[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: draft-ietf-ldapext-locate-01.txt - Discovering LDAP Services with DNS

To: 'James Benedict' <grunt@nortelnetworks.com>
Subject: RE: draft-ietf-ldapext-locate-01.txt - Discovering LDAP Services with DNS
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Wed, 19 Jan 2000 16:29:34 -0800
Cc: RL 'Bob' Morgan <rlmorgan@cac.washington.edu>, Bruce Greenblatt <bgreenblatt@directory-applications.com>, ietf-ldapext@netscape.com
In-reply-to: <19398D273324D3118A2B0008C7E9A569051BED57@SIT.platinum.corp.microsoft.com>
Resent-date: Wed, 19 Jan 2000 16:30:54 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <w-ViFC.A._cC.yclh4@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

At 10:31 AM 1/19/00 -0800, James Benedict wrote:
> I would suggest an addendum to the draft that "recommends" that "Internet" 
> directories arranged with a dc-tree provide some sort of LDAP service 
> that can be resolved at some point by walking up the tree.  eg. 

I disagree...

The algorithm should be simple and require no LDAP nor DNS
tree walking.

An DN of:
	cn=James Benedict, ou=sales, dc=us, dc=nortelnetworks, dc=com

is associated with the domain "us.nortelnetworks.com".  If SRV RRs
are not available at "_ldap._tcp.us.nortelnetworks.com", the
application should not attempt further SRV based discovery.

If walking were to be required (or even allowed) then we must
describe how far up the DNS tree a client should walk...  I
think it's a real bad idea to walk up to national SLD,
TLDs, or .

	Kurt

References:
- RE: draft-ietf-ldapext-locate-01.txt - Discovering LDAP Services with DNS
  - From: Paul Leach <paulle@Exchange.Microsoft.com>

Prev by Date: RE: draft-ietf-ldapext-locate-01.txt - Discovering LDAP Services with DNS
Next by Date: RE: draft-ietf-ldapext-locate-01.txt - Discovering LDAP Services with DNS
Index(es):
- Chronological
- Thread