[Date Prev][Date Next] [Chronological] [Thread] [Top]

nature of the error

To: ietf-ldapbis@OpenLDAP.org
Subject: nature of the error
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Sat, 22 Oct 2005 08:23:55 -0700

To better handle "don't disclose" provisions in authorization
systems,  I suggest the following changes be made to
[Protocol].

In 4.1.9, after:
   The server should return the result
   code that best indicates the nature of the error encountered.

add:
   Servers may return substitute result codes to prevent
   unauthorized discloses.

In the appendix A, replace:
   Servers may substitute some result codes due to access controls which
   prevent their disclosure.  

with:
   The descriptions provided here do not fully account for
   result code substitutions to prevent unauthorized
   disclosures.

An alternative to the latter would be to attempt to fully
account for possible result code substitutions.  However,
given that authorization is a local matter, and hence
implementors likely have a wide range of views of the
kinds of information that they might want to prevent
disclosure of, that seems a bit of a rat hole.  However,
it might be good to note some of the obvious cases
(noSuchObject for insufficientAccessRights,
invalidCredentials for insufficientAccessRights)
in individual descriptions.

- Kurt

Follow-Ups:
- Re: nature of the error
  - From: "Jim Sermersheim" <jimse@novell.com>

Prev by Date: Re: SASL Semantics Within LDAP
Next by Date: Re: authmeth-16 TLS issues
Index(es):
- Chronological
- Thread