[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Critical controls

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>, Mark Smith <mcs@netscape.com>
Subject: RE: Critical controls
From: "Ramsay, Ron" <Ron.Ramsay@ca.com>
Date: Thu, 23 Nov 2000 11:56:25 +1100
Cc: Jim Sermersheim <JIMSE@novell.com>, ietf-ldapbis@OpenLDAP.org

What would be the harm in processing the abandon. Abandon WAS requested.

I think it is the same as unbind in that the client seemed to want to
unbind/abandon. It makes sense to unbind as the client will probably assume
it has been done. It makes sense to abandon as the client has selected an
operation to be abandoned. Or is it a conditional abandon? Do you want to
open the door where other controls are defined for 'conditional' abandon?

Or am I looking at this from the South end?

Ron.

-----Original Message-----
From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org]
Sent: Thursday, 23 November 2000 8:16
To: Mark Smith
Cc: Jim Sermersheim; ietf-ldapbis@OpenLDAP.org
Subject: Re: Critical controls

At 03:33 PM 11/22/00 -0500, Mark Smith wrote:
>Jim Sermersheim wrote:
>
>>  RFC 2251 states in section 4.1.12"If the server does not recognize
>> the control type and the criticality field is TRUE, the server MUST
>> NOT perform the operation, and MUST instead return the resultCode
>> unavailableCriticalExtension."and"If the control is not appropriate
>> for the operation and criticality field is TRUE, the server MUST NOT
>> perform the operation, and MUST instead return the resultCode
>> unavailableCriticalExtension." There is a problem in that LDAP doesn't
>> define an unbindResponse or an abandonResponse, thus can't return
>> unavailableCriticalExtension. When an unbind or abandon operation is
>> paired with an unrecognized or inappropriate critical control, is it
>> best to not perform the operation, or ignore the control? Jim
>
>Good question.  Maybe we say that clients MUST NOT send critical
>controls with abandon or unbind requests.  We could specify that servers
>SHOULD treat all controls that are marked critical that arrive with an
>abandonRequest or unbindRequest as not critical.  Not very clean, but we
>have to make a choice.

I suggest different handling for abandon then unbind.

  A abandon request with an unrecognized or inappropriate critical
  control should be ignored by the server.

  A unbind request with an unrecognized or inappropriate critical
  control should be processed by the server as if the control was
  not critical.

Kurt

Follow-Ups:
- RE: Critical controls
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: LBER (BER restrictions)
Next by Date: RE: LBER (BER restrictions)
Index(es):
- Chronological
- Thread