[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: I-D ACTION:draft-ietf-ldapext-cldap-00.txt
Additional comments:
The document should be updated to use RFC 2119 terminology
statement. I will assume it uses MUST, SHOULD per 2119.
Section 2:
> Encoded packets must be small enough to fit inside a datagram
> no bigger than the size of the MTU of the transport mechanism."
Why the MUST? Would the protocol not work if the MTU was
exceeded? I would think SHOULD would sufficient... with a
statement as to why (ip fragmentation?).
Section 4:
> Therefore the application using CLDAPv3 have to handle packet loss.
And duplication. And reorderring.
> One way of aiding this would be to add something like a
> packet sequence number in the PDUs sent from the server
> to the client, how this is to be done is outside the scope
> of this document.
I would argue that this complete within the scope of this
document and should be addressed in the I-D.
In addition the draft should address issues regarding the
association (or lack thereof) of a session to a particular
client.
> They (servers) must also check the version field of the LDAP PDU
An LDAP PDU does not have a version request.
> 6. Security considerations
Given SASL/TLS are designed for connection-oriented application
protocols, I suggest looking into use of IPSEC transport mode
to provide security services.