Re: Understanding TLS SSF

30 Jul 2008

      On Wed, Jul 30, 2008 at 1:35 PM, Hallvard B Furuseth <
h.b.furuseth@usit.uio.no> wrote:
...
Patrick Patterson writes:
...
On Wed, Jul 30, 2008 at 9:59 AM, J Davis mrsalty0@gmail.com wrote:
Pet peeve: While it doesn't help your problem, you should in addition to
this:
...
...
access to *
    by tls_ssf=128 ssf=128 anonymous auth
    by tls_ssf=128 ssf=128 self write

use something like 'security simple_bind=128 update_ssf=128'.  This
gives the result code confidentialityRequired instead of
invalidCredentials when the ssf is insufficient.  Thus users who did not
use TLS don't get the impression that they just sent the wrong password

and maybe then send the unprotected password again

Well, that certainly is an improvement.
-Jake

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: Understanding TLS SSF