[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#5758) NO-OP control criticality
Full_Name: Pierangelo Masarati
Version: HEAD/re24/re23
OS: irrelevant
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (81.72.89.40)
Submitted by: ando
The latest draft I can find (14 February 2007) states that
Clients MUST provide a
criticality value of TRUE to prevent unintended modification of the
directory.
As a consequence, I think the server could reject instances of this control with
a criticality of FALSE, to prevent its unintended use. However, OpenLDAP's
slapd currently tolerates a criticality of FALSE, and OpenLDAP clients allow
users to use this control with a criticality of FALSE. I think the clients need
to be fixed, and the server should prevent this improper use. Also, the server
should check whether the control is used with operations not indicated in the
draft (i.e. non-write ops).
p.