Message

From owner-ietf-ldapbis@OpenLDAP.org Fri Jul 9 16:09:31 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA26667 for ; Fri, 9 Jul 2004 16:09:29 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i69K5NDX024083; Fri, 9 Jul 2004 20:07:51 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i69K430W024058; Fri, 9 Jul 2004 20:04:03 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Fri, 9 Jul 2004 20:04:03 +0000 Received: from smtp-mclean.mitre.org (smtpproxy2.mitre.org [192.80.55.71]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i69K0EgF023938 for ; Fri, 9 Jul 2004 20:04:00 GMT (envelope-from kdally@mitre.org) Received: from smtp-mclean.mitre.org (localhost.localdomain [127.0.0.1]) by smtp-mclean.mitre.org (8.11.6/8.11.6) with ESMTP id i69K0DR09245 for ; Fri, 9 Jul 2004 16:00:13 -0400 Received: from MAILHUB2 (mailhub2.mitre.org [129.83.221.18]) by smtp-mclean.mitre.org (8.11.6/8.11.6) with ESMTP id i69K0BI09187; Fri, 9 Jul 2004 16:00:11 -0400 Received: from mm108631-pc.mitre.org (128.29.3.71) by mailhub2.mitre.org with SMTP id 3601190; Fri, 09 Jul 2004 16:00:03 -0400 From: "Kathy Dally" To: Cc: Subject: Example in syntaxes Date: Fri, 9 Jul 2004 16:00:00 -0400 Organization: The MITRE Corporation Message-ID: <002301c465ef$53671470$47031d80@MITRE.ORG> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0024_01C465CD.CC557470" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.5709 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Importance: Normal Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_0024_01C465CD.CC557470 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Steven! =20 In section 3.3.21 of the syntaxes I-D, the example appears to be garbled. The same example appears in RFC 2252. Perhaps the example could be: OU=3DDept #04024869,O=3DTest,C=3DGB#'0101'B =20 Thanks, Kathy ------=_NextPart_000_0024_01C465CD.CC557470 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Message

Hi=20 Steven!

In = section 3.3.21 of=20 the syntaxes I-D, the example appears to be garbled. The same = example=20 appears in RFC 2252. Perhaps the example could = be:

OU=3DDept=20 #04024869,O=3DTest,C=3DGB#'0101'B

Thanks,

Kathy

------=_NextPart_000_0024_01C465CD.CC557470-- From owner-ietf-ldapbis@OpenLDAP.org Sun Jul 11 19:58:04 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA20093 for ; Sun, 11 Jul 2004 19:58:04 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6BNrf7u092472; Sun, 11 Jul 2004 23:56:00 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6BNpQbU092451; Sun, 11 Jul 2004 23:51:26 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Sun, 11 Jul 2004 23:51:26 +0000 Received: from adacel.com (gunsmoke.adacel.com.au [210.11.130.7]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6BNnnUS092427 for ; Sun, 11 Jul 2004 23:51:06 GMT (envelope-from steven.legg@adacel.com.au) Received: from nexus.adacel.com (Not Verified[10.32.240.1]) by adacel.com with NetIQ MailMarshal (v5.5.6.7) id ; Mon, 12 Jul 2004 09:47:11 +1000 Received: (qmail 13019 invoked from network); 11 Jul 2004 23:49:13 -0000 Received: from unknown (HELO adacel.com.au) (10.32.24.165) by nexus.adacel.com with SMTP; 11 Jul 2004 23:49:13 -0000 Message-ID: <40F1D1F8.7010308@adacel.com.au> Date: Mon, 12 Jul 2004 09:49:12 +1000 From: Steven Legg User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.3.1) Gecko/20030425 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Kathy Dally CC: ietf-ldapbis@OpenLDAP.org Subject: Re: Example in syntaxes References: <002301c465ef$53671470$47031d80@MITRE.ORG> In-Reply-To: <002301c465ef$53671470$47031d80@MITRE.ORG> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: Content-Transfer-Encoding: 7bit Hi Kathy, Kathy Dally wrote: > In section 3.3.21 of the syntaxes I-D, the example appears to be > garbled. The same example appears in RFC 2252. Perhaps the example > could be: > OU=Dept #04024869,O=Test,C=GB#'0101'B The example is correct as written in the syntaxes I-D. The first AttributeTypeAndValue follows the required format for an AttributeTypeAndValue where the AttributeType has no registered short name. See sections 2.3 and 2.4 of draft-ietf-ldapbis-dn-14.txt . The example deliberately uses a DN with an embedded '#' to show that the '#' is not escaped in a NameAndOptionalUID. Regards, Steven From owner-ietf-ldapbis@OpenLDAP.org Wed Jul 14 16:01:41 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA12672 for ; Wed, 14 Jul 2004 16:01:41 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6EJg6EM010498; Wed, 14 Jul 2004 19:59:36 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6EJf6nV010399; Wed, 14 Jul 2004 19:41:06 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Wed, 14 Jul 2004 19:41:06 +0000 Received: from ietf.org (odin.ietf.org [132.151.1.176]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6EJdnoH010270 for ; Wed, 14 Jul 2004 19:41:05 GMT (envelope-from dinaras@cnri.reston.va.us) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA11001; Wed, 14 Jul 2004 15:39:46 -0400 (EDT) Message-Id: <200407141939.PAA11001@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: i-d-announce@ietf.org Cc: ietf-ldapbis@OpenLDAP.org From: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-ldapbis-filter-07.txt Date: Wed, 14 Jul 2004 15:39:46 -0400 Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the LDAP (v3) Revision Working Group of the IETF. Title : LDAP: String Representation of Search Filters Author(s) : M. Smith, T. Howes Filename : draft-ietf-ldapbis-filter-07.txt Pages : 12 Date : 2004-7-14 LDAP search filters are transmitted in the LDAP protocol using a binary representation that is appropriate for use on the network. This document defines a human-readable string representation of LDAP search filters that is appropriate for use in LDAP URLs and in other applications. