[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: subschema clarifications (Was: I-D ACTION:draft-ietf-ldapbis-models-01.txt)



At 12:23 PM 2002-05-31, Timothy Hahn wrote:

>Kurt,
>
>I agree with you.
>
>I was thinking of things like "pwdPolicy" in
>draft-behera-ldap-password-policy-05.txt where the schema for that object
>class is all userApplication, but the implication is that the server is
>going to do something with the information.

I think it can (and should be) argued that password policy
attribute types should be defined as operational.

>I would like to see the general guidelines you noted below (not allowing
>non-userApplication attribute types to be added, only syntaxes/matching
>rules that are supported, and don't publish operational attributes that
>aren't supported) be further detailed and published.  Perhaps as a best
>practice?

Well, I'm treating this as a 'core' technical specification.
In draft-ietf-ldapbis-models, we need to either:
  1) clarify subschema publication so that its useful for
     capability discovery, or
  2) state that it is not intended for server capability
     discover (that is, intended only to provide schema
     definitions to clients without indication of support).

Kurt