[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP URI extensions for SASL/StartTLS

To: "Kurt D. Zeilenga" <kurt@boolean.net>
Subject: Re: LDAP URI extensions for SASL/StartTLS
From: Leif Johansson <leifj@it.su.se>
Date: Thu, 02 Dec 1999 10:21:38 +0100
Cc: ietf-LDAPext@netscape.com
In-reply-to: "Message from Kurt D. Zeilenga" <kurt@boolean.net> "of Wed, 01 Dec 1999 15:39:40 PST." <3.0.5.32.19991201153940.0093ead0@localhost>
Resent-date: Thu, 02 Dec 1999 02:05:17 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <"Nuk9dB.A.65E.QRkR4"@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

> Note also that URI are often provided by users (such as to an
> Web browser with ldap: support).  The user needs a mechanism
> to describe how to do the search in situations where the client
> may not be albe to discover how to do the search through feature
> discovery.

When exactly is the client not able to discover the capabilities
of the server? The answer is: when the server does not support 
at least read only access to the parts of the DIT (usually the 
root DSE) where capabilities and/or policy is kept. IMHO the natural 
thing to do is to mandate that ldap servers must always implement 
ldap/tcp and allow read-only access to the root-DSE through that 
transport. I am not sure this is is rfc2251 but maybe it should 
go into the rev?

Then all you have to do is to figure out the schema for this stuff.

	Cheers Leif

Follow-Ups:
- Re: LDAP URI extensions for SASL/StartTLS
  - From: "Kurt D. Zeilenga" <kurt@boolean.net>

References:
- LDAP URI extensions for SASL/StartTLS
  - From: "Kurt D. Zeilenga" <kurt@boolean.net>

Prev by Date: LDAP URI extensions for SASL/StartTLS
Next by Date: Re: LDAP URI extensions for SASL/StartTLS
Index(es):
- Chronological
- Thread