[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: StartTLS URL extension

To: Pierangelo Masarati <ando@sys-net.it>
Subject: Re: StartTLS URL extension
From: Michael Ströder <michael@stroeder.com>
Date: Mon, 06 Oct 2008 22:51:46 +0200
Cc: OpenLDAP-devel@openldap.org
In-reply-to: <48EA2D2B.7080203@sys-net.it>
References: <48E97964.6070300@symas.com> <E1KmiYZ-003VPH-Eu@intern.SerNet.DE> <48E9F7C0.4060707@stroeder.com> <48E9F898.1080106@sys-net.it> <48EA221F.10004@stroeder.com> <48EA2D2B.7080203@sys-net.it>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.17) Gecko/20080829 SeaMonkey/1.1.12

Pierangelo Masarati wrote:
> Michael Ströder wrote:
>> Pierangelo Masarati wrote:
>>>  Moreover,
>>> ldap_initialize can record that StartTLS was already requested because
>>> of the extension, and avoid requesting it twice.
>>
>> What does "avoid requesting it twice" mean? Return an error code or
>> simply ignore it? Note that a client might wanna take note of whether
>> ldap_start_tls() was successfully called by itself or not.
> 
> Correct.  Here the choice is:
> 
> 1) just ignore the second call, as it would violate RFC 4513

More specific: IMO the error code of the first call should be returned.

Ciao, Michael.

Follow-Ups:
- Re: StartTLS URL extension
  - From: Pierangelo Masarati <ando@sys-net.it>

References:
- StartTLS URL extension
  - From: Howard Chu <hyc@symas.com>
- Re: StartTLS URL extension
  - From: Volker Lendecke <Volker.Lendecke@SerNet.DE>
- Re: StartTLS URL extension
  - From: Michael Ströder <michael@stroeder.com>
- Re: StartTLS URL extension
  - From: Pierangelo Masarati <ando@sys-net.it>
- Re: StartTLS URL extension
  - From: Michael Ströder <michael@stroeder.com>
- Re: StartTLS URL extension
  - From: Pierangelo Masarati <ando@sys-net.it>

Prev by Date: Re: StartTLS URL extension
Next by Date: Re: StartTLS URL extension
Index(es):
- Chronological
- Thread