From owner-ietf-ldup@mail.imc.org Thu Nov 1 16:59:06 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA01659 for ; Thu, 1 Nov 2001 16:59:05 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA1LShT13017 for ietf-ldup-bks; Thu, 1 Nov 2001 13:28:43 -0800 (PST) Received: from va2mc.ummailbox.net (va2mc.ummailbox.net [64.210.247.17]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA1LSf813013 for ; Thu, 1 Nov 2001 13:28:41 -0800 (PST) Received: from ex04.ummail.com (ex04.ummail.com [64.210.247.105:25]) by va2mc.ummailbox.net with ESMTP id A1101-1628-0ae000; Thu, 1 Nov 2001 21:28:39 GMT Received: by ex04.ummail.com with Internet Mail Service (5.5.2650.21) id ; Thu, 1 Nov 2001 16:26:08 -0500 Message-ID: <504D6456F0C87F4C8B11FB0C2021D6F602DACF2F@ex04.ummail.com> From: Christopher Apple To: "'ietf-ldup@imc.org'" Cc: "John Strassner (E-mail)" Subject: several document revisions and other commitments slipped signific antly Date: Thu, 1 Nov 2001 16:26:07 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_0012_01C162F1.C8A17770" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_0012_01C162F1.C8A17770 Content-Type: multipart/mixed; boundary="----=_NextPart_001_0013_01C162F1.C8A17770" ------=_NextPart_001_0013_01C162F1.C8A17770 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Take a look at the meeting minutes from the last WG meeting: http://www.imc.org/ietf-ldup/mail-archive/msg01145.html If you've got a ToDo/Document Revision in there, let me know when you will do it or that you cannot and do not plan to. The WG is slipping into a risky place AGAIN. I plan to post a charter revision to the WG Mailing List this coming Monday, November 5 2001. It will include revised dates for deliverables that are either submitted by you or estimated by me - your choice. This charter will be open for review for one (1) calendar week from the date actually posted and will be submitted to our ADs shortly after that time assuming all issues raised on the list relative to the revised charter proposal can be resolved quickly. For anyone who is wondering, I have requested an LDUP meeting slot in Salt Lake City. I have also requested that our session be scheduled on the same or an adjacent day to LDAPBIS, POLICY, and LDAPEXT (if they are meeting). I'll be working on the WG meeting agenda over the next several days. Please send your suggestions/requests for topics on the WG agenda directly to myself and John Strassner. We will post a proposed agenda to the list prior to submitting to the Agenda Coordinator. Note to document editors: if you cannot attend the meeting, please let John and I know who will be covering your document during the meeting in your place. Chris Apple Program Manager - Integration Services United Messaging Inc. (V) +1 610 425 2860 ------=_NextPart_001_0013_01C162F1.C8A17770 Content-Type: text/x-vcard; name="Christopher Apple (E-mail).vcf" Content-Disposition: attachment; filename="Christopher Apple (E-mail).vcf" Content-Transfer-Encoding: quoted-printable BEGIN:VCARD VERSION:2.1 N:Apple;Christopher FN:Christopher Apple (E-mail) ORG:UMI TITLE:Program Manager TEL;WORK;VOICE:(610) 425-2860 TEL;HOME;VOICE:(215) 873-0850 TEL;CELL;VOICE:(610) 585-4241 TEL;WORK;FAX:(610) 425-6501 ADR;WORK:;;1161 McDermott Drive;West Chester;Pa.;19380;United States of = America LABEL;WORK;ENCODING=3DQUOTED-PRINTABLE:1161 McDermott = Drive=3D0D=3D0AWest Chester, Pa. 19380=3D0D=3D0AUnited States of Amer=3D ica EMAIL;PREF;INTERNET:christopher.apple@unitedmessaging.com REV:20010925T181636Z END:VCARD ------=_NextPart_001_0013_01C162F1.C8A17770-- ------=_NextPart_000_0012_01C162F1.C8A17770 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIF5DCCAqQw ggINoAMCAQICAwXEtzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMTAwMTIwMzQ0NFoXDTAyMTAwMTIwMzQ0NFowVzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjE0MDIGCSqGSIb3DQEJARYlY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVk bWVzc2FnaW5nLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAskTzIWwgiwgpN1uw6lPW 