[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: [ldapext] Comments: draft-chu-ldap-xordered-00.txt
- To: Pierangelo Masarati <pierangelo.masarati@sys-net.it>
- Subject: Re: [ldapext] Comments: draft-chu-ldap-xordered-00.txt
- From: Howard Chu <hyc@highlandsun.com>
- Date: Sat, 26 Aug 2006 15:53:13 -0700
- Cc: Ldapext <ldapext@ietf.org>
- In-reply-to: <44F06E71.4030209@sys-net.it>
- References: <4461846B.4030105@eB2Bcom.com> <4461A24B.70203@highlandsun.com> <44F06E71.4030209@sys-net.it>
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20060823 Netscape/7.2 (ax) Firefox/1.5 SeaMonkey/1.5a
Pierangelo Masarati wrote:
Howard,
Thanks. Agreed, X-ORDERED 'VALUES' attributes should be prohibited from
use as naming attributes. I'll revise the draft shortly.
a couple of quick short comments (one is editorial: in example (3) of
section 4.3 you issue a modrdn and supply a DN
"olcDatabase={99}ldif,cn=config" as the newrdn field; it should likely
be "olcDatabase={99}ldif" instead).
The other emerged from the improper use of an X-ORDERED 'VALUES'
attribute as naming attribute by an OpenLDAP user
(<http://www.openldap.org/lists/openldap-software/200608/msg00253.html>).
I think attributes with this extension could create problems when used
as naming attributes in a RDN. I see two possibilities:
1) the distinguished value does not report the ordering portion (if it
does, there could be confusion with X-ORDERED 'SIBLINGS', though);
this approach would make data appear inconsistent to applications that
do not recognize the extension, but at least would prevent the need to
rename an entry if the ordering of a naming attribute changes; for
example, consider an "ov" attribute with the X-ORDERED 'VALUES'
extension:
dn: ov=foo,dc=example,dc=com
ov: {0}foo
ov: {1}bar
2) the X-ORDERED 'VALUES' inhibits an attribute from being used to
name an entry.
I favor the second approach; that is, recommend implementors that
implement the X-ORDERED 'VALUES' extension to disallow them as naming
attributes, because it looks simpler and cleaner. I wouldn't go for
the first approach, unless I'm missing any significant advantage.
Cheers, p.
SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/
_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext