[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#6567) Enable GSSAPI support and expose ldap_gssadpi_bind_s

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#6567) Enable GSSAPI support and expose ldap_gssadpi_bind_s
From: michael@stroeder.com
Date: Wed, 2 Jun 2010 20:18:26 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

Kurt@OpenLDAP.org wrote:
> However, one issue I have with this code is that highly dependent =
> behaviors which, aside from not be standardized, aren't even specified =
> in RFCs.  For instance, there is no RFC describing dnsHostName or =
> ldapServiceName or any specification detailing how GSS-SPNEGO is to be =
> used in LDAP.  Without a formal specification (e.g., RFC), I oppose =
> release of this code.  That is, it should stay HEAD only until such time =
> that a formal specification (e.g., RFC) is available.

Kurt, I somewhat can understand your concerns.
But as a general answer to your comment above: There is already a lot of code
in OpenLDAP for which no RFC or at least an I-D was specified but which serves
a certain use-case. Strictly (following your statement above) speaking one
would have to hunk out all the stuff only specified in I-Ds. So I don't see
the strong need to be overly strict here.

Quality of certain code is another story. But I cannot comment on this.

Ciao, Michael.

Prev by Date: Re: (ITS#6567) Enable GSSAPI support and expose ldap_gssadpi_bind_s
Next by Date: Re: (ITS#6567) Enable GSSAPI support and expose ldap_gssadpi_bind_s
Index(es):
- Chronological
- Thread