18QSwRHJrA1gsUDc/BvJsjlfGmlsfKKWz1vyLR4FHrVOLY9J82K1aTOrq6ce/aQfoQ1hKGH3tDPo AqetRW/nSpM2Jp50I3BImiFUr4ddB8WdNpYQgddQNCmvRAchnS+rwzsLUccV9LuukmfWf1EhvaUC AwEAAaNCMEAwMAYDVR0RBCkwJ4ElY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVkbWVzc2FnaW5nLm5l dDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBAgUAA4GBAB2VoUyzMe1HFbQvgw5Z+UvKcG68eDAZ bE2fkCMQDvnaIeqQiMcKGx1AN6F6+JMgoKuoT60B2052mU0K/LoR5OYIIM9J3KlqYjgUNZtRu89U bz9GgtSzDWMSQm+lNOBNFV7BddVrhKBHCglHiAiYUmzO7bi/YOi96yz2R4RdX6AhMIIDODCCAqGg AwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHD T6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSbVIoT h/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB BAUAA4GBADGxS0dd+QFx5fVTbF151j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3 UFWobPcNrUwbvAP0teuiR59sogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+dAvNa28o8 9kTqJmmHf0iezqWf54TYyWJirQXGMYICyDCCAsQCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYD VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0w GwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg UlNBIDIwMDAuOC4zMAIDBcS3MAkGBSsOAwIaBQCgggGDMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwHAYJKoZIhvcNAQkFMQ8XDTAxMTEwMTIxMjUxM1owIwYJKoZIhvcNAQkEMRYEFDHOAOcp+b9S IrCZHYIjT7wG6BrnMHYGCSqGSIb3DQEJDzFpMGcwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MAcGBSsOAwIHMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAcGBSsOAwIaMAcGBSsOAwIaMAoGCCqG SIb3DQIFMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3Rl MR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1h aWwgUlNBIDIwMDAuOC4zMAIDBcS3MA0GCSqGSIb3DQEBAQUABIGAcmJnncmDLdvZ26vphZ/vG5qM AgiSygOqFviMOqsVbpUtBDJON+cMn+LkJjK0Ogd3EpJRRZzEXKXeOvx+jF83swXj8q6LxndMmmX1 SCtxL8XYL1QwRnFKTioJfa5/yC3Jg9RlhiPfJuSRZ7wIHjL0vviQlSzHQ4ynjixldd7p0/sAAAAA AAA= ------=_NextPart_000_0012_01C162F1.C8A17770-- From owner-ietf-ldup@mail.imc.org Fri Nov 2 16:26:39 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA18789 for ; Fri, 2 Nov 2001 16:26:39 -0500 (EST) Received: by above.proper.com (8.11.6/8.11.3) id fA2KwMN13981 for ietf-ldup-bks; Fri, 2 Nov 2001 12:58:22 -0800 (PST) Received: from smtp.oncalldba.com (roc-24-169-98-153.rochester.rr.com [24.169.98.153]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA2KwH813977 for ; Fri, 2 Nov 2001 12:58:21 -0800 (PST) Received: from RMINC_DOM-MTA by smtp.oncalldba.com with Novell_GroupWise; Fri, 02 Nov 2001 15:53:34 -0700 Message-Id: X-Mailer: Novell GroupWise Internet Agent 6.0 Date: Fri, 02 Nov 2001 15:53:20 -0700 From: "Ed Reed" To: Cc: , Subject: Re: Subentries decision - internet draft withdrawn Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by above.proper.com id fA2KwL813978 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Content-Transfer-Encoding: 8bit comments ================= Ed Reed Reed-Matthews, Inc. +1 716 624 2402 (new!) http://www.Reed-Matthews.COM >>> "Kurt D. Zeilenga" 10/31/01 09:21AM >>> At 08:17 AM 2001-10-30, Ed Reed wrote: >1) encourage Kurt to revise the draft to make it "Standards Track" >instead of "Informational", so we can refer to it; no problem. thanks >2) Follow David Chadwick's suggestion that we define the >replicationAgreementSubentry class as a subclass of the X.500 >subentry, and define a structure rule for it that allows containment >of the replicationAgreementSubentry class entries by replicaSubentry class >entries. no problem. thanks >3) discourage use of the specificationFilter in the SubtreeSpecification, I note that specificationFilter seems to a useful in supporting sparse replication. Yeah, I know. But that's what I"m afraid of right now, because I'm having trouble visualizing how the administration tool (built on Microsoft's Console or Novell's ConsoleOne or NetScape's Directory Manager) will represent the sparse replication, and worse yet, the overlap, if any, of two different replicaSubentry specifications of the same replicationArea when they choose different subsets of entries, or possibly overlapping subsets