[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [ldapext] Authentication information in LDAP URLs

Kurt D. Zeilenga wrote:
At 12:31 AM 4/28/2004, Michael Ströder wrote:

Kurt D. Zeilenga wrote:

In note that LDAPBIS had concerns with bindname not be
recognized (let alone supported) by all implementations
and axed it from the revised technical specification.

Uuuh? (Cc:-ed ietf-ldapbis@OpenLDAP.org)

As the feature uses an extension mechanism and should be Elective as well as truly optional, it is recognized that the specification for this feature, like many other extensions, can be separately documented and separately progressed from the LDAP 'core' technical specification.

But with removing bindname extension from draft-ietf-ldapbis-url LDAPBIS WG breaks existing LDAPv3 implementations. This is a strong contradiction to the goal of LDAPBIS WG (as you wrote on LDAPBIS mailing list many many times).

Given this, and the lateness of this concern, I will not
entertain (at this time) the question of whether the
specification of this feature should or should not be
reincorporated into the 'core' specification.

I strongly disagree here! You're violating the goal of LDAPBIS not to break existing LDAPv3 implementations.

Note that bindname extensions in RFC2255 was just LDAP URL syntax, no semantics were described there. Which is ok IMO.

Ciao, Michael.