[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Protocol: Add, ModDN, and RDN attrs
Jim Sermersheim wrote:
The problem is one of consistency and proper alignment with X.500. I was
asked by a directory developer whether the attributes of an RDN MUST
also be named in the attribute list during an add. My reply was that
according to the protocol document and RFC 2251, yes. Then I was asked
how the same scenario works with Modify DN. My reply was that there was
no guidance. This prompted me to look at the X.500 specifications and
found the discrepancy.
OK; that makes sense. We should certainly specify how things work with
Modify DN as well as Add.
You're right, the language in RFC 2251 is clear, but it is opposite of
that in X.511. Aside from possibly making some server implementations
overly restrictive, What justification is there to leave the language as
it is? I can't think of a reason as to why it would have been added
without an explanation as to why it is different from the instructions
in X.511. If we decide to leave the imperative for compatability with
older implementations, we need to explain why it is there.
Fair enough. I can only speculate on why the language was included.
Possible reasons:
1) Accidental (someone wanted to be consistent with X.511 but got it
wrong). I think this is an unlikely reason.
2) Intentional. Perhaps someone thought LDAP server implementations
would be simpler if distinguished values were included.
It seems likely that some server implementations rely on clients
including distinguished values. But I am not sure. The Netscape
implementation I used to work on was "enhanced" at some point in the
somewhat distant past to be liberal in what it accepts and handle
clients that include or omit such values.
-Mark