[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [ldapext] Chained Operation (control, extended op, or op?)

To: "Jim Sermersheim" <jimse@novell.com>
Subject: Re: [ldapext] Chained Operation (control, extended op, or op?)
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Mon, 21 Jun 2004 13:14:38 -0700
Cc: ldapext@ietf.org
In-reply-to: <s0d6cca0.040@sinclair.provo.novell.com>
References: <s0d6cca0.040@sinclair.provo.novell.com>

A few more reasons to use an extended operation here:

MessageId handling - if we assume messages from multiple
  clients are multiplex over one session to the chained
  server, use of a control would require messageId munging.

Special bind behavior - a chained bind shouldn't change
  the LDAP association of the chaining session.   If
  a chaining control were used, that control would have
  to alter bind semantics.

Operation-level signatures - use of a chaining
  extended operation could be compatible operation-level
  signature extensions (e.g., RFC 2649), whereas use of a
  chaining control would likely not be compatible (or
  would likely require special handling to be compatible).

Kurt

At 10:51 AM 6/21/2004, Jim Sermersheim wrote:
>All,
>
>I'm attaching a not-ready-for-prime-time I-D which describes an LDAP
>chained operation. Following X.518, I described it as an operation
>(well, an extended operation) which contains the original message and
>some chaining arguments. Some of my peers here have repeatedly argued
>that there is no reason to define it as an extended operation, and that
>a control makes more sense.
>
>What do others think? I can go either way.
>
>If it's a control, I'd want to reconsider the targetObject and
>entryOnly fields. If the control holds these, and is sent as
>non-critical, and the receiving server doesn't support the control, the
>outcome will be erroneous. 
>
>As an extended operation, we have two sets of resultCode, matchedDN,
>errorMessage, and referral. This can be resolved by chosing yet another
>solution: Create a whole new operation (don't use an extended
>operation). The new operation would not include the elements of
>LDAPResult (well, the resultCode might be nice, but referral and
>matchedDN is confusing).
>
>I'll publish once I get some feedback on this, and fix up some
>editorial issues.
>
>Jim
>
>Content-Type: text/plain; name="draft-sermersheim-ldap-chained-op-00.txt"
>Content-Disposition: attachment;
>        filename="draft-sermersheim-ldap-chained-op-00.txt"
>X-MIME-Autoconverted: from 8bit to quoted-printable by ietf.org id NAA11981
>
>_______________________________________________
>Ldapext mailing list
>Ldapext@ietf.org
>https://www1.ietf.org/mailman/listinfo/ldapext


_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

References:
- [ldapext] Chained Operation (control, extended op, or op?)
  - From: "Jim Sermersheim" <jimse@novell.com>

Prev by Date: Re: [ldapext] Chained Operation (control, extended op, or op?)
Next by Date: Re: [ldapext] Chained Operation (control, extended op, or op?)
Index(es):
- Chronological
- Thread