Re: Fwd: controlling visability of subentries

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

I prefer option 1 as it is simple, adequately resolves this issue,
and is consistent with other such extensions (e.g. manageDsaIT
control).  As LDAP subentry TS is an elective extension to the
LDAP protocol, I believe this to be best.  I would prefer
to keep "future work" off this particular table so that we might
reach closure on the LDAP subentry TS soon.

Kurt

At 09:24 PM 10/18/00 -0600, Ed Reed wrote:
>Okay, Kurt - I've reviewed what X.511 specifies for the service control
>used to control subentry visibility.  What is your opinion on what we should
>do in LDAP?
>
>1) create a control which has no parameters, but has the effect that when
>it is present, it is interpreted identically to an X.511 service control with the
>subentries bit set TRUE; or
>
>2) create a control which has a parameter identical to the service control
>specified by X.511.  This would have the effect of providing a lot of the
>additional controls needed to add distributed operations to LDAP (including
>preferChaining, chainingProhibited, etc.), but would also provide things
>like timeLimit, sizeLimit, scopeOfReferral, and attributeSizeLimit, etc.
>In X.511, the serviceControls are among the CommonArguments included
>with each request.
>
>I suppose we could consider the list of controls in LDAP providing the
>equivalent to the set of CommonArguments.  
>
>What's your take?  1 would be easier to document.  2 would lay
>important groundwork that should be considered in the context of future
>work to add distributed operations to LDAP.