Change Announcements (was Re: TLS/SSL-ceritificate & Replication v2.1.3)

[jimd@siu.edu]

I wholeheartedly agree! An "OperationalChanges" document should be
supplied with each OpenLDAP release that lists/details/points out all of
the significant/important changes in operational characteristics and/or
requirements for OpenLDAP.

I do go through the CHANGES and ANNOUNCEMENT files, but they don't carry
such operational changes. They may include something about a problem
that relates to an operational change, but not any indication of a
change in operational behaviour or requirements.

This is not something that should be relegated to an FAQ, and does
nothing to improve the usability of OpenLDAP, which IS what I want to
see. This is even more critical when making large version jumps between
installations.

It took me days to figure out that V2.1.3 had activated strict control
over attribute USAGE declarations. Yes, USAGE is listed in the RFC's,
but until some V2.x release of OpenLDAP it was not enforced. I had to do
a major change of attribute and objectclass layout for my pre-V2.1.x
release data. If an "OperationalChanges" file/document had been
available with the distribution that clearly identified this change in
operational behaviour/requirements, then I could have saved myself a LOT
of time pullying my hair out, trying to figure out what was wrong with
my previously working LDAP data. (posts to the mailing list were either
not accepted, or not answered)

Mailing lists are transitory. FAQ's are incomplete, out of date, and
usually more specific to a particular action taken rather than a
disclosure of a new operational requirement. They also are not readily
available when working in a standalone environment, are difficult to
search, and in many cases - just not useful. Online FAQ's are also not
easy to work with or correct, and they usually are very limited to scope
and length of entries. Lastly, many entries may not clearly identify the
real problem or a real S/W change as the "reporter" may not really know
what was causing the problem that thay are commenting on.

I would like to see an OperationalChanges document that identifies each
major operational change by release version. I can then plan,
accordingly, how to go about upgrading any particular version. If I
still have questions, then I will "hit" the mailing lists, where I will
be more informed as to what I am looking for, and responses will
(hopefully) be more relevant to the changes in question, rather than
just recommendations of trying "this or that".

I maintain some half-dozen implementations of OpenLDAP over four
different OS' (which could possibly expand), and "playing games"
guessing about what has changed in any given release is not fun, nor
funny. This also impacts being able to make intelligent recommendations
for use of the S/W, which management will certainly remember.


On 24 Aug, Will Day wrote:
> A short time ago, at a computer terminal not so far away, Kurt D. Zeilenga wrote:
>>>In particular, I'm thinking about things like the above
>>>change in cert verification behavior, as well as the change in SASL DN
>>>format. 
>>
>>Sounds like the start of a FAQ answer.  Feel free to add
>>useful answers to the FAQ.  It is interactive.
> 
> Hmm, yes an FAQ entry would be better than nothing, but the idea I was
> trying to get across was that ideally this should be information provided
> at release, by those who made the changes - rather than after release, by
> those who found the changes.