Dieter Klünter wrote:
Am Mon, 12 Feb 2018 18:10:29 -0800 schrieb Quanah Gibson-Mount quanah@symas.com:
--On Tuesday, February 13, 2018 9:31 AM +1000 William Brown wibrown@redhat.com wrote:
On Mon, 2018-02-12 at 14:30 +0100, Michael Ströder wrote:
HI!
To me this rationale for SMTP submission with implicit TLS seems also applicable to LDAPS vs. StartTLS:
https://tools.ietf.org/html/rfc8314#appendix-A
So LDAPS should not be considered deprecated. Rather it should be recommended and the _optional_ use of StartTLS should be strongly discouraged.
Yes, I strongly agree with this. I have evidence to this fact and can provide it if required,
Personally, I'm all for it. I'd suggest using the above RFC as a template for one formalizing port 636, so it's finally a documented standard.
We have had discussed this topic some 10 years ago, at that time Kurt had some concerns with regard to ldaps and port 636. Unfortunately I can't remember details.
The above mentioned Appendix A references this section which summarizes the concerns:
https://tools.ietf.org/html/rfc2595#section-7
IMO all these "issues" were even debatable at that time.
Ciao, Michael.