[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: unsolicited controls (Was: I-DACTION:draft-weltman-ldapv3-auth-response-01.txt)

To: Jim Sermersheim <JIMSE@novell.com>
Subject: Re: unsolicited controls (Was: I-DACTION:draft-weltman-ldapv3-auth-response-01.txt)
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Wed, 09 Feb 2000 19:41:41 -0800
Cc: ietf-ldapext@netscape.com
In-reply-to: <s8a1ba1e.096@prv-mail25.provo.novell.com>
Resent-date: Wed, 09 Feb 2000 19:42:00 -0800 (PST)
Resent-from: ietf-ldapext@netscape.com
Resent-message-id: <Omsc8B.A.l6C.-Njo4@glacier>
Resent-sender: ietf-ldapext-request@netscape.com

Is their a compelling reason to not negotiate these elective
features?  I believe it is unwise not to negotiate elective
features.

At 07:03 PM 2/9/00 -0700, Jim Sermersheim wrote:
>Given this definition, what constitutes extraordinary?

Good question.  Ask?
	Is the importance of the notification such that most
	applications would be modified to recognize it and
	do something reasonable because of it?

If the answer is no, than it's not extraordinary.

> Is an expired password an extraordinary condition?

Per my above definition, no.

In the case of password policy, I'd suggest a bind control that
the client could use to tell the server, "I recognize password
policy controls/responses".  This is a form of solicitation.

> Unless we can define the meaning of extraordinary,
> I'd rather just decide to allow unsolicited response controls or not.

Even though I am hard pressed at the moment to find a control
extraordinary enough that application developers would be compelled
to update their codes to recognize it, I would hate to disallow
unsolicited response controls completely as I believe that
the recommended use of unsolicited controls should be comparable
to unsolicited responses.

	Kurt

Prev by Date: Re: unsolicited controls (Was: I-DACTION:draft-weltman-ldapv3-auth-response-01.txt)
Next by Date: Re: RFC2251: RootDSE subschemasubentry issue
Index(es):
- Chronological
- Thread