[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [ldapext] Authentication information in LDAP URLs

At 10:55 PM 4/28/2004, Michael Ströder wrote:
>Kurt D. Zeilenga wrote:
>>At 12:31 AM 4/28/2004, Michael Ströder wrote:
>>>Kurt D. Zeilenga wrote:
>>>>In note that LDAPBIS had concerns with bindname not be
>>>>recognized (let alone supported) by all implementations
>>>>and axed it from the revised technical specification.
>>>Uuuh? (Cc:-ed ietf-ldapbis@OpenLDAP.org)
>>As the feature uses an extension mechanism and should be
>>Elective as well as truly optional, it is recognized
>>that the specification for this feature, like many other
>>extensions, can be separately documented and separately
>>progressed from the LDAP 'core' technical specification.
>But with removing bindname extension from draft-ietf-ldapbis-url LDAPBIS WG breaks existing LDAPv3 implementations.

No it doesn't.  draft-ietf-ldapbis-url allows extensions such
as bindname, it just doesn't specify them.  bindname is still
specified in RFC 2255.  Publication of draft-ietf-ldapbis-url
will mean that the current specification of bindname is
Historic until a separate specification of bindname is
progressed.  Such reorganization doesn't 'break' any existing
implementation, nor even cause any implementation to be
non-conformant.  It just means these implementation support
a separately defined LDAP URL extension.

>This is a strong contradiction to the goal of LDAPBIS WG (as you wrote on LDAPBIS mailing list many many times).

I disagree.  The goal of this WG, as detailed in the charter,
is to engineer an LDAPv3 "core" technical specification
suitable for progression to Draft Standard.   This has and
will involve reorganization of the technical specification,
including pushing some features out of the 'core'
specification.  This has been discussed many times, including
during our chartering process and as we undertook previous
reorganizations which 'removed' specifications of certain
features from the 'core').

>>Given this, and the lateness of this concern, I will not
>>entertain (at this time) the question of whether the
>>specification of this feature should or should not be
>>reincorporated into the 'core' specification.
>I strongly disagree here! You're violating the goal of LDAPBIS not to break existing LDAPv3 implementations.

See above.