IETF Logo Mail Archive

Re: Comments from Christian H. on LDAP

Andrew Waugh <A.Waugh@mel.dit.csiro.au> Wed, 06 January 1993 03:59 UTC

Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa16795; 5 Jan 93 22:59 EST
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa16791; 5 Jan 93 22:59 EST
Received: from haig.cs.ucl.ac.uk by CNRI.Reston.VA.US id aa28924; 5 Jan 93 23:00 EST
Received: from bells.cs.ucl.ac.uk by haig.cs.ucl.ac.uk with local SMTP id <g.00387-0@haig.cs.ucl.ac.uk>; Wed, 6 Jan 1993 03:43:07 +0000
Received: from shark.mel.dit.CSIRO.AU by bells.cs.ucl.ac.uk with Internet SMTP id <g.17512-0@bells.cs.ucl.ac.uk>; Wed, 6 Jan 1993 03:42:49 +0000
Received: from squid.mel.dit.CSIRO.AU by shark.mel.dit.csiro.au with SMTP id AA26847 (5.65c/IDA-1.4.4/DIT-1.3 for <osi-ds@cs.ucl.ac.uk>); Wed, 6 Jan 1993 14:42:49 +1100
Received: by squid.mel.dit.CSIRO.AU (4.1/SMI-4.0) id AA22167; Wed, 6 Jan 93 14:42:29 EST
Message-Id: <9301060342.AA22167@squid.mel.dit.CSIRO.AU>
To: Erik Huizer <Erik.Huizer@surfnet.nl>
Cc: RARE & IETF OSI-DS wg <osi-ds@cs.ucl.ac.uk>, Christian Huitema <Christian.Huitema@sophia.inria.fr>
Subject: Re: Comments from Christian H. on LDAP
In-Reply-To: Your message of "Tue, 05 Jan 93 08:45:40 -0000." <9301050844.AA05227@survival.surfnet.nl>
Date: Wed, 06 Jan 93 14:42:29 +1100
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Andrew Waugh <A.Waugh@mel.dit.csiro.au>

From:    Christian Huitema <Christian.Huitema@sophia.inria.fr>
>The general architecture is sound: it keeps the X.500 "ASE" while
>removing the unnecessary overhead due to the Session, Presentation
>and ROS layer.

But does it? I cannot see anything in the draft which either
says that the BER is being sent directly over TCP (or other Transport
Layer protocol) or implies it. There should be a statement in section 5:

	"The encoded protocol elements of LDAP are sent directly
	over the Transport layer service. No Session, Presentation
	or other Application Layer Protocols (such as ROSE or ACSE)
	are used."

>I dont
>understand whether LDAP allows to send a query without sending a
>"BIND" first; stateless operation should be allowed!

I totally agree with Christian here. It should be possible for the
user to open a TCP connection to the DSA and send an X.500 operation.
The DSA could considered this as having received an implicit anonymous
bind request. Closing the TCP connection could then be considered
as an implicit UnbindRequest (and, if necessary, an abandonRequest).
It will, however, be necessary to promote the version field of the
BindRequest to be an optional parameter of LDAPMessage to do this.

I cannot see the necessity of including the messageID field in the
LSAPMessage. I would assume that the operation of LDAP is synchronous;
send an operation, get a response. For this a messageID field is not
necessary. If LDAP is asynchronous this should be stated.

Mention should be made in the RFC of the effects of unusual events in
the transport layer: closing the connection should be an implicit
UnbindRequest or abandonRequest (etc).

andrew waugh

v2.8.7 | Report a Bug | By Email