Computer netwok

Secondly, this approach requires the user to perform encryption and decryption before and after retrieving the information from the directory. At best, this could be accomplished by a custom application, which interfaced directly with the client LDAP application. At worst, existing client LDAP applications would need to be rewritten to incorporate computer netwok encryption and decryption. This is an undesirable situation for which a simple solution exists: add a third party, between the client and server, to handle encrypting and decrypting the data

The third party component could be a custom component written specifically for the purpose of handling encryption and decryption of information between the client and directory. However, we find it much more useful to leverage the existing technology of virtual directories to provide the third party component to the model. The benefits of doing so are numerous, and will be discussed in detail later.