Re: ;binary and userCertificate (Was: Private email ...)

[mcs@netscape.com (Mark C Smith)]

Kurt D. Zeilenga wrote:
>

> > The standard no longer applies, so certificates can go their own way?
>
> Sure, you can throw out the old specification and start over.
> I don't believe that is warranted in this case.


I agree with Kurt. But clearly there are at least two points of view:

(1) Those who believe ;binary was a bad idea with respect to certificate 
attributes (I'll leave other uses of ;binary out of this discussion). 
The introduction of ;binary caused more interoperability problems than 
it solved.

(2) Those who believe ;binary was a useful idea with respect to 
certificate attributes. It allowed people to build standards compliant 
LDAPv3 clients and servers that interoperate in this area.

Now, I have never heard of any interoperability problems that involve an 
LDAPv3 client talking to an LDAPv3 server to search for, retrieve, or 
modify certificate attributes. In all operations, ;binary is used in the 
AttributeDescription. There is no ambiguity. Everyone is happy.

Can someone who is subscribes to (1) provide an example of an 
interoperability problem that does not involve LDAPv2?  If not, then the 
real question is whether we care about LDAPv2 any longer. I do not.

-Mark Smith
 Netscape