[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: "connections" (Was: protocol-22 comments)

At 11:48 AM 4/17/2004, Hallvard B Furuseth wrote:
>Kurt D. Zeilenga writes:
>>> I propose we:
>>> /s/LDAP connection/connection
>>> /s/TLS connection/TLS layer (yes I know layer is redundant)
>>> /s/association/LDAP association
>> I suggest:
>>    "stream" to refer to the underlying transport layer.
>>    "connection" to the LDAP layer (where LDAP PDUs are exchanged)
>>         (and used without regard to whether protective-layers are
>>         or are not in place).
>I thought "connection" usually meant something close to what you call
>"stream". E.g. to "close the connection" means that the communication
>is torn down completely.

>How about "connection" for your "stream", and "LDAP <layer? stream?>"
>for your "connection"?

I did consider that, but will "connection" could easily
refer to either level of communication, the term "stream"
seemed not to apply well at the LDAP level.

>>    "protective layer" to refer to either a TLS or SASL layer
>Or e.g. IPsec, I hope.

No.  While IPsec offers data security services, those servers
are below the transport (and hence not factored into these
terms).  Here I am using "protective layer" to refer to those
kinds of data security services which can be inserted, as a
layer, between the LDAP exchange of messages and the underlying
transport protocol.

>Since you say:
>>    "unprotected connection" to refer to a connection not
>>         protected by a protective layer

I define the term "unprotected connection" without consideration
to whether the underlying transport is protected.  That is,
I exclude (in the terms, not in practice) protections that
might be offered at any layer in or below the underlying
transport protocol.  Such, while could be useful, is not
integral part of LDAP.