Ulrich Windl wrote:
Isn't the SSF strength for ldapi:// zero?
The SSF strength of ldapi:// is whatever you set with configuration directive localSSF. It's your local security policy decision.
Personally on my systems I don't see any problem with setting it to an equal strength like a strongly encrypted TLS connection. YMMV.
Ciao, Michael.