draft-ietf-ldapbis-syntaxes-03.txt says: > 5.3 Securing the Directory > > In order to protect the directory and its contents, strong > authentication MUST have been used to identify the Client when an > update operation is requested. That seems a strange place to put this information. I think it belongs in the Protocol draft. -- Hallvard