The problem
To use gokrb5 with LDAP against Windows Active Directory, it
either requires channel binding with TLS, or SASL security layers for non-TLS
connections.
Aside from LDAP, other protocols like IMAP, SMTP, and Kafka support SASL/GSSAPI.
Enhancement proposal
This issue is for SASL security layers (integrity, confidentiality).
The problem
To use gokrb5 with LDAP against Windows Active Directory, it
either requires channel binding with TLS, or SASL security layers for non-TLS
connections.
Aside from LDAP, other protocols like IMAP, SMTP, and Kafka support SASL/GSSAPI.
Enhancement proposal
This issue is for SASL security layers (integrity, confidentiality).