[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ACI
At 11:12 AM 2002-06-15, Pierangelo Masarati wrote:
>I'm facing a problem: I'm afraid we're going to need ACIs
>with subtree scope; I browsed the archives both of OpenLDAP
>and of ieft-ldapext-* hosted mailing lists and I found previous
>dicussions on entry/subentry/prescriptive ACIs. I also see
>an (expired ) draft-ietf-ldapext-acl-model-xx.txt with many
>interesting considerations and extensions to the current
>implementation. After playing a bit with current ACIs I see
>they seem to work well, but there's room for improvements
>(I note pre-parsing and caching could speed up things a bit).
>Is there any news about an eventual standardization, or any
>reference we might like to follow in improving ACIs? ideas?
>suggestions? before I start coding ...
OpenLDAPaci's are quite experimental... I don't them being
extended, but I'd like for the syntax to move away from that
discussed in draft-ietf-ldapext-acl-model as we don't adhere
to that model.
I've been working on X.500 admin model support, the foundation
needed to support the X.500 ACM:
draft-legg-ldap-acm-bac
draft-legg-ldap-acm-admin
draft-zeilenga-ldap-subentry
X.501
- References:
- ACI
- From: "Pierangelo Masarati" <masarati@aero.polimi.it>