[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: control combination was: Re: protocol-22 comments)

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: control combination was: Re: protocol-22 comments)
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Fri, 7 May 2004 15:02:01 +0200
Cc: Jim Sermersheim <jimse@novell.com>, ietf-ldapbis@OpenLDAP.org
In-reply-to: <6.0.1.1.0.20040505212054.02c89e38@127.0.0.1>
References: <s09962de.074@sinclair.provo.novell.com> <6.0.1.1.0.20040505212054.02c89e38@127.0.0.1>

Kurt D. Zeilenga writes:
>At 08:55 PM 5/5/2004, Jim Sermersheim wrote:
>
>> "server MUST NOT make use of a combination of controls whose semantics
>> are not defined (or not known to it). When such a combination of
>> controls is encountered, it is RECOMMENDED that the server return
>> protocolError. Otherwise behavior is undefined.
> 
> I dislike the wording as it could be taken as allowing the server
> not to return an error (as opposed to suggesting which code to
> return in this case). 

I thought that was the intent, which looked reasonable to me.

> How about?
>   Controls are not to be combined (with other controls
>   of same or different types) unless the semantics of the
>   combination have been defined.  When an implementation
>   (client or server) encounters a combination of controls
>   whose semantics are not defined (or not known to that
>   implementation), the implementation MUST treat the
>   request as a protocol error.

Sounds too strict to me.  Or at least, it can be interpreted too strict.
For example, does that forbid the combination of the rfc2649 Operation
Signature control with e.g. the rfc2891 Server Side Sorting control?
Neither document explicitly states how the combination should work, but
rfc2649 does say how to apply that control to LDAPMessages in general,
and the combination seems to make sense to me.

Also, I wonder about the combination of controls defined in different
"standards repositories" or whatever one should call it.  If all
controls were RFCs, one control spec could list all previously defined
controls.  However, in the previous discussions of controls, people were
referring to controls that I could not find RFCs for.

Finally, one detail: If we stick to RFC controls, each control author
will need to check all previous RFC controls.  It might be easy to miss
one, and make a control combination with an obvious semantics invalid.
We could fix that with a requirement that all LDAP control RFCs must
have the phrase "LDAP control" in its title.  Or someone (IANA?)  could
maintain an official list of published controls.  However, it seems
simpler to me to allow controls that obviously do not interfere with
each other, to be combined even if their specs do not say so.

> (Note: I generalized this for both clients and servers,
> and for requests which don't have responses.)

-- 
Hallvard

Follow-Ups:
- Re: control combination was: Re: protocol-22 comments)
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: control combination was: Re: protocol-22 comments)
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Re: control combination was: Re: protocol-22 comments)
  - From: "Jim Sermersheim" <jimse@novell.com>
- Re: control combination was: Re: protocol-22 comments)
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: which syntax for which assertions?
Next by Date: entries below subentries/aliases
Index(es):
- Chronological
- Thread