Re: Matching Rules and RFC questions

[Kurt D. Z. <Ku...@Op...>]

At 02:13 PM 2002-08-15, Richard Fernandez wrote:
>Hello there,
>
>I have the following RFC questions regarding LDAP. Is there someone 
>there who can answer these questions?

It might be more appropriate to direct these questions to
a general LDAP list such as <ld...@um...>.  If you
believe a revision to the LDAP RFCs is called for, you should
discuss the specification issue on the IETF LDAPbis WG
<http://www.ietf.org/html.charters/ldapbis-charter.html>
mailing list.

A few quick comments...

>1) RFC 2252 section 6 states "Server SHOULD recognize all the syntaxes 
>described in this section.
>Then on RFC 2256 section 6 states the same thing as above. However, 
>the syntax list between both RFCs are not the same. So does RFC 2256 
>supercede 2252? If not why is there a conflict on the recommended 
>syntaxes. 

There is no conflict.   It is RECOMMENDED that servers recognized
all syntaxes specified in Section 6 of RFC 2252 and all syntaxes
specified in Section 6 of RFC 2256.

RFC 2256 does not supercede RFC 2252.  RFC 2251-2256, 2829, and
2830 (and their normative references) comprise the LDAPv3
technical specification.

>2) RFC 2252 lists 21 matching attribute but I have discovered three 
>more: 
>octetStringMatch
>authPasswordExactMatch
>authPasswordMatch
>
>Are the above new matching rules part of a new LDAP RFC release or just 
>proprietary to certain directory servers.

octetStringMatch is defined in RFC 2256.  authPasswordExactMatch
and authPasswordMatch are defined in RFC 3112.

>3) I work with Active Directory and eTrust (X.500) directory and when I 
>look at their schema objects (attribute, class and syntax definitions) 
>I do not see any schema objects for matching rules. Well if the 
>matching rules are not in the schema how can you use them?

no comment.

>4) Can you reference me to a good LDAP web site that has up to date RFC 
>resources?

http://www.rfc-editor.org

Kurt