[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP URI extensions for SASL/StartTLS
> Note also that URI are often provided by users (such as to an
> Web browser with ldap: support). The user needs a mechanism
> to describe how to do the search in situations where the client
> may not be albe to discover how to do the search through feature
> discovery.
When exactly is the client not able to discover the capabilities
of the server? The answer is: when the server does not support
at least read only access to the parts of the DIT (usually the
root DSE) where capabilities and/or policy is kept. IMHO the natural
thing to do is to mandate that ldap servers must always implement
ldap/tcp and allow read-only access to the root-DSE through that
transport. I am not sure this is is rfc2251 but maybe it should
go into the rev?
Then all you have to do is to figure out the schema for this stuff.
Cheers Leif