[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Grouping Attributes Together

To: Tim Howes <howes@netscape.com>, d.w.chadwick@iti.salford.ac.uk
Subject: Re: Grouping Attributes Together
From: Erik Skovgaard <eskovgaard@geotrain.com>
Date: Thu, 19 Nov 1998 11:33:49 -0800
Cc: ietf-ldapext@netscape.com
In-reply-to: <36545742.5A8BD363@netscape.com>
References: <19981119154901.6397.qmail@europa.salford.ac.uk>
Resent-date: Thu, 19 Nov 1998 11:34:54 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"9f7kZ.0.Op3.QB7Ls"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

Tim,

Certainly worth a good consideration.  But it may force us to bump the
version number on LDAP or define a new control (most likely) in order to
avoid compatability problems.

The latter would be the case when a client talks to an "old" LDAP server
and incorrectly assumes that attributes are entered as a SEQUENCE.

But OTOH, it would be a very small change to make in products and only
clients which need this capability would have to implement the control.

David, what would it take to get this through the ITU and how long would it
take?

Cheers,                  ....Erik.

----------------------------------
Erik Skovgaard
GeoTrain Corp.
LDAP/X.500 Training and Consulting
http://www.geotrain.com

At 09:37 98/11/19 -0800, Tim Howes wrote:
>Now for a thought. As you say, the reason this is
>hard is that the LDAP/X.500 information model defines
>multi-valued attributes to be a SET of values, rather
>than a SEQUENCE. My thought is what would happen if
>we made this a SEQUENCE instead? And added an "insert
>after" variation or some such thing to the modify
>operation.
>
>I realize this is a more fundamental change, and may
>turn out to be a bad idea. But we should think about
>it before dismissing it. Comments?       -- Tim
>
>David Chadwick wrote:
>> 
>> There has been the requirement for many years to be able to group
>> together a set of related attributes for an object. Examples include:
>> 
>> all the attributes that describe a PGP key
>> 
>> all the attributes that describe an Email address/post box
>> 
>> This works using the existing X.500/LDAP information model if the
>> object only has one such set of attributes e.g. one PGP key, or
>> one email address, but does not work if the object has many such
>> sets of attributes. The reason it does not work is that multi-valued
>> attributes comprise a SET and not a SEQUENCE, hence it is not
>> possible to relate which particular value from attribute 1 belongs
>> with which particular value from attribute 2.
>> 
>> The X.500 group are working on a solution to this problem, and
>> have two possible candidate solutions. One is compound
>> attributes, the other is families of entries.
>> 
>> Compound attributes are attributes whose values are themselves
>> sets of attributes. In this way a whole set of attributes is related
>> together via the enclosing compound attribute value.
>> 
>> Families of entries comprise a parent entry with subordinate
>> entries, where each subordinate entry contains the set of related
>> attributes. The family can be treated as one compound entry or a
>> single entry by the user, depending upon the operation.
>> 
>> Both solutions will require additions to the LDAP protocol (via
>> controls) and to the X.500 information model.
>> 
>> Given that the problem domain is equally applicable to users of
>> LDAP servers as of X.500/LDAP DSAs, is seems desirable that the
>> solution chosen to this problem is one that both the IETF LDAP
>> group and ITU-T X.500 group can readily accept.
>> 
>> I would therefore like to propose that the LDAP-EXT group add this
>> work item to their charter. I will be present at the Orlando meeting
>> to further describe the problem and proposed solutions if the group
>> would like to discuss it some more before making a decision. I also
>> have the texts of both solutions (families of entries and compound
>> attributes) that I will make available to the list, so that a technical
>> choice can be made. (Both solutions are currently in Word/RTF
>> format and so would need some editing before they are available in
>> ASCII, although they could be distributed now as is, if people
>> thought that this was appropriate).
>> 
>> I await your feedback
>> 
>> David
>> 
>> ***************************************************
>> 
>> David Chadwick
>> IT Institute, University of Salford, Salford M5 4WT
>> Tel +44 161 295 5351  Fax +44 161 745 8169
>> Mobile +44 370 957 287
>> Email D.W.Chadwick@iti.salford.ac.uk
>> Home Page  http://www.salford.ac.uk/its024/chadwick.htm
>> Understanding X.500  http://www.salford.ac.uk/its024/X500.htm
>> X.500/LDAP Seminars http://www.salford.ac.uk/its024/seminars.htm
>> 
>> ***************************************************
>
>
>

Follow-Ups:
- Re: Grouping Attributes Together
  - From: David Chadwick <d.w.chadwick@iti.salford.ac.uk>

References:
- Grouping Attributes Together
  - From: David Chadwick <d.w.chadwick@iti.salford.ac.uk>
- Re: Grouping Attributes Together
  - From: Tim Howes <howes@netscape.com>

Prev by Date: Re: Grouping Attributes Together
Next by Date: RE: Grouping Attributes Together
Index(es):
- Chronological
- Thread