[Freeipa-devel] 4.0 schema in 60basev3.ldif?
Petr Spacek
pspacek at redhat.com
Fri Jun 27 13:24:10 UTC 2014
On 27.6.2014 15:18, Simo Sorce wrote:
> On Fri, 2014-06-27 at 13:23 +0200, Martin Kosek wrote:
>> It seems to me that we are being inconsistent with regards to our FreeIPA
>> version and the schema files.
>>
>> We now have 60basev2.ldif containing FreeIPA 2.x schema, 60basev3.ldif
>> containing FreeIPA 3.x schema. However, we now also added FreeIPA 4.x schema to
>> 60basev3.ldif which seems as an inconsistency to me.
>>
>> Should we simply create 60basev4.ldif and move the new schema (mostly
>> permissionsv2 related) there?
>
> If you think it make sense go ahead and do it. I think we kept
> everything in the same file because at some point we changed (by adding
> MAY attributes) older objectclasses and these modifications were made
> before we decided to change version numbers to 4.0, but I find this
> mostly cosmetic so I do not really care one way or the other.
>
>> I am wondering that in that case we may also
>> think about making a new OID space for v4 schema as current one is defined as
>>
>> ## Attributes: 2.16.840.1.113730.3.8.11 - V3 base attributres
>> ## ObjectClasses: 2.16.840.1.113730.3.8.12 - V3 base objectclasses
>>
>> If we ever want to fix the OID space, now is the right time, it won't be
>> possible after release. Alternatively, we could also define
>> 2.16.840.1.113730.3.8.11 and 2.16.840.1.113730.3.8.12 as "V3+" space.
>
> I do not think it makes any sense to change OID space now.
> Feel free to mark the space as V3+
I agree with Simo as I personally don't see a reason to separate things by
version.
Separation by purpose seems more useful to me. (We already do that - DNS, OTP,
PKCS#11 are in separate OID sub-trees.)
--
Petr^2 Spacek
More information about the Freeipa-devel
mailing list