[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [ldapext] draft-ietf-ldapext-locate

To: David Chadwick <d.w.chadwick@salford.ac.uk>
Subject: Re: [ldapext] draft-ietf-ldapext-locate
From: Leif Johansson <leifj@it.su.se>
Date: Thu, 22 Aug 2002 09:23:00 +0200
Cc: Paul Leach <paulle@windows.microsoft.com>, "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>, Patrik Fältström <paf@cisco.com>, Michael Armijo <micharm@exchange.microsoft.com>, Levon Esibov <levone@windows.microsoft.com>, rlmorgan@washington.edu, ldapext@ietf.org, Ned Freed <ned.freed@mrochek.com>, ietf-ldap@paf.se, roland@catalogix.se
References: <4AEE3169443CDD4796CA8A00B02191CD0492980F@win-msg-01.wingroup.windeploy.ntdev.microsoft.com> <3D5B842E.70008@it.su.se> <3D62A609.F666854A@salford.ac.uk>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.0) Gecko/20020529

David Chadwick wrote:

Leif Johansson wrote:

 snip snip


Leif is correct in saying that DNs in certs are used for two purposes,
but I dont see a problem in that, if the DN is a permanent DN that does
not change with time.

regards

David

It is a problem if your ldap dn design is incompatible with the pki
dn design which it often is! For instance the recently much debated
situation where uid=u4711+cn=Joe Random,... is used in the pki dn
whereas uid=u4711,... is used in your directory where multivalued
rdn's suck. But I digress from the main topic of this thread.

	leifj


_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

References:
- RE: [ldapext] draft-ietf-ldapext-locate
  - From: "Paul Leach" <paulle@windows.microsoft.com>
- Re: [ldapext] draft-ietf-ldapext-locate
  - From: Leif Johansson <leifj@it.su.se>

Prev by Date: [ldapext] FYI mail outage
Next by Date: RE: [ldapext] Directory Best Practice Guide
Index(es):
- Chronological
- Thread