Re: [Ldap-dir] DLAP Directorate review request for draft-dawkins-ldapext-subnot
Kurt Zeilenga <Kurt.Zeilenga@Isode.com> Mon, 09 November 2009 07:26 UTC
Return-Path: <Kurt.Zeilenga@Isode.com>
X-Original-To: ldap-dir@core3.amsl.com
Delivered-To: ldap-dir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 809A83A6B09 for <ldap-dir@core3.amsl.com>; Sun, 8 Nov 2009 23:26:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.509
X-Spam-Level:
X-Spam-Status: No, score=-2.509 tagged_above=-999 required=5 tests=[AWL=0.090, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NBWUMAcpVKFT for <ldap-dir@core3.amsl.com>; Sun, 8 Nov 2009 23:26:11 -0800 (PST)
Received: from rufus.isode.com (rufus.isode.com [62.3.217.251]) by core3.amsl.com (Postfix) with ESMTP id 41DBC3A6B05 for <ldap-dir@ietf.org>; Sun, 8 Nov 2009 23:26:11 -0800 (PST)
Received: from [192.168.1.102] ((unknown) [75.141.233.128]) by rufus.isode.com (submission channel) via TCP with ESMTPSA id <SvfEKgAJmWmf@rufus.isode.com>; Mon, 9 Nov 2009 07:26:36 +0000
X-SMTP-Protocol-Errors: NORDNS
From: Kurt Zeilenga <Kurt.Zeilenga@Isode.com>
In-Reply-To: <4AF777ED.1040206@it.su.se>
Date: Sun, 08 Nov 2009 23:25:56 -0800
Message-Id: <EA6268A4-29F1-488B-87FB-C07C042F1C2A@Isode.com>
References: <7A57206D08E2483A8136B7AEA627CEB1@china.huawei.com> <4AD62F79.6090703@isode.com> <4AF777ED.1040206@it.su.se>
To: Leif Johansson <leifj@it.su.se>
X-Mailer: Apple Mail (2.1076)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: 7bit
Cc: Lisa Dusseault <lisa.dusseault@gmail.com>, LDAP Directorate <ldap-dir@ietf.org>, Spencer Dawkins <spencer@wonderhamster.org>, Xun Peng <xunpeng@huawei.com>
Subject: Re: [Ldap-dir] DLAP Directorate review request for draft-dawkins-ldapext-subnot
X-BeenThere: ldap-dir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: LDAP Directorate <ldap-dir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ldap-dir>, <mailto:ldap-dir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ldap-dir>
List-Post: <mailto:ldap-dir@ietf.org>
List-Help: <mailto:ldap-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ldap-dir>, <mailto:ldap-dir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Nov 2009 07:26:12 -0000
It seems to me we that we have "good enough" content synchronization mechanisms in LDAP, but don't have any (formalized) event notification mechanism. For instance, consider an intrusion detection system which wants notification of all password change requests, including information about the requestor and the outcome of the request. At present, such systems tend to rely on vendor-specific audit logs. I could support an effort to analysis requirements for event notification and, then, build a mechanism specifically designed to met these requirements. What I don't support is designing yet another "content synchronization" mechanism. But what does 3GPP want? It seems to me they were more after content synchronization than event notification. It's not clear to me whether you are after content synchronization than event notification. -- Kurt On Nov 8, 2009, at 6:01 PM, Leif Johansson wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Alexey Melnikov wrote: >> Spencer Dawkins wrote: >> >>> Hi, LDAP Directorate, >> > > <snip> > > I seem to recall that I brought up change-notification as an idea for > new work we might take on in LDAP-space during the last MPLS IETF (?) > LDAP bar-BOF... (I remember it was darned cold). > > I think the response I got from most LDAP server implementors was "yes > but why" :-) > > The problem seems to be that it is difficult to tell where "simple > notification" ends and "replication" begins and history tells us that > the latter has been problematic for the IETF. > > Historically lots of people have played tricks with OpenLDAP/umich > LDAP replication logs in order to achieve simple change notification > for LDAP and imo that tells me that there _should_ be enough interest > in some kind of work in this area even from LDAP server vendors! > > I have not opinion (yet) about this draft though. > > Cheers Leif > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkr3d+0ACgkQ8Jx8FtbMZnfdOACbBw0eAE+XlZkgRZ66+j6BOuhh > dA8An1t1r0ZbbAEuv/BVE9OWnnifA4d3 > =c5nm > -----END PGP SIGNATURE----- > _______________________________________________ > Ldap-dir mailing list > Ldap-dir@ietf.org > https://www.ietf.org/mailman/listinfo/ldap-dir
- Re: [Ldap-dir] DLAP Directorate review request fo… Alexey Melnikov
- Re: [Ldap-dir] DLAP Directorate review request fo… Kurt Zeilenga
- Re: [Ldap-dir] DLAP Directorate review request fo… Steven Legg
- Re: [Ldap-dir] DLAP Directorate review request fo… Ludovic Poitou
- [Ldap-dir] DLAP Directorate review request for dr… Spencer Dawkins
- Re: [Ldap-dir] DLAP Directorate review request fo… Spencer Dawkins
- Re: [Ldap-dir] DLAP Directorate review request fo… Spencer Dawkins
- Re: [Ldap-dir] DLAP Directorate review request fo… Kurt Zeilenga
- Re: [Ldap-dir] DLAP Directorate review request fo… Kurt Zeilenga
- Re: [Ldap-dir] DLAP Directorate review request fo… Leif Johansson
- Re: [Ldap-dir] DLAP Directorate review request fo… Kurt Zeilenga
- Re: [Ldap-dir] DLAP Directorate review request fo… Leif Johansson
- Re: [Ldap-dir] DLAP Directorate review request fo… Mark Smith
- Re: [Ldap-dir] DLAP Directorate review request fo… Kurt Zeilenga
- Re: [Ldap-dir] DLAP Directorate review request fo… Kurt Zeilenga
- Re: [Ldap-dir] DLAP Directorate review request fo… Leif Johansson