[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: LDAP Certificate transfer syntax

To: "'Mark Wahl'" <Mark.Wahl@sun.com>, David Chadwick <d.w.chadwick@salford.ac.uk>
Subject: RE: LDAP Certificate transfer syntax
From: Sharon Boeyen <sharon.boeyen@entrust.com>
Date: Wed, 3 Apr 2002 15:32:11 -0500
Cc: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>, Mark C Smith <mcs@netscape.com>, LDAP BIS <ietf-ldapbis@OpenLDAP.org>, PKIX <ietf-pkix@imc.org>

>From the PKIX perspective, I firmly believe that backward compatibility with the PKIX LDAP specs is a very important issue. I believe that what David is proposing satisfies that important criteria and support the proposal. Sharon -----Original Message----- From: Mark Wahl [mailto:Mark.Wahl@sun.com] Sent: Wednesday, April 03, 2002 2:51 PM To: David Chadwick Cc: Kurt D. Zeilenga; Mark C Smith; LDAP BIS; PKIX; mark.wahl@sun.com Subject: Re: LDAP Certificate transfer syntax David Chadwick wrote: > > > Now to the backwards compatibility issues. In the table below the only > problem will come with a new LDAPv3 client that does not use ;binary > with an existing v3 server that demands it. But we already have an > inconsistency in these current LDAPv3 servers in that they accept LDAPv2 > queries without ;binary but not LDAPv3 queries without ;binary. I do not think LDAPv2-LDAPv3 behavior is sufficient justification to cause incompatibility between two LDAPv3 implementations. Maybe an "LDAPv4" should have a different way for clients to send certificate, but LDAPv2 compatibility should not be a concern that causes this significant a change inside of the LDAPv3 specs. That is out of scope for LDAPBIS. Mark Wahl Sun Microsystems Inc.

Prev by Date: Re: LDAP Certificate transfer syntax
Next by Date: RE: LDAP Certificate transfer syntax
Index(es):
- Chronological
- Thread