directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lecharny <>
Subject Re: Discussion on porting X.500 ACIItem to LDAP
Date Thu, 15 Sep 2005 08:58:40 GMT
> > takes 391 bytes (and only because we only have ASCII chars !). This is
> > huge ! 90% of all those bytes are identifier (the T part of TLVs).
> This is one that is almost the shortest to write :-) 

That's frightening !!! ;)

> Identifiers should be
> there to obey GSER RFCs. 

Yeah, it's like "Obey Your Master !". GSER is, in my mind, one of the
wosrt RFC ever wrote. Not that it is bad by itself, but it's almost
useless... (hey, this is just my own opinion...)

> This is really a big spec when you think that a
> Set of SubtreeSpecifications is only a small part of the grammar..
> I can change the grantsAndDenials to recognize a string of certain number
> of 0's and 1's something like '10101010'B. However Trustin will have to
> write a lot of bitwise code to handle this component in his ACDF. If we
> choose this way we must exactly determine which fields are necessary for
> ldap while it's not a flexible structure.

If you write a string, you will have to put all the bits. It's a good
idea to suppress some of the bits, but keep in mind that it's a better
idea to keep the offset of each bit, instead of renumbering them.

Handling the bits could be something simple if we use internally the
BitString we have in ber-new, assuming we add a constructor that take a

However, this is not really important. The main point is that we have a
full version that works. Everything else is oepn minded discussion ! So 
1) make it works
2) improve it
3) criticize it ;)


View raw message