[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Differences between Binary and OctetString?
At 10:07 AM 9/19/2003, Lon Tierney wrote:
>I am curious how OpenLDAP handles data differently between the Binary and Octet String syntaxes?
>
>The iPlanet/AOL/Sun schema defines a userPassword as a Binary syntax, and I notice that the 2.1.x schema for OpenLDAP defines it as an Octet String. Does the octetStringMatch work better/different with password values?
I think iPlanet use of the term "binary" here is historical.
In U-Mich LDAP, "bin"ary attributes had both octet string syntax
and matching rules. For example,
attribute userPassword bin
(Note that U-Mich LDAP actually defined userPassword to be 'ces'.)
OpenLDAP Software (2.x) uses RFC 2252 format schema descriptions
(extracted from the RFCs where available) for all attribututes.
For example,
( 2.5.4.35 NAME 'userPassword'
DESC 'RFC2256/2307: password of user'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
These examples are semantically equivalent.
The LDAP Technical Specification also defines a different
Binary syntax (RFC2252) as well as ;binary transfer of values
(RFC2251). These are not semantically equivalent (to each other
or with historical "bin"ary syntaxes).
Kurt