[Date Prev][Date Next]
Re: Protocol: control specifications.
After further discussion here, I side with Hallvard. There are likely to
be cases where the behavior of a control is such that it really ought to be
marked critical because the outcome when used with a server that doesn't
support the control is clearly undesirable. To the end user, it is little
consolation that the application they are using is at fault because it
neglected to mark the control critical.
I haven't come up with an argument that a control must have
criticality=FALSE to prevent similar situations, so I suggest we get rid of
the "criticality always set to FALSE" part.
To make it clear that "criticality MUST be TRUE" is a requirement to both
the client and server and to avoid confusion (I hope) with previous
guidance that criticality always be set to TRUE, I suggest a specific RFC
"MUST" clause that can be used in future control specifications. I don't
believe current control specification have such language, so there should
be no compatibility issue. Support for a new control generally requires
some sort of server change; support for a new control could include a
mandatory criticality check.
That leaves control criticality options as:
- critical at senders choice, with a recommended criticality in the control
- criticality MUST be TRUE
I suggest that we update protocal 4.1.11 as follows.
1) add the following text somewhere in 4.1.11:
A control specification MAY state that "the control criticality MUST be
If a control is defined in this way and the sender's control criticality
FALSE, the server MUST return protocolError. If a specification does not
state that "the control criticality MUST be TRUE" the sender's control
criticality is used.
2) update the guidance to control specification writers:
The specification of a control consists of:
- a recommended control criticality, or a requirement that the control
criticality MUST be TRUE.
"Kurt D. Zeilenga" <Kurt@OpenLDAP.org> wrote on 01/09/2004 10:11:02 PM:
> At 12:55 PM 1/9/2004, John McMeeking wrote:
> >X.511 has a similar notion of recommended criticality.
> Similar or same? Given that one of planned uses of LDAP
> Controls was to provide a mechanism in which additional
> X.511 semantics could be added to LDAP in a manner which
> would facilitate implementation of LDAP<->X.511 gateways,
> I think the intent was for the criticality semantics to
> be the same.
Yes, I could have used "the same".
> The criticalExtensions component provides a mechanism
> to list a set of extensions which are critical to the
> performance of a Directory operation. If the originator
> of the extended operation wishes to indicate that the
> operation shall be performed with one or more extensions
> (i.e. that performing the operation without these
> extensions is not acceptable), it does so by setting the
> criticalExtensions bit(s) which corresponds to the
> extension(s). If the Directory, or some part of it, is
> unable to perform a critical extension it returns an
> indication of unavailableCriticalExtension (as a
> ServiceError or PartialOutcomeQualifier). If the Directory
> is unable to perform an extension which is not critical,
> it ignores the presence of the extension.
> Sounds the same to me.