From:  "Mike" <prattm@gmail.com>
Date:  11 Jan 2006 01:06:45 Hong Kong Time
Newsgroup:  news.mozilla.org/netscape.public.mozilla.directory
Subject:  

SSL vs. SASL

NNTP-Posting-Host:  199.46.199.230

We've been using LDAP for some time now and are trying to implement
secure communications between our apps and the LDAP server.  I'm a
little confused over SSL and SASL.  Am I correct in assuming SSL is
purely a certificate-based means of secure communications?  Can I use
SASL to perform secure communications without having to specify
certificates, keys, etc?  By authenticating securely, is all subsequent
communication between my app and the server also secure?

Basically I just want to have my app come up, authenticate with the
LDAP server without sending the username/password in clear text, and
then be able to perform queries.  Any information you can provide would
be appreciated.

Mike