of entries. I know there are uses of such things, but it seems to me that the 80-20 rule would dictate that 80% of the time such sparse replication won't be needed, or wanted, and support for the other 20% will, while possible, more difficult to manage correctly. If we don't discourage its use, then it will have to be supported by everyone, whether they can create a management tool to make sense of it by administrators, or not. I confess, this is an area of my own bias. I can certainly be persuaded to just let it go and see what the market creates. But I've felt that I owed the community that would listen this one last appeal for simplicity of required implementation. Nuff said. Kurt From owner-ietf-ldup@mail.imc.org Fri Nov 2 16:34:24 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA19237 for ; Fri, 2 Nov 2001 16:34:23 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA2LC5514260 for ietf-ldup-bks; Fri, 2 Nov 2001 13:12:05 -0800 (PST) Received: from va2mc.ummailbox.net (va2mc.ummailbox.net [64.210.247.21]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA2LC4814256 for ; Fri, 2 Nov 2001 13:12:04 -0800 (PST) Received: from ex04.ummail.com (ex04.ummail.com [64.210.247.105:25]) by va2mc.ummailbox.net with ESMTP id H1102-1611-39b000; Fri, 2 Nov 2001 21:12:00 GMT Received: by ex04.ummail.com with Internet Mail Service (5.5.2650.21) id ; Fri, 2 Nov 2001 16:09:25 -0500 Message-ID: <504D6456F0C87F4C8B11FB0C2021D6F602DACF3F@ex04.ummail.com> From: Christopher Apple To: "'ietf-ldup@imc.org'" Subject: WG Last Call: LDAPv3 Operation Framing and Grouping Drafts Date: Fri, 2 Nov 2001 16:09:24 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_001D_01C163B8.9D1B5130" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_001D_01C163B8.9D1B5130 Content-Type: multipart/mixed; boundary="----=_NextPart_001_001E_01C163B8.9D1B5130" ------=_NextPart_001_001E_01C163B8.9D1B5130 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit The purpose of this message is to initiate the LDUP working group last call on two documents: 1) Profile for Framing LDAPv3 Operations 2) LDAPv3: Grouping of Related Operations WHICH DOCUMENTS? The documents in last call are: http://www.ietf.org/internet-drafts/draft-ietf-ldup-framing-profile-00.t xt http://www.ietf.org/internet-drafts/draft-zeilenga-ldap-grouping-02.txt WHAT IS A LAST CALL FOR? The purpose of the working group last call is to ensure that the working group has reached consensus on the documents, believes that all the known outstanding issues have been addressed, and is ready to put the documents forward for proposed standard status. During the last call, any comments on the documents are collected and discussed on the mailing list. HOW LONG DOES IT LAST? The last call starts today and will last approximately three weeks. It will end on Friday, November 30, 2001. WHAT'S THE NEXT STEP? After the last call completes, there are three possible outcomes: 1) No changes are required and we request our ADs to put forward the documents to the IESG for proposed standard status. 2) Minor changes agreed to on the list are required, and the document is revised. We then ask our ADs to put forward the revised document to the IESG for proposed standard status. 3) Major issues are raised and no consensus is reached on the list. In this case, we discuss things until consensus is reached, at which time another working group last call will be issued. Assuming we achieve outcome 1) or 2), and that the ADs agree with our assessment, the next stop for the documents is with the IESG. The IESG reads them and may approve the documents (with or without changes), or send the documents back to the working group to have major issues addressed. If the first outcome happens, the documents are put forward for a last call to the entire IETF of a duration appropriate for the type of document, and after successful completion the documents are published as RFCs with proposed standard status. If the second outcome happens, we go back and