[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [ldapext] syntax or matching rule flaw in RFC 3045

To: Jim Sermersheim <jimse@novell.com>
Subject: Re: [ldapext] syntax or matching rule flaw in RFC 3045
From: Ludovic Poitou <ludovic.poitou@Sun.COM>
Date: Thu, 23 Sep 2004 11:22:32 +0200
Cc: ldapext@ietf.org
In-reply-to: <s151ae42.023@sinclair.provo.novell.com>
Organization: SUN Microsystems
References: <s151ae42.023@sinclair.provo.novell.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.3) Gecko/20040910

Jim Sermersheim wrote:

or compared, or used in a filter I guess.

Correct. I've never heard of an app doing this so far.
But RFC 3045 is very discreet and customers hardly noticed it.
I don't have any issue with changing it to CaseExactMatch.

Ludovic.

Ludovic Poitou <ludovic.poitou@Sun.COM> 9/22/04 2:59:51 PM >>>

Sun Directory Server has implemented RFC 3045 with the schema as defined in the RFC. I'm not aware of any application or customer actually using the equality matching rule. The server itself doesn't (the values cannot be modified).
Ludovic.
Jim Sermersheim wrote:
We were looking at implementing this and someone noticed that the

syntax

for the attributes is Directory String

(1.3.6.1.4.1.1466.115.121.1.15)

while the EQUALITY rule is caseExactIA5Match (1.3.6.1.4.1.1466.109.114.1).

I assume the author was at one point using the IA5 String syntax and changed to Directory String but forgot to change the EQUALITY rule

(the

author doesn't work at Novell anymore or I'd ask him). We should probably update the RFC. Do other vendors who have implemented this

use
a caseExactMatch (2.5.13.5) for the EQUALITY?
Thanks,
Jim
_______________________________________________ Ldapext mailing list Ldapext@ietf.org https://www1.ietf.org/mailman/listinfo/ldapext


--
Ludovic Poitou
Directory Architect.
Directory Server Group, Grenoble, France
Sun Microsystems Inc.

Sun Microsystems requires the following notice:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NOTICE:  This email message is for the sole use of the intended
recipient(s) and may contain confidential and privileged
information.  Any unauthorized review, use, disclosure or
distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply email and destroy
all copies of the original message.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

Prev by Date: Re: [ldapext] when is manageDsaIT needed for the root DSE?
Next by Date: Re: [ldapext] syntax or matching rule flaw in RFC 3045
Index(es):
- Chronological
- Thread