[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP ACLs

To: Paul Leach <paulle@microsoft.com>
Subject: Re: LDAP ACLs
From: Leslie Daigle <leslie@Bunyip.Com>
Date: Thu, 30 Apr 1998 17:27:59 -0400 (EDT)
Cc: ietf-ldapext@netscape.com
Delivered-to: ldapext-archive@critical-angle.com
Resent-date: Thu, 30 Apr 1998 14:28:11 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"TOfaM2.0.fO4.fpEIr"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

Paul,

On Wed, 29 Apr 1998, Paul Leach wrote:
> Neither a standardized replication protocol nor standardized ACLs are
> absolutely needed for white pages applications.

Nonsense!  It may be that, in _your_ applications for white pages information,
you don't need ACLs, but it certainly is not true for all the participants
in this discussion.

On Wed, 29 Apr 1998, Paul Leach wrote:
> > i.  If such a Universal ACL registry existed, it would
> >     be fair to say that LDAP should be made to use it.
> 
> No such registry is needed. OIDs can be generated in a decentralized
> fashion. LDAPEXT can define one OID, and one of the ACL formats. We'll
> define another one of each.

I think the follow-on exchange between yourself and Chris Newman does illustrate
my point -- just developing the _requirements_ for a universal solution
(registry, model, semantics description language, whatever) leads to the
fact that this problem is not well enough understood for a general solution
 -- and certainly not in this group.

> Have you seen NT5 beta 1? It's LDAP DS  has much more than people in
> it (computers, disk volumes, sites, groups, organizations, to name a
> few -- about 300 classes in all), even though it doesn't yet fully
> integrate all files and registry objects.

I'm afraid you've missed my point -- I never claimed LDAP could not or
should not be used for applications other than whitepages.  I did claim
that this _group_ should stay focused on making LDAP work for the purposes
it was intended.   If the scope of this work is going to be "all things
that anyone can conceive of doing with LDAP", then a) it'll never finish, 
b) it'll satisfy none of them, and c) I will submit my list of LDAP desiderata
to support the implementation of a worldwide, structured hypertext 
application (that's currently a _joke_, by the way).

Leslie.

----------------------------------------------------------------------------

  "_Be_                                           Leslie Daigle
             where  you                           
                          _are_."                 Bunyip Information Systems
                                                  (514) 875-8611
                      -- ThinkingCat              leslie@bunyip.com
----------------------------------------------------------------------------

Prev by Date: Re: Naming of ACLs, Replication etc
Next by Date: RE: Naming of ACLs, Replication etc
Index(es):
- Chronological
- Thread