[Date Prev][Date Next] [Chronological] [Thread] [Top]

comments on draft-zeilenga-ldap-authpassword-04.txt

To: ietf-ldapext@netscape.com
Subject: comments on draft-zeilenga-ldap-authpassword-04.txt
From: "Timothy Hahn" <hahnt@us.ibm.com>
Date: Thu, 25 Jan 2001 14:24:51 -0500
Importance: Normal

Greetings,

Section 4.1, ABNF for authPasswordSyntax

I think that the "[authInfo]" can safely be "authInfo" since the separators ($ signs) are not optional and the authInfo can be zero length based on the definition of schemeSpecificValue.

Section 4.4

It would be nice to have a description for the attribute type.

Also, in paragraph 3, explaining why no built-in matching rule is defined for the attribute type. With this said, what is the intent then of defining the "authPasswordMatch" matching rule? Requiring the use of extensible match in order to use the matching rule seems harder than is necessary. Why is it desireable to dis-allow modification of individual values (assuming that the underlying transport service guarantees confidentiality).

Thanks,
Tim Hahn

Internet: hahnt@us.ibm.com
Internal: Timothy Hahn/Endicott/IBM@IBMUS or IBMUSM00(HAHNT)
phone: 607.752.6388 tie-line: 8/852.6388
fax: 607.752.3681

Follow-Ups:
- Re: comments on draft-zeilenga-ldap-authpassword-04.txt
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: Open issues with the Java LDAP API draft
Next by Date: Re: comments on draft-zeilenga-ldap-authpassword-04.txt
Index(es):
- Chronological
- Thread