0

This question has been asked and answered here, here, and also basically here. I'm asking again because the answers and information is conflicting.

LDAPS:

According to Wikipedia (and its RFC sources) LDAPS was LDAPv2, never standardized, and is deprecated as of 2003. The first answer also says that StartTLS is preferred over LDAPS.

However, LDAPS never allows an unencrypted connection, which means that no information could ever be transmitted in plaintext. Additionally, the second answer favors LDAPS, and I think Active Directory still supports it?

StartTLS:

Then there's StartTLS, which is the official, standard way of doing it.

However, I'm researching IDMs, and this documentation mentions that StartTLS has security problems (without specifying what).

I looked for more information and found this, which shows StartTLS defaulting back to plaintext!

So LDAPS or StartTLS?

So I get the impression that there's the argument, "StartTLS is the official way of securing LDAP", and then there's the argument, "LDAPS secures the connection from the start, avoiding security vulnerabilities of StartTLS".

Is there a correct answer here? If yes, what is it?

jeffrey.d.m
  • 111
  • 5
  • I'm confused. There's an official, standard way, but you want to know the "correct" way? Do you mean "the more secure" way? I've read the links you provided, and there is no "conflicting" information. If you are looking for "the one true way", there isn't one. Both have different uses and pros and cons. So, I think you need to rephrase and reframe the question because it looks like you are working from a faulty assumption and a faulty expectation. – schroeder Dec 06 '21 at 20:39
  • StartTLS falls back to plaintext ***by design*** as explained by your links ... It's not a fault. – schroeder Dec 06 '21 at 20:45

1 Answers1

2

You should use LDAPS. That way, it is impossible to transmit data over cleartext and nobody can attempt a downgrade attack.

For many years, StartTLS was preferred because it meant that a second port didn't have to be issued for a TLS-tunnelled connection, and ports under 1024 are scarce. However, we've seen various attacks where StartTLS is disabled, including by various ISPs, by tampering with the announcement of StartTLS. Thus, the only safe way to use StartTLS is to fail if the request is made over an unencrypted connection, but note that this still can leak parts of the request to an attacker in such a case.

The time that StartTLS becomes valuable is if you have a connection that would otherwise be insecure and you want to opportunistically adopt encryption. For example, when running a mail server, you cannot force everyone to send you mail on the SMTPS port (465). Incoming mail will by default come in on port 25, but if you offer StartTLS, then the client can take advantage of that where otherwise they would have just sent unencrypted data. However, that doesn't apply to your LDAP server, since random parties on the Internet are not supposed to be contacting it, so you can just set a secure default for your infrastructure.

bk2204
  • 8,695
  • 20
  • 19