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-filter-07.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-ldapbis-filter-07.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-ldapbis-filter-07.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2004-7-14154202.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-ldapbis-filter-07.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ldapbis-filter-07.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2004-7-14154202.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-ietf-ldapbis@OpenLDAP.org Thu Jul 15 15:35:44 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA17570 for ; Thu, 15 Jul 2004 15:35:43 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6FJU959071142; Thu, 15 Jul 2004 19:33:13 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6FJOdoh070901; Thu, 15 Jul 2004 19:24:39 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Thu, 15 Jul 2004 19:24:39 +0000 Received: from ietf.org (odin.ietf.org [132.151.1.176]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6FJNXwM070844 for ; Thu, 15 Jul 2004 19:24:36 GMT (envelope-from dinaras@cnri.reston.va.us) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA16559; Thu, 15 Jul 2004 15:23:30 -0400 (EDT) Message-Id: <200407151923.PAA16559@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: i-d-announce@ietf.org Cc: ietf-ldapbis@OpenLDAP.org From: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-ldapbis-url-06.txt Date: Thu, 15 Jul 2004 15:23:30 -0400 Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the LDAP (v3) Revision Working Group of the IETF. Title : LDAP: Uniform Resource Locator Author(s) : M. Smith, T. Howes Filename : draft-ietf-ldapbis-url-06.txt Pages : 14 Date : 2004-7-15 This document describes a format for an LDAP Uniform Resource Locator (URL). An LDAP URL describes an LDAP search operation that is used to retrieve information from an LDAP directory, or, in the context of an LDAPv3 referral or reference, an LDAP URL describes a service where an LDAP operation may be progressed. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-url-06.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-ldapbis-url-06.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-ldapbis-url-06.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2004-7-15152131.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-ldapbis-url-06.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ldapbis-url-06.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2004-7-15152131.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-ietf-ldapbis@OpenLDAP.org Sun Jul 18 02:58:13 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id CAA19754 for ; Sun, 18 Jul 2004 02:58:13 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6I6sZYj094624; Sun, 18 Jul 2004 06:55:41 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6I6oVPv094506; Sun, 18 Jul 2004 06:50:31 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Sun, 18 Jul 2004 06:50:31 +0000 Received: from pat.uio.no (IDENT:7411@pat.uio.no [129.240.130.16]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6I6nPMx094472 for ; Sun, 18 Jul 2004 06:50:29 GMT (envelope-from hbf@bombur.uio.no) Received: from mail-mx6.uio.no ([129.240.10.47]) by pat.uio.no with esmtp (Exim 4.34) id 1Bm5U8-0000nP-Uv for ietf-ldapbis@openldap.org; Sun, 18 Jul 2004 08:49:21 +0200 Received: from bombur.uio.no ([129.240.186.42]) by smtp.uio.no with esmtp (Exim 4.34) id 1Bm5Td-0003HB-Vg for ietf-ldapbis@openldap.org; Sun, 18 Jul 2004 08:48:50 +0200 Received: from hbf by bombur.uio.no with local (Exim 2.12 #7) id 1Bm5Tc-0003KT-00 for ietf-ldapbis@openldap.org; Sun, 18 Jul 2004 08:48:48 +0200 From: Hallvard B Furuseth Message-Id: To: ietf-ldapbis@OpenLDAP.org Subject: LDAPURL: Null bytes before escaping Date: Sun, 18 Jul 2004 08:48:48 +0200 X-MailScanner-Information: This message has been scanned for viruses/spam. Contact postmaster@uio.no if you have questions about this scanning X-UiO-MailScanner: No virus found X-UiO-Spam-info: not spam, SpamAssassin (score=-5, required 12, UIO_MAIL_IS_INTERNAL -5.00) Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: I suggest that LDAPURL mentions that: (1) Before URL escaping is applied, the extensions may contain null bytes. No other component may. (2) The LDAPURL cannot contain null bytes [or 'null characters']. That can be deduced from various RFCs/drafts (well, I assume there is some RFC which says this about the hostport component), but it would be nice to have it all in one place. -- Hallvard From owner-ietf-ldapbis@OpenLDAP.org Mon Jul 19 10:03:09 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA18072 for ; Mon, 19 Jul 2004 10:03:08 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6JDn0xh042398; Mon, 19 Jul 2004 14:00:47 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6JDkuc8042299; Mon, 19 Jul 2004 13:46:56 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Mon, 19 Jul 2004 13:46:56 +0000 Received: from cantor.openldap.org (root@cantor.openldap.org [204.152.186.52]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6JDfoIE042021 for ; Mon, 19 Jul 2004 13:43:48 GMT (envelope-from hbf@bombur.uio.no) Received: from pretender.boolean.net (root@foobarlabs-pt.tunnel.tserv1.fmt.ipv6.he.net [IPv6:2001:470:1f00:ffff::797] (may be forged)) by cantor.openldap.org (8.12.11/8.12.11) with ESMTP id i6JDfnWG071670 for ; Mon, 19 Jul 2004 13:41:49 GMT (envelope-from hbf@bombur.uio.no) Received: from pat.uio.no (IDENT:7411@pat.uio.no [129.240.130.16]) by pretender.boolean.net (8.12.10/8.12.11) with ESMTP id i6JDdfv3090940 for ; Mon, 