[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Policy in IETF APIs (was: Standards and APIs)

To: "'Kurt D. Zeilenga'" <Kurt@OpenLDAP.Org>, "Paul Leach (Exchange)" <paulle@Exchange.Microsoft.com>
Subject: RE: Policy in IETF APIs (was: Standards and APIs)
From: "Paul Leach (Exchange)" <paulle@Exchange.Microsoft.com>
Date: Thu, 18 Nov 1999 17:10:15 -0800
Cc: ietf-ldapext@netscape.com
Resent-date: Thu, 18 Nov 1999 17:10:28 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"onqMyB.A.-bE.7NKN4"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com


> -----Original Message-----
> From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.Org]
> Sent: Thursday, November 18, 1999 4:40 PM

> 
> My point is that the LDAP API should be policy neutral.
>  The API can and should provide mechanisms for application
> developers can implement policy aware clients; however,
> the API itself should not be policy aware.

First, the IESG long ago said that it isn't permissible to ignore security
any more. Leaving security policy enforcement to applications has proven
unworkable, and is not acceptable to the security community. So the LDAP API
can not be security policy neutral.

Second, the policies I proposed all could be configured to be null. I.e.,
plaintext passwords could be allowed, and all servers could be trusted. That
means that it can be configured to be "policy neutral".

Third, I'll agree with you that it ought to be able to use LDAP API to
implement the policy checking -- e.g., storing the configuration data that
drives policy. I'm happy with a flag that says "ignore policy" -- ideally,
it should only be usable from within the LDAP API implementation itself, but
I'd be willing to leave that as an implementation choice.

Paul

Follow-Ups:
- RE: Policy in IETF APIs (was: Standards and APIs)
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org>

Prev by Date: RE: Policy in IETF APIs (was: Standards and APIs)
Next by Date: RE: LDAPDN and AuthMeth/DIGEST-MD5
Index(es):
- Chronological
- Thread