[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: A tricky matched values problem

At 09:34 04.10.99 -0400, Salter, Thomas A wrote: 
I'm not sure the 'Molesworth Principle" should apply here.  In this case,
the requestor has explicitly set "matchedValuesOnly" in an attempt to limit
the size of the response.  If he doesn't get enough information, he can
always remove the matchedValuesOnly control and try again.

I'm not sure who Molesworth is, but if the purpose of the control is to limit the size of the response, it might be better to have a control that tells the server something about what the client wants back rather than something about how he wants the search criteria treated.


If it is left up to policy, the control becomes unusable in multi-directory
environments.  I think it's better to pick one definition and stick with it.

Couldn't agree more.
But I don't think the case for matchedValuesOnly as currently defined has been made convincingly - at least, I'm profoundly unconvinced.

Other scenarios:

- I want to search for a CN, but don't want ANY CN returned, I want the certificate that contains a certain string instead. (oops - how do I match that?)
- I want to search on (surname=Jones) and return the CN that contains "Jones", because I want to see what givenname he uses alongside that.

If the purpose of the control is to limit the size of the response, mixing that with how the search criteria are formulated seems nonorthogonal to me.

                       Harald
--
Harald Tveit Alvestrand, Maxware, Norway
Harald.Alvestrand@maxware.no