[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: [ldapext] draft-ietf-ldapext-locate
- To: David Chadwick <d.w.chadwick@salford.ac.uk>
- Subject: Re: [ldapext] draft-ietf-ldapext-locate
- From: Leif Johansson <leifj@it.su.se>
- Date: Thu, 22 Aug 2002 09:23:00 +0200
- Cc: Paul Leach <paulle@windows.microsoft.com>, "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>, Patrik Fältström <paf@cisco.com>, Michael Armijo <micharm@exchange.microsoft.com>, Levon Esibov <levone@windows.microsoft.com>, rlmorgan@washington.edu, ldapext@ietf.org, Ned Freed <ned.freed@mrochek.com>, ietf-ldap@paf.se, roland@catalogix.se
- References: <4AEE3169443CDD4796CA8A00B02191CD0492980F@win-msg-01.wingroup.windeploy.ntdev.microsoft.com> <3D5B842E.70008@it.su.se> <3D62A609.F666854A@salford.ac.uk>
- User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020529
David Chadwick wrote:
Leif Johansson wrote:
snip snip
Leif is correct in saying that DNs in certs are used for two purposes,
but I dont see a problem in that, if the DN is a permanent DN that does
not change with time.
regards
David
It is a problem if your ldap dn design is incompatible with the pki
dn design which it often is! For instance the recently much debated
situation where uid=u4711+cn=Joe Random,... is used in the pki dn
whereas uid=u4711,... is used in your directory where multivalued
rdn's suck. But I digress from the main topic of this thread.
leifj
_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext