On 3/30/22 19:28, Stefan Kania wrote:
That's what can be found in the FAQ on openldap.org: https://www.openldap.org/faq/data/cache/605.html I would trust this more then any rumors on any stackxxxx page ;)
But in this case it's the other way round. The text in the FAQ-O-MATIC is outdated (and cannot be changed I presume).
In the mean-time the IETF position of this had changed. But nobody updates any LDAP-related IETF standards anymore.
Personally I'm recommending LDAPS over StartTLS ext.op. since ever.
Ciao, Michael.