[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: [ldapext] groupOfEntries object class proposal

To: "Luke Howard" <lukeh@padl.com>, "Andrew Findlay" <andrew.findlay@skills-1st.co.uk>
Subject: RE: [ldapext] groupOfEntries object class proposal
From: "Neal-Joslin, Robert (HP-UX Lab R&D)" <bob.joslin@hp.com>
Date: Mon, 17 Sep 2007 23:21:37 -0000
Cc: ldapext@ietf.org
Content-class: urn:content-classes:message
In-reply-to: <46EF07BD.1010801@padl.com>
References: <20070917143336.GA7266@tile.skills-1st.co.uk> <46EF07BD.1010801@padl.com>
Thread-index: Acf5f861HGEIhMy/RfSpCnE7LCtKBQAAFimw
Thread-topic: [ldapext] groupOfEntries object class proposal

Hi,

I'm almost always in favor of new and better ways to do things.  And I
agree with the statements submitted.  But I can see a need to play
devil's advocate for this one.  Is there really enough justification to
warrant this proposal?  What is the likelihood of its success, given how
entrenched groupOfNames and groupOfUniqueNames is embedded in the
existing LDAP application/server security space?  This is a very
low-level concept to LDAP, and thus convincing all application/server
developers to revolutionize seems a unlikely scenario.  And I would
argue that it would take a sea-change before it would be successful.
I.E. would this proposal be successful if only 50% or even 75% of
applications/servers support it?

Bob
 

> -----Original Message-----
> From: Luke Howard [mailto:lukeh@padl.com] 
> Sent: Monday, September 17, 2007 4:03 PM
> To: Andrew Findlay
> Cc: ldapext@ietf.org
> Subject: Re: [ldapext] groupOfEntries object class proposal
> 
> Another thing that would be useful might be to define the 
> behaviour of 
> nested groups, eg. should the client expand them?
> 
> It would make sense to use this object class for rfc2307bis too 
> (whenever that is completed :-))
> 
> -- Luke
> 
> Andrew Findlay wrote:
> > At the recent LDAP conference in Cologne there was wide 
> support for an
> > effort to improve some of the commonly-used schema definitions. In
> > particular, the fact that groupOfNames does not permit an 
> empty group
> > was felt to be a significant problem.
> >
> > To address this problem, I have published an I-D proposing a new
> > objectclass called groupOfEntries. The I-D is appended and is also
> > available at:
> >
> > 
> http://www.ietf.org/internet-drafts/draft-findlay-ldap-groupof
entries-00.txt
> >
> > To make adoption as easy as possible, the new object class is
> > identical to groupOfNames except that it has the ability to
> > describe empty groups without resorting to tricks and workarounds.
> >
> > I would like to see this new class used in place of groupOfNames in
> > new designs, so I propose to ask IETF to consider the draft for the
> > Standards Track.
> >
> > Comments and suggestions for improvement are welcome, and should be
> > sent to the ldapext@ietf.org mailing list.
> >
> > Andrew
> >   
> 
> 
> -- 
> www.padl.com | www.lukehoward.com
> 
> 
> _______________________________________________
> Ldapext mailing list
> Ldapext@ietf.org
> https://www1.ietf.org/mailman/listinfo/ldapext
> 

_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

Follow-Ups:
- Re: [ldapext] groupOfEntries object class proposal
  - From: Luke Howard <lukeh@padl.com>
- Re: [ldapext] groupOfEntries object class proposal
  - From: Howard Chu <hyc@highlandsun.com>
- RE: [ldapext] groupOfEntries object class proposal
  - From: "Ramsay, Ron" <Ron.Ramsay@ca.com>
- Re: [ldapext] groupOfEntries object class proposal
  - From: Michael Ströder <michael@stroeder.com>
- Re: [ldapext] groupOfEntries object class proposal
  - From: Neil Dunbar <neil.dunbar@hp.com>

References:
- [ldapext] groupOfEntries object class proposal
  - From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>
- Re: [ldapext] groupOfEntries object class proposal
  - From: Luke Howard <lukeh@padl.com>

Prev by Date: Re: [ldapext] groupOfEntries object class proposal
Next by Date: Re: [ldapext] groupOfEntries object class proposal
Index(es):
- Chronological
- Thread