[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
draft minutes for the LDAPEXT WG
Hello,
Below are the draft minutes from the meeting last month in Washington DC.
Please review and let me know of any changes or additions, as they will
be submitted for the proceedings.
Draft minutes for the LDAPEXT working group
December 1998
ACTION SUMMARY:
- chairs: add caching and triggered search to charter,
issue IETF last calls on dynamic entries and caching drafts,
and issue WG last calls on updated drafts for referral
maintenance, language tags and Start TLS when available.
- Ellen Stokes: produce draft on transactions and update draft
on access control requirements.
- Mark Wahl: update drafts on recommended auth. methods and
language tags.
- Tim Howes: update draft on referral maintenance.
- Jeff Hodges: update draft on Start TLS.
- Pat Richard: produce draft on signing information control.
1. Agenda review
Partition management and transactions were proposed for discussion
as potential additions to the charter.
Discussion of recommended authentication methods and access
control requirements were moved up in the agenda, in case the group
ran out of time.
C/Java APIs and Dynamic Attributes drafts were not discussed at the
meeting.
2. Charter review
2.1. Caching
As there was a draft already near completion, the use of a ttl
attribute for caching was agreed to be added to the charter.
See item 5 below for more about this caching draft.
ACTION (chairs): add "caching" to charter.
2.2. Persistent or triggered search
There were two proposals made for a design by which an LDAP server
could, if requested, asynchronously notify a connected client that
entries had been added to the directory. These proposals are
documented in:
draft-smith-ldap-psearch-00 (Mark Smith et al)
draft-wahl-ldapv3-trigger-00 (Mark Wahl)
The group discussed whether:
- this was a different concept than replication,
- a general event service could be used instead, and
- it was necessary for the client to have a connection.
Concensus was reached that this topic should be added to the
charter of the working group.
ACTION (chairs): add "persistent or triggered search" to charter.
Discussion of the details of the two proposals should be done on
the working group mailing list.
2.3. Normalized match
Jeff Hodges proposed a need for having new matching rules for
attributes whose values contain human-readable strings, in
particular names. These rules would allow the server to better
support comparison of names containing non-ASCII characters.
A BOF for a new working group "lessor" was held at the IETF,
to develop a framework for registering matching rules to be used
in application servers which support filtering on string-based
attributes. These would include LDAP servers, as well as IMAP and
ACAP servers.
At this meeting, concenus of the group was that this item was not
to be added to the charter.
2.4. Partition management
Russel Weiser proposed the addition of LDAP server partition
management to the working group charter. Partition management
would include topics such as the moving of whole subtrees of entries
between servers, support for backlinks, and the impacts on access
control of administrative areas which cross server boundaries.
At this meeting, concensus of the group was that this item was not
to be added to the charter.
2.5. Transactions
Sanjay Jain proposed the addition of Transactions to the working
group charter. Ellen Stokes said that she and others had been
identifying requirements for transactions in LDAP, and would
produce a draft for the group to review.
ACTION (Ellen Stokes): produce draft on transaction requirements.
3. Recommended authentication methods
The core LDAP protocol document, RFC 2251, includes an IESG note that
implementations may not interoperate with a secure authentication
mechanism as there is no mandatory-to-implement security mechanism
provided in the document.
Mark Wahl described the planned changes to the document
draft-ietf-ldapext-authmeth:
1 Fix error in description of CRAM-MD5 and make it a MANDATORY
SASL mechanism for implementations
2 Improve description of TLS certificate-based authentication and
make EXTERNAL a RECOMMENDED SASL mechanism
3 Add description of simple (password based) inside of a TLS
encrypted connection and make it a RECOMMENDED method
With the publication of an RFC with these statements, it is expected
the IESG restriction on the LDAP protocol could be removed.
This draft references draft-ietf-asid-ldapv3-tls-02 draft for the
definition of how TLS is used in LDAP. That draft can now move
forward as TLS has been approved by the IESG.
ACTION (Mark Wahl): send updated draft on authentication methods
to the list.
4. Dynamic Entries
Yoram Yaacovi reviewed the recent comments seen on the mailing
list regarding draft-ietf-asid-ldapv3-dynamic-07, which has
completed working group last call. These were:
- whether to use an extended operation or a Modify request
- whether to have a dynamicObject object class
A mapping of the extended operation onto a DAP Modify request
could be documented.
Yoram also noted that he would in the future produce a draft on
dynamic non-leaf objects.
The consensus of the working group meeting was that the document
should be sent to the IESG to become a Proposed Standard RFC.
ACTION (chairs): initiate IETF last call on this document.
5. Caching
The consensus of the working group meeting was that the
document draft-ietf-asid-ldap-cache-01, which had completed working
group last call, should be sent to the IESG to become a Proposed
Standard RFC.
ACTION (chairs): initiate IETF last call on this document.
6. Sorting
As the author was not present at the meeting, discussion of the
sorting document was deferred to the mailing list.
7. Referrals and knowledge maintenance
Mark Wahl and Tim Howes summarized the document
draft-ietf-asid-ldapv3-referral-00 on representing LDAP knowledge
in the directory. There was a minor error which would need to be
corrected in a revised draft before it could be sent to the IESG.
There had also been a request from the mailing list to document the
relationship between the LDAP referral knowledge model and the X.500
knowledge model, and a request at the meeting to be able to indicate
whether a referral is to a master or shadow copy of data.
The consensus of the working group meeting was than an updated
draft should become a standards-track RFC.
ACTION (Tim Howes): produce updated draft,
ACTION (chairs): initiate working group last call.
8. Use of language tags
Mark Wahl summarized the proposed changes to the document
draft-ietf-asid-ldapv3-lang-02, in particular the removal of the
preferred language indication control.
The consensus of the working group meeting was that an updated
draft should become a standards-track RFC.
ACTION (Mark Wahl): produce updated draft,
ACTION (chairs): initiate working group last call.
9. Start TLS
Jeff Hodges discussed the proposed changes to the document
draft-ietf-asid-ldapv3-tls-02.
The consensus of the working group meeting was than an updated
draft should become a standards-track RFC.
ACTION (Jeff Hodges): produce updated draft,
ACTION (chairs): initiate working group last call.
10. Signed information control
Pat Richard made a presentation of the proposal for a
signed information control, which would allow an LDAP server
to return a digital signature associated with an LDAP
result. A document describing this proposal will be
produced and circulated to the list.
ACTION (Pat Richard): send draft to the list.
11. Paging and scrolling
There are two documents on search result paging and scrolling.
draft-ietf-asid-ldapv3-simplepaged-01 allows the client to
request that the server return search results in pages, but does
not allow the client to scroll forward and backward in the result
set. draft-ietf-ldapext-ldapv3-vlv-00 allows the client to
move to arbitrary locations in the result, but requires that the
server sort results. Further discussion of these documents will
occur on the list.
12. Access control requirements
Ellen Stokes said that she had received several comments on the
document draft-stokes-ldapext-acl-reqts-00.
ACTION (Ellen Stokes): send an updated draft to the list.
The next meeting will be held at the IETF in March 1998.
=========================
Mark Wahl, Enterprise Directory Integration
Critical Angle Inc.