the future.
--Quanah
-- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration