Re: Last call on 'Named Subordinate References in LDAP Directories'

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

At 06:53 PM 5/7/01, Mark C Smith wrote:
>5) Section 7.4 (Search Continuation Considerations): I was surprised to
>see that for a one-level search the server is not required to include a
>scope of base in the URIs returned.

First, I note that:
        ldap://hostb/OU=People,O=MNN,C=WW

and
        ldap://hostb/OU=People,O=MNN,C=WW??base

are equivalent per rfc2255.  That is, a URI without an explicit
scope part has scope base.

If there is a implicit/explicit scoping issue, then it's
with scope subtree and the RFC 2251 examples.   To reconcile
RFC 2251, 4.5.3, and RFC 2255, one must assume that an
not-present scope implies the operation should be continued
with an appropriate scope implied by the originating request
or that an absent scope implies scope subtree.  Otherwise, the
RFC 2251 example (and most implementations) are broken.

Unfornately, RFC 2251 makes no one-level example.

>I think this can be handled
>correctly by the client without the server adding a scope of base, but
>it seems better to have the server do this work.  If a client implements
>referral processing as described in RFC 2251 (which all should today),
>the right thing will not happen unless the server includes the scope of
>base in the returned URLs.

RFC 2251 doesn't say explicitly want to do when the scope is
absent.  So, RFC 2255 should "win".

But, as there are client implementations take different views of
what RFC 2251 examples suggests, I would suggest that namedref
require that returned continuation LDAP URLs always contain an
explicit scope.

Kurt