[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: DN "Relationship with LDAPv2 and RFC1779" Removal

To: ietf-ldapbis@OpenLDAP.org
Subject: Re: DN "Relationship with LDAPv2 and RFC1779" Removal
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Thu, 21 Dec 2000 23:42:33 -0800
In-reply-to: <5.0.0.25.0.20001221160328.02227880@router.boolean.net>

Playing devil's advocate...

At 07:49 PM 12/21/00 -0800, Kurt D. Zeilenga wrote:
>Section 3 says:
>  Server implementations parsing a DN string generated by an LDAPv2
>  client MUST also accept (and ignore) the variants given in section 4
>  of this document.

Assume:
   The syntax given in this document is more restrictive than the syntax
   in RFC 1779.  Implementations parsing a string generated by an LDAPv2
   client MUST accept the syntax of RFC 1779.  Implementations MUST NOT,
   however, generate any of the RFC 1779 encodings which are not
   described above in section 2.

was meant to be interpreted as saying:

   Implementations MUST accept the syntax of RFC 1779 but MUST generate
   DNs per section 2.

As all the additional variants with the section are required by the
RFC 1799 syntax, the rest of section 4 is redundant.  Given this,
one can replace all of section 4 by refining the section 3 statement:

   "Server implementations parsing a DN string generated by an LDAPv2
   client MUST also accept (and ignore) the variants given in section
   4 of this document."

to read:

   "All implementations MUST also accept the syntax of RFC 1779 but
   MUST generate DNs per section 2."

Now, as we cannot have a normative reference to RFC 1779, we need to
incorporate all the variants of RFC 1779's syntax into the Section 3
grammar.... and at this point we might as well drop "MUST generate
DNs per section 2" requirement.

However, I was under the impression that the more restrictive
syntax was introduced to ease the encoding and decoding of the DN
string.  It seems to me that the interpretation that all implementations
must parse RFC 1779 syntax is not consistent with the introduction of
the more restrictive syntax.

It also seems very odd to me that RFC 2253 appears to place different
requirements upon LDAPv3 servers than LDAPv2 clients.  I believe this
is inconsistent with the interpretation that all implementations must
parse RFC 1779 syntax (as well as just not making much sense).

The only reasonable explanation I can come up with is that RFC2253
requires dual server implementations to support the RFC 1779 syntax when
using LDAPv2 and the more restrictive RFC 2253 syntax when using LDAPv3
and just didn't consider the dual client implementations.

MarkW, do you have any insight how the Section 4 was intended to be
interpeted?

References:
- DN "Relationship with LDAPv2 and RFC1779" Removal
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: DN "Relationship with LDAPv2 and RFC1779" Removal
Next by Date: 2829 questions
Index(es):
- Chronological
- Thread