19 Jul 2004 13:40:45 GMT (envelope-from hbf@bombur.uio.no) Received: from mail-mx1.uio.no ([129.240.10.29]) by pat.uio.no with esmtp (Exim 4.34) id 1BmY61-0003Sg-0k; Mon, 19 Jul 2004 15:22:21 +0200 Received: from bombur.uio.no ([129.240.186.42]) by smtp.uio.no with esmtp (Exim 4.34) id 1BmXxf-0003ZY-Kc; Mon, 19 Jul 2004 15:13:43 +0200 Received: from hbf by bombur.uio.no with local (Exim 2.12 #7) id 1BmXxV-0004dU-00; Mon, 19 Jul 2004 15:13:33 +0200 From: Hallvard B Furuseth Message-Id: To: Mark Smith Cc: ietf-ldapbis@OpenLDAP.org Subject: Re: LDAPURL: Null bytes before escaping In-Reply-To: <40FBC5CF.50806@pearlcrescent.com> References: <40FBC5CF.50806@pearlcrescent.com> X-Mailer: VM 6.37 under Emacs 19.34.1 Date: Mon, 19 Jul 2004 15:13:33 +0200 X-MailScanner-Information: This message has been scanned for viruses/spam. Contact postmaster@uio.no if you have questions about this scanning X-UiO-MailScanner: No virus found X-UiO-Spam-info: not spam, SpamAssassin (score=-5, required 12, UIO_MAIL_IS_INTERNAL -5.00) Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: Mark Smith writes: >Hallvard B Furuseth wrote: >> I suggest that LDAPURL mentions that: >> >> (1) Before URL escaping is applied, the extensions may contain >> null bytes. No other component may. >> (2) The LDAPURL cannot contain null bytes [or 'null characters']. >> >> That can be deduced from various RFCs/drafts (well, I assume there is >> some RFC which says this about the hostport component), but it would be >> nice to have it all in one place. > > I am OK with adding some text about these two points, although (2) seems > like a very well known property of all URIs to me. Quoting from RFC 2396: True, (2) seems unnecessary. I added it mostly for completeness since I was talking about null bytes anyway, but perhaps that was a bit too complete:-) -- Hallvard From owner-ietf-ldapbis@OpenLDAP.org Mon Jul 19 15:56:51 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA19510 for ; Mon, 19 Jul 2004 15:56:50 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6JJshC3068289; Mon, 19 Jul 2004 19:55:29 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6JJsLwX068274; Mon, 19 Jul 2004 19:54:21 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Mon, 19 Jul 2004 19:54:21 +0000 Received: from ietf.org (odin.ietf.org [132.151.1.176]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6JJsFHj068263 for ; Mon, 19 Jul 2004 19:54:16 GMT (envelope-from dinaras@cnri.reston.va.us) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA19365; Mon, 19 Jul 2004 15:54:12 -0400 (EDT) Message-Id: <200407191954.PAA19365@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: i-d-announce@ietf.org Cc: ietf-ldapbis@OpenLDAP.org From: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-ldapbis-user-schema-08.txt Date: Mon, 19 Jul 2004 15:54:12 -0400 Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the LDAP (v3) Revision Working Group of the IETF. Title : LDAP: Schema for User Applications Author(s) : K. Dally Filename : draft-ietf-ldapbis-user-schema-08.txt Pages : 29 Date : 2004-7-19 This document is a integral part of the Lightweight Directory Access Protocol (LDAP) technical specification [ROADMAP]. It provides a technical specification of attribute types and object classes intended for use by LDAP directory clients for many directory services, such as, White Pages. These objects are widely used as a basis for the schema in many LDAP directories. This document does not cover attributes used for the administration of directory servers, nor does it include directory objects defined for specific uses in other documents. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-user-schema-08.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-ldapbis-user-schema-08.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-ldapbis-user-schema-08.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2004-7-19152640.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-ldapbis-user-schema-08.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ldapbis-user-schema-08.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2004-7-19152640.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-ietf-ldapbis@OpenLDAP.org Tue Jul 20 09:47:50 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA19653 for ; Tue, 20 Jul 2004 09:47:50 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6KDgoKA008195; Tue, 20 Jul 2004 13:46:17 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6KDeqJq008014; Tue, 20 Jul 2004 13:40:52 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Tue, 20 Jul 2004 13:40:52 +0000 Received: from sccrmhc13.comcast.net (sccrmhc13.comcast.net [204.127.202.64]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6KDe6VO007940 for ; Tue, 20 Jul 2004 13:40:51 GMT (envelope-from mcs@pearlcrescent.com) Received: from [127.0.0.1] (pcp04150285pcs.sanarb01.mi.comcast.net[68.41.55.52]) by comcast.net (sccrmhc13) with ESMTP id <2004072013393101600bb69ke> (Authid: mcs); Tue, 20 Jul 2004 13:39:31 +0000 Message-ID: <40FD208C.7090000@pearlcrescent.com> Date: Tue, 20 Jul 2004 09:39:24 -0400 From: Mark Smith User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040616 X-Accept-Language: en-us, en MIME-Version: 1.0 To: ietf-ldapbis@OpenLDAP.org Subject: draft-ietf-ldapbis-filter-07 published Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: Content-Transfer-Encoding: 7bit Last week I published a version -07 of the LDAP Filter I-D: http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-filter-07.txt Other than the change to use the new RFC 3667 and 3668 boilerplate, the changes since -06 are fairly minor. Here are all of them (from Appendix B of the document): 12.1. Technical Changes Replaced [ISO 10646] reference with [Unicode]. "String Search Filter Definition" section: replaced "greater" and "less" with "greaterorequal" and "lessorequal" to avoid confusion. Also, broke some long lines into two lines to avoid exceeding the 72 column limit. 