[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: C API: minor comments



Mark Wahl wrote:
> 
> 2251 does not restrict clients from using message id 0, since it was really
> a client behavior: if your client always does a Bind for its first message,
> it would be able to distinguish between a Extended Response and a Bind
> Response.

Okay, good point (but subtle).


> However to avoid implementors of the C API from introducing a
> subtle problem into their client library, since they don't know what order
> clients will make requests, I propose:
>  - the C API just state that the values SHOULD be nonzero.., without any
>    requirement that it be a counter
>  - we plan that a forthcoming draft on the mapping of LDAP over UDP (CLDAPv3)
>    should include a statement on the security impact of message IDs, and
>    debate the issue of message ID spoofing in that context

This sounds like a good approach to me.

-- 
Mark Smith
iPlanet Directory Architect / Sun-Netscape Alliance
My words are my own, not my employer's.   Got LDAP?