[ldapext] LDAP Groups topic split-out

Charlie <medievalist@gmail.com> Thu, 03 December 2015 23:13 UTC

Return-Path: <medievalist@gmail.com>
X-Original-To: ldapext@ietfa.amsl.com
Delivered-To: ldapext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id D32831A03A9 for <ldapext@ietfa.amsl.com>; Thu, 3 Dec 2015 15:13:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id BgQ3JY2Ch5zB for <ldapext@ietfa.amsl.com>; Thu, 3 Dec 2015 15:13:02 -0800 (PST)
Received: from mail-lf0-x229.google.com (mail-lf0-x229.google.com [IPv6:2a00:1450:4010:c07::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 986411A03A6 for <ldapext@ietf.org>; Thu, 3 Dec 2015 15:12:56 -0800 (PST)
Received: by lfdl133 with SMTP id l133so100492061lfd.2 for <ldapext@ietf.org>; Thu, 03 Dec 2015 15:12:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=grCSmTQs/0UZsupIWBC8pOKWIy32JzwZVfYpVOUUPRM=; b=nDilZCvRPlJLKcTN2q1igbX0ohKuaDjj3yI/wcStJZADOhhSXbTRybNzcbjxf+ccAj s42DLaW/LO7kUyBkZgKWYxIZerlaG89lXMHRoNLcJw+BpGxYM2hd4z5WJIpv940q8nDL nPpYW2p7LKmDKpjObr7RPiNZ9wpXFMufXbwQjnN75/65sOQP/6Hrz4e4h5pKbuG2Iped 8GsALwpTqvqAOT22Jat7j0s2JAu2E/N3Afyl7o+58ZjWlqwk7mZBfo2lGa528og8WuJh y6kGYL/QlRl3ucEGUk4PPkKjN6zSfl8oafLc7cdexSH4mIr+77wgdp1o3CHSyiWCuKV8 bUYQ==
MIME-Version: 1.0
X-Received: by with SMTP id y195mr6799749lfd.66.1449184374737; Thu, 03 Dec 2015 15:12:54 -0800 (PST)
Received: by with HTTP; Thu, 3 Dec 2015 15:12:54 -0800 (PST)
Date: Thu, 03 Dec 2015 18:12:54 -0500
Message-ID: <CAJb3uA57jHCfhN6tQB6Kc7uOGF3g4w6GVmr6+OnhD4=k5zqEzw@mail.gmail.com>
From: Charlie <medievalist@gmail.com>
To: ldapext <ldapext@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/ldapext/cQlAo7gUWvHKdD0QKvu4ulAewgc>
Subject: [ldapext] LDAP Groups topic split-out
X-BeenThere: ldapext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: LDAP Extension Working Group <ldapext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ldapext>, <mailto:ldapext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ldapext/>
List-Post: <mailto:ldapext@ietf.org>
List-Help: <mailto:ldapext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ldapext>, <mailto:ldapext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Dec 2015 23:13:04 -0000

After reading David Foster Wallace on set theory, I wrote an RFC a
couple years back to address the lack of a generic or globally useful
grouping mechanism in LDAP-accessible directories.  Comments are


If you're not up for a long-read, I would recommend just reading
"Appendix D:  Other Efforts and their Shortcomings" which explains all
the attempts to date and how they've failed to gain traction.

Projects continue to try to solve their individual problems instead of
working towards a truly generic grouping mechanism that will suit all
needs, so nothing's progressing.  Simo mentioned this in the context
of FreeIPA, for example - they broke their implementation of RFC2307
and moved on, rather than helping Andrew Findlay create a standard
that supported empty groups.  It seems like each of us is focused on
our own potato patch.