[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Status of LDIF and Changelog?
- To: d.w.chadwick@iti.salford.ac.uk
- Subject: Re: Status of LDIF and Changelog?
- From: Helmut.Volpers@mch.sni.de (Helmut Volpers)
- Date: Mon, 16 Nov 1998 11:30:51 +0100
- Cc: Gordon Good <ggood@netscape.com>, Sanjay Jain <Sanjay.Jain@software.com>, Pete Lynch <pete@jyra.com>, "Griffith, Adrian, CON, OASD(HA)/TMA" <Adrian.Griffith@tma.osd.mil>, "'Russel F. Weiser'" <rweiser@digsigtrust.com>, Richardson K <k.richardson@MAN05T1.wins.icl.co.uk>, ietf-ldapext@netscape.com
- References: <199811141921.TAA15895@irwell.zetnet.co.uk>
- Resent-date: Mon, 16 Nov 1998 03:18:39 -0800 (PST)
- Resent-from: ietf-ldapext@netscape.com
- Resent-message-id: <"SuMsB.0.wo4.De0Ks"@glacier>
- Resent-sender: ietf-ldapext-request@netscape.com
Hi,
David Chadwick wrote:
>
> Date forwarded: Fri, 13 Nov 1998 10:48:04 -0800 (PST)
> Date sent: Fri, 13 Nov 1998 10:47:11 -0800
> From: Sanjay.Jain@software.com (Sanjay Jain)
> Organization: Software.Com
> To: Gordon Good <ggood@netscape.com>
> Copies to: Pete Lynch <pete@jyra.com>,
> "Griffith, Adrian, CON, OASD\(HA\)/TMA"
> <Adrian.Griffith@tma.osd.mil>,
> Helmut Volpers <Helmut.Volpers@mch.sni.de>,
> "'Russel F. Weiser'" <rweiser@digsigtrust.com>,
> Richardson K <k.richardson@MAN05T1.wins.icl.co.uk>,
> ietf-ldapext@netscape.com
> Subject: Re: Status of LDIF and Changelog?
> Forwarded by: ietf-ldapext@netscape.com
>
> >
> >
> > Gordon Good wrote:
> >
> > > - The changelog draft, in my opinion, should become an informational
> > > RFC. The LDUP group is not planning to use LDAP-accessible changelogs in
> > > its multi-master replication work.
> > >
> > > How does this sound? Are there any serious objections to these plans?
> >
> > I would prefer that changelog draft is moved forward as a proposed
> > standard. It provides a simple consumer-initiated replication mechanism
> > at least till the time we have real LDAP replication standards. I think,
> > today there is a need to replicate accross multi-vendor directory servers
> > and without such a standard in place, it is not possible to achieve that.
> >
>
> I would prefer both it and the LDIF texts to be informational RFCs (although I
> accept that LDIF is widely used) until access controls are sorted out. SInce
> there is no way of storing access control information in a multi-vendor way,
> changelog and LDIF can only really work in a multi-vendor environment for
> either public information (with no attached ACI) or single vendor environments
> with proprietary ACI.
That's not totally true. You can do a lot of synchronisation from and to
LDAP or X.500
directories, exchange, lotus notes, databases, etc without having a
common access control
but having a common LDIF format. Also in future (when access control is
defined) you will have
a lot of LDIF files without it.
I have set up a prescriptive Access Control in an X.500 DSA and upload
data over LDAP
where I can live in the most cases without any ACL-policies in the LDIF
file. And if
somebody (e.g. another X.500 implementation) wants an Access Control
policy I can give it
in LDIF as a binary Attribute-value.
For this reason I dont think the IESG will allow it to move
> forward as a standard until access controls are standardised (unless there is
> BIG warning notice on the front stating its limitations, as with the LDAPv3 text).
> I could be wrong, but when I talk to people about LDIF they seem to be
> blissfully unaware of its limitations.
There are a lot of limitations but at least it should be possible to
store in LDIF
whatever you want. (perhaps not everybody understand everything, but
that is okay.)
Helmut
>
> David
>
> ***************************************************
>
> David Chadwick
> IT Institute, University of Salford, Salford M5 4WT
> Tel +44 161 295 5351 Fax +44 161 745 8169
> Mobile +44 370 957 287
> Email D.W.Chadwick@iti.salford.ac.uk
> Home Page http://www.salford.ac.uk/its024/chadwick.htm
> Understanding X.500 http://www.salford.ac.uk/its024/X500.htm
> X.500/LDAP Seminars http://www.salford.ac.uk/its024/seminars.htm
>
> ***************************************************
begin:vcard
n:Volpers;Helmut
x-mozilla-html:FALSE
adr:;;Otto-Hahn-Ring 6;Munich;;81730;Germany
version:2.1
email;internet:Helmut.Volpers@mch.sni.de
title:Directory Server Architect
tel;fax:+49-89-63645860
tel;home:+49-89-1576588
tel;work:+49-89-63646713
x-mozilla-cpt:;0
fn:Volpers, Helmut
end:vcard