[389-devel] Re: Please Review: Change aci attribute syntax to Directory String (Nathan Kinder)
Rich Megginson
rmeggins at redhat.com
Tue Jul 28 19:47:15 UTC 2009
Howard Chu wrote:
>> The aci attribute is currently defined with a syntax of IA5 String.
>> This syntax only allows 7-bit characters. Now that the server has
>> support for syntax validation, this would prevent one from using
>> international characters in aci rules. This patch defines the aci
>> attribute with the Directory String syntax, which allows any valid
>> UTF8 character.
>
> Y'know, LDAP/X.500 requires that existing schema items must never be
> changed once they're in use. When you want to change something like
> this, usually you must define a new attributeType with a new OID for
> the purpose. Probably not so important given the history of schema
> checking in this code, but an fyi...
>
Thanks. Yes, that was definitely a consideration, and we thought about
this quite a bit before making this decision. We only chose this route
because it was the least evil.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20090728/9b0cd6f4/attachment.bin>
More information about the Fedora-directory-devel
mailing list