12.2. Editorial Changes "Status of this Memo", "Intellectual Property Rights", and "Full Copyright" sections: updated to use boilerplate from RFC 3667 and RFC 3668. "Status of this Memo", "Abstract" and "Table of Contents" sections: removed section numbers. "LDAP Search Filter Definition" section: added (BER) to the last sentence. "IANA Considerations" section: added. -Mark From owner-ietf-ldapbis@OpenLDAP.org Tue Jul 20 09:58:00 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA20366 for ; Tue, 20 Jul 2004 09:57:59 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6KDv9Tb009469; Tue, 20 Jul 2004 13:57:09 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6KDkj1m008589; Tue, 20 Jul 2004 13:46:45 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Tue, 20 Jul 2004 13:46:45 +0000 Received: from sccrmhc12.comcast.net (sccrmhc12.comcast.net [204.127.202.56]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6KDkRSB008553 for ; Tue, 20 Jul 2004 13:46:44 GMT (envelope-from mcs@pearlcrescent.com) Received: from [127.0.0.1] (pcp04150285pcs.sanarb01.mi.comcast.net[68.41.55.52]) by comcast.net (sccrmhc12) with ESMTP id <2004072013460701200fplbue> (Authid: mcs); Tue, 20 Jul 2004 13:46:07 +0000 Message-ID: <40FD221C.3040106@pearlcrescent.com> Date: Tue, 20 Jul 2004 09:46:04 -0400 From: Mark Smith User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040616 X-Accept-Language: en-us, en MIME-Version: 1.0 To: ietf-ldapbis@OpenLDAP.org Subject: draft-ietf-ldapbis-url-06 published Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: Content-Transfer-Encoding: 7bit As some of you already noticed, last week I published version -06 of the LDAP URL I-D: http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-url-06.txt As with the Filter document, other than the change to use the new RFC 3667 and 3668 boilerplate, the changes since -05 are fairly minor (I consider the change in the definition of SLASH to be a bug fix; that problem is not present in RFC 2255). I would appreciate review and comment on the changes I made in the "URL Definition" section; I think the changes reflect the group's opinion as gleaned from the mailing list discussions earlier this year. Here is a list of all the changes (from Appendix B of the document): 13.1. Technical Changes "URL Definition" section: changed the hex value for SLASH to 0x2F (it was 0x5C which is "\" not "/"). Also, broke some long lines into two lines to avoid exceeding the 72 column limit. 13.2. Editorial Changes "Status of this Memo", "Intellectual Property Rights", and "Full Copyright" sections: updated to use boilerplate from RFC 3667 and RFC 3668. "Status of this Memo", "Abstract" and "Table of Contents" sections: removed section numbers. "Introduction" section: added missing RFC 2119 keywords. "URL Definition" section: replaced "residing in the LDAP server" with "accessible from the LDAP server" in the sentence immediately following the ABNF. Also, added the explanatory phrase "(that is, if the implementation understands it and is able to use it)" to the sentence that begins "If an LDAP URL extension is recognized by an implementation...." Also, replaced "ASCII 33" with ASCII 0x21 in the text that refers to the "!" character. "IANA Considerations" section: added. -Mark From owner-ietf-ldapbis@OpenLDAP.org Wed Jul 21 15:51:55 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA18225 for ; Wed, 21 Jul 2004 15:51:54 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6LJn1c1016702; Wed, 21 Jul 2004 19:50:12 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6LJknWO016623; Wed, 21 Jul 2004 19:46:49 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Wed, 21 Jul 2004 19:46:49 +0000 Received: from ietf.org (odin.ietf.org [132.151.1.176]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6LJkk0I016613 for ; Wed, 21 Jul 2004 19:46:48 GMT (envelope-from dinaras@cnri.reston.va.us) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA17595; Wed, 21 Jul 2004 15:46:44 -0400 (EDT) Message-Id: <200407211946.PAA17595@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: i-d-announce@ietf.org Cc: ietf-ldapbis@OpenLDAP.org From: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-ldapbis-authmeth-11.txt Date: Wed, 21 Jul 2004 15:46:44 -0400 Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the LDAP (v3) Revision Working Group of the IETF. Title : LDAP: Authentication Methods and Connection Level Security Mechanism Author(s) : R. Harrison Filename : draft-ietf-ldapbis-authmeth-11.txt Pages : 58 Date : 2004-7-21 This document describes authentication methods and connection level security mechanisms of the Lightweight Directory Access Protocol (LDAP). A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-11.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-ldapbis-authmeth-11.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-ldapbis-authmeth-11.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2004-7-21153227.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-ldapbis-authmeth-11.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ldapbis-authmeth-11.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2004-7-21153227.