[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Normalizing directory data (Was: Distinguished name format & RFC 1779)

At 03:19 PM 8/26/99 +0200, Frédéric Poels wrote:
>One of the LDAP server I'm running applies normalization to added entries:
>cn=foo,o=bar becomes cn = "foo" ; o = "bad" (uggly isn't it?)

This DN form should not be returned by an LDAP server when
accessed with LDAPv3.  In particular, the server should not
provide DNs that use the type="value" quotation form nor the
semicolon (;) separator.  (RFC2253, Section 4)

As per the "liberal in what you accept, strict in what you provide"
rule, an LDAPv2/LDAPv3 server should accept RFC1779 DNs and provide
RFC2253 DNs regardless of the protocol in use.

We also need to look at common use.  Most LDAPv2 clients don't
have a clue as to what to do with an OID or an alternative name
as LDAPv2 did not provide a mechanism for advertising schema
rules.  As such, use of OIDs and alternative names should also
be avoided.

What I am primarily opposed to is (in the default DN rewriter):

insertion or removal of optional spaces, 
	leaving both "cn=foo,o=bar" & "cn=foo, o=bar" alone and
	leaving both "cn=foo+cn=bar" " cn=foo + cn=bar" alone.
replacing cn=#20 with cn=\20
replacing cn=\20 with cn=#20

I do support implementing a dn rewrite plug support.  Implementation
of such would be straight forward.