[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: authmeth - user & client usage

To: <Kurt@OpenLDAP.org>
Subject: Re: authmeth - user & client usage
From: "Steve Sonntag" <vtag@novell.com>
Date: Thu, 06 Dec 2001 14:02:46 -0700
Cc: <ietf-ldapbis@OpenLDAP.org>
Content-disposition: inline

>
>
>>>> "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> 06-Dec-01 1:43:10 PM >>>
>Here are my personal thoughts on this.
>
>It may be useful to distinguish between the user (a human or
>application entity) and the client (director user agent).
>
>It would be inappropriate to distinguish components of the client,
>in particular which portions are part of APIs shared between
>multiple clients and portions specific to the particular client.
>
>Kurt

Agreed, I had no intent of identifying or separating client
components,
but instead wanted only to identify what is the responsibility of the
application/user
versus the LDAP client protocol agent.

-Steve

>
>At 08:54 AM 2001-12-06, Steve Sonntag wrote:
>
>>In reviewing the draft, I was struck by what seems to me to be an
>>inconsistancy between the usage of the terms user and client.
>>
>>The draft defines user as 
>>> "user" represents any application which is an LDAP client using 
>>>  the directory to retrieve or store information. 
>>
>>In my mind a client is a client implementation of the LDAP protocol
>>(API)
>>where a user is an application using an implementation of an LDAP
>>client (API) to access an LDAP directory.
>>
>>If one uses definitions like this, then there is a division of
>>responsibility -
>>between the client API and the application. Many of the usages of
>>client in
>>the I-D should really be user.  An example is the discussion of
>>bind in section 4.3.3.  
>>
>>> If the client did not bind before sending a request and receives an

>>> operationsError, it may then send a Bind Request. If this also
fails
>>
>>> or the client chooses not to bind on the existing connection, it 
>>> will close the connection, reopen it and begin again by first 
>>> sending a PDU with a Bind Request. 
>>
>>Other usages seem to be the responsibility of the client (API), like
>>section 5.1:
>>
>>> The client MUST NOT send any PDUs on this connection following this

>>>  request until it receives a Start TLS extended response.
>>
>>I suggest that the terminology be tightened to distinguish between
the
>>application
>>and the implementation of the client protocol.  To me, the term
>>application is 
>>perhaps clearer in meaning than user.
>>
>>-Steve
>>
>>------------------------
>>Steve Sonntag
>>Novell, Inc., the leading provider of Net services software

Follow-Ups:
- Re: authmeth - user & client usage
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: authmeth - user & client usage
Next by Date: Re: authmeth - user & client usage
Index(es):
- Chronological
- Thread