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-ietf-ldapbis@OpenLDAP.org Wed Jul 21 21:09:08 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA17615 for ; Wed, 21 Jul 2004 21:09:07 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6M172MW029055; Thu, 22 Jul 2004 01:07:45 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6M13CHT028959; Thu, 22 Jul 2004 01:03:12 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Thu, 22 Jul 2004 01:03:12 +0000 Received: from boole.openldap.org (kurt@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6M13Bmm028946 for ; Thu, 22 Jul 2004 01:03:11 GMT (envelope-from kurt@boole.openldap.org) Received: (from kurt@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) id i6M13Bwr028945 for ietf-ldapbis@openldap.org; Wed, 21 Jul 2004 18:03:11 -0700 (PDT) (envelope-from kurt) Received: from sinclair.provo.novell.com (sinclair.provo.novell.com [137.65.81.169]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6LM8iTo021949 for ; Wed, 21 Jul 2004 22:09:48 GMT (envelope-from jimse@novell.com) Received: from INET-PRV-MTA by sinclair.provo.novell.com with Novell_GroupWise; Wed, 21 Jul 2004 16:01:42 -0600 Message-Id: X-Mailer: Novell GroupWise Internet Agent 6.5.2 Beta Date: Wed, 21 Jul 2004 16:01:18 -0600 From: "Jim Sermersheim" To: Subject: http://ietf.org/internet-drafts/draft-ietf-ldapbis-protocol-25.txt Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: Content-Transfer-Encoding: 7bit I'm not sure why the ID ACTION message hasn't come across for this yet, or why the link at http://ietf.org/html.charters/ldapbis-charter.html hasn't been updated. But anyway, here is the update summary: Substantive: - None Editorial: - Moved "Operation and LDAP Exchange Relationship" up to section 3.1 - Changed occurances of 'outstanding' to 'unfinished' - Minor cleanup to 4.1.11 in the combination of controls section - Minor cleanup of the definition of "Authorization" in 4.2 - Clarified when protocolError is used for extended operationsin A.2 and 4.12 - Fixed typo in 4.14.3 - Clarified that each octed *and each bit* is significant in 5 - In A.2, clarified that protocolError applies to non-well-formed messages - Moved the ellipses in protocolOp to before intermediateResponse - Added IPR Disclosure Acknowledgement, - Updated IPR Notice, Copyright Notice, and Disclaimer Jim From owner-ietf-ldapbis@OpenLDAP.org Fri Jul 23 07:02:48 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA10490 for ; Fri, 23 Jul 2004 07:02:47 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6NAtKjZ033671; Fri, 23 Jul 2004 10:59:48 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6NAogK9033343; Fri, 23 Jul 2004 10:50:42 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Fri, 23 Jul 2004 10:50:42 +0000 Received: from pat.uio.no (IDENT:7411@pat.uio.no [129.240.130.16]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6NAobtT033320 for ; Fri, 23 Jul 2004 10:50:39 GMT (envelope-from hbf@bombur.uio.no) Received: from mail-mx3.uio.no ([129.240.10.44] ident=[XWswZ9VRpIL2Yu96VaGJdENlKd1BBN8b]) by pat.uio.no with esmtp (Exim 4.34) id 1BnxdI-0003yz-RM for ietf-ldapbis@openldap.org; Fri, 23 Jul 2004 12:50:33 +0200 Received: from bombur.uio.no ([129.240.186.42]) by smtp.uio.no with esmtp (Exim 4.34) id 1BnxdE-0003nk-1t; Fri, 23 Jul 2004 12:50:28 +0200 Received: from hbf by bombur.uio.no with local (Exim 2.12 #7) id 1BnxdD-0002rM-00; Fri, 23 Jul 2004 12:50:27 +0200 From: Hallvard B Furuseth Message-Id: To: ietf-ldapbis@OpenLDAP.org Subject: LDAPDN problems, and changes since RFC 2253 Date: Fri, 23 Jul 2004 12:50:27 +0200 X-MailScanner-Information: This message has been scanned for viruses/spam. Contact postmaster@uio.no if you have questions about this scanning X-UiO-MailScanner: No virus found X-UiO-Spam-info: not spam, SpamAssassin (score=-5, required 12, UIO_MAIL_IS_INTERNAL -5.00) Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: I've been working with parsing/unparsing of old and new LDAP DNs lately; the experience was rather unsettling. Some of this may have been discussed before, if so feel free to declare the matter closed. There are a lot of minor changes to this since RFC 2253, but only a few are listed in draft-ietf-ldapbis-dn-14.txt Appendix B. The rest (listed below) should be added to Appendix B. I also suggest that the appendix is split in 3 sections: DN->string, string->DN and other changes. Section 2.4 (Converting an AttributeValue from ASN.1 to a String): * Mandate the # form when attribute type is numericoid; this was merely a "SHOULD" in RFC 2253. * Forbid null characters in the result; one must use '\00'. * Allow '\=' in the result. Section 3 (Parsing a String back to a Distinguished Name): * In the attributeType: - Accept 1-letter attribute types and reject some invalid numericoids, due to the productions in [Models]. * In the attributeValue input string: - Reject null characters. - Accept '\ ' and unescaped '='. - Accept '#' except as the first character. These changes are already noted: > - Updated Section 2.4 to allow hex pair escaping of all characters > and clarified escaping for when multiple octet UTF-8 echodings are > present. OK, > - Revised specification (in Section 2) to allow short names of any > registered attribute type to appear in string representations of > DNs instead of being restricted to a "published table". Remove > "as an example" language. Added statement (in Section 3) allowing > recognition of additional names but require recognization of those > names in the published table. The table is now published in > Section 3. The result is that implementations need not recognize all string representations that they produce: They are to produce short names if the attribute type is in the registry (section 2.3), but need only recognize the short names in the table in section 3. > - Replaced specification of additional requirements for LDAPv2 > implementations which also support LDAPv3 (RFC 2253, Section 4) > with a statement (in Section 3) allowing recognition