[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ACI

To: "Pierangelo Masarati" <masarati@aero.polimi.it>
Subject: Re: ACI
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Sat, 15 Jun 2002 09:51:31 -0700
Cc: openldap-devel@OpenLDAP.org
In-reply-to: <courier.3D0B8376.00004094@mailsrv.aero.polimi.it>

At 11:12 AM 2002-06-15, Pierangelo Masarati wrote:
>I'm facing a problem: I'm afraid we're going to need ACIs
>with subtree scope; I browsed the archives both of OpenLDAP
>and of ieft-ldapext-* hosted mailing lists and I found previous
>dicussions on entry/subentry/prescriptive ACIs.  I also see
>an (expired ) draft-ietf-ldapext-acl-model-xx.txt with many
>interesting considerations and extensions to the current
>implementation.  After playing a bit with current ACIs I see
>they seem to work well, but there's room for improvements
>(I note pre-parsing and caching could speed up things a bit). 
>Is there any news about an eventual standardization, or any
>reference we might like to follow in improving ACIs? ideas?
>suggestions? before I start coding ... 

OpenLDAPaci's are quite experimental...  I don't them being
extended, but I'd like for the syntax to move away from that
discussed in draft-ietf-ldapext-acl-model as we don't adhere
to that model.

I've been working on X.500 admin model support, the foundation
needed to support the X.500 ACM:
        draft-legg-ldap-acm-bac
        draft-legg-ldap-acm-admin
        draft-zeilenga-ldap-subentry
        X.501

References:
- ACI
  - From: "Pierangelo Masarati" <masarati@aero.polimi.it>

Prev by Date: ACI
Next by Date: FW: commit: openldap-guide/admin tls.sdf
Index(es):
- Chronological
- Thread