[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldap binary attributes

To: 'LDAP EXT' <ietf-ldapext@netscape.com>
Subject: ldap binary attributes
From: Christopher Oliva <Chris.Oliva@entrust.com>
Date: Tue, 17 Nov 1998 18:04:04 -0500
Resent-date: Tue, 17 Nov 1998 15:11:21 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"oW1no.0.eH2.NAWKs"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

> My understanding of the ldap v3 "binary" syntax is that it is similar
> to the ASN.1 "any" type in that it requires a true BER encoding for
> the value (the same thing is accomplished with the "binary" attribute
> description qualifier. See 4.3.1 of rfc 2252). If one wants to add raw
> non-ASN.1 binary objects such as binary files to the directory, you
> must find a generic attribute syntax supported universally. The only
> thing which exists is the "octet string" syntax (because "binary"
> requires a BER encoding).
> 
> If this is the case, is it necessary to encode the value as an octet
> string (i.e. explicitly add the octet string Tag/Length headers)
> before sending the value to the directory (in this case there would be
> the octet string headers for the value plus the octet string wrapper
> required by the ldap AttributeValue protocol element)? Or can you
> simply send the raw value without the octet string header? By the way,
> if you need to add the octet string header, it follows that you end up
> with a true BER encoded value and you could therefore use the ldap v3
> "binary" syntax.
> 
If the ldap server is configured to expect the octet string syntax for a
given attribute and the values must be explicitly encoded as octet
string, what does the ldap C API draft require? Binary values added in
the ldapmod struct must be added via the mod_bvalues variant. Does this
(combined with paragraph 4.1.6 of rfc 2251) indicate that the
implementation must automatically encode such a binary value as an octet
string? Or does the user do it with ber_printf? And what is the server
expected to do with these values when decoding and when encoding for a
response to the client (i.e. will the value returned by the server need
to be decoded by the client using ber_scanf to remove the octet string
header)?

Chris.


-----------------------------------------
Chris Oliva
Entrust Technologies

(613) 248-3014
Chris.Oliva@entrust.com
http://www.entrust.com
-----------------------------------------

Follow-Ups:
- Re: ldap binary attributes
  - From: mcs@netscape.com (Mark C Smith)

Prev by Date: RE: LDIF standardization, couple of questions
Next by Date: Re: LDIF standardization, couple of questions
Index(es):
- Chronological
- Thread