[Date Prev][Date Next] [Chronological] [Thread] [Top]


At 11:12 AM 2002-06-15, Pierangelo Masarati wrote:
>I'm facing a problem: I'm afraid we're going to need ACIs
>with subtree scope; I browsed the archives both of OpenLDAP
>and of ieft-ldapext-* hosted mailing lists and I found previous
>dicussions on entry/subentry/prescriptive ACIs.  I also see
>an (expired ) draft-ietf-ldapext-acl-model-xx.txt with many
>interesting considerations and extensions to the current
>implementation.  After playing a bit with current ACIs I see
>they seem to work well, but there's room for improvements
>(I note pre-parsing and caching could speed up things a bit). 
>Is there any news about an eventual standardization, or any
>reference we might like to follow in improving ACIs? ideas?
>suggestions? before I start coding ... 

OpenLDAPaci's are quite experimental...  I don't them being
extended, but I'd like for the syntax to move away from that
discussed in draft-ietf-ldapext-acl-model as we don't adhere
to that model.

I've been working on X.500 admin model support, the foundation
needed to support the X.500 ACM: