[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Failed or Abandoned Bind operations

To: Jim Sermersheim <jimse@novell.com>, ietf-ldapbis@OpenLDAP.org
Subject: RE: Failed or Abandoned Bind operations
From: "Ramsay, Ron" <Ron.Ramsay@ca.com>
Date: Fri, 22 Nov 2002 13:04:42 +1100

Abandoning a Bind?? This is novel. How would you know if it wee abandoned -
would you expect bind error. In this case surely you would behave as if the
bind were errored.

But I am intrigued at abandoning a bind. Technically, I don't see how this
is possible because operations cannot be sent until a bind is completed. I
know LDAP relaxed this by assuming an anonymous bind, but having initiated
an explicit bind I think you deny this treatment.

Ron.

-----Original Message-----
From: Jim Sermersheim [mailto:jimse@novell.com]
Sent: Friday, 22 November 2002 02:16
To: ietf-ldapbis@OpenLDAP.org
Subject: Failed or Abandoned Bind operations


The current text in section 4.2.1 of the protocols document says:

"Authentication from earlier binds are subsequently ignored, and so if the
bind fails, the connection will be treated as anonymous."

This does not address the issue of an abandoned bind operation. I suggest
something like:

"Authentication from earlier binds are subsequently ignored. A failed or
abandoned Bind Operation has the effect of leaving the connection in an
anonymous state. Clients MUST rebind after abandoning a bind operation in
order to determine a known authentication state."

Does this adequately cover the issue? Does it inadvertently introduce
anything bad?

Jim

Follow-Ups:
- RE: Failed or Abandoned Bind operations
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: A plan for PKIX, LDAPv3, and ;binary
Next by Date: Syntaxes: '$' in Teletex Terminal Identifier
Index(es):
- Chronological
- Thread