[Date Prev][Date Next]
Required OIDs in DNs
As you may have realized, I've finally noticed that the LDAP standard is
being updated:-) I suppose I'm beating a dead horse here, but could
someone explain the points below or point me to an explanation?
Why were DNs changed to require numeric OIDs instead of names for other
attribute types than those in the table in [LDAPDN] paragraph 2.3? I
have read some of the discussions on the mailinglist but I still don't
- The same name can have different OIDs in different servers:
OK, but that does not apply to the attributes in [SCHEMA]. Why
not allow all attributes defined there, at least?
- The attributes could have different syntax on different servers:
That still doesn't apply to those in [SCHEMA]. userCertificate was used
as an example, was that because it has been removed from [SCHEMA]? Or
if there is some other reason which could happen because a syntax might
not be implemented in both servers or something, how about restricting
the list to attributes with EQUALITY match caseIgnoreMatch or
caseIgnoreIA5Match? Then both client and server could compare string-
encoded DNs as if they were UTF-8 strings without knowing the syntax.