StartTLS Request

Subject: StartTLS Request
Author: authen
In response to: StartTLS -- RFC 2830: Extension for Transport Layer Security
Posted on: 07/02/2007 01:33:39 PM

A client may perform a Start TLS operation by transmitting an LDAP
PDU containing an ExtendedRequest [LDAPv3] specifying the OID for the
Start TLS operation:

     1.3.6.1.4.1.1466.20037

An LDAP ExtendedRequest is defined as follows:

     ExtendedRequest ::= [APPLICATION 23] SEQUENCE {
             requestName             [0] LDAPOID,
             requestValue            [1] OCTET STRING OPTIONAL }

A Start TLS extended request is formed by setting the requestName
field to the OID string given above. The requestValue field is
absent. The client MUST NOT send any PDUs on this connection
following this request until it receives a Start TLS extended
response.

Note: Protocol Data Unit (PDU) is a standard method for transporting LDAP messages over TCP/IP.

>
> On 07/02/2007 01:21:55 PM authen wrote:

RFC 2830 defines the "Start Transport Layer Security (TLS)
Operation" for LDAP [LDAPv3, TLS]. This operation provides for TLS
establishment in an LDAP association and is defined in terms of an
LDAP extended request.

References:

Next Post: StartTLS Response authen 07/02/2007 02:18:32 PM
Previous Post: StartTLS -- RFC 2830: Extension for Transport Layer Security authen 07/02/2007 01:21:55 PM
Next Topic: StartTLS - Code Example: Explicit Assertion of Client's Authorization Identity authen 07/03/2007 06:28:27 PM
Previous Topic: LDAP Sort Control -- RFC 2891 SteveHB 06/07/2007 12:43:20 PM
Index: by Date
Index: by Topic