address the issues, putting the documents forward again when we believe they're ready. WHAT SHOULD YOU DO? You should read the documents, making sure that 1) there are no problems or deficiencies or outstanding issues that need to be resolved; and 2) that there are no typos, formatting problems, grammatical errors, etc. Any substantive problems you find, you should send to the list. Any minor problems (typos, etc.) you may send to the list or just to the authors. If, for some reason, you have comments you don't want to send to the entire list, you may send them to me and/or LDUP WG co-chair John Strassner. Silence means consent. Read, enjoy, and send your comments in! regards, Chris Apple and John Strassner Chris Apple Program Manager - Integration Services United Messaging Inc. (V) +1 610 425 2860 ------=_NextPart_001_001E_01C163B8.9D1B5130 Content-Type: text/x-vcard; name="Christopher Apple (E-mail).vcf" Content-Disposition: attachment; filename="Christopher Apple (E-mail).vcf" Content-Transfer-Encoding: quoted-printable BEGIN:VCARD VERSION:2.1 N:Apple;Christopher FN:Christopher Apple (E-mail) ORG:UMI TITLE:Program Manager TEL;WORK;VOICE:(610) 425-2860 TEL;HOME;VOICE:(215) 873-0850 TEL;CELL;VOICE:(610) 585-4241 TEL;WORK;FAX:(610) 425-6501 ADR;WORK:;;1161 McDermott Drive;West Chester;Pa.;19380;United States of = America LABEL;WORK;ENCODING=3DQUOTED-PRINTABLE:1161 McDermott = Drive=3D0D=3D0AWest Chester, Pa. 19380=3D0D=3D0AUnited States of Amer=3D ica EMAIL;PREF;INTERNET:christopher.apple@unitedmessaging.com REV:20010925T181636Z END:VCARD ------=_NextPart_001_001E_01C163B8.9D1B5130-- ------=_NextPart_000_001D_01C163B8.9D1B5130 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIF5DCCAqQw ggINoAMCAQICAwXEtzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMTAwMTIwMzQ0NFoXDTAyMTAwMTIwMzQ0NFowVzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjE0MDIGCSqGSIb3DQEJARYlY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVk bWVzc2FnaW5nLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAskTzIWwgiwgpN1uw6lPW 18QSwRHJrA1gsUDc/BvJsjlfGmlsfKKWz1vyLR4FHrVOLY9J82K1aTOrq6ce/aQfoQ1hKGH3tDPo AqetRW/nSpM2Jp50I3BImiFUr4ddB8WdNpYQgddQNCmvRAchnS+rwzsLUccV9LuukmfWf1EhvaUC AwEAAaNCMEAwMAYDVR0RBCkwJ4ElY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVkbWVzc2FnaW5nLm5l dDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBAgUAA4GBAB2VoUyzMe1HFbQvgw5Z+UvKcG68eDAZ bE2fkCMQDvnaIeqQiMcKGx1AN6F6+JMgoKuoT60B2052mU0K/LoR5OYIIM9J3KlqYjgUNZtRu89U bz9GgtSzDWMSQm+lNOBNFV7BddVrhKBHCglHiAiYUmzO7bi/YOi96yz2R4RdX6AhMIIDODCCAqGg AwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHD T6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSbVIoT h/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB BAUAA4GBADGxS0dd+QFx5fVTbF151j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3 UFWobPcNrUwbvAP0teuiR59sogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+dAvNa28o8 9kTqJmmHf0iezqWf54TYyWJirQXGMYICyDCCAsQCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYD VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0w GwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg UlNBIDIwMDAuOC4zMAIDBcS3MAkGBSsOAwIaBQCgggGDMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwHAYJKoZIhvcNAQkFMQ8XDTAxMTEwMjIxMDgzMFowIwYJKoZIhvcNAQkEMRYEFCLRnStQRPU1 Hrg65x6YGpUhOJvsMHYGCSqGSIb3DQEJDzFpMGcwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MAcGBSsOAwIHMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAcGBSsOAwIaMAcGBSsOAwIaMAoGCCqG SIb3DQIFMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3Rl MR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1h aWwgUlNBIDIwMDAuOC4zMAIDBcS3MA0GCSqGSIb3DQEBAQUABIGAKmi9/tRUHegyjGKzklUfVeTO YI+LSosf9iB87Fe2GnRr5pm4jers9Q6xFFxL3Z1dsPDFzY7VjC6+t6ef3hSkUBXGIJH5r+TD02nD QDSseiOp8XS6GVookumDvkWB3LRqyQcrY7y0ecnKVXb9vTMiwsqwuVp6nwSTPtLIKACU1sYAAAAA AAA= ------=_NextPart_000_001D_01C163B8.9D1B5130-- From owner-ietf-ldup@mail.imc.org Fri Nov 2 17:36:05 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA20585 for ; Fri, 2 Nov 2001 17:36:04 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA2MEHY16020 for ietf-ldup-bks; Fri, 2 Nov 2001 14:14:17 -0800 (PST) Received: from va2mc.ummailbox.net (va2mc.ummailbox.net [64.210.247.16]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA2MEG816016 for ; Fri, 2 Nov 2001 14:14:16 -0800 (PST) Received: from ex04.ummail.com (ex04.ummail.com [64.210.247.105:25]) by va2mc.ummailbox.net with ESMTP id H1102-1714-142400; Fri, 2 Nov 2001 22:14:15 GMT Received: by ex04.ummail.com with Internet Mail Service (5.5.2650.21) id ; Fri, 2 Nov 2001 17:11:40 -0500 Message-ID: <504D6456F0C87F4C8B11FB0C2021D6F602DACF44@ex04.ummail.com> From: Christopher Apple To: "'ietf-ldup@imc.org'" Subject: RE: WG Last Call: LDAPv3 Operation Framing and Grouping Drafts Date: Fri, 2 Nov 2001 17:11:39 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_004C_01C163C1.4F6C9A80" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_004C_01C163C1.4F6C9A80 Content-Type: multipart/mixed; boundary="----=_NextPart_001_004D_01C163C1.4F6C9A80" ------=_NextPart_001_004D_01C163C1.4F6C9A80 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit The URL for the Framing draft doesn't work if clicked on in my browser because my mail client truncated the "xt" part of ".txt"....have to manually adjust it when trying to use the link. Chris Apple Program Manager - Integration Services United Messaging Inc. (V) +1 610 425 2860 -----Original Message----- From: Christopher Apple [mailto:christopher.apple@UnitedMessaging.net] Sent: Friday, November 02, 2001 4:09 PM To: 'ietf-ldup@imc.org' Subject: WG Last Call: LDAPv3 Operation Framing and Grouping Drafts The purpose of this message is to initiate the LDUP working group last call on two documents: 1) Profile for Framing LDAPv3 Operations 2) LDAPv3: Grouping of Related Operations WHICH DOCUMENTS? The documents in last call are: http://www.ietf.org/internet-drafts/draft-ietf-ldup-framing-profile-00.t xt http://www.ietf.org/internet-drafts/draft-zeilenga-ldap-grouping-02.txt WHAT IS A LAST CALL FOR? The purpose of the working group last call is to ensure that the working group has reached consensus on the documents, believes that all the known outstanding issues have been addressed, and is ready to put the documents forward for proposed standard status. During the last call, any comments on the documents are collected and discussed on the mailing list. HOW LONG DOES IT LAST? The last call starts today and will last approximately three weeks. It will end on Friday, November 30, 2001. WHAT'S THE NEXT STEP? After the last call completes, there are three possible outcomes: 1) No changes are required and we request our ADs to put forward the documents to the IESG for proposed standard status. 2) Minor changes agreed to on the list are required, and the document is revised. We then ask our ADs to put forward the revised document to the IESG for proposed standard status. 3) Major issues are raised and no consensus is reached on the list. In this case, we discuss things until consensus is reached, at which time another working group last call will be issued. Assuming we achieve outcome 1) or 2), and that the ADs agree with our assessment, the next stop for the documents is with the IESG. The IESG reads them and may approve the documents (with or without changes), or send the documents back to the working group to have major issues addressed. If the first outcome happens, the documents are put forward for a last call to the entire IETF of a duration appropriate for the type of document, and after successful completion the documents are published as RFCs with proposed standard status. If the second outcome happens, we go back and address the issues, putting the documents forward again when we believe they're ready. WHAT SHOULD YOU DO? You should read the documents, making sure that 1) there are no problems or deficiencies or outstanding issues that need to be resolved; and 2) that there are no typos, formatting