[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ExtendedResponse defination in
- Subject: Re: ExtendedResponse defination in
- From: Mark Wahl <M.Wahl@INNOSOFT.COM>
- Date: Wed, 05 Aug 1998 15:18:43 -0500
draft-ietf-ldapext-ldapv3-tls-01.tx
t
In-reply-to: "Your message of Tue, 04 Aug 1998 14:50:34 PDT."
Sender: Mark.Wahl@INNOSOFT.COM
To: Jeff.Hodges@stanford.edu
Cc: Shirish Rai <shirish.rai@INNOSOFT.COM>, Bob.Morgan@stanford.edu
Cc: Mark Wahl <M.Wahl@INNOSOFT.COM>
The definition in the Start TLS document is based on a VERY old LDAPv3
draft which I didn't catch until Shirish pointed it out.
The correct text for the second half of section 3.1 of -tls- should be
================
When a Start TLS extended request is made, the server MUST return an
LDAP PDU containing a Start TLS extended response. An LDAP Exten-
dedResponse is defined as follows:
ExtendedResponse ::= [APPLICATION 24] SEQUENCE {
COMPONENTS OF LDAPResult,
responseName [10] LDAPOID OPTIONAL,
response [11] OCTET STRING OPTIONAL }
A Start TLS extended response MUST contain a responseName field which
MUST be set to the same string as that present in the Start TLS extended
request. The response field is absent. The server MUST set the
resultCode field to either success or one of the other values outlined
in section 3.3.
================
the first sentence of 3.2 should be:
If the ExtendedResponse contains a resultCode of success, this
indicates that the server is willing and able to negotiate TLS. Refer to
section 4, below, for details.
the first sentence of 3.3 should be:
If the ExtendedResponse contains a resultCode other than success,
this indicates that the server is unwilling or unable to negotiate TLS.
and the first sentence of 4.2 should be:
The server will return an extended response with the
resultCode of success if it is willing and able to
negotiate TLS.
================
The "COMPONENTS OF" ASN.1 syntax means to include into the definition of
this type at this point the contents of the named SEQUENCE or SET. The
ExtendedResponse is therefore structurally
[APPLICATION 24] SEQUENCE {
ENUMERATED -- resultCode -- ,
OCTET STRING -- matchedDN -- ,
OCTET STRING -- errorMessage -- ,
[3] SEQUENCE OF OCTET STRING OPTIONAL -- referral -- ,
[10] OCTET STRING OPTIONAL -- responseName -- ,
[11] OCTET STRING OPTIONAL -- response -- }
Mark Wahl, Directory Product Architect
Innosoft International, Inc.
------- End of Forwarded Messages
--=_ORCL_9207042_0_0--