[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Is CLDAP connectionless or not?
> I think the SASL debate actually evolves out of a deeper problem with the
> CLDAP draft itself:
>
> Is it a specification for running an LDAP session over UDP, or is it a
> specification for running LDAP queries in connectionless mode?
>
Both and none. In order to be able to use read with access-control you need,
as someone already pointed out, to be able to identify a session, defined by
a completed bind which does require something beyond what is provided in the
draft. For anonymous reads the situation is different.
You may not care about reordering of packets in a search response -- the
searchResultDone packet might be uninteresting for an application where
results not returned within a very short time are dropped anyway -- or even,
heaven forbid, about loss of packets in a search response. Some applications
may care to get a reply back from modify-operations :-) This is imho best
handled with a set of controls and/or exops.
For instance if you really care about getting all your search responses in
the right order you can either (sketching here so please forgive some
handwaving) add a control with a sequence number or create an exop response
which contained a SEQUENCE OF ldap pdu's. Which is better? I don't know.
Does it absolutely have to go into this draft? I hope not :-)
> In the first case, the spec is incomplete; it needs to essentially rebuild
> all of TCP's machinery in order to get reliably delivered requests and
> responses.
Not all of it. Reordering may not be an issue, packet loss may not be an
issue. An extra set of controls could be considered a tool for selecting which
aspects
of a full connection is interesting to the application. Having said that I
absolutely agree that if we get close to finding ourselves implementing tcp
in LDAP/UDP to get basic functionality the project must be dropped.
Cheers Leif