Alon Bar-Lev has posted comments on this change. Change subject: core: WIP: Add suppoort for SSL in LDAP. ......................................................................
Patch Set 1: Hello, Thank you for your effort, however, this is very partial solution... I thought we are to separate between authentication layer and transport layer. Authentication layer should be: 1. Simple 2. Digest-MD5 3. GSSAPI Transport layer should be: 1. Plain 2. SSL/TLS (protocol *IS* a parameter) or SSLv3, TLSv1 (at least) 3. startTLS I sent an example demonstrating how this should be done with all modes. And, when using SSL/TLS/startTLS we need to be able to configure the certificate store in order to properly validate the certificate. Also, the engine-manage-domains should be modified to pass authentication method, transport method and optionally extra information (trusted chain), when adding a new domain, and these should be used when using the domain. Thanks! Alon -- To view, visit http://gerrit.ovirt.org/10898 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I31acf3142ca8cffe8f9174545ee8421ec243644a Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Sharad Mishra <[email protected]> Gerrit-Reviewer: Adam Litke <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Oved Ourfali <[email protected]> Gerrit-Reviewer: Yair Zaslavsky <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
