LDAP Security Requirements Section 2.19 of ISO/IEC 27000:2009 ISO27000 defines information security as "preservation of confidentiality, integrity and availabi...
Password based SASL mechanisms Several SASL mechanisms provide for authentication using passwords. Their security properties are different. Threats 1 The user...
Proxy Authentication LDAP provides mechanisms for one account to act on behalf of (and with the access rights of) another. Threats 1 In real life, people occa...
SASL External Authentication SASL allows an authentication established by non LDAP means such as TLS to be used in LDAP. Threats 1 Re usable credentials such ...
Simple Bind To authenticate using Simple Bind, the LDAP client supplies a DN and a clear text password. Threats 1 The DN and password can be copied by an atta...