Re: LDAP

Tim Howes <tim@terminator.rs.itd.umich.edu> Tue, 08 June 1993 16:28 UTC

Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa06985; 8 Jun 93 12:28 EDT
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa06981; 8 Jun 93 12:28 EDT
Received: from haig.cs.ucl.ac.uk by CNRI.Reston.VA.US id aa13728; 8 Jun 93 12:28 EDT
Received: from bells.cs.ucl.ac.uk by haig.cs.ucl.ac.uk with local SMTP id <g.04480-0@haig.cs.ucl.ac.uk>; Tue, 8 Jun 1993 16:58:16 +0100
Received: from terminator.rs.itd.umich.edu by bells.cs.ucl.ac.uk with Internet SMTP id <g.29518-0@bells.cs.ucl.ac.uk>; Tue, 8 Jun 1993 16:57:59 +0100
Received: from vertigo.rs.itd.umich.edu by terminator.rs.itd.umich.edu (5.67/2.2) with SMTP id AA12253; Tue, 8 Jun 93 11:57:52 -0400
Message-Id: <9306081557.AA12253@terminator.rs.itd.umich.edu>
To: "Brien L. Wheeler" <Brien.L.Wheeler@heckle.mitre.org>
Cc: osi-ds@cs.ucl.ac.uk
Subject: Re: LDAP
In-Reply-To: Your message of "Tue, 08 Jun 93 10:46:55 EDT." <9306081447.AA23538@mbunix.mitre.org>
Date: Tue, 08 Jun 93 11:57:50 -0400
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Tim Howes <tim@terminator.rs.itd.umich.edu>

> From:    "Brien L. Wheeler" <Brien.L.Wheeler@heckle.mitre.org>
> To:      osi-ds@cs.ucl.ac.uk

> > That's a fine idea, one we can work on once the current LDAP spec is
> > out the door.  A separate RFC defining LDAP over UDP would be easy to
> > produce.                                                      -- Tim
> 
>      In my mind, there is a difference between running LDAP over UDP
> and running a connectionless LDAP.  A "connectionless" LDAP should
> really be a stateless LDAP.  In a stateless LDAP, a client should be
> able to completely encapsulate a useful operation (such as a READ)
> into a single UDP data transmission and receive a result in a single
> data transmission.  The BIND should be implicitly anonymous, or optionally
> defined on the same exchange.  Once you start getting into BIND, response,
> READ, response exchanges, you have a stateful protocol.

I agree.  My idea for mapping LDAP over UDP is the same as yours.
Implicit anonymous bind.  Lose the BIND parts of the protocol.  If
we wanted to get fancier and allow optional authentication with each
datagram, we could.  But the point I was trying to make is that such
a protocol/definition is orthogonal to the current LDAP spec.   -- Tim