Lightweight Directory Access Protocol (LDAP) Turn Operation
draft-zeilenga-ldap-turn-03
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2012-08-22
|
03 | (System) | post-migration administrative database adjustment to the Yes position for Sam Hartman |
2006-01-25
|
03 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
2006-01-23
|
03 | Amy Vezza | IESG state changed to Approved-announcement sent |
2006-01-23
|
03 | Amy Vezza | IESG has approved the document |
2006-01-23
|
03 | Amy Vezza | Closed "Approve" ballot |
2005-10-31
|
03 | Ted Hardie | State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Ted Hardie |
2005-10-28
|
03 | Sam Hartman | [Ballot Position Update] Position for Sam Hartman has been changed to Yes from Discuss by Sam Hartman |
2005-10-27
|
03 | (System) | New version available: draft-zeilenga-ldap-turn-03.txt |
2005-07-08
|
03 | (System) | Removed from agenda for telechat - 2005-07-07 |
2005-07-07
|
03 | Amy Vezza | State Changes to IESG Evaluation::AD Followup from IESG Evaluation by Amy Vezza |
2005-07-07
|
03 | Brian Carpenter | [Ballot comment] Non-blocking points from Gen-ART review by Scott Brim: turnValue ::= SEQUENCE { mutual … [Ballot comment] Non-blocking points from Gen-ART review by Scott Brim: turnValue ::= SEQUENCE { mutual BOOLEAN DEFAULT FALSE, identifier LDAPString, } Is that last "," supposed to be there? In Security Considerations ... Consider an opening paragraph citing general references for LDAP security as context. - establish each other's identities through appropriate authentication mechanism, Are there default and/or recommended authentication mechanisms for LDAP? Just what is considered "appropriate"? I suggest citations. - establish an LDAP association between the initiating peer and the responding peer. Isn't that redundant? Isn't it impossible to issue a Turn without having an LDAP association? |
2005-07-07
|
03 | Brian Carpenter | [Ballot Position Update] New position, No Objection, has been recorded for Brian Carpenter by Brian Carpenter |
2005-07-07
|
03 | Michelle Cotton | IANA Comments: Upon approval of this document the IANA will assign 1 Object Identifier for the LDAP Turn Operation and 1 LDAP Protocol Mechanism for … IANA Comments: Upon approval of this document the IANA will assign 1 Object Identifier for the LDAP Turn Operation and 1 LDAP Protocol Mechanism for LDAP Turn Operation. |
2005-07-06
|
03 | Margaret Cullen | [Ballot Position Update] New position, No Objection, has been recorded for Margaret Wasserman by Margaret Wasserman |
2005-07-04
|
03 | Sam Hartman | [Ballot comment] I'm concerned about implementation complexity as it relates to SASL security layers. I don't think most SASL implementations support the idea of another … [Ballot comment] I'm concerned about implementation complexity as it relates to SASL security layers. I don't think most SASL implementations support the idea of another SASL association being used in the middle of an existing association, particularly when that association is in the opposite direction. So as a practical matter, implementations will need to use two SASL contexts. This may interact badly with the SASL requirement that if a new security layer is negotiated, that layer replaces the existing layer. I don't know if text on this issue is needed. |
2005-07-04
|
03 | Sam Hartman | [Ballot discuss] This specification provides insufficient detail to implement interoperably. What is the effect on the LDAP state of this operation successfully completing if any? … [Ballot discuss] This specification provides insufficient detail to implement interoperably. What is the effect on the LDAP state of this operation successfully completing if any? I get the impression that the author intends that other than enabling mutual or reversed p.processing there is no effect. However the author seems to be using a model where there is separate authentication state in each direction. That's probably actually the right model since handling authorization needs to be done somehow. However since in many cases there is mutual authentication, the model where there is a single authentication state used also suggests itself. Concretely, the spec should explicitly describe any state changes accomplished by a successful response code. The spec should also describe the authentication model in use. |
2005-07-04
|
03 | Sam Hartman | [Ballot Position Update] New position, Discuss, has been recorded for Sam Hartman by Sam Hartman |
2005-06-30
|
03 | Ted Hardie | [Ballot Position Update] New position, Yes, has been recorded for Ted Hardie |
2005-06-30
|
03 | Ted Hardie | Ballot has been issued by Ted Hardie |
2005-06-30
|
03 | Ted Hardie | Created "Approve" ballot |
2005-06-30
|
03 | (System) | Ballot writeup text was added |
2005-06-30
|
03 | (System) | Last call text was added |
2005-06-30
|
03 | (System) | Ballot approval text was added |
2005-06-30
|
03 | Ted Hardie | Intended Status has been changed to Experimental from Informational |
2005-06-30
|
03 | Ted Hardie | State Changes to IESG Evaluation from Publication Requested by Ted Hardie |
2005-06-30
|
03 | Ted Hardie | Placed on agenda for telechat - 2005-07-07 by Ted Hardie |
2005-04-22
|
03 | Ted Hardie | Draft Added by Ted Hardie in state Publication Requested |
2005-02-14
|
02 | (System) | New version available: draft-zeilenga-ldap-turn-02.txt |
2004-10-29
|
01 | (System) | New version available: draft-zeilenga-ldap-turn-01.txt |
2004-06-25
|
00 | (System) | New version available: draft-zeilenga-ldap-turn-00.txt |