of > alternative string representations. That one is more far-reaching than it looks. It causes two changes to attribute value parsing: - If one did not implement LDAPv2 compatibility, unescaped SPACE at the beginning and end was valid and not ignored when the string was parsed. Now it is an error. - If one did implement LDAPv2 compatibility, trailing whitespace was ignored before the comma. Now it is significant. SPACE at the end is an error, but other whitespace is valid. However, the RFC 2253 DN->string algorithm did _not_ say that trailing whitespace other than SPACE must be escaped. If LDAPv2 compatibility was implemented, SPACE was also ignored around '+' and '='. I expect some implementations treat other whitespace the same way, in which case the comment above applies to that too. Other implementations may treat other whitespace as normal characters even before comma. Also, since Section 4 (LDAPv2 compat.) says SPACE shall be ignored around [,;+=], it would not work to escape a trailing SPACE as '\ '. 'cn=foo\ ,o=bar' would become ('cn=foo\', 'o=bar') before one got around to parsing the RDNs. It seems safe to assume there are implementations around that do that. I suspect SPACE, or at least the trailing SPACE, was intended to be escaped as '\20', not as '\ ': Note the wording of RFC 2253 2.4: o a space or "#" character [...at beginning...] o a space character [...at end...] o one of the characters ",", "+", """, "\", "<", ">" or ";" [...] If a character to be escaped is one of the list shown above, then it is prefixed by a backslash ('\' ASCII 92). Maybe 'the list above' only meant the line with ","...";", not space and '#'. If so, production of '\ ' and '\#' are two other changes since RFC 2253. (It's hard to tell: The RFC grammar accepts '\#' but rejects '\ '. For that matter, the RFC is buggy about '=' vs. '\=': It only produces '=' but only accepts '\='.) Anyway, this means the new draft describes neither the "plain LDAPv3" nor the "LDAPv3 + LDAPv2" semantics of RFC 2253 in this respect. I suggest that: - Other ASCII whitespace than SPACE as the first or last character of the AttributeValue must also be escaped. - A trailing ASCII whitespace must, or at least SHOULD, be escaped with the \ form, not as '\ '. Or the '\ ' form could be removed altogether from Section 2.4 (but not from Section 3). - Section 3 (string->DN) adds a note about preceding and trailing whitespace other than SPACE, but I don't know what. Maybe it should be legal both to reject them, to strip them (plus any SPACE hidden by them), and to accept them as part of the AttributeValue. - Section 2.4 adds a note that RFC 2253 was buggy and implementations therefore were somewhat incompatible, but if one wishes the best possible RFC 2253 compatibility, one should not produce '=', '\=', '#', or '\ ', nor ASCII whitespace as the first or last character. Instead use the \hex form (and maybe '\#' for '#'). About the '\ ' form, I note that there according the C standard are file systems that strip trailing spaces from lines in text files. But maybe DNs are not intended to be stored in text files anyway, since they can contain control characters like CR and LF. Come to think of it, even the LDIF format allows plain ^Z characters, which I don't think DOS file systems are going to like. A few other notes: In Section 3: > string = [ (leadchar / pair) > [ *( stringchar / pair ) ( trailchar / pair ) ] ] I suggest to indent the 2nd line of the string production by 2 spaces: And maybe remove space after ( and before ) to shorten the line. In Appendix B: > - Updated Section 2.3 to indicate attribute type name strings are > case insensitive. Where? I can't see it. -- Hallvard From owner-ietf-ldapbis@OpenLDAP.org Fri Jul 23 13:04:15 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA09317 for ; Fri, 23 Jul 2004 13:04:15 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6NH1HRj058618; Fri, 23 Jul 2004 17:01:59 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6NGw30r058329; Fri, 23 Jul 2004 16:58:03 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Fri, 23 Jul 2004 16:58:03 +0000 Received: from cantor.openldap.org (root@cantor.openldap.org [204.152.186.52]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6NGuwkW058311 for ; Fri, 23 Jul 2004 16:58:02 GMT (envelope-from Kurt@OpenLDAP.org) Received: from pretender.boolean.net (root@foobarlabs-pt.tunnel.tserv1.fmt.ipv6.he.net [IPv6:2001:470:1f00:ffff::797] (may be forged)) by cantor.openldap.org (8.12.11/8.12.11) with ESMTP id i6NGuwOc032015 for ; Fri, 23 Jul 2004 16:56:58 GMT (envelope-from Kurt@OpenLDAP.org) Received: from gypsy.OpenLDAP.org (kurt@localhost [127.0.0.1]) by pretender.boolean.net (8.12.10/8.12.11) with ESMTP id i6NGtvv4026531; Fri, 23 Jul 2004 16:55:57 GMT (envelope-from Kurt@OpenLDAP.org) Message-Id: <6.1.2.0.0.20040723082423.047ba3b8@127.0.0.1> X-Sender: kurt@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0 Date: Fri, 23 Jul 2004 09:56:14 -0700 To: Hallvard B Furuseth From: "Kurt D. Zeilenga" Subject: Re: LDAPDN problems, and changes since RFC 2253 Cc: ietf-ldapbis@OpenLDAP.org In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: In this response, I will respond to Appendix B issues. That is, making sure that the Changes section reflects the changes made. I will leave discussion of changes made to another response. At 03:50 AM 7/23/2004, Hallvard B Furuseth wrote: >There are a lot of minor changes to this since RFC 2253, but only a few >are listed in draft-ietf-ldapbis-dn-14.txt Appendix B. In reviewing your comments, I noticed that one of the key changes is not noted: - Clarified that Section 2 describes the RECOMMENDED encoding algorithm and that alternative algorithms