[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: I-D ACTION:draft-ietf-ldapext-namedref-00.txt

To: ietf-ldapext@netscape.com
Subject: Re: I-D ACTION:draft-ietf-ldapext-namedref-00.txt
From: rweltman@netscape.com (Rob Weltman)
Date: Thu, 10 Jun 1999 08:41:07 -0700
Organization: Netscape Communications Corp.
References: <199906101232.IAA26983@ietf.org>
Resent-date: Thu, 10 Jun 1999 08:31:18 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"Cd091C.A.-qG._o9X3"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

5.1.  Named reference
...

If the ref attribute is multi-valued all the DNs in the
values of the ref attribute SHOULD have the same value.

Why this restriction? Also, this implies that the host or port field (or both) of the attribute must differ (to avoid duplicate values); perhaps that should be spelled out (if the restriction is not removed altogether).

If the type of operation requested is not a search and the URI contained
in the ref attribute of the requested target object is an LDAP URI
[RFC2255], the server should return a modified form of this URL. The
returned URL must have only the protocol, host, port, and trailing "/"
portion of the URL contained in the ref attribute. The server should
strip any dn, attributes, scope, and filter parts of the URL.

Example:

If the client issues a modify request for the target object of
"o=abc,c=us", server A will return

        ModifyResponse "referral" {
         ldap://hostB/
         ldap://hostC/
        }

That complicates things for the client. Shouldn't the URI be rewritten to fully qualify the referred-to entry in this case? So:

        ModifyResponse "referral" {
         ldap://hostB/o=abc,c=us
         ldap://hostC/o=abc,c=us
        }

If a client requests an operation for which the base or target object is
not held by the server, but is subordinate to one or more objects with a
ref attribute held by the server, the server must return the referral
from the superior held object nearest to the requested base or target
object. Nearest superior object with a referral, in this document, means
an object superior to the base or target object with the DN that has the
most attribute values in common with the DN of the base or target object
and contains a ref attribute.

...

If the client issues an add request where the target object has a DN of
"cn=Chris Lukas,o=abc,c=us", server A will return

        AddResponse "referral" {
         ldap://hostB/
         ldap://hostC/
        }

Same thing here. Shouldn't the server return:

        AddResponse "referral" {
         ldap://hostB/cn=Chris Lukas,o=abc,c=us
         ldap://hostC/cn=Chris Lukas,o=abc,c=us
        }

???

Rob

Internet-Drafts@ietf.org wrote:

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the LDAP Extension Working Group of the IETF.
        Title           : Named Referrals in LDAP Directories
        Author(s)       : C. Lukas, T. Howes, M. Roszkowski, M. Smith, M. Wahl
        Filename        : draft-ietf-ldapext-namedref-00.txt
        Pages           : 13
        Date            : 09-Jun-99
This document defines a 'ref' attribute and associated 'referral' object
class for representing generic knowledge information in LDAP directories
[RFC2251]. The attribute uses URIs [RFC1738] to represent knowledge,
enabling LDAP and non-LDAP services alike to be referenced. The object
class can be used to construct entries in an LDAP directory containing
references to other directories or services. This document also defines
procedures directory servers should follow when supporting these schema
elements and when responding to requests for which the directory server
does not contain the requested object but may contain some knowledge of
the location of the requested object.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ldapext-namedref-00.txt
Internet-Drafts are also available by anonymous FTP. Login with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
        "get draft-ietf-ldapext-namedref-00.txt".
A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
Internet-Drafts can also be obtained by e-mail.
Send a message to:
        mailserv@ietf.org.
In the body type:
        "FILE /internet-drafts/draft-ietf-ldapext-namedref-00.txt".
NOTE:   The mail server at ietf.org can return the document in
        MIME-encoded form by using the "mpack" utility. To use this
        feature, insert the command "ENCODING mime" before the "FILE"
        command. To decode the response(s), you will need "munpack" or
        a MIME-compliant mail reader. Different MIME-compliant mail readers
        exhibit different behavior, especially when dealing with
        "multipart" MIME messages (i.e. documents which have been split
        up into multiple messages), so check your local documentation on
        how to manipulate these messages.

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
----------------------------------------------------------------------
Content-Type: text/plain
Content-ID:     <19990609121212.I-D@ietf.org>

Follow-Ups:
- Re: I-D ACTION:draft-ietf-ldapext-namedref-00.txt
  - From: Mark Smith <mcs@netscape.com>

References:
- I-D ACTION:draft-ietf-ldapext-namedref-00.txt
  - From: Internet-Drafts@ietf.org

Prev by Date: I-D ACTION:draft-ietf-ldapext-namedref-00.txt
Next by Date: Re: I-D ACTION:draft-ietf-ldapext-namedref-00.txt
Index(es):
- Chronological
- Thread