Skip to main content

Lightweight Directory Access Protocol version 3 (LDAPv3): All Operational Attributes
draft-zeilenga-ldap-opattrs-05

Revision differences

Document history

Date Rev. By Action
2003-12-19
05 (System) Ballot approval text was added
2003-07-08
05 Natalia Syracuse State Changes to RFC Ed Queue from Approved-announcement sent by Syracuse, Natalia
2003-07-07
05 Michael Lee State Changes to Approved-announcement sent from IESG Evaluation by Lee, Michael
2003-07-07
05 (System) IESG has approved the document
2003-06-05
05 Ted Hardie State Changes to IESG Evaluation  :: AD Followup from IESG Evaluation  :: Point Raised - writeup needed by Hardie, Ted
2003-06-05
05 Michael Lee Substate changed after consulting with Harald
Alvestrand
2003-06-05
05 Michael Lee State Changes to IESG Evaluation  :: Point Raised - writeup needed from IESG Evaluation by Lee, Michael
2003-03-24
05 Ted Hardie Shepherding AD has been changed to Hardie, Ted from Faltstrom, Patrik
2002-11-05
05 (System) New version available: draft-zeilenga-ldap-opattrs-05.txt
2002-11-01
05 Patrik Fältström A new version of the document just sent to the I-D repository.
2002-11-01
05 Patrik Fältström by Faltstrom, Patrik
2002-11-01
05 Patrik Fältström Kurt: Attached is a minor revision addressing
the issues we discussed.  (I will send a separate note to
IANA.)
2002-11-01
05 Patrik Fältström by Faltstrom, Patrik
2002-11-01
05 Patrik Fältström Ok with Thomas
2002-11-01
05 Patrik Fältström by Faltstrom, Patrik
2002-11-01
05 Patrik Fältström State Changes to IESG Evaluation  :: 0 from IESG Evaluation  :: AD Followup by Faltstrom, Patrik
2002-10-29
05 Patrik Fältström The new version is solving the issues Thomas had (author claim). Ping:ed Thomas Narten.
2002-10-29
05 Patrik Fältström by Faltstrom, Patrik
2002-10-29
05 Patrik Fältström
Thomas:

Note: this note contains question/issues on both of two documents:

  o Feature Discovery in LDAP (Proposed)

  o LDAPv3: All Operational Attributes (Proposed) …
Thomas:

Note: this note contains question/issues on both of two documents:

  o Feature Discovery in LDAP (Proposed)

  o LDAPv3: All Operational Attributes (Proposed)


In:
  o Feature Discovery in LDAP (Proposed)



would be nice if document gave examples of the kind of features that
would be discoverable using the technique described in this
document. Is this really needed or a good thing? I.e., it smells to me
(not that I know much about LDAP) as a way of discoverying/advertising
support for extremely fine-grained features. Is this good for
interoperability?

Is there a registry for these features? If not, isn't this bad for
interoperability? I.e, how do I know which features I'm looking for?
Or, is this in fact just for vendor-specific things where the client
knows what its asking for and the (same vendor) server knows the same,
and neither cares about stuff supported by other vendors?

  o LDAPv3: All Operational Attributes (Proposed)


  Servers supporting this feature SHOULD publish the Object Identifier
  1.3.6.1.4.1.4203.1.5.1 as a value of supportedFeatures [FEATURES]
  attribute in the root DSE.

Same general question as above. Where is this OID registered? I gather
it doesn't need to be. I.e, the OID is just being used as a
globally-unique identifier. That's OK, for those cases where a
document says "this OID means XXX" (as in this specific case). Seems
less good if arbitrary features can be assigned OIDs and there is no
way to figure out what OID corresponds to what feature.

4.  Security Considerations

  This document provides a mechanism which clients may use to discover
  operational attributes.

Pretty content free.

  Those relying on security by obscurity SHOULD
  implement appropriate access controls to restricts access to
  operational attributes per local policy.

Is this all that needs to be said here?

Editorial nits follow.

  The Lightweight Directory Access Protocol (LDAP) supports a mechanism
  for requesting the return of all user attributes but does not all
  operational attributes.  This document describes an LDAP extension

sentence doesn't parse.

  attributes.  The mechanism is designed for use with existing general
  purpose LDAP clients (including web browsers which support LDAP URLs)
  and existing LDAP API.

s/and/and the/ ? 
 
  controls or other restrictions.  Clients implementors should also note

s/Clients/Client/

  operational attributes using existing LDAP clients.  In particular,
  the mechanism is designed to be compatible with existing general
  purpose LDAP clients includes web browsers which support LDAP URLs
  [RFC2255].

doesn't parse
2002-10-29
05 Patrik Fältström by Faltstrom, Patrik
2002-08-05
04 (System) New version available: draft-zeilenga-ldap-opattrs-04.txt
2002-07-29
05 Patrik Fältström Check with Thomas if he remember...his discuss is not on the ballot page. We'll see what happens.
2002-07-29
05 Patrik Fältström A new comment added
by paf
2002-07-29
05 Patrik Fältström
State Changes to Discuss fix received                              from New Version Needed (WG/Author)  …
State Changes to Discuss fix received                              from New Version Needed (WG/Author)                    by paf
2002-05-17
03 (System) New version available: draft-zeilenga-ldap-opattrs-03.txt
2002-04-09
05 (System) State Changes to New Version Needed (WG/Author) from Ready for Telechat by IETF Secretariat
2002-03-27
05 (System) State Changes to 20 from 18 by 0
2002-01-14
05 (System) Last call sent
2001-11-26
02 (System) New version available: draft-zeilenga-ldap-opattrs-02.txt
2001-06-27
01 (System) New version available: draft-zeilenga-ldap-opattrs-01.txt
2001-04-04
00 (System) New version available: draft-zeilenga-ldap-opattrs-00.txt