[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: should I modify attribute definition in core.schema to suit my need?

Zhang Weiwu wrote:

> I don't understand why 'c' do have the superior 'NAME'. We have another
> attribute defined as "Country String" which don't have any superior,
> which seems working fine. Why not OpenLDAP change 'c' definition to not
> to SUP name and stand on its own?

With respect to inheritance vs. specifying a syntax within the
definition of an attribute, this is explicitly allowed by RFC4512.

With respect to 'c' being defined that way, that's how it's defined in
RFC4519, in full compliance with RFC4512, since the "Country String"
syntax is an exact subset of the "Directory String" syntax, which is the
syntax of 'name'.

I agree right now the specification of 'c' is broken, which was probably
caused by a limitation in current OpenLDAP software.  I don't see much
value in moving from one broken specification which allows
interoperability (you can set the right values and you can exploit
inheritance, but you can also set incorrect values) to another broken
specification that breaks interoperability (you can only set the right
values, but you lose inheritance).  I'd rather fix (pardon, enhance)
OpenLDAP to allow the right specification.  That's why I ask you to file
an ITS.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it