From: Ondřej Kuzník Date: Wed, 17 Feb 2021 13:20:05 +0000 (+0000) Subject: ITS#9102 Update secprop documentation X-Git-Tag: OPENLDAP_REL_ENG_2_5_2BETA~4^2~28 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d3fca1364bad636f7c635d2eb019a05f6e1daf63;p=thirdparty%2Fopenldap.git ITS#9102 Update secprop documentation --- diff --git a/doc/guide/admin/access-control.sdf b/doc/guide/admin/access-control.sdf index 5446e2186e..9b94ef79fc 100644 --- a/doc/guide/admin/access-control.sdf +++ b/doc/guide/admin/access-control.sdf @@ -1112,8 +1112,9 @@ You can restrict access based on the security strength factor (SSF) 0 (zero) implies no protection, 1 implies integrity protection only, 56 DES or other weak ciphers, -112 triple DES and other strong ciphers, -128 RC4, Blowfish and other modern strong ciphers. +112 triple DES and similar ciphers, +128 RC4, Blowfish and other similar ciphers, +256 modern ciphers. Other possibilities: diff --git a/doc/man/man5/ldap.conf.5 b/doc/man/man5/ldap.conf.5 index 8003600f6a..10fdd3a0b6 100644 --- a/doc/man/man5/ldap.conf.5 +++ b/doc/man/man5/ldap.conf.5 @@ -265,11 +265,10 @@ mechanisms which can pass credentials to do so). .B minssf= specifies the minimum acceptable .I security strength factor -as an integer approximating the effective key length used for +as an integer approximate to effective key length used for encryption. 0 (zero) implies no protection, 1 implies integrity -protection only, 56 allows DES or other weak ciphers, 112 -allows triple DES and other strong ciphers, 128 allows RC4, -Blowfish and other modern strong ciphers. The default is 0. +protection only, 128 allows RC4, Blowfish and other similar ciphers, +256 will require modern ciphers. The default is 0. .TP .B maxssf= specifies the maximum acceptable diff --git a/doc/man/man5/slapd-config.5 b/doc/man/man5/slapd-config.5 index 90341e5479..a1e6cef286 100644 --- a/doc/man/man5/slapd-config.5 +++ b/doc/man/man5/slapd-config.5 @@ -773,9 +773,8 @@ property specifies the minimum acceptable .I security strength factor as an integer approximate to effective key length used for encryption. 0 (zero) implies no protection, 1 implies integrity -protection only, 56 allows DES or other weak ciphers, 112 -allows triple DES and other strong ciphers, 128 allows RC4, -Blowfish and other modern strong ciphers. The default is 0. +protection only, 128 allows RC4, Blowfish and other similar ciphers, +256 will require modern ciphers. The default is 0. The .B maxssf= property specifies the maximum acceptable diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5 index 2c8b74e909..e033707a67 100644 --- a/doc/man/man5/slapd.conf.5 +++ b/doc/man/man5/slapd.conf.5 @@ -909,9 +909,8 @@ property specifies the minimum acceptable .I security strength factor as an integer approximate to effective key length used for encryption. 0 (zero) implies no protection, 1 implies integrity -protection only, 56 allows DES or other weak ciphers, 112 -allows triple DES and other strong ciphers, 128 allows RC4, -Blowfish and other modern strong ciphers. The default is 0. +protection only, 128 allows RC4, Blowfish and other similar ciphers, +256 will require modern ciphers. The default is 0. The .B maxssf= property specifies the maximum acceptable