[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: [ldapext] CLDAPv3: A slightly different approach
Leif Johansson writes:
> 1. You can't do bind over UDP in any sensible way. You won't get away
> with specifying plain password mechs in this day and age and SASL requires
> a connection.
True; the main reason for allowing a bind here is to let the client
tell the server which version of the protocol it uses. (A suitable
authentication scheme for CLDAP could be devised later; I agree that
plain passwords are not to recommend.)
> 2. You will limit yourself to applications where all results fit in
> a single datagram. Try returning a few userCertificates and you will
> be running out of space really quick.
I would like to allow for an extension for multiple datagram
responses, but not mandate it.
Thorild Selén
Datorföreningen Update / Update Computer Club, Uppsala, SE
_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext