[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: LDAPv3 Replication Access Control Design Team Report

To: "'John McMeeking'" <jmcmeek@xxxxxxxxxx>
Subject: RE: LDAPv3 Replication Access Control Design Team Report
From: "Liben, Michael (GTS)" <mliben@xxxxxxxxxxxxxxx>
Date: Tue, 10 Sep 2002 10:58:42 -0400
Cc: ietf-ldup@xxxxxxx, owner-ietf-ldup@xxxxxxxxxxxx, "'Timothy Hahn'" <hahnt@xxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-ldup/mail-archive/>
List-id: <ietf-ldup.imc.org>
List-unsubscribe: <mailto:ietf-ldup-request@imc.org?body=unsubscribe>
Sender: owner-ietf-ldup@xxxxxxxxxxxx

No, that's exactly what I had in mind. Preserving security context across servers for access control is well beyond the scope of the protocol.

Mike

-----Original Message-----
From: John McMeeking [mailto:jmcmeek@xxxxxxxxxx] 
Sent: Tuesday, September 10, 2002 10:11 AM
To: Liben, Michael (GTS)
Cc: ietf-ldup@xxxxxxx; owner-ietf-ldup@xxxxxxxxxxxx; 'Timothy Hahn'
Subject: RE: LDAPv3 Replication Access Control Design Team Report


>Mike,

>I believe your reply addresses authentication of servers to each other in
>replication.  I think that is a separate issue from LDUP requirements or
>behavior with respect to ensuring (or enabling) clients have the same
>authroity to access data on each of multiple replicas.  The latter issue is
>what this report addresses.


>John  McMeeking

Prev by Date: Replicating policy information (RE: LDAPv3 Replication Access Control Design Team Report)
Next by Date: Re: Replicating policy information (RE: LDAPv3 Replication Access Control Design Team Report)
Previous by thread: RE: LDAPv3 Replication Access Control Design Team Report
Next by thread: RE: LDAPv3 Replication Access Control Design Team Report
Index(es):
- Date
- Thread