draft-zeilenga-ldapv2-00

INTERNET-DRAFT                                   Kurt D. Zeilenga
Intended Category: Informational              OpenLDAP Foundation
Expires: 15 March 2002                            15 October 2001



                       LDAPv2 to Historical Status
                      <draft-zeilenga-ldapv2-00.txt>


Status of Memo

  This document is an Internet-Draft and is in full conformance with all
  provisions of Section 10 of RFC2026.

  This document is intended to be, after appropriate review and
  revision, submitted to the RFC Editor as an Informational document.
  Distribution of this memo is unlimited.  Technical discussion of this
  document will take place on the IETF LDAP Revision Working Group
  (LDAPbis) mailing list <ietf-ldapbis@openldap.org>.  Please send
  editorial comments directly to the document editor
  <Kurt@OpenLDAP.org>.

  Internet-Drafts are working documents of the Internet Engineering Task
  Force (IETF), its areas, and its working groups.  Note that other
  groups may also distribute working documents as Internet-Drafts.
  Internet-Drafts are draft documents valid for a maximum of six months
  and may be updated, replaced, or obsoleted by other documents at any
  time.  It is inappropriate to use Internet-Drafts as reference
  material or to cite them other than as ``work in progress.''

  The list of current Internet-Drafts can be accessed at
  <http://www.ietf.org/ietf/1id-abstracts.txt>. The list of
  Internet-Draft Shadow Directories can be accessed at
  <http://www.ietf.org/shadow.html>.

  Copyright 2001, The Internet Society.  All Rights Reserved.

  Please see the Copyright section near the end of this document for
  more information.


Abstract

  This note discusses moving version 2 of the Lightweight Directory
  Access Protocol [LDAPv2] to Historical status.





Zeilenga               LDAPv2 to Historical Status              [Page 1]


INTERNET-DRAFT        draft-zeilenga-ldapv2-00.txt       15 October 2001


Background

  LDAPv2 (Lightweight Directory Access Protocol, version 2) [LDAPv2] was
  published in 1995 as a Draft Standard.  Since publication, a number of
  inadequaces in the specification have been discovered.  LDAPv3
  [LDAPv3] was published in 1997 as a Proposed Standard to resolve these
  inadequances.  LDAPv3 is currently be revised [LDAPbis].

  The LDAPv2 specification is not generally adhered to.  That is, an
  independently developed implementation of the specification would not
  interoperate with existing implementations as existing implementations
  use syntaxes and semantics different than those prescribed by the
  specification.  Below are two examples.

   1) RFC 1777 requires use of the textual string associated with
      AttributeType in the X.500 Directory standards.  However, most
      implementations use the NAME associated with the AttributeType in
      LDAPv3 schema [RFC2252].  That is, LDAPv2 requires the
      organizational name attribute is named "organizationName" not "o".

   2) LDAPv2 implementations do not commonly restrict textual values to
      IA5 and T.61 as required by RFC 1777 and 1778.  Some
      implementations use ISO 8859-1, others use UCS-2, others use
      UTF-8, and some use whatever the local character set happens to
      be.

  LDAPv2 does not provide adequate security features for use on the
  Internet.  LDAPv2 does not provide any mechanism for data integrity or
  confidentiality.  LDAPv2 does not support modern authentication
  mechanisms such as those based on DIGEST-MD5, Kerberos V, and X.509
  public keys.


Recommendation

  Developers should not implement LDAPv2 as specified as such would
  result in implementation which will not interoperate with existing
  LDAPv2 implementations.  Developers should implement LDAPv3 instead.

  Deployers should recongize that interoperability issues existing with
  LDAPv2 implementations.  LDAPv3 is the recommended protocol for
  accessing X.500-based directory services.

  As there seems to be no implementations of LDAPv2 as specified, it is
  recommended that RFC 1777, RFC 1778, and RFC 1779, be moved to
  Historical status.





Zeilenga               LDAPv2 to Historical Status              [Page 2]


INTERNET-DRAFT        draft-zeilenga-ldapv2-00.txt       15 October 2001


Security Considerations

  The security of the Internet will not be impacted by the retirement of
  LDAPv2.


Acknowledgment

  The author would like to thank the designers of LDAPv2 for their
  contribution to the Internet community.


Author's Address

  Kurt D. Zeilenga
  OpenLDAP Foundation

  Email: Kurt@OpenLDAP.org


References

  [LDAPbis] IETF LDAP Revision (v3) Working Group (LDAPbis),
            <http://www.ietf.org/html-charters/ldapbis-charter.html>.

  [LDAPv2]  Yeong, W., Howes, T., and S. Kille, "Lightweight Directory
            Access Protocol", RFC 1777, March 1995.

  [LDAPv3]  Wahl, M., Howes, T. and S. Kille, "Lightweight Directory
            Access Protocol (v3)", RFC 2251, December 1997.





















Zeilenga               LDAPv2 to Historical Status              [Page 3]

Document	Document type	This is an older version of an Internet-Draft that was ultimately published as RFC 3494. Expired & archived
	Select version	00 01 02 03 04 RFC 3494
	Compare versions
	Author
	RFC stream	Legacy stream
	Other formats	txt pdf bibtex bibxml