are allowed. Some encoding options described in RFC 2253 are now treated as alternative algorithms in this specification. >The rest (listed >below) should be added to Appendix B. I also suggest that the appendix >is split in 3 sections: DN->string, string->DN and other changes. I've tried to organize the bullets so that related changes appear together. >Section 2.4 (Converting an AttributeValue from ASN.1 to a String): > >* Mandate the # form when attribute type is numericoid; > this was merely a "SHOULD" in RFC 2253. In this specification, non-use of this form here is an alternative algorithm. >* Forbid null characters in the result; one must use '\00'. Will add: Indicated that NULL (U+0000) character is to be escaped. to the bullet which states with "Updated Section 2.4". >* Allow '\=' in the result. Will add: Indicated that equals sign ('=' U+003D) character may be escaped as '\='. to the bullet which states with "Updated Section 2.4". >Section 3 (Parsing a String back to a Distinguished Name): > >* In the attributeType: > - Accept 1-letter attribute types and reject some invalid > numericoids, due to the productions in [Models]. > >* In the attributeValue input string: > - Reject null characters. > - Accept '\ ' and unescaped '='. > - Accept '#' except as the first character. Will update the ABNF bullet as follows: - Updated the Section 3 ABNF. Changes include: + allow AttributeType short names of length 1 (e.g., 'L'), + use more restrictive production in AttributeTypes, + do not require escaping of equals sign ('=' U+03D) characters, + do not require escaping of non-leading number sign ('=' U+03D) characters, + allow space (' ' U+0020) to escaped as '\ ', and + require hex escaping of null (U+0000) characters. >> - Updated Section 2.3 to indicate attribute type name strings are >> case insensitive. > >Where? I can't see it. Will remove bullet. From owner-ietf-ldapbis@OpenLDAP.org Fri Jul 23 13:32:52 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA10962 for ; Fri, 23 Jul 2004 13:32:51 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6NHVHMV059748; Fri, 23 Jul 2004 17:31:26 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6NHPjpg059626; Fri, 23 Jul 2004 17:25:45 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Fri, 23 Jul 2004 17:25:45 +0000 Received: from cantor.openldap.org (root@cantor.openldap.org [204.152.186.52]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6NHOfjJ059581 for ; Fri, 23 Jul 2004 17:25:45 GMT (envelope-from Kurt@OpenLDAP.org) Received: from pretender.boolean.net (root@foobarlabs-pt.tunnel.tserv1.fmt.ipv6.he.net [IPv6:2001:470:1f00:ffff::797] (may be forged)) by cantor.openldap.org (8.12.11/8.12.11) with ESMTP id i6NHOfHc032064 for ; Fri, 23 Jul 2004 17:24:41 GMT (envelope-from Kurt@OpenLDAP.org) Received: from gypsy.OpenLDAP.org (kurt@localhost [127.0.0.1]) by pretender.boolean.net (8.12.10/8.12.11) with ESMTP id i6NHNfv4026694; Fri, 23 Jul 2004 17:23:41 GMT (envelope-from Kurt@OpenLDAP.org) Message-Id: <6.1.2.0.0.20040723095650.0485e620@127.0.0.1> X-Sender: kurt@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0 Date: Fri, 23 Jul 2004 10:23:58 -0700 To: Hallvard B Furuseth From: "Kurt D. Zeilenga" Subject: symmetry (Was: LDAPDN problems, and changes since RFC 2253) Cc: ietf-ldapbis@OpenLDAP.org In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: At 03:50 AM 7/23/2004, Hallvard B Furuseth wrote: >Some of this may have been discussed before, if so feel free to declare >the matter closed. Most of these issues have been previously discussed. However, there are a few points which are new. >> - Revised specification (in Section 2) to allow short names of any >> registered attribute type to appear in string representations of >> DNs instead of being restricted to a "published table". Remove >> "as an example" language. Added statement (in Section 3) allowing >> recognition of additional names but require recognization of those >> names in the published table. The table is now published in >> Section 3. > >The result is that implementations need not recognize all string >representations that they produce: They are to produce short names if >the attribute type is in the registry (section 2.3), but need only >recognize the short names in the table in section 3. Technically, yes. If a DN string encoder implementation uses other names, then it cannot expect those DN strings to recognized elsewhere, including by the DN string decoder(s) present in the same client/server software (especially true if the encoders and decoders are independently developed). There is no symmetry requirement as an client/server is free to use independently developed encoders and decoders. Kurt From owner-ietf-ldapbis@OpenLDAP.org Fri Jul 23 14:48:24 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA17897 for ; Fri, 23 Jul 2004 14:48:23 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6NIhHND063696; Fri, 23 Jul 2004 18:45:44 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6NIfiDr063604; Fri, 23 Jul 2004 18:41:44 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Fri, 23 Jul 2004 18:41:44 +0000 Received: from cantor.openldap.org (root@cantor.openldap.org [204.152.186.52]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6NIeOkT063572 for ; Fri, 23 Jul 2004 18:41:43 GMT (envelope-from Kurt@OpenLDAP.org) Received: from pretender.boolean.net (root@foobarlabs-pt.tunnel.tserv1.fmt.ipv6.he.net [IPv6:2001:470:1f00:ffff::797] (may be forged)) by cantor.openldap.org (8.12.11/8.12.11) with ESMTP id i6NIeNoX032233 for ; Fri, 23 Jul 2004 18:40:23 GMT (envelope-from Kurt@OpenLDAP.org) Received: from gypsy.OpenLDAP.org (kurt@localhost [127.0.0.1]) by pretender.boolean.net (8.12.10/8.12.11) with