You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by bu...@apache.org on 2017/01/25 12:57:50 UTC
svn commit: r1005568 - in /websites/staging/directory/trunk/content: ./
api/user-guide/5.2-start-tls.html
Author: buildbot
Date: Wed Jan 25 12:57:49 2017
New Revision: 1005568
Log:
Staging update by buildbot for directory
Modified:
websites/staging/directory/trunk/content/ (props changed)
websites/staging/directory/trunk/content/api/user-guide/5.2-start-tls.html
Propchange: websites/staging/directory/trunk/content/
------------------------------------------------------------------------------
--- cms:source-revision (original)
+++ cms:source-revision Wed Jan 25 12:57:49 2017
@@ -1 +1 @@
-1780184
+1780185
Modified: websites/staging/directory/trunk/content/api/user-guide/5.2-start-tls.html
==============================================================================
--- websites/staging/directory/trunk/content/api/user-guide/5.2-start-tls.html (original)
+++ websites/staging/directory/trunk/content/api/user-guide/5.2-start-tls.html Wed Jan 25 12:57:49 2017
@@ -184,7 +184,7 @@
}
h2:hover > .headerlink, h3:hover > .headerlink, h1:hover > .headerlink, h6:hover > .headerlink, h4:hover > .headerlink, h5:hover > .headerlink, dt:hover > .elementid-permalink { visibility: visible }</style>
<h1 id="52-starttls">5.2 - StartTLS<a class="headerlink" href="#52-starttls" title="Permanent link">¶</a></h1>
-<p>As we have seen in the previous chapter, <strong>LDAPS</strong> has some drawbacks. There is a better alternative when it comes to securing communication -- using <strong>startTLS</strong>.</p>
+<p>As we have seen in the previous chapter, <strong>LDAPS</strong> has some drawbacks. There is a better alternative for securing communications between the client and server -- <strong>startTLS</strong>.</p>
<p>The idea is to use an existing connection to send a message to the server and request it to be encrypted. We keep going with the current connection, on the same port, but the exchanged data will continue as encrypted.</p>
<p>The <strong>startTLS</strong> extended operation is used for this. It's a pure LDAP request that blocks other requests on the connection until it becomes secured. Of course, if some operations are pending, the operation will not be executed until the pending operations are completed.</p>
<h2 id="how-to-use-it">How to use it<a class="headerlink" href="#how-to-use-it" title="Permanent link">¶</a></h2>