[Date Prev][Date Next] [Chronological] [Thread] [Top]

[ldapext] objectIdentifierMatch

To: Ldapext <ldapext@ietf.org>
Subject: [ldapext] objectIdentifierMatch
From: Howard Chu <hyc@highlandsun.com>
Date: Wed, 15 Feb 2006 03:23:07 -0800
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20060209 SeaMonkey/1.5a Mnenhy/0.7.3.0

It seems this matching rule is rather difficult to use in practice, given that it's supposed to accept textual descriptors in addition to numeric OIDs, but there's no way for apps to know in what context the valid descriptors reside. (See http://www.openldap.org/its/index.cgi/Software%20Bugs?id=4025 for an example of how this affected our password policy implementation, ITS#4402 for another user tripping over it in an arbitrary schema.)

I was thinking that using a new extension like e.g. X-NAMESPACE 'attr' to attribute definitions with this matching rule might help make things less ambiguous. Suggestions? -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc OpenLDAP Core Team http://www.openldap.org/project/

_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

Follow-Ups:
- Re: [ldapext] objectIdentifierMatch
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: [ldapext] objectIdentifierMatch
  - From: Steven Legg <steven.legg@eb2bcom.com>

Next by Date: Re: [ldapext] objectIdentifierMatch
Index(es):
- Chronological
- Thread