ESMTP id i6NIdNv4027119; Fri, 23 Jul 2004 18:39:23 GMT (envelope-from Kurt@OpenLDAP.org) Message-Id: <6.1.2.0.0.20040723105820.048dda30@127.0.0.1> X-Sender: kurt@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0 Date: Fri, 23 Jul 2004 11:39:41 -0700 To: Hallvard B Furuseth From: "Kurt D. Zeilenga" Subject: LDAPv2 DN (Was: LDAPDN problems, and changes since RFC 2253) Cc: ietf-ldapbis@OpenLDAP.org In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: Though I didn't include it my previous Appendix B issue response, it seems to be an Appendix B issue. At 03:50 AM 7/23/2004, Hallvard B Furuseth wrote: >> - Replaced specification of additional requirements for LDAPv2 >> implementations which also support LDAPv3 (RFC 2253, Section 4) >> with a statement (in Section 3) allowing recognition of >> alternative string representations. This likely should be split into two statements as the allowance for alternative string representations relates to other factors as well. - Removed specification of additional requirements for LDAPv2 implementations which also support LDAPv3 (RFC 2253, Section 4) as LDAPv2 is now Historic. - Allow recognition of alternative string representations. and add + removed LDAPv2-only constructs to the list of ABNF changes. >That one is more far-reaching than it looks. I hope the changes do have a far-reaching positive impact upon interoperability. RFC 2253 was a bit unclear as whether the Section 4 requirements applied to, hence there may be some disagreement as to how to reflect the changes made in Appendix B. Consensus of the WG was that they apply only to LDAPv2 implementations. The removal of Section 4 certainly clarifies that these requirements did not apply to LDAPv3 implementations. I think that is adequately reflected in my reworded removal statement. However, if others feel an additional note would be useful, I suggest adding: Consensus of the IETF was that the removed requirements do not apply to LDAPv3. >It causes two changes to attribute value parsing: As Section 4 (and the LDAPv2-only ABNF constructs) only applied when "parsing a DN string generated by an LDAPv2 client", their removal implies no change to LDAPv3. I believe it reasonable to only describe changes to LDAPv3. Changes to LDAPv2 are moot as 1) LDAPv2 is historic and 2) the Section detailing LDAPv2 requirements and other LDAPv2 aspects of RFC 2253 have been removed. >Anyway, this means the new draft describes neither the "plain LDAPv3" >nor the "LDAPv3 + LDAPv2" semantics of RFC 2253 in this respect. The draft now specifies only the LDAPv2 DN string representation. LDAPv2 is left to historic document. "LDAPv3 + LDAPv3" semantics is nonsense as only one version of the protocol is in use in any one protocol session. >I suggest that: It's unclear to mean whether you are suggesting additions to the Changes section or suggestion new changes be made to the DN string representation. Please clarify. If the latter, please provide justification for the change. Kurt From owner-ietf-ldapbis@OpenLDAP.org Mon Jul 26 15:06:15 2004 Received: from boole.openldap.org (root@boole.openldap.org [204.152.186.50]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA26990 for ; Mon, 26 Jul 2004 15:06:15 -0400 (EDT) Received: from boole.openldap.org (smmsp@localhost [IPv6:::1]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6QJ1mgj015649; Mon, 26 Jul 2004 19:03:57 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) Received: from localhost (majordomo@localhost) by boole.openldap.org (8.12.11/8.12.11/Submit) with SMTP id i6QJ0gcZ015550; Mon, 26 Jul 2004 19:00:42 GMT (envelope-from owner-ietf-ldapbis@OpenLDAP.org) X-Authentication-Warning: boole.openldap.org: majordomo owned process doing -bs Received: by OpenLDAP.org (bulk_mailer v1.13); Mon, 26 Jul 2004 19:00:42 +0000 Received: from ietf.org (odin.ietf.org [132.151.1.176]) by boole.openldap.org (8.12.11/8.12.11) with ESMTP id i6QIxXF4015482 for ; Mon, 26 Jul 2004 19:00:37 GMT (envelope-from dinaras@cnri.reston.va.us) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA26070; Mon, 26 Jul 2004 14:59:30 -0400 (EDT) Message-Id: <200407261859.OAA26070@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: i-d-announce@ietf.org Cc: ietf-ldapbis@OpenLDAP.org From: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-ldapbis-protocol-25.txt Date: Mon, 26 Jul 2004 14:59:30 -0400 Sender: owner-ietf-ldapbis@OpenLDAP.org Priority: non-urgent X-Loop: OpenLDAP Precedence: bulk Comment: ietf-ldapbis mailing list List-Archive: List-Help: List-ID: ietf-ldapbis mailing list List-Unsubscribe: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the LDAP (v3) Revision Working Group of the IETF. Title : LDAP: The Protocol Author(s) : J. Sermersheim Filename : draft-ietf-ldapbis-protocol-25.txt Pages : 61 Date : 2004-7-26 This document describes the protocol elements, along with their semantics and encodings, for the Lightweight Directory Access Protocol (LDAP). LDAP provides access to distributed directory services that act in accordance with X.500 data and service models. These protocol elements are based on those described in the X.500 Directory Access Protocol (DAP). A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-protocol-25.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-ldapbis-protocol-25.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-ldapbis-protocol-25.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2004-7-26152713.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-ldapbis-protocol-25.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ldapbis-protocol-25.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2004-7-26152713.I-D@ietf.org> --OtherAccess-- --NextPart--