Re: CLDAP issues

[Alan Young <Alan.Young@calibre.ch>]

> I'm now adding a UDP listener to my proto-server, and there's a couple of 
> changes I'd like to bounce off people. 

> 1) Creating a new type 'CDLAPMessage', which would include the authentication
> paramaters from BindRequest.

I have tried to follow the discussions on this point and I still fail to
understand the usefulness of bind with CLDAP. The principle advantage of
CLDAP over LDAP is that it avoids the network exchanges inherent with
setting up a connection, and teh consequent latency.  If the CLDAP
server needs to handle Bind then it still needs to bind on a per user
(if not per message) basis to the DSA and this is where most of the
overhead exists (see the diagrams in the CLDAP Internet draft).  If you
need the functionality of Bind then why not just use LDAP? 

If you really do need Bind then I favour the solution like:

    CLDAPMessage ::=
	CHOICE {
	    LDAPMessage,
	    SEQUENCE OF LDAPMessage
	}

as this allows for generalised batching of requests.

> 2) Adding a CLDAPSearchResponse which would be a sequence of LDAP search
> responses. Tim has made a good case that this isn't needed, but it would
> seem to make things a lot simpler if we can wrap up all response together.

The current CLDAP Internet draft allows a server to put all the response
packets relating to a Search request in single UDP packet. You just need
to implement it that way. No protocol change is necessary.

Alan.