[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: Submission of Internet Draft - LDAP Control for Tree Deletion draft
This is a useful feature - the only comment I can make is that this OK
for non distributed LDAP servers as they self limit once all the leaves
have gone. - but where we have distributed LDAP accessed DSAs, then the
verification of access controls across a chain of subordinated DSAs is
an issue. We apply domain and prescriptive based access controls in our
stuff to prevent such threats.
From a theoretical point of view - the DSA that receives this type of
command has to check the entire subordinates ACI - which may be
distributed - before the fuse is lit!
Operationally - it is probably true to say that Users who can delete
superior entries - may by implication be able to delete subordinate DSA
entries.
But what happens if some one deletes a backbone DSA that just happens to
connect a few thousand subordinate organisations together.:-{{{
I just see this type of operation as "starting a bushfire" - and then
saying whoops ! Health warnings are good :-)
just thoughts and regards alan
> -----Original Message-----
> From: Michael Armijo (Exchange)
> Sent: Friday, February 12, 1999 8:51 AM
> To: ietf-ldapext@netscape.com
> Subject: Submission of Internet Draft - LDAP Control for Tree
> Deletion draft
>
> Attached is a draft for an LDAP Control for Tree Deletion. This
> control
> allows a client to delete a container and all subcontainers and
> objects. It
> is being submitted to the IESG as an individual standard-tracks
> document and
> forwarded to the LDAPEXT group for review and comment.
>
> Comments and feedback on this draft would be appreciated.
>
> Thanks,
> Michael Armijo
>
>
> <<draft-rfced-info-armijo-treedelete-00.txt>> << File:
> draft-rfced-info-armijo-treedelete-00.txt >>