[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: draft-ietf-boreham-numsubordinates-00.txt
Alan Lloyd wrote:
> One might also assume that the subordinates value in a top level server
> /DSA represents all the entries in a subordinate servers servers in the
> namespace below that.
Immediately below that, yes.
> ie if I read this attribute at the root level server of all countries -
> what would that server do - and respond with?
If such a server existed, it would respond with the
number of immediate subordinate entries in the DIT
local to that server. Presumably this would be
roughly equal to the number of countries.
> Does the text need to say anything about the integrity of this
> attribute, ie is the action on a operational attribute at the top of a
> namespace - atomic with the updates (adds/deletes) on other objects
> below that namespace.
I say this:
> Servers MUST ensure that the value returned in the numSubordinates atti-
> bute to clients is consistent with the view that client has of other
> server contents. For example, is it NOT permissible to delay updating
> the numSubordinates count for some container entry until some time after
> subordinates have been added or deleted. This would lead to the poten-
> tial for a client to see an inconsistency between the numSubordinates
> value reported for an entry and the number of entries that same client
> had added as subordinates.
Is this not sufficient ?
> This sounds like an interesting concept but its server specific - and
> wont work across a distributed/replicated directory system with
> integrity - but please do advise.
It's strictly intended to be a mechanism to discover
how many immediate subordinate entries a particular
entry has, according to the server the client is
requesting the information from.
I can't think of a case where distribution or
replication makes this "not work", so I'd be
pleased to hear one from you.
I'm also wondering if you have similar
concerns in relation to "hasSubordinates".