|
>>> Andrew Sciberras <andrew.sciberras@eB2Bcom.com> 10/27/04 4:15:15 PM >>>
<snip> >Whilst we're on the discussion of allocating OID's I'd really love to >see an OID allocated for the Password Policy Administrative Role. From >RFC3672 (Section 2.2): >"The Administrative Model defined in [X.501], clause 10 requires that >administrative entries contain an administrativeRole attribute to >indicate that the associated administrative area is concerned with >one or more administrative roles." There is a TODO statement in -08 for this (Section 10).
FWIW, this is what finally pushed me into raising the thread on the list — Do I get another OID from the Netscape folks? Do I add the first IANA_ASSIGNED oid? I'd rather move to all IANA_ASSIGNED oids at the same time I assign the administrative role OID.
We also need to dscribe how these administrative areas work. Can they overlap? Can they be defined in a way that causes some objects to be governed by no pwd policy subentry? Can one object be governed by multiple pwd policy subentries? If so, must each governing subentry list a unique pwd attribute?
Jim
|
_______________________________________________ Ldapext mailing list Ldapext@ietf.org https://www1.ietf.org/mailman/listinfo/ldapext