Projects/OWASP Framework Security Project/Secure LDAP API Standard

This standard is designed to describe the specific properties secure LDAP APIs have. APIs with these properties help developers, regardless of their skill or experience with LDAP, avoid the most common and serious vulnerabilities associated with developing LDAP client software.

= Properties of Safe LDAP APIs =

Documents the Security Risks of LDAP Filter Injection
TODO

Provides an LDAP Filter Escape Function
TODO

Provides LDAP Filter Syntax Templates
TODO

Provides an Abstract API for LDAP Filter Queries
TODO

Supports LDAPS
TODO

Supports LDAP with StartTLS
TODO

Enables SSL/TLS Certificate Validation by Default
TODO

Documents the Customization of Trusted Certificate Authorities
TODO

= Grading Scale = TODO

= TODO =


 * What other forms of encryption should we encourage? SASL and/or proprietary mechanisms?