[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: C LDAP API: security considerations



Title: RE: C LDAP API: security considerations


> -----Original Message-----
> From: Harald Tveit Alvestrand [mailto:Harald@Alvestrand.no]
> Sent: Tuesday, November 16, 1999 1:58 AM
>
> My concern is that a client should be *able* to behave in a
> way that is
> both non-malicious and secure; at the moment I don't think
> we're ready to
> standardize this, so following referrals should be done above
> the API layer
> that we're currently attempting to standardize.

Fine -- then let's make an _option_ that says "I'm a really smart app, and I want to have control over whether referrals are chased".

However, I still believe that apps don't want to be that smart, that no apps are that smart, that no apps should be expected to be that smart, and that no apps can be that smart.

In particular, with respect to the last point, any policy that an admin wants to apply, they want to apply across all the apps in their organization. E.g., if Dun&Bradstreet is an "expensive" site, then all apps should avoid it if the policy is not to pay. Or, conversely, the policy might be that only fee-based sites with which the organization has an agreement can be used -- in which case, again, _all_ apps should obey the policy. IMO, the only way that can happen is if the LDAP API layer does it. It is not plausible that lots of independently developed apps will enforce such policies in the same way. That's what I meant by "no apps can be that smart" -- they can't be the same as other apps.

FInally, all these requirements for public directories are conflicting with what often wants to happen within an organization. Organizations will want the ability to repartition their namespace across servers without affecting the clients. This implies that referrals get chased automatically.

Paul