[Date Prev][Date Next] [Chronological] [Thread] [Top]

[ldapext] password policy response control question

To: ldapext@ietf.org
Subject: [ldapext] password policy response control question
From: John McMeeking <jmcmeek@us.ibm.com>
Date: Sun, 7 May 2006 21:26:20 -0500

What response should the server send if there are no password policy warnings or errors to report?

I've heard several answers proposed on my team, along with arguments for and against:

1. Do not send a password policy response control.
2. Send a response control with no value.
3. Send a response control where the value consists of an empty sequence.

The draft says that responses are sent "when appropriate", and there is a general rule that protocols shouldn't be unnecessarily "chatty". Not sending a response fits both those criteria, but some have argued that not sending this control should be interpreted as meaning the server does not support the control (perhaps the control is not supported with a particular naming context) . Control values are optional for LDAP controls in general. The draft doesn't say the response MUST be sent with a control value; neither does it state any condition under which the server would send a response control without a warning or error.

The converse of the question might be: What should a client expect as normal responses?

John McMeeking

_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

Follow-Ups:
- Re: [ldapext] password policy response control question
  - From: Howard Chu <hyc@highlandsun.com>
- RE: [ldapext] password policy response control question
  - From: "Ramsay, Ron" <Ron.Ramsay@ca.com>

Prev by Date: Re: [ldapext] Grace logins and password policy
Next by Date: Re: [ldapext] password policy response control question
Index(es):
- Chronological
- Thread