[Date Prev][Date Next] [Chronological] [Thread] [Top]

big picture

To: ietf-ldapext@netscape.com
Subject: big picture
From: Ken Peirce <kpeirce@earthlink.net>
Date: Wed, 13 Oct 1999 12:47:46 -0700
Importance: Normal
In-reply-to: <s8046707.056@prv-mail20.provo.novell.com>
Resent-date: Wed, 13 Oct 1999 12:46:34 -0700 (PDT)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"J4mio.A.3CC.PGOB4"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

I'll apologize for bringing this up if it's a settled issue, but I didnt'
see this issue discussed in the archives:

How does LDAP fit into the policy picture with COPS and the AAA WG work? I
understand that COPS is supposed to transport request and decision objects
between a policy server and a router(enforcer). Policy is frequently a
per-user centric item.

Most ISPs I've spoken to want to put policy details for a specific user in a
schema of some sort. However, it would seem that LDAP could transport the
policy enforcement information to the enforcer itself. Do we have to have an
LDAP policy server that is queried by a COPS policy server that is queried
by an enforcer?

If a document exists that explains the larger picture here I would be
grateful for a pointer.

Ken

References:
- LDAPv3 Rights Family in draft-ietf-ldapext-acl-model-04.txt.
  - From: Jim Sermersheim <JIMSE@novell.com>

Prev by Date: DN Types in draft-ietf-ldapext-acl-model-04.txt (another one)
Next by Date: search right in draft-ietf-ldapext-acl-model-04.txt
Index(es):
- Chronological
- Thread