Re: Controls and criticality

[Pierangelo Masarati <ando@sys-net.it>]

Kurt Zeilenga wrote:
> In short,
>
> if the control is critical, the server cannot ignore it.  It must either 
> make use of it as prescribed or fail.
> if the control is non-critical, the server can choose to ignore it.  
> However, it should only do so before making use of it as prescribed.
>
> Some controls specifications are simply broken.  No part of the 'making 
> use of the control' should depend on the value of criticality.

I'm not questioning this.  I'm questioning the fact that the DSA allows 
a client to be happy with using a control with a criticality that could 
endanger the data integrity or security (and, all in all, violates the 
control's specs).

Also, I understand that rejecting an operation because it was performed 
with a non-critical control is in contrast with RFC4511.  Handling of 
dontUseCopy needs to be fixed in slapd (see ITS#5785) for conformance 
with RFC4511, although this would allow slapd to process a control whose 
criticality setting is in violation of its specs.

I'm even more concerned about handling of RFC4370, which is now handled 
in full conformance of RFC4511, but I'd rather prefer that slapd rejects 
it if requested with criticality set to FALSE.

To me, slapd should reject those cases with protocolError.

p.