[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: draft-ietf-ldapext-acl-model-04.txt
In the draft section 5.2 says,
5.2 Subschema Attribute for Access Control Mechanism
A given naming context must provide information about
which access control mechanism is in effect for that
portion of the namespace. The following attribute must
be in each subschema entry associated with a naming
context whose access control mechanism is different from
adjacent naming contexts supported by that directory
server.
Does this mean that there could be more than one subschema entries associated with the naming context. This clashes with the idea that the schema should be common across a naming context.
Or do you mean to say that if the ACIMechanism of a particular naming context is different from that of the adjacent naming contexts, then the (single) subschema entry of that naming context should have the aCIMechanism attribute ?
I guess it is the latter.
Also the last part of it says
"whose access control mechanism is different from
adjacent naming contexts supported by that directory
server."
What is meant by an adjacent naming context? I didn't find the term anywhere. I gues you mean to say the superior which is a naming context and to which this naming context belongs.
Natarajan
S.K.Natarajan
Senior Software Engineer
Novell Software, Bangalore
E-mail sknatarajan@novell.com
Ph. no. 91-80-572-1856/58 Extn. 2213
Fx 91-80-572-1870
>>> Ellen Stokes <stokes@austin.ibm.com> 10/06/99 01:52AM >>>
ldapext folks,
Attached is the revised internet draft for ldap
access control (already sent to internet-drafts editor
to publish). It incorporates all the changes
identified/presented at the July IETF. Comments
to the list (or me personally if you prefer).
Mark Wahl/Tim Howes,
Because this spec has settled down much over the last
year, I'd like to see if we can make this one a copy
that can go to workgroup last call real shortly.
Ellen