[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: C API: minor comments

To: "Paul Leach (Exchange)" <paulle@Exchange.Microsoft.com>
Subject: Re: C API: minor comments
From: Mark Wahl <M.Wahl@INNOSOFT.COM>
Date: Mon, 15 Nov 1999 16:49:50 -0600
Cc: mcs@netscape.com, howes@yahoo.com, "Andy Herron (Exchange)" <andyhe@Exchange.Microsoft.com>, "Anoop Anantha (Exchange)" <anoopa@Exchange.Microsoft.com>, kurt@OpenLDAP.Org, ietf-ldapext@netscape.com
In-reply-to: "Your message of Mon, 15 Nov 1999 14:43:13 PST." <19398D273324D3118A2B0008C7E9A569051BEAA4@SIT.platinum.corp.microsoft.com>
Resent-date: Mon, 15 Nov 1999 14:50:47 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"iS6HJ.A.NWC.74IM4"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

> > Implementations of the API SHOULD begin numbering messages with 1, to 
> > be able to easily distinguish client-generated requests and 
> > unsolicited
> > notifications.

> Quite probably a bad idea. It means that the IDs are predictable, making it
> easier for an attacker to spoof requests or replies. It may not matter as
> much with LDAP/TCP, but with LDAP/UDP it would.

> How about suggesting that requests be even and unsolicited notifications be
> odd?

Unsolicited is zero.  How about this instead:

 Implementations of the API SHOULD assign message IDs for client generated
 requests in a range between 1 and 2147483647, to be able to easily 
 distinguish them from unsolicited notifications.

Mark Wahl, Directory Product Architect
Innosoft International, Inc.

Follow-Ups:
- Re: C API: minor comments
  - From: "Kurt D. Zeilenga" <kurt@boolean.net>
- Re: C API: minor comments
  - From: Mark Smith <mcs@netscape.com>

References:
- RE: C API: minor comments
  - From: "Paul Leach (Exchange)" <paulle@Exchange.Microsoft.com>

Prev by Date: RE: C API: minor comments
Next by Date: C API questions on section 9
Index(es):
- Chronological
- Thread