[ldapext] Case sensitivity of user/group names (was Re: DBIS commentary)

Jordan Brown <Jordan.Brown@oracle.com> Tue, 01 December 2015 22:50 UTC

Return-Path: <Jordan.Brown@oracle.com>
X-Original-To: ldapext@ietfa.amsl.com
Delivered-To: ldapext@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 7BBCA1AD34E for <ldapext@ietfa.amsl.com>; Tue, 1 Dec 2015 14:50:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id rb-9OskI-rNE for <ldapext@ietfa.amsl.com>; Tue, 1 Dec 2015 14:50:37 -0800 (PST)
Received: from userp1040.oracle.com (userp1040.oracle.com []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3C081AD2D5 for <ldapext@ietf.org>; Tue, 1 Dec 2015 14:50:37 -0800 (PST)
Received: from aserv0021.oracle.com (aserv0021.oracle.com []) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id tB1MoWvL011975 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 1 Dec 2015 22:50:33 GMT
Received: from aserv0121.oracle.com (aserv0121.oracle.com []) by aserv0021.oracle.com (8.13.8/8.13.8) with ESMTP id tB1MoWof017203 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Tue, 1 Dec 2015 22:50:32 GMT
Received: from abhmp0019.oracle.com (abhmp0019.oracle.com []) by aserv0121.oracle.com (8.13.8/8.13.8) with ESMTP id tB1MoWh3028107; Tue, 1 Dec 2015 22:50:32 GMT
Received: from [] (/ by default (Oracle Beehive Gateway v4.0) with ESMTP ; Tue, 01 Dec 2015 14:50:32 -0800
From: Jordan Brown <Jordan.Brown@oracle.com>
To: Charlie <medievalist@gmail.com>
References: <5655E4F0.7030809@oracle.com> <814F4E458AA9FF4E89CF1A9EDA0DE2A932F618A3@OZWEX0209N1.msad.ms.com> <565CAC30.6010701@oracle.com> <814F4E458AA9FF4E89CF1A9EDA0DE2A932F8EAFD@OZWEX0209N2.msad.ms.com> <565DDE78.5030908@oracle.com> <CAJb3uA4-PE+QQvhzZ45NQzsNiTw=Hg_EuoA8JE3uH+iTLGTrqQ@mail.gmail.com>
Message-ID: <565E242A.7080703@oracle.com>
Date: Tue, 01 Dec 2015 14:50:18 -0800
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:42.0) Gecko/20100101 Firefox/42.0 SeaMonkey/2.39
MIME-Version: 1.0
In-Reply-To: <CAJb3uA4-PE+QQvhzZ45NQzsNiTw=Hg_EuoA8JE3uH+iTLGTrqQ@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------010105000900070101040408"
X-Source-IP: aserv0021.oracle.com []
Archived-At: <http://mailarchive.ietf.org/arch/msg/ldapext/cfIdOyfb5eSph8KGvxcupPd-j38>
Cc: "ldapext@ietf.org" <ldapext@ietf.org>
Subject: [ldapext] Case sensitivity of user/group names (was Re: DBIS commentary)
X-BeenThere: ldapext@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: LDAP Extension Working Group <ldapext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ldapext>, <mailto:ldapext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ldapext/>
List-Post: <mailto:ldapext@ietf.org>
List-Help: <mailto:ldapext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ldapext>, <mailto:ldapext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Dec 2015 22:50:39 -0000

[ I just can't win for losing today.  Let's try this *one more time* with the 
right subject. ]
[ Splitting off a specific subthread as Michael requested ]
[ Resend with correct distribution ]

On 12/1/2015 2:06 PM, Charlie wrote:
> A directory backend that is intended to serve multiple existing
> operating systems probably shouldn't be telling any of those operating
> systems whether or not they should be case-sensitive.  It's out of
> scope for the project and causes arguments.

Well, but... if the various OSes are sharing the same naming attribute, it seems 
like there's an unbreakable chain of connections between them.  Either the 
attribute is case-sensitive, in which case the natively-case-insensitive OS will 
be confused, or the attribute is case-insensitive, in which case the 
natively-case-sensitive OS will be confused.

The way that I look at it is not that the directory is serving the OSes, but that 
the directory is defining a world that the OSes are choosing to play in... and 
when they choose to play in the directory's world, they have to live by its rules.

> That being said, options are great to have.  If you can support
> existing systems while also giving people the ability to do whatever
> you happen to think is better, you'll automatically win any such
> arguments.

It's tempting to suggest that a single entry could have one name attribute that's 
case-sensitive and another that's case-insensitive (presumably from different 
auxiliary classes), and technically that'd be possible, but seems like an 
administrative nightmare... a very high cost to pay for the 0.1% of names where 
case-sensitivity is important.