[Date Prev][Date Next] [Chronological] [Thread] [Top]

rights families in draft-ietf-ldapext-acl-model-04.txt

To: ietf-ldapext@netscape.com
Subject: rights families in draft-ietf-ldapext-acl-model-04.txt
From: Jim Sermersheim <JIMSE@novell.com>
Date: Mon, 11 Oct 1999 17:38:45 -0600
Content-disposition: inline
Resent-date: Mon, 11 Oct 1999 16:39:05 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"YyXyED.A.RCC.QUnA4"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

There are some confusing inconsistencies in the way this document talks about rights families/family oids/aci mechanisms.

It talks about the 'supportedACIMechanims' and the 'aCIMechanism' attributes in section 5.1 and 5.2. 5.1 uses the term 'LDAPv3' to name the mechanism defined in this document.

The BNF in 6.1 uses the term 'familyOID' to describe the mechanism, and 'IETF family OID' when describing the permissions.

In 6.2.1, it talks about a 'rightsFamilyOID'.  The definition of this OID is loosely tied to the 'aCIMechanism 'attribute (the word is mentioned in the section), but it's not explicit. It also talks about there being an 'IETF aCIMechanism', and then defines an 'LDAPv3 rights family'.

Subsequent sections use the term 'IETF rights family' or 'IETFFamilyOID'.

I think all these terms are talking about the same thing but it's not clear.  We should avoid confusion and settle on either aci mechanism or rights family or family oid when talking about specifying one of these mechanisms, and settle on LDAPv3 or IETF when talking about the particular mechanism that this document describes.

Jim

Follow-Ups:
- Re: rights families in draft-ietf-ldapext-acl-model-04.txt
  - From: Ellen Stokes <stokes@austin.ibm.com>

Prev by Date: draft-...-java-api-07 - LDAPConnection.search
Next by Date: Re: draft-...-java-api-07 -LDAPConnection.getAuthenticationPassword()
Index(es):
- Chronological
- Thread