[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
protocol: data hiding
A Security Consideration like this might be a good idea:
The matchedDN and diagnosticMessage fields and some result
codes (such as insufficientAccessRights, attributeOrValueExists
and entryAlreadyExists) may reveal the presence of specific
data in the directory. If access controls prohibit this, the
server must take care to instead act as if the data are not
present, or when that is not possible, to return a less
informative result code.
--
Hallvard