Re: please publish draft-mmeredith-rootdse-vendor-info-01.txt

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

Mark, a few comments:

I suggest that this draft be a informational elective feature.
I believe that prior operational experience with such features
have proven to be source of numerous interoperability problems.
You'll end up with clients that only support select versions
of select vendor products and other vendors resorting to
spoofing the vendor names/versions.  (We've already have
received requests (and patches) from users to do exactly
this!).

I suggest adding an applicability statement to the overview,
such as:
  This document describes an elective feature which LDAP
  servers MAY implement.

I then suggest that the applicability statement in each
attribute descriptions be replaced with a technical
specification.
  The value of vendorName contains the name of the vendor
  producing or providing server implementation.
  Example: "Novell, Inc."  

Likewise for vendorVersion:
  The value of vendorVersion contains the string indicating
  the version of the directory implementation.
  Example: "NDS 2100-r1.2.3/NT4SP3/US-crypto-128-1.1/TurboBlaster-v2 compat FooDir"

No matching rules are defined.  An EQUALITY
matching rule should minimally be defined.  I suggest
caseExactMatch.

Security Considerations:

You may want to add a note publishing specific vendor
information may be used by clients to determine what
security holes a server provides (by feature or flaw).

You may note that servers MAY restrict access to
vendorName/vendorVersion and clients SHOULD NOT
expect such attribute to be available.