Re: [ldapext] Authentication information in LDAP URLs

[Alexey Melnikov <Alexey.Melnikov@isode.com>]

Michael Ströder wrote:

> Furthermore I'd also like to have a mechanism like that for specifying 
> SASL related authentication information in a LDAP URL:
> a) StartTLS ext. op. SHOULD/MUST be used
> b) SASL authc ID
> c) SASL authz ID
> d) SASL realm
> e) SASL mechanism

Sounds like a good idea to me.

If you want to design something that is consistent with other protocols, 
have a look at RFC 2192 (IMAP URL), section 3. It can deal with b) and e).
d). has limited applicability (basically for DIGEST-MD5). Having a) and 
c) would be nice too.

> I can easily use LDAP URL extensions for these off course but what do 
> the list members here think about this approach? 

Adding this as an LDAP URL extension seems like a less intrusive change.

Alexey
__________________________________________
Isode Limited, http://www.isode.com

IETF standard related pages:
http://www.melnikov.ca/mel/devel/Links.html
__________________________________________




_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext