[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [ldapext] draft-zeilenga-ldap-dontusecopy: criticality

Michael Ströder wrote:
Kurt Zeilenga wrote: 

On Jul 17, 2008, at 3:27 PM, Michael Ströder wrote:

draft-zeilenga-ldap-dontusecopy-06.txt says:
"The criticality MUST be TRUE."

What's the rationale for being so strict?

Primarily so that the semantic is a boolean, and hence can be mapped directly to the X.511 dontUseCopy option. Also, I don't see much of a difference in no control versus a non-critical control in this case, as both would allow the server to use copies.

Well, I'd like to use it in a case where my client would accept "best effort" of the server not to use a copy. Otherwise I would have to send the control with criticality TRUE and re-send the same request without the control in case of unavailableCriticalExtension returned by the server.

The main problem is that it's impossible to find out whether a server supports a certain control (within a particular naming context) without sending it. (And even if you send it and unavailableCriticalExtension you cannot really tell if the client sent several critical controls.)

What about a "whoFailed?" control, whose criticality MUST be FALSE, which is supposed to result in returning a control whose value is a set of OIDs of the extensions (exop, control, whatever) that failed? In most cases, only the first that failed would be returned, but this would be left to the implementation.

p.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it
-----------------------------------

_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www.ietf.org/mailman/listinfo/ldapext