[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: C API: minor comments

To: Mark Wahl <M.Wahl@INNOSOFT.COM>
Subject: Re: C API: minor comments
From: Mark Smith <mcs@netscape.com>
Date: Tue, 16 Nov 1999 17:46:26 -0500
Cc: "Paul Leach (Exchange)" <paulle@Exchange.Microsoft.com>, timhowes@yahoo.com, "Andy Herron (Exchange)" <andyhe@Exchange.Microsoft.com>, "Anoop Anantha (Exchange)" <anoopa@Exchange.Microsoft.com>, kurt@OpenLDAP.Org, ietf-ldapext@netscape.com
Organization: Netscape Communications
References: <16985.942782442@threadgill.austin.innosoft.com>
Resent-date: Tue, 16 Nov 1999 14:46:41 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"FQi0-B.A.p3G.I7dM4"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

Mark Wahl wrote:
> 
> 2251 does not restrict clients from using message id 0, since it was really
> a client behavior: if your client always does a Bind for its first message,
> it would be able to distinguish between a Extended Response and a Bind
> Response.

Okay, good point (but subtle).


> However to avoid implementors of the C API from introducing a
> subtle problem into their client library, since they don't know what order
> clients will make requests, I propose:
>  - the C API just state that the values SHOULD be nonzero.., without any
>    requirement that it be a counter
>  - we plan that a forthcoming draft on the mapping of LDAP over UDP (CLDAPv3)
>    should include a statement on the security impact of message IDs, and
>    debate the issue of message ID spoofing in that context

This sounds like a good approach to me.

-- 
Mark Smith
iPlanet Directory Architect / Sun-Netscape Alliance
My words are my own, not my employer's.   Got LDAP?

References:
- Re: C API: minor comments
  - From: Mark Wahl <M.Wahl@INNOSOFT.COM>

Prev by Date: RE: C API: minor comments
Next by Date: RE: Details on TCP sequence numbers (RE: C API: minor comments)
Index(es):
- Chronological
- Thread