[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: subentries comments
"Kurt D. Zeilenga" wrote:
> At 05:41 AM 2001-12-06, Rob Byrne - Sun Microsystems wrote:
> >If the goal is to faithfully transfer x500 semantics as is to LDAP then I
> >think the draft needs to be clearer about that.
>
> The goal is to the LDAP mechanisms to act in accordance with X.500
> semantics, as should all LDAP mechanisms. LDAP is, after all, a
> protocol for accessing an X.500 directory.
>
> >For example, it could be
> >renamed from "Subentries in LDAP" to "X500 Subentries in LDAP" or ...
>
> I think it superfluous to insert X.500 here as LDAP is an access
> protocol to an X.500 directory.
>
> >And again, the text in the
> >abstract that says "This document adapts X.500 subentries mechanisms for use
> >with LDAP." could say something like "This document transfers X.500
> >subentries mechanisms to LDAP , keeping the same fundamental semantics".
>
> We don't transfer mechanism, we adapt them while maintaining the
> consistent semantics. That is, the LDAP access to subentries uses
> different mechanisms than DAP, but both are semantically consistent.
Kurt,
You point out below that in fact you have introduced a difference, namely in the
retrieval behaviour when no control is attached. This difference and the
subsequent control definition means that you have failed to reproduce a
behaviour that exists with x500 subentries, namely the ability to recover both
normal and subentries in one request. I think that will be very painful for
manageability.
How about changing the meaning of TRUE in the controlValue to mean "retrieve
both normal and subentries" ? It's still not exactly the same as x500 but it
seems "usefully closer" to me.
Rob.
>
>
> My co-author and I will, however, consider making a clarification in
> this area as obviously the present wording caused some confusion.
>
> >A line like "LDAP subentries SHALL behave in accordance with X.501 unless
> >noted otherwise in this specification." appears superfluous if you state the
> >"transfer the semantics" goal clearly--there should by definition be no
> >behavioural differences.
>
> Mechanisms differ, semantics are consistent. This statement is
> consistent with that which applies to all of LDAP [RFC 2251, s3.3].
>
> >If you keep this line then that leaves the door
> >open for differences,
>
> The extension door is always open. It's the goal of this
> document to detail how a core component of the X.500 data
> model can be accessed using LDAP. Our intent is not to
> extend this component, just to provide access to it. This
> gives the I-D a narrow focus which allows it to be progressed
> much faster than if we opened the LDAP-specific enhancement
> door.
>
> >so I think the reader would appreciate a section that
> >listed any differences or explicitly stated that the differences were not in
> >semantics but just schema, for example.
>
> There are certainly mechanism differences, DAP and LDAP
> are quite different protocols. However, the semantics of
> each (as they apply to this part of the data model) are
> quite consistent. I've noted a one difference in the
> last paragraph of section 1. It exists for consistency
> with the LDAP "core" specification due to how it handles
> subschema subentries.
>
>
> Kurt