[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LAST CALL: draft-ietf-ldapext-referral-00.txt

To: ietf-ldapext@netscape.com, Tim Howes <howes@netscape.com>
Subject: Re: LAST CALL: draft-ietf-ldapext-referral-00.txt
From: "David Chadwick" <d.w.chadwick@zetnet.co.uk>
Date: Fri, 20 Mar 1998 22:44:55 +0000
Delivered-to: ldapext-archive@critical-angle.com
In-reply-to: <35097CE1.90AE07A8@netscape.com>
Organization: University of Salford
Resent-date: Fri, 20 Mar 1998 14:44:42 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"sebu9.0.-84.P5l4r"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

Tim
this document is fine apart from the following:

i) it does not support the X.500 NSSR model of chaining and 
referrals, and is incompatible with the X.500 model for subordinate 
reference chaining and referrals. This is because X.500 has unified 
the chaining and referral techniques to be the same for both 
reference types. LDAP presently only caters for subordinate 
references and not NSSRs. The reason is as follows: X.500 passes the 
name of the superior entry in the continuation reference or referral, 
and informs the subordinate DSA to continue with the children below 
this entry. LDAP on the other hand passes the name of the subordinate 
entry in the referral, and informs the server to continue with this 
entry. Consequently LDAP cannot cater for NSSRs, simply because the 
names of the children are not known by the referencing server.

ii) section 5.3 on unnamed reference is misleading in my opinion. I 
did send email to Mark (and ASID)  in July 97 pointing out some 
ambiguities (but I dont remeber receiving a reply). 
You state that this use of the ref attribute is similar to the 
non-specific subordinate reference in X.500. But from my reading of 
the current text it is quite different. In X.500, in the referencing 
DSA, we know the DN of the entry holding the NSS reference (it is in 
fact the name of the parent entry of the child naming contexts) but 
we do not know the name of the child entry(ies) that is(are) pointed 
to by the referencing DSA. In the LDAP unnamed reference, the DN of 
the entry that the ref attribute is held in, is the ref attribute 
itself, (which is not a usual DN, I suppose this is why you are 
calling it an unnamed reference) but we do know the name of the entry 
in the referenced DSA. The LDAP DN occurs in the referral of course! 
So it is quite wrong to liken it to an NSSR. It is actually much more 
like a cross reference (with optional indexing information), and it
might be better (and a lot clearer) if you redrew it that way i.e.
 Server A
dn: o=abc,c=us
ref:ldap://hostB/o=abc,c=us
cn:babs
cn:gern
cn:bob

In your section5.3 you are implying that you do not have 
information that you actually do have i.e. the name of the referenced 
entry. It is thus wrong to call it an unnamed reference, when as I 
have shown above, the name of the reference is clearly known from the 
referral itself.

 I look forward to your response
David
***************************************************
David Chadwick
IT Institute, University of Salford, Salford M5 4WT
Tel +44 161 295 5351  Fax +44 161 745 8169
Mobile +44 370 957 287
Email D.W.Chadwick@iti.salford.ac.uk
Home Page  http://www.salford.ac.uk/its024/chadwick.htm
Understanding X.500  http://www.salford.ac.uk/its024/X500.htm
X.500/LDAP Seminars http://www.salford.ac.uk/its024/seminars.htm
***************************************************

Follow-Ups:
- Re: LAST CALL: draft-ietf-ldapext-referral-00.txt
  - From: Tim Howes <howes@netscape.com>
- NSSRs (Re: LAST CALL: draft-ietf-ldapext-referral-00.txt)
  - From: Harald Tveit Alvestrand <Harald.Alvestrand@maxware.no>

References:
- LAST CALL: draft-ietf-ldapext-referral-00.txt
  - From: Tim Howes <howes@netscape.com>

Prev by Date: Re: draft-ietf-madman-dsa-mib-1-04.txt
Next by Date: Re: draft-ietf-madman-dsa-mib-1-04.txt
Index(es):
- Chronological
- Thread