Re: LDAP Certificate transfer syntax

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

At 05:09 AM 2002-04-04, David Chadwick wrote:
>thanks for your messages that have clearly stated the case that ;binary
>is needed as a general transfer encoding, and that many attributes exist
>without a native LDAP encoding being defined for them.
>
>But this does raise the more general issue of how does a user who asks
>for "all" attributes, deal with those which are returned, whose native
>encoding he is unfamiliar with. Does the server assume the client knows
>(in which case ;binary will only be used on those attributes with no
>native encoding defined) or does not know (in which case ;binary will
>need to be used on all attributes that are not defined in Internet
>standard RFCs).

This is being addressed, in general, in the LDAPbis protocol I-D
(draft-ietf-ldapbis-protocol-xx.txt).

I think we have consensus on the handling of options, including
transfer options, in general.  However, IIRC, Jim needs to revise
the text slightly to address a couple of cases (such as handling
of '*').

I think it very important certificate schema not be a 'special
case'.   I am concerned that adding a 'native' encoding to
certificate schema will necessity the need for a 'special case'.
In particular, in the handling of '*' as the general handling
is to return the native encoding (no transfer option) if one
is defined and supported.


>Seems like ASN.1 DAP had some advantages after all :-)

DAP, in many ways, is lighter than LDAP.  :-(

Kurt