[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
My conclusions on the Java LDAP API
It's my opinion that this I-D should not be recommended
to the IESG for publication as Proposed Standard at this
time.
I do not believe the I-D is sufficiently detailed. That
is, I do not believe two independent developers could produce
interoperability implementations based solely on this
specification (including its normative references). In
particular, the I-D should be updated to describe the
relationship between API and protocol elements, detail the
handling of unexpected application input and server provided
data, and discuss security considerations.
I do not consider the set of specific issues I have raised on
the list as being any where near complete nor the discussions
of these issues as being conclusive. I will try to do my
best to raise other issues before last call, but due to the
number of issues and my schedule, I likely will only be able
to hit upon issues regarding one or two more classes. I will
send my notes to the chair(s) and author(s) prior to WG
Last Call completion.
Kurt