Kerberos + LDAP How-To

Markus Moeller huaraz at
Sat Oct 23 08:02:54 EDT 2004


why do you use SSL and put extra load on the client/server if you already 
use Kerberos ? SASL/GSSAPI does authentication AND encryption !!
Cyrus-sasl may show only a SSF of 56, but this is only because is hardcoded 
in cyrus, it should be calculated from the kerberos key type .e.g. with 
3des,rc4 have a SSF of 128 or so.


"Matt Joyce" <syslists at> wrote in message 
news:4175A85F.6080004 at
> Thanks much to all of you for your responses.  Much of what I wanted to do 
> is actually answered more in depth on-line.... took me a long time to find 
> good documentation on it.
> Seems to be the best docs i've seen to date on the kerberos ldap link up. 
> Just thought I'd share that.
> -Matt Joyce.
> ________________________________________________
> Kerberos mailing list           Kerberos at

More information about the Kerberos mailing list