Re: [ldapext] why posixAccount MUST contain 'cn'?

Luke Howard <lukeh@padl.com> Thu, 18 December 2014 00:43 UTC

Return-Path: <lukeh@padl.com>
X-Original-To: ldapext@ietfa.amsl.com
Delivered-To: ldapext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 850701A00B1 for <ldapext@ietfa.amsl.com>; Wed, 17 Dec 2014 16:43:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.789
X-Spam-Level:
X-Spam-Status: No, score=0.789 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9QlRrICw_h2A for <ldapext@ietfa.amsl.com>; Wed, 17 Dec 2014 16:43:34 -0800 (PST)
Received: from us.padl.com (us.padl.com [216.154.215.154]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C4B721A00A8 for <ldapext@ietf.org>; Wed, 17 Dec 2014 16:43:34 -0800 (PST)
Received: by us.padl.com with ESMTP id sBI0h49R028317; Wed, 17 Dec 2014 19:43:09 -0500
Content-Type: multipart/alternative; boundary="Apple-Mail=_9A94DC3D-17F5-425A-B24D-9647DA1C1135"
Mime-Version: 1.0 (Mac OS X Mail 8.0 \(1990.1\))
From: Luke Howard <lukeh@padl.com>
In-Reply-To: <CAB3ntOsZSCEzmmxzGCDAx_GRSVzNERPxbGAM=9UjmFbgqe18Mg@mail.gmail.com>
Date: Thu, 18 Dec 2014 11:43:03 +1100
Message-Id: <5BC3F036-F46E-4BF2-926A-96C2E98E6064@padl.com>
References: <548DB67C.5060009@stroeder.com> <CAJb3uA7JW7aOVP2=HuOZ+_roCy8t0d07XgyR5cJNs1PU+V77kA@mail.gmail.com> <5490AE1C.6010004@stroeder.com> <CAB3ntOsZSCEzmmxzGCDAx_GRSVzNERPxbGAM=9UjmFbgqe18Mg@mail.gmail.com>
To: Jim Willeke <jim@willeke.com>
X-Mailer: Apple Mail (2.1990.1)
X-SMTP-Vilter-Version: 1.3.6
X-Spamd-Symbols: AWL,BAYES_00,HTML_MESSAGE,RDNS_NONE,USER_IN_WHITELIST
X-SMTP-Vilter-Spam-Backend: spamd
X-Spam-Threshold: 5.0
X-Spam-Probability: -20.5
Archived-At: http://mailarchive.ietf.org/arch/msg/ldapext/YvG3KLr5s5aUhBzffyBe7a7XK8Y
Cc: Ldapext <ldapext@ietf.org>, =?utf-8?Q?Michael_Str=C3=B6der?= <michael@stroeder.com>
Subject: Re: [ldapext] why posixAccount MUST contain 'cn'?
X-BeenThere: ldapext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: LDAP Extension Working Group <ldapext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ldapext>, <mailto:ldapext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ldapext/>
List-Post: <mailto:ldapext@ietf.org>
List-Help: <mailto:ldapext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ldapext>, <mailto:ldapext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Dec 2014 00:43:36 -0000

It is a bit tricky to remember why I made “cn” mandatory but it probably had something to do with (erroneously) conflating accounts and people. Something that should be addressed in future specifications (if they ever happen).

The only issue might be that some clients reject entries that are missing “cn”.

-- Luke

--
www.lukehoward.com
soundcloud.com/lukehoward