[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Standards and APIs (C LDAP API: security considerations)

To: 'Graham Klyne' <GK@Dial.pipex.com>
Subject: RE: Standards and APIs (C LDAP API: security considerations)
From: "Paul Leach (Exchange)" <paulle@Exchange.Microsoft.com>
Date: Wed, 17 Nov 1999 11:14:59 -0800
Cc: ietf-ldapext@netscape.com
Resent-date: Wed, 17 Nov 1999 11:15:13 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"3pOhcD.A.f_.56vM4"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com


> -----Original Message-----
> From: Graham Klyne [mailto:GK@Dial.pipex.com]
> Sent: Wednesday, November 17, 1999 5:12 AM

> Without this, 
> applications that
> wish to depend on some particular (policy-definied) behaviour 
> are left out
> in the cold;  or, they use an API subset for which full semantics are
> defined, which brings us back to Harald's position.

Applications shouldn't need to depend on certain policies being configured.
"Policy" is not the same as configuration "options". 
What applications will have to do is to be able to cope with being told an
action is denied by policy. Just like they have to cope with authentication
failures or "access denied".

Paul

Prev by Date: FW: I-D ACTION:draft-armijo-ldap-treedelete-02.txt
Next by Date: Re: supportedControl and recognized controls
Index(es):
- Chronological
- Thread