At 06:45 AM 1/22/2007, skalyanasundaram wrote: >Hi, > I have a very basic doubt. > I am trying to make client program which should work for both openldap >and as well as eDirectory. I am going to use openldap APIs only. My >situation is the server can be configured either to "use TLS for simple >bind with password" or not to use. So the client user knows what the >server has (TLS or not). Based on that he will mention the options >through the command line (port number 389 or 636) and boolean for use ssl >or not. > >What is the difference between TLS/SSL.
Without any particular qualification, the terms TLS and SSL are synonymous. > I am so confused after googling so >much. Both are variant of same protocol? TLSv1 and SSLv3 are variants of the same protocol. That is, the terms are not synonymous when qualified. >Somebody says TLS is on top of >SSL, That's the same as somebody saying "TLS is on top of TLS" or "SSL is on top of SSL". Technically, possibly... but.... >it tries for SSL connection and if it is not able to create secured >channel it goes for non-secured channel. Is it that way? > >Is it possible to create TLS connection on both the port 389, 636. You can run ldap:// on any port and then initiate TLS (SSL) via the Start TLS operation. 389 is the default port for ldap:// You can run ldaps:// on any port and have TLS (SSL) initiated upon connect. 636 is the default port for ldaps:// In either case, one ends up with LDAP protected by TLS (SSL). The difference is how TLS is initiated. Kurt --- You are currently subscribed to ldap@umich.edu as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
