[Date Prev][Date Next] [Chronological] [Thread] [Top]

AW: sn/surname mess. Need your opinion

Hallo again gentlemen,

I am very sorry, but I really don't get point of all of this. After all, it all has nothing to do with surnames, but rather with the fact that I may assigned more then one name of one OID, and if I understand it correctly per RFC 2252. In this case we all know we can build a test case where Open LDAP will answer with wrong attribute names. It has nothing to do with being liberal or conservative, it is all just about LDAP server from normal human sence should return attributes with the same names as it has been asked to return. Once again, it all has nothing to do with RFC 2256, but with RFC 2252 and the fact that Open LDAP does not follow names of the attributes supplied in search request.

Best regards, vadim tarassov.

-----Ursprüngliche Nachricht-----
Von: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org]
Gesendet: Mittwoch, 10. März 2004 16:10
An: Michael Ströder
Cc: openldap-software@OpenLDAP.org
Betreff: Re: sn/surname mess. Need your opinion

At 12:16 AM 3/10/2004, Michael Ströder wrote:
>Kurt D. Zeilenga wrote:
>>Note that the formal description [RFC2256] of the SN attribute
>>type is:
>>  ( NAME 'sn' SUP name )
>> No server is required to recognize this attribute type by any
>> name other than 'sn'.  A client which asks for 'surname' is
>> simply broken and won't interoperate broadly.
>So why adding alias 'surname' at all?

Well, at the time, I was thinking it that returning 'sn' for
'surname' would make the client's fault more obvious than
returning nothing for 'surname'.  In retrospect, it seems
doing so has caused some confusion (though I think it also
caused developers in the end to fix their broken clients).

>>Or, to put it another way, slapd(8) is being liberal in accepting
>>'surname' as an alias for 'sn', but strict in returning the
>>proper name for the attribute type.
>One could argue that according to RFC2256 OpenLDAP is too liberal here. If you don't add 'surname' as alias it's even more evident that the client is broken and we wouldn't have this discussion here.

Not sure about that.  I suspect some would try adding 'surname'
themselves (possibly as first name, ugh) and then open a thread
on our behavior is aggregating a bug in their software.