[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: [ldapext] draft-ietf-ldapext-locate
- To: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Subject: Re: [ldapext] draft-ietf-ldapext-locate
- From: ned.freed@mrochek.com
- Date: Thu, 15 Aug 2002 12:32:55 -0700 (PDT)
- Cc: ned.freed@mrochek.com, Patrik Fältström <paf@cisco.com>, micharm@microsoft.com, paulle@microsoft.com, levone@microsoft.com, rlmorgan@washington.edu, ldapext@ietf.org, Ned Freed <ned.freed@mrochek.com>, ietf-ldap@paf.se
- In-reply-to: "Your message dated Thu, 15 Aug 2002 11:30:36 -0700" <5.1.0.14.0.20020815111448.02962c98@127.0.0.1>
- References: <24876124.1029218035@localhost> <5.1.0.14.0.20020813201324.0674c688@127.0.0.1> <01KLBN5PE4D60001B1@mauve.mrochek.com> <5.1.0.14.0.20020815111448.02962c98@127.0.0.1>
> At 09:57 AM 2002-08-15, ned.freed@mrochek.com wrote:
> >I'm going to take the liberty of responding directly here.
> >
> >> >(0) It isn't clear when this approach is supposed to be used. DNs are an
> >> >integral part of *every* LDAP operation. Is it the intent that an
> >> >LDAP client check every DN it sees for DC fields and if it finds them use
> >> >this approach. Or is it only appropriate in specific situations?
> >
> >> It is intended to be a general mechanism for locating LDAP servers
> >> having knowledge of directory objects associated with a DN in
> >> absence of location information. This DN may have been provided
> >> to the application via LDAP or other means. If the DN was provided
> >> with location information, such as a LDAP URL with host part,
> >> that information should be used. Howeer, where the DN is provided
> >> without any location information, this mechanism provides a means,
> >> for a subset of DNs (those using RFC 2247 naming), for the
> >> application to locate servers with knowledge of the DN.
> >
> >> This application may be an LDAP client or server. OpenLDAP's server,
> >> for example, can use this mechanism to generate referrals to clients
> >> requesting DN which it otherwise has no knowledge of.
> >
> >This is precisely the sort of thing I'm afraid of. OpenLDAP does this but I
> >doubt SunOne Directory Server (to pick a specific example) does. And given this
> >document doesn't spell out when this is supposed to be used you cannot claim
> >that the issue is Sun's failure to implement this standard.
> OpenLDAP supports a particular experimental service, described
> in RFC 3088, which uses this location mechanism.
> What I think you asking us to clarify is when should this mechanism
> be implemented/used.
Exactly.
> My answer to this is, the mechanism should be
> implemented/used as detailed in the technical specification for the application (or protocol) requiring its use.
That's a very reasonable answer.
> That is, I agree that implementations should not use this mechanism
> unless they implement a particular technical specification which
> prescribes use of the mechanism. This should be clarified.
Good. The addresses the issue as far as I'm concerned.
Ned
_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext