Secure Sockets Layer (SSL), and its more flexible successor, Transport Layer Security (TLS)222, described in RFC 2246223, are popular standards for encryption of Internet communications, which operate just above TCP/IP224. They were discussed in general in section 2.3.1.
SSL and TLS also have specific application in the area of directory services.
Information provided by directory services can include sensitive details about the enterprise and its network configuration types of data that you wouldnt want an attacker with a network packet sniffer to have. Therefore, many directory services can make use of encryption when sending data back and forth between directory service client and server.
If your directory service supports an encrypted communication path, use it. If youre using vanilla LDAP, consider moving to LDAP over TLS, which provides such encryption.
Home - Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.