mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-03-07 14:18:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update I-Ds.

Browse Source
This commit is contained in:
Kurt Zeilenga 2002-06-13 16:14:10 +00:00
parent ad673923a3
commit c5de2fd6fd
2 changed files with 464 additions and 464 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
doc/drafts/draft-ietf-ldapext-locate-xx.txt
View File

@ -1,9 +1,9 @@
INTERNET-DRAFT Michael P. Armijo
<draft-ietf-ldapext-locate-07.txt> Levon Esibov
February 20, 2002 Paul Leach
Expires: August 20, 2002 Microsoft Corporation
<draft-ietf-ldapext-locate-08.txt> Levon Esibov
June 5, 2002 Paul Leach
Expires: December 5, 2002 Microsoft Corporation
R.L. Morgan
University of Washington
@ -31,7 +31,7 @@ Status of this Memo
http://www.ietf.org/shadow.html.
Distribution of this memo is unlimited. It is filed as <draft-
ietf-ldapext-locate-07.txt>, and expires on August 20, 2002.
ietf-ldapext-locate-08.txt>, and expires on December 5, 2002.
Please send comments to the authors.
Copyright Notice
@ -56,7 +56,7 @@ Abstract
Armijo, Esibov, Leach and Morgan [Page 1]
INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
INTERNET-DRAFT Discovering LDAP Services with DNS June 5, 2002
@ -103,6 +103,18 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
reasonable because many objects of interest are named with domain
names, and use of domain-name-based DNs is becoming common.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [9].
Armijo, Esibov, Leach and Morgan [Page 2]
INTERNET-DRAFT Discovering LDAP Services with DNS June 5, 2002
2. Mapping Distinguished Names into Domain Names
@ -112,11 +124,6 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
DNs cannot be converted into a domain name. Converted DNs result
in a fully qualified domain name.
Armijo, Esibov, Leach and Morgan [Page 2]
INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
The output domain name is initially empty. The DN is processed in
right-to-left order (i.e., beginning with the first RDN in the
@ -163,16 +170,9 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
Armijo, Esibov, Leach and Morgan [Page 3]
INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
INTERNET-DRAFT Discovering LDAP Services with DNS June 5, 2002
Presence of such records enables clients to find the LDAP servers
@ -191,7 +191,7 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
that satisfy the requested criteria. The following is an example of
such a record:
_ldap._tcp.example.net. IN SRV 0 0 389 phoenix.example.net.
_ldap._tcp.example.net. IN SRV 0 0 389 phoenix.example.net.
The set of returned records may contain multiple records in the case
where multiple LDAP servers serve the same domain. If there are no
@ -213,15 +213,15 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
intended to contact. See [7] for more information on security
threats and security mechanisms.
When using LDAP with TLS the client must check the server's name,
When using LDAP with TLS the client MUST check the server's name,
as described in section 3.6 of [RFC 2830]. As specified there, the
name the client checks for is the server's name before any
potentially insecure transformations, including the SRV record
lookup specified in this memo. Thus the name the client must check
lookup specified in this memo. Thus the name the client MUST check
for is the name obtained by doing the mapping step defined in
section 2 above. For example, if the DN "cn=John
Doe,ou=accounting,dc=example,dc=net" is converted to the DNS name
"example.net", the server's name must match "example.net".
"example.net", the server's name MUST match "example.net".
This document describes a method that uses DNS SRV records to
discover LDAP servers. All security considerations related to DNS
@ -230,7 +230,7 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
Armijo, Esibov, Leach and Morgan [Page 4]
INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
INTERNET-DRAFT Discovering LDAP Services with DNS June 5, 2002
6. References
@ -259,10 +259,11 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
"Authentication Methods for LDAP", RFC 2829, May 2000.
[8] Hodges, J., Morgan, R., Wahl, M., "Lightweight Directory Access
Protocol (v3): Extension for Transport Layer Security", RFC 2830,
May 2000.
Protocol (v3): Extension for Transport Layer Security",
RFC 2830, May 2000.
[9] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
@ -285,10 +286,9 @@ INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
levone@microsoft.com
Armijo, Esibov, Leach and Morgan [Page 5]
INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
INTERNET-DRAFT Discovering LDAP Services with DNS June 5, 2002
RL "Bob" Morgan
University of Washington
@ -346,7 +346,7 @@ herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE
Armijo, Esibov, Leach and Morgan [Page 6]
INTERNET-DRAFT Discovering LDAP Services with DNS February 20, 2002
INTERNET-DRAFT Discovering LDAP Services with DNS June 5, 2002
INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
@ -356,7 +356,7 @@ WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE."
10. Expiration Date
This documentis filed as <draft-ietf-ldapext-locate-06.txt>, and
expires August 20, 2002.
This document is filed as <draft-ietf-ldapext-locate-08.txt>, and
expires December 5, 2002.
Armijo, Esibov, Leach and Morgan [Page 7]

866
doc/drafts/draft-ietf-ldup-lcup-xx.txt
View File

File diff suppressed because it is too large Load Diff