Microsoft LDAP Channel Binding
Bernd Eckenfels
ecki at zusammenkunft.net
Wed Dec 18 22:28:24 UTC 2019
Here is a related bug
https://bugs.openjdk.java.net/browse/JDK-8208301 for ADFS.
Gruss
Bernd
--
http://bernd.eckenfels.net
________________________________
Von: Bernd Eckenfels <ecki at zusammenkunft.net>
Gesendet: Mittwoch, Dezember 18, 2019 4:29 AM
An: security-dev at openjdk.java.net
Betreff: Microsoft LDAP Channel Binding
Hello,
Microsoft just released an Security Advisory, announcing that upcoming Windows Server Versions will turn on mandatory TLS Channel Binding (and turn off simple binds with mandatory SASL signing) on LDAP Servers.
They also reminded Administrators to install the KB patch and turn the hardened Settings on.
Do you have experiences with this, will Java (8) work with the setting of "mandatory is supported" (1) and/or "mandatory" (2) for this key, and if not what is the plan here?
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV190023
https://support.microsoft.com/en-us/help/4034879/how-to-add-the-ldapenforcechannelbinding-registry-entry
Gruss
Bernd
--
http://bernd.eckenfels.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20191218/e3e59ede/attachment.htm>
More information about the security-dev
mailing list