|
I'm struggling to understand what is meant by the terms "copy" and "authoritative". I don't see one as the antithesis of the other.
How is a "copy" distinguished from an "original"?
How does the term "copy" relate to the term "shadow"?
How do these terms relate to the term "read-only"?
To me, the term "authoritative" is completely orthogonal to most of this. While an authoritative entry is probably never read-only, the determination of the placement of an authoritative entry may be completely arbitrary or application specific. For example, an address book application may consider a group of entries held on DSA1 to be authoritative, while a provisioning application may consider many of those same entries to be authoritative only when accessed on another DSA. Other applications may wish to share the notion of where an entry is said to be authoritative.
In my experience, the need for a control which specifies an operation take place on the authoritative copy typically has to do with update operations. One DSA is said to be authoritative for an entry, and thus update operations may be asked to be directed at that authoritative copy. This is obviously especially true in multi-master systems.
If this is what the I-D seeks to provide, I suggest it rename the control to "useAuthoritative", and allow it to be applied to all operations (rather than interrogation only). The problem is in defining how to determine whether a given entry is authoritative.
If, on the other hand, it seeks to force an interrogation operation to be directed to a non-read-only, or non-shadow copy of an entry, it should not introduce the term "authoritative". Rather it should follow X.500 and replace that word with "non-shadow"
Jim
|
_______________________________________________ Ldapext mailing list Ldapext@ietf.org https://www1.ietf.org/mailman/listinfo/ldapext