[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Attribute Name Length Bounds

To: capple@dsi-consulting.net, ietf-ldapbis@OpenLDAP.org, jimse@novell.com
Subject: RE: Attribute Name Length Bounds
From: rvh@qsun.mt.att.com (Richard V Huber)
Date: Tue, 24 Jun 2003 16:04:16 -0400 (EDT)

As noted in Chris' email that started this discussion, it seems there
are implementations that do NOT consider every octet of every attribute
description to be significant.  So there is evidence that the current
documents were not interpreted the same way by all implementors and
there are interoperability problems if we say nothing.

So I think it should be clarified in the new documents.

Rick Huber

: From owner-ietf-ldapbis@openldap.org Tue Jun 24 15:09:42 2003
: Return-Path: <owner-ietf-ldapbis@openldap.org>
: From: "Chris Apple" <capple@dsi-consulting.net>
: To: "'Jim Sermersheim'" <jimse@novell.com>, <ietf-ldapbis@openldap.org>
: Subject: RE: Attribute Name Length Bounds
: Sender: owner-ietf-ldapbis@openldap.org
: 
: I think that's a consensus judgment call that
: the Co-Chairs need to make based on the discussion
: so far...
: 
: Chris Apple - Principal Architect
: 
: DSI Consulting, Inc.
: 
: mailto:capple@dsi-consulting.net
: 
: http://www.dsi-consulting.com
: 
: -----Original Message-----
: From: owner-ietf-ldapbis@OpenLDAP.org
: [mailto:owner-ietf-ldapbis@OpenLDAP.org] On Behalf Of Jim Sermersheim
: Sent: Monday, June 23, 2003 2:17 PM
: To: ietf-ldapbis@OpenLDAP.org
: Subject: RE: Attribute Name Length Bounds
: 
: 
: Can we answer the question:
: 
: Does any work need to happen to the LDAP TS to address this particular
: issue? 
: 
: Any suggested changes I've heard so far have worried me for one reason
: or another.
: 
: Jim
: 
: >>> "Ramsay, Ron" <Ron.Ramsay@ca.com> 6/19/03 9:59:36 PM >>>
: This is a silly suggestiion, of course every octet in a PDU is
: significant. If this was an ellipses for "every octet of every attribute
: description in a PDU is significanr" then it is inappropriate - it is
: not an ASN.1 issue, it is an application issue.
: 
: -----Original Message-----
: From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org] 
: Sent: Friday, 20 June 2003 13:02
: To: Howard Chu
: Cc: ietf-ldapbis@OpenLDAP.org 
: Subject: RE: Attribute Name Length Bounds
: 
: 
: At 08:29 PM 6/17/2003, Howard Chu wrote:
: >> The point is that the possibility of interpreting
: >> the specs in this way already set us up for deployment
: >> issues related to several published schema with attribute
: >> names on the longer side of what might have been considered
: >> typical a few years ago.
: >
: >If the server rejects overly-long names with an error message, fine,
: but your
: >message implied that it silently ignored the characters comprising the
: excess
: >length in the name. If it seems that the spec is ambiguous about the
: >significance of characters in a short name, perhaps it would be
: sufficient to
: >state in the the spec "all of the characters in an attribute name are
: >significant.
: 
: One could argue that the TS should be clarified to say:
:   All bits of very octet of the PDU are significant unless stated
: otherwise.
: 
: However, I think basically already says this already in X.680/X.690. 
: But,
: I don't see much harm in restating this in [Protocol] (even though I
: think
: it a bit redundant and quite obvious).
: 
: I, however, think we should avoid per field statements (except for the
: otherwise cases).
: 
: >If an attribute name is presented that exceeds a server's
: >implementation limits, the server MUST fail the request with an error
: code."
: 
: That would be, in general, a bad thing.  Servers should treat attribute
: type
: names they don't recognize as unrecognized attribute types and many of
: these
: cases don't result in an error being returned.
: 
: Kurt
: 
: 
: 
: 
:

Prev by Date: Re: ldapbis WG Last Call on ldapbis-syntaxes, ldapbis-strprep
Next by Date: Re: Specifying non-tcp transports referrals
Index(es):
- Chronological
- Thread