[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: C API: minor comments
Mark Wahl wrote:
>
> 2251 does not restrict clients from using message id 0, since it was really
> a client behavior: if your client always does a Bind for its first message,
> it would be able to distinguish between a Extended Response and a Bind
> Response.
Okay, good point (but subtle).
> However to avoid implementors of the C API from introducing a
> subtle problem into their client library, since they don't know what order
> clients will make requests, I propose:
> - the C API just state that the values SHOULD be nonzero.., without any
> requirement that it be a counter
> - we plan that a forthcoming draft on the mapping of LDAP over UDP (CLDAPv3)
> should include a statement on the security impact of message IDs, and
> debate the issue of message ID spoofing in that context
This sounds like a good approach to me.
--
Mark Smith
iPlanet Directory Architect / Sun-Netscape Alliance
My words are my own, not my employer's. Got LDAP?