RE: NOT filter question

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

At 09:49 AM 9/2/2004, John McMeeking wrote:
>Is this something that should be clarified in the LDAP standards?

IMO, yes.  We should make it clear in [Protocol] that AVA evaluation
is a specified in X.501(1993), providing a summary of these
semantics.

>It seems like this is an area where, arguably, we are departing from X.500.
>The 1993 edition is unclear to me on this matter and the position that an
>assertion about an attributetype that is not contained in the entry is
>FALSE seems to be based on the X.501 and X.511 text not mentioning the
>case.  Later editions appear to address this case, which seems to be a
>clarification rather than a change.

I think X.501(1993) is quite clear.  We have not, and should not,
depart from X.501(1993).  [Protocol] should make this clear.

>Some disagreement on the correct behavior has been expressed in these notes
>and past discussions I found in the archives.

I don't think there is any argument as to the behavior X.501(1993)
specifies, nor any argument that LDAP servers are to act in
accordance with X.501(1993) in this regard.

>There does seem to be
>agreement that current practice is (cn=bob) evaluates to FALSE if there is
>no cn attribute in the entry.

I agree that implementations seems to have gotten it right
(right as defined by the applicable technical specifications).




>John  McMeeking
>
>
>"Kurt D. Zeilenga" <Kurt@OpenLDAP.org> wrote on 09/01/2004 09:37:16 PM:
>
>> At 06:14 PM 9/1/2004, Ramsay, Ron wrote:
>> >It was changed in X.500:2000.
>>
>> Well, since we reference X.500(1993), we can and should
>> ignore the change. -- Kurt
>>