Re: some outstanding items for clarification

["Jim Sermersheim" <jimse@novell.com>]

>>>> "Timothy Hahn" <hahnt@us.ibm.com> 12/12/00 6:33:32 AM >>>
>Greetings,
>
>In reading the latest drafts I found the following items either not
>specified or under-specified.  I believe that these were not adequately
>covered in RFC 2251-2256 and since we're looking to move these forward in
>this group, I would like to see clarifications on these with the goal of
>better interoperability across implemenatations.
>
>1) Null attribute values.  Some implementations are known to accept
>zero-length values for attributes.  I found no information in the RFCs or
>drafts that dis-allows this.  Could someone clarify whether the LDAP data
>model allows zero-length attribute values?

My take is that this is generaly implicitly allowed (except where disallowed 
as in country), and explicitly called out in at least one case (namingContexts 
in 5.2.1.of 2252).

Unfortunately, LDAP doesn't have any way of conveying a minimum length 
(only a suggested max) in the schema for attribute values.

>2) Some implementations always "publish" schema at "cn=schema".  Right or
>wrong, some applications have assumed that there will always be a subschema
>entry in every server named "cn=schema".  My interpretation of the RFCs and
>drafts is that "publishing schema" at a "fixed" DN is NOT required and
>should not be relied upon by clients.  I assert that we should not disallow
>publishing schema at a subschema entry named "cn=schema" - but it should
>not be required either.

This is more of an education issue right? The specification doesn't mandate the 
name of the entry. I think one vendor chose cn=schema, and everyone else just 
followed. If I remember right, client writers that hard code to cn=schema will be 
dismayed when they try to run against OpenLDAP.

<snip>

I think the other topics are being/have been discussed in other threads