[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: schema

At 02:00 PM 4/10/2003, Michael Ströder wrote:
>Kurt D. Zeilenga wrote:
>>>How about publishing an experimental schema description with
>>> OpenLDAP-specific OIDs in the mean time?
>>Doing such tends to cause far worse problems. It hinders our ability to
>>change the specification / implementation.
>There might be misunderstanding here: I did not mean to publish it in a document. I meant just to make it available in sub schema sub entry.

No misunderstanding.  I was talking about publishing within
the subschema subentry.  That is, publishing the schema description
in the subschema subentry now, before consensus within the LDAP
community has been reached with regard to its syntax and semantics,
will cause significant problems down the road, especially if
the consensus is to significantly alter their syntax and semantics.

>>Applications which ask for all user and operational attributes
>>(especially all operational attributes) should be able to do
>>safely handle (ignore?) elements they don't understand.  Or
>>they should just ask for elements they understand.
>The big question is how much a-priori knowledge has to be put in an LDAP application without making it horribly inflexible.

The short answer is "as much as needed".

>To me your statements sounds like an application should ignore the sub schema sub entry completely using hard-coded schema element handling...

I would say that an application needs to be coded (no necessarily
hard coded) with enough knowledge to get the job done.  If you
have an application designed to manage groups, then that application
needs to understand not only the syntax and other data model rules
for various "group" elements, but must understand the semantics
of those elements.  As the schema does impart semantical knowledge,
the value of subschema subentries to such applications is quite small.
(It's not even good for detecting whether or not the server "supports"
the elements the application "knows" about.)

Now, if your application is a general directory browser coded with
knowledge of how to display certain syntaxes, then I can see how
obtaining attribute value syntax information may be valuable to
you.  I would assume such a browser would either ignore values of
syntaxes it did not know (or wasn't able to determine) or display
such values using some "safe" mechanism (such as what it uses
for values it knows have syntax OCTET STRING).