> -----Original Message-----
> From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.Org]
> Sent: Sunday, November 14, 1999 9:00 AM
>
> At 11:03 PM 11/13/99 -0800, Paul Leach (Exchange) wrote:
> >Suggest one plausible way in which it is possible to specify
> policy to an
> >application to do anything with the flexibility you insist
> must be present.
>
> I believe such should be considered outside the scope of the
> particular
> API specifications. I believe this issue should be addressed by
> extensions to the protocol and/or information model. These extensions
> may mandate how API should chase referrals. However, until such
> extensions are drafted, I believe it inappropriate for the API
> specification to mandate a policy not defined by the protocol and/or
> information model.
It doesn't matter if they are outside the scope of the API specs. If you can't come up with even one plausible example of how applications will use the ability to approve of chasing referrals, then I see no need to believe your claim that it is important for them to be able to do so.
<snip>
>
> I believe that client APIs are the tools for client applications to
> implement policy from their, the user's, perspective. It my view
> that APIs should provide control/flexibility over policy enforcement
> to the application (and it to the user).
Policies are set by administrators, not client applications, and the admins expect the policies to be enforced across all applications. That means that policy enforcement must not be left to the application.
That's why, even if you did have an example of a policy, I'd say that it should be enforced below the LDAP API, not by the application.
Paul