Re: Changes to {C}LDAP ASN.1
Steve Kille <S.Kille@isode.com> Tue, 14 December 1993 20:58 UTC
Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa09891;
14 Dec 93 15:58 EST
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa09887;
14 Dec 93 15:58 EST
Received: from haig.cs.ucl.ac.uk by CNRI.Reston.VA.US id aa17639;
14 Dec 93 15:58 EST
Received: from bells.cs.ucl.ac.uk by haig.cs.ucl.ac.uk with local SMTP
id <g.05475-0@haig.cs.ucl.ac.uk>; Tue, 14 Dec 1993 20:38:25 +0000
Received: from glengoyne.isode.com by bells.cs.ucl.ac.uk with Internet SMTP
id <g.12713-0@bells.cs.ucl.ac.uk>; Tue, 14 Dec 1993 20:37:43 +0000
To: Simon E Spero <ses@tipper.oit.unc.edu>
cc: ldap@umich.edu, osi-ds@cs.ucl.ac.uk
Subject: Re: Changes to {C}LDAP ASN.1
Phone: +44-81-332-9091
In-reply-to: Your message of Thu, 18 Nov 1993 15:23:57 -0500.
<9311182024.AA01407@tipper.oit.unc.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Tue, 14 Dec 1993 20:37:10 +0000
Message-ID: <12233.755901430@glengoyne.isode.com>
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Steve Kille <S.Kille@isode.com>
Simon, There have been a number of detailed comments on LDAP. I don't want to comment on these at this stage, as I think that its more important to first address some broader architectural issues. LDAP is a protocol specification without a service definition. It is able to achieve that by relying on X.500 as the service definition. LDAP gives access to a strict subset of the X.500 Directory Abstract Service. Changes to LDAP which give access to more of the abstract service are straightforward to handle. A key advantage of LDAP is that is allows one to build simple lightweight clients to access X.500. All of the complex distributed operation of multiple X.500 DSAs is hidden from the client. I believe that omission of DSA referrals is a key LDAP simplification. LDAP could be used to access things other than X.500, or to access things similar to, but different to X.500. In this case, it might make sense to extend LDAP in a way incompatible with X.500. I think that this is what you are trying to do. If we are going to do this (and I am not at all convinced that it is a good idea), there is a need to define the service being accessed. I'd suggest that before undertaking any protocol specification, that there is a need to: 1) Define the overall information model. 2) Define the mechanism in which data is distributed amongst servers, and the mechanisms for handling distributed operations. Steve Kille
- Changes to {C}LDAP ASN.1 Simon E Spero
- Re: Changes to {C}LDAP ASN.1 Tim Howes
- Re: Changes to {C}LDAP ASN.1 Simon E Spero
- Re: Changes to {C}LDAP ASN.1 Steve Kille