Re: (ITS#6151) Update cosine.schema to RFC 4524

[Kurt@OpenLDAP.org]

On Apr 22, 2010, at 1:34 AM, michael@stroeder.com wrote:

> Kurt Zeilenga wrote:
>> obsoletes !=3D OBSOLETE, so no.   That is, the meaning of the term
>> 'obsolete' is quite different in these two contexts.
>>=20
>> The latter context the term is defined as follows: The OBSOLETE =
field, if
>> present, indicates the element is not active.
>=20
> I agree that OBSOLETE should not be set in this case.
>=20
>> For user application attribute types, whether the type is active or =
not is,
>> I think, best left to the schema administrator.
>=20
> Who is the schema administrator?

Generally speaking, the OpenLDAP admin administrates which schema =
elements to load into the schema and whether each such element is active =
and inactive.

While in some cases a schema admin might design schema elements, I =
consider schema admin and schema element designer to be two separate =
roles.

> I'm nitpicking here because on the OpenLDAP
> lists we all keep telling OpenLDAP admins not to mess with the =
standard schema
> at all.

We often advise admins to load various schema elements into their =
schemas.  We generally assume admins run have only active elements in =
the their schema as the need for inactive elements can generally be =
avoided.

When at I say "don't mess with standard schema elements", what I mean is =
don't change aspects of schema specifications which are consider per the =
technical specifications to be immutable on published in a technical =
specification (or otherwise broadly published).  There certainly are =
other changes one can make to standard schema elements without violating =
the technical specifications (e.g., changing the DESC value), and if =
such case were to arise more generally, I might be more precise in my =
general advice.  That is, I rather only raise exceptions in advice when =
it's actually applicable to the situation raised by the admin.

-- Kurt=