[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [ldapext] draft-ietf-ldapext-locate

To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: [ldapext] draft-ietf-ldapext-locate
From: ned.freed@mrochek.com
Date: Thu, 15 Aug 2002 12:32:55 -0700 (PDT)
Cc: ned.freed@mrochek.com, Patrik Fältström <paf@cisco.com>, micharm@microsoft.com, paulle@microsoft.com, levone@microsoft.com, rlmorgan@washington.edu, ldapext@ietf.org, Ned Freed <ned.freed@mrochek.com>, ietf-ldap@paf.se
In-reply-to: "Your message dated Thu, 15 Aug 2002 11:30:36 -0700" <5.1.0.14.0.20020815111448.02962c98@127.0.0.1>
References: <24876124.1029218035@localhost> <5.1.0.14.0.20020813201324.0674c688@127.0.0.1> <01KLBN5PE4D60001B1@mauve.mrochek.com> <5.1.0.14.0.20020815111448.02962c98@127.0.0.1>

> At 09:57 AM 2002-08-15, ned.freed@mrochek.com wrote:
> >I'm going to take the liberty of responding directly here.
> >
> >> >(0) It isn't clear when this approach is supposed to be used. DNs are an
> >> >integral part of *every* LDAP operation. Is it the intent that an
> >> >LDAP client check every DN it sees for DC fields and if it finds them use
> >> >this approach. Or is it only appropriate in specific situations?
> >
> >> It is intended to be a general mechanism for locating LDAP servers
> >> having knowledge of directory objects associated with a DN in
> >> absence of location information.  This DN may have been provided
> >> to the application via LDAP or other means.  If the DN was provided
> >> with location information, such as a LDAP URL with host part,
> >> that information should be used.  Howeer, where the DN is provided
> >> without any location information, this mechanism provides a means,
> >> for a subset of DNs (those using RFC 2247 naming), for the
> >> application to locate servers with knowledge of the DN.
> >
> >> This application may be an LDAP client or server.  OpenLDAP's server,
> >> for example, can use this mechanism to generate referrals to clients
> >> requesting DN which it otherwise has no knowledge of.
> >
> >This is precisely the sort of thing I'm afraid of. OpenLDAP does this but I
> >doubt SunOne Directory Server (to pick a specific example) does. And given this
> >document doesn't spell out when this is supposed to be used you cannot claim
> >that the issue is Sun's failure to implement this standard.

> OpenLDAP supports a particular experimental service, described
> in RFC 3088, which uses this location mechanism.

> What I think you asking us to clarify is when should this mechanism
> be implemented/used.

Exactly.

>  My answer to this is, the mechanism should be
> implemented/used as detailed in the technical specification for the application (or protocol) requiring its use.

That's a very reasonable answer.

> That is, I agree that implementations should not use this mechanism
> unless they implement a particular technical specification which
> prescribes use of the mechanism.  This should be clarified.

Good. The addresses the issue as far as I'm concerned.

				Ned



_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

References:
- [ldapext] draft-ietf-ldapext-locate
  - From: Patrik Fältström <paf@cisco.com>
- Re: [ldapext] draft-ietf-ldapext-locate
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: [ldapext] draft-ietf-ldapext-locate
  - From: ned.freed@mrochek.com
- Re: [ldapext] draft-ietf-ldapext-locate
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: RE: [ldapext] Directory Best Practice Guide
Next by Date: RE: [ldapext] Directory Best Practice Guide
Index(es):
- Chronological
- Thread