[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Differences between Binary and OctetString?

At 10:07 AM 9/19/2003, Lon Tierney wrote:
>I am curious how OpenLDAP handles data differently between the Binary and Octet String syntaxes?
>The iPlanet/AOL/Sun schema defines a userPassword as a Binary syntax, and I notice that the 2.1.x schema for OpenLDAP defines it as an Octet String. Does the octetStringMatch work better/different with password values?

I think iPlanet use of the term "binary" here is historical.
In U-Mich LDAP, "bin"ary attributes had both octet string syntax
and matching rules.  For example,
        attribute userPassword bin

(Note that U-Mich LDAP actually defined userPassword to be 'ces'.)

OpenLDAP Software (2.x) uses RFC 2252 format schema descriptions
(extracted from the RFCs where available) for all attribututes.
For example,
        ( NAME 'userPassword'
                DESC 'RFC2256/2307: password of user'
                EQUALITY octetStringMatch
                SYNTAX{128} )

These examples are semantically equivalent.

The LDAP Technical Specification also defines a different
Binary syntax (RFC2252) as well as ;binary transfer of values
(RFC2251).  These are not semantically equivalent (to each other
or with historical "bin"ary syntaxes).