Unique identifiers for LDAP attributes

["David Chadwick" <d.w.chadwick@salford.ac.uk>]

Folks

I was at a Middleware meeting a few weeks ago where some guys 
from Internet 2 were talking about outstanding problems with LDAP. 
One of the points raised was the lack of a unique name for attribute 
types, and that two LDAP servers could have the same name for 
different attributes or different names for the same attribute. They 
were wanting to create a group that could standardise on the 
names of LDAP attribute types. When I pointed out to them that we 
already have unique identifiers for each attribute type in the shape 
of OIDs, that do not have the multilingual and character set 
problems that strings have, they seemed convinced that this could 
work.

However, we have the situation that some LDAP servers do not 
require OIDs to be defined for attribute types, and the LDAP spec 
deprecates the use of OIDs in protocol in preference to strings.

Given that many LDAP clients now map the attribute type strings 
from protocol into a user friendly language dependent display string, 
the string representation in protocol has about had its day and 
served its purpose. Isnt it about time that we altered the LDAP 
spec to recommend that OIDs be the preferred way of transferring 
attribute types in protocol, and that the OIDs become the globally 
unique way of identifying attribute types.

(Firewalls up to protect from flames)

David

***************************************************

David Chadwick
IS Institute, University of Salford, Salford M5 4WT
Tel +44 161 295 5351  Fax +44 161 745 8169
Mobile +44 790 167 0359
Email D.W.Chadwick@salford.ac.uk
Home Page  http://www.salford.ac.uk/its024/chadwick.htm
Understanding X.500  http://www.salford.ac.uk/its024/X500.htm
X.500/LDAP Seminars http://www.salford.ac.uk/its024/seminars.htm
Entrust key validation string MLJ9-DU5T-HV8J

***************************************************