[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: unsolicited controls (Was: I-DACTION:draft-weltman-ldapv3-auth-response-01.txt)
At 10:11 AM 2/9/00 -0800, David Boreham wrote:
>
>Examples ?
draft-weltman-ldapv3-auth-response-01.txt
draft-behera-ldap-password-policy-00.txt
I feel the client should be required to take some explicit
action before the returns any response not described by
the core specifications. This act may be an explicit
request control, a control upon bind enabling the behavior
for the "session", an extended operation enabling the behavior,
or some other form of solicitation.
I feel a server should not respond with controls and/or
extended responses not detailed by the core specifications
without such solicitation.
That is, the client should
1) discover what protocol extensions are supported by the server
2) enable desired extensions
A server should:
1) published supported extensions
2) disable all extensions until enabled by the client