[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: C LDAP API: security considerations
At 11:03 PM 11/13/99 -0800, Paul Leach (Exchange) wrote:
>Suggest one plausible way in which it is possible to specify policy to an
>application to do anything with the flexibility you insist must be present.
I believe such should be considered outside the scope of the particular
API specifications. I believe this issue should be addressed by
extensions to the protocol and/or information model. These extensions
may mandate how API should chase referrals. However, until such
extensions are drafted, I believe it inappropriate for the API
specification to mandate a policy not defined by the protocol and/or
information model.
>I.e., suppose the application is informed that it has been given a referral.
>When and how will it decide to chase it, and when not?
Currently unspecified.
>Applications have no idea how to answer the above question. Neither do
>users.
The current protocol/information model relies on implicit policy agreements between users and the directory. The API implementation has no knowledge
of these policy agreeements.
>If there were to be a mechanism to answer that question, and a way to
>specify the policy for answering it, they should be _below_ the level of the
>LDAP API, so that use of the mechanism and enforcement of the policy would
>_not_ depend on all the applications doing the right thing, since experience
>suggests that will never happen.
I believe that client APIs are the tools for client applications to
implement policy from their, the user's, perspective. It my view
that APIs should provide control/flexibility over policy enforcement
to the application (and it to the user).
Kurt