Re: [Ldap-dir] Review Request: The LDAP Binary Option to Proposed Standard

As LDAPBIS chair, I note that this I-D has been discussed within
LDAPBIS and PKIX WG circles.  I believe consensus of the LDAPBIS
WG is that this I-D is suitable for publication as a Proposed Standard.
I believe the same holds true for the PKIX WG (the membership
has broad overlap with LDAPBIS).

As an individual contributor to the IETF, I have reviewed this I-D
and find it suitable for publication as a Proposed Standard.  I do
have a couple of minor concerns which likely should be resolved prior
to consideration by the IESG.

The I-D's header contains 'Updates: [SYNTAXES]'
(draft-ietf-ldabis-syntaxes) but the I-D does not actually update
[SYNTAXES].  (If it had, I would have concerns.  But it doesn't,
so...) I suggest this be removed from the I-D header.

Some rewording of the following Introduction passage may be
appropriate.  My main concern here is that the current wording
might lead reviewers and implementors that this is not a sound
solution for the current use of ;binary with certificate
attributes, e.g., userCertificate;binary.  It is a sound solution.

    However the binary option was not included in the newer LDAP
   technical specification due to a lack of consistency in its
   implementation.  This document reintroduces the binary option.
   However, except for the case of certain attribute syntaxes whose
   values are required to BER encoded, no attempt is made here to
   eliminate the known consistency problems.  Rather the focus is on
   capturing current behaviours.  A more thorough solution is
   left for a future specification.

One possible rewording:
  The binary option was not included in the revised
  LDAP technical specification for a variety
  of reasons including implementation inconsistencies.
  This document reintroduces the binary option for
  use with certain attribute syntaxes, such as
  certificate syntax [draft-zeilenga-ldap-x509],
  which specifically require it.   No attempt has
  been made to address use of the ;binary option with
  attribute of syntaxes which do not require its use.
  Unless addressed in a future specification, this
  use is to be avoided.

Regards, Kurt

At 07:51 AM 6/24/2005, Ted Hardie wrote:
>Hi,
>        I've received the following request to shepherd an
>individual submission for proposed standard; I'd appreciate
>review from the directorate.  If folks could review it by
>July 7, I'd appreciate it.  If I get early reviews, I may send
>it out for IETF Last Call concurrent with that period, so
>please feel free to review early.
>                thanks,
>                                Ted Hardie
>
>
>>Date: Fri, 24 Jun 2005 09:48:35 +1000
>>From: Steven Legg <steven.legg@eb2bcom.com>
>>X-Accept-Language: en-us, en
>>To: hardie@qualcomm.com
>>CC: sah@428cobrajet.net
>>Subject: The LDAP Binary Option to Proposed Standard
>>
>>
>>Hi Ted,
>>
>>I wish to submit the individual Internet draft "Lightweight Directory Access
>>Protocol (LDAP): The Binary Encoding Option" (draft-legg-ldap-binary-03.txt)
>>to the IESG for consideration as a Proposed Standard. LDAPbis will be excluding
>>the ";binary" option. This draft reintroduces the ";binary" option for LDAPv3.
>>
>>Note that draft-zeilenga-ldap-x509-01.txt is currently in IESG evaluation and
>>has a normative dependency on this draft.
>>
>>I have indicated in the draft that the specification updates the LDAPbis
>>syntaxes and matching rules specification (draft-ietf-ldapbis-syntaxes-11.txt).
>>Kurt thinks this isn't the case. I will leave the IESG to decide one way or
>>the other.
>>
>>Regards,
>>Steven
>
>
>_______________________________________________
>Ldap-dir mailing list
>Ldap-dir@ietf.org
>https://www1.ietf.org/mailman/listinfo/ldap-dir

_______________________________________________
Ldap-dir mailing list
Ldap-dir@ietf.org
https://www1.ietf.org/mailman/listinfo/ldap-dir