Re: [ldapext] CLDAPv3: A slightly different approach

[Thorild Selen <thorild@Update.UU.SE>]

Leif Johansson writes:
 > 1. You can't do bind over UDP in any sensible way. You won't get away
 > with specifying plain password mechs in this day and age and SASL requires
 > a connection.

True; the main reason for allowing a bind here is to let the client
tell the server which version of the protocol it uses. (A suitable
authentication scheme for CLDAP could be devised later; I agree that
plain passwords are not to recommend.)

 > 2. You will limit yourself to applications where all results fit in
 > a single datagram. Try returning a few userCertificates and you will
 > be running out of space really quick.

I would like to allow for an extension for multiple datagram
responses, but not mandate it.

Thorild Selén
Datorföreningen Update / Update Computer Club, Uppsala, SE
_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext