[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Standards and APIs (C LDAP API: security considerations)

To: Paul Leach <paulle@Exchange.Microsoft.com>
Subject: RE: Standards and APIs (C LDAP API: security considerations)
From: Graham Klyne <GK@dial.pipex.com>
Date: Wed, 17 Nov 1999 13:12:00 +0000
Cc: Harald Tveit Alvestrand <Harald@Alvestrand.no>, ietf-ldapext@netscape.com
Resent-date: Wed, 17 Nov 1999 05:14:56 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"MrR6gD.A.I2.HpqM4"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

>> One man's application is another man's vendor. 
>>  
>> The classical reason for standard APIs is so that you can have one  
>> application running on multiple platforms, or multiple OS  
>> versions, and have the results of that application be the same. 
>
>I don't disagree as far as it goes -- I'm just adding "results of that
>application be the same when the configured policies are the same". 

I'd suggest that to achieve this in a _standard_ API, one would also need
to specify the policy configuration options that must be provided, and
their effect on the behaviour of an API implementation, and possibly even
the mechanisms for configuring policies.  Without this, applications that
wish to depend on some particular (policy-definied) behaviour are left out
in the cold;  or, they use an API subset for which full semantics are
defined, which brings us back to Harald's position.

I suspect that policy configuration could turn out to be a rathole.

#g

------------
Graham Klyne
(GK@ACM.ORG)

Follow-Ups:
- Re: Standards and APIs (C LDAP API: security considerations)
  - From: mcs@netscape.com (Mark C Smith)

Prev by Date: RE: Standards and APIs (C LDAP API: security considerations)
Next by Date: Re: Standards and APIs (C LDAP API: security considerations)
Index(es):
- Chronological
- Thread