[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: ACL Policy should be a property of the partition of namespace...

To: "paulle@microsoft.com" <paulle@microsoft.com>, "ietf-ldapext@netscape.com" <ietf-ldapext@netscape.com>, "'Ed Reed'" <ED_REED@novell.com>
Subject: RE: ACL Policy should be a property of the partition of namespace...
From: Colin Robbins <Colin.Robbins@nexor.co.uk>
Date: Fri, 8 May 1998 12:29:00 +0100
Delivered-to: ldapext-archive@critical-angle.com
Resent-date: Fri, 8 May 1998 04:30:50 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"Azrw63.0.2x3.cpkKr"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

Ed Reed[SMTP:ED_REED@novell.com] wrote:
> 
> The central point of this is to say that even if vendor A implements policy
> P1 in their namespace, if vendor B can also implement that same policy P1,
> then it's OKAY for replicas of an LDAP namespace to be held on both vendor's
> LDAP servers, and if not, then not.
> 

Ed,  the problem with this approach is interoperability.   What you will get in the market place is
Vendor A, with Policy P1.  Vendor B, with Policy P2 etc etc.   These policies are then likely to become proprietary because of the "We took the standard and enhanced it" approach.   We already see this in products today with the basic LDAP v2 access protocol.

What is more, Vendor A will only release sketchy details of the implementation details of Policy P1, so vendor B cannot implement it effectively.   This means products of Vendor B cannot replicate or even cache data from Vendor A,  hence customers and their business partners get tied into a proprietary vendor community.

If you are going to build an open system, you need one, or a very small subset of policies, that can be agreed upon.   An unbounded system, does not produce interoperable solutions.

We do have one such policy today - as defined in X.500(93).
I've seen arguments put forward that X.500 access control is too complex to be understood by customers etc.  I would suggest that this is due to bad implementation.   Gory details of access control should not be seen by customers - they should see an abstraction of the model, fitted into an overall directory management environment.   Many X.500 products on the market do this today - and these products interwork, can replicate data whilst maintaining the access policy, and are accessible via LDAP.

Rather than inventing yet another protocol, why don't we review the X.500 policy in detail.  Remove the bits that are unwanted or don't make sense, and add a few bits to cover any holes.
It is always a lot easier to modify something that exists, that has evolved, been tested and works, than to invent from scratch.

Colin

Prev by Date: Can attributes contain attributes as pointers to higherlevel
Next by Date: Re: Naming of ACLs, Replication etc
Index(es):
- Chronological
- Thread