problems, grammatical errors, etc. Any substantive problems you find, you should send to the list. Any minor problems (typos, etc.) you may send to the list or just to the authors. If, for some reason, you have comments you don't want to send to the entire list, you may send them to me and/or LDUP WG co-chair John Strassner. Silence means consent. Read, enjoy, and send your comments in! regards, Chris Apple and John Strassner Chris Apple Program Manager - Integration Services United Messaging Inc. (V) +1 610 425 2860 ------=_NextPart_001_004D_01C163C1.4F6C9A80 Content-Type: text/x-vcard; name="Christopher Apple (E-mail).vcf" Content-Disposition: attachment; filename="Christopher Apple (E-mail).vcf" Content-Transfer-Encoding: quoted-printable BEGIN:VCARD VERSION:2.1 N:Apple;Christopher FN:Christopher Apple (E-mail) ORG:UMI TITLE:Program Manager TEL;WORK;VOICE:(610) 425-2860 TEL;HOME;VOICE:(215) 873-0850 TEL;CELL;VOICE:(610) 585-4241 TEL;WORK;FAX:(610) 425-6501 ADR;WORK:;;1161 McDermott Drive;West Chester;Pa.;19380;United States of = America LABEL;WORK;ENCODING=3DQUOTED-PRINTABLE:1161 McDermott = Drive=3D0D=3D0AWest Chester, Pa. 19380=3D0D=3D0AUnited States of Amer=3D ica EMAIL;PREF;INTERNET:christopher.apple@unitedmessaging.com REV:20010925T181636Z END:VCARD ------=_NextPart_001_004D_01C163C1.4F6C9A80-- ------=_NextPart_000_004C_01C163C1.4F6C9A80 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIF5DCCAqQw ggINoAMCAQICAwXEtzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMTAwMTIwMzQ0NFoXDTAyMTAwMTIwMzQ0NFowVzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjE0MDIGCSqGSIb3DQEJARYlY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVk bWVzc2FnaW5nLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAskTzIWwgiwgpN1uw6lPW 18QSwRHJrA1gsUDc/BvJsjlfGmlsfKKWz1vyLR4FHrVOLY9J82K1aTOrq6ce/aQfoQ1hKGH3tDPo AqetRW/nSpM2Jp50I3BImiFUr4ddB8WdNpYQgddQNCmvRAchnS+rwzsLUccV9LuukmfWf1EhvaUC AwEAAaNCMEAwMAYDVR0RBCkwJ4ElY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVkbWVzc2FnaW5nLm5l dDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBAgUAA4GBAB2VoUyzMe1HFbQvgw5Z+UvKcG68eDAZ bE2fkCMQDvnaIeqQiMcKGx1AN6F6+JMgoKuoT60B2052mU0K/LoR5OYIIM9J3KlqYjgUNZtRu89U bz9GgtSzDWMSQm+lNOBNFV7BddVrhKBHCglHiAiYUmzO7bi/YOi96yz2R4RdX6AhMIIDODCCAqGg AwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHD T6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSbVIoT h/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB BAUAA4GBADGxS0dd+QFx5fVTbF151j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3 UFWobPcNrUwbvAP0teuiR59sogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+dAvNa28o8 9kTqJmmHf0iezqWf54TYyWJirQXGMYICyDCCAsQCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYD VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0w GwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg UlNBIDIwMDAuOC4zMAIDBcS3MAkGBSsOAwIaBQCgggGDMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwHAYJKoZIhvcNAQkFMQ8XDTAxMTEwMjIyMTA0NVowIwYJKoZIhvcNAQkEMRYEFK+lGYXfwB6m TBA0YS9orbKuxmcTMHYGCSqGSIb3DQEJDzFpMGcwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MAcGBSsOAwIHMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAcGBSsOAwIaMAcGBSsOAwIaMAoGCCqG SIb3DQIFMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3Rl MR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1h aWwgUlNBIDIwMDAuOC4zMAIDBcS3MA0GCSqGSIb3DQEBAQUABIGAcxF68y2h9WHKajS3neI9gMhF c7ShZ9+oFBgOwLWHSOkmzMnJ4XcR4lSZcgrBjCBgV0KONdWymOJZyP8LxYvygDoVu+twHtH8DbQM dWrZIpRa9zs9rOVAbQ5m9JdhpkG1uNiDen4wUl7l8y2B4pKKqUNyldbJCkdsCbQc/vrZ7w0AAAAA AAA= ------=_NextPart_000_004C_01C163C1.4F6C9A80-- From owner-ietf-ldup@mail.imc.org Fri Nov 2 19:06:43 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA22158 for ; Fri, 2 Nov 2001 19:06:42 -0500 (EST) Received: by above.proper.com (8.11.6/8.11.3) id fA2Nk2E17910 for ietf-ldup-bks; Fri, 2 Nov 2001 15:46:02 -0800 (PST) Received: from ARKMAIL.arkivio.com ([66.120.211.201]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA2Nk2817906 for ; Fri, 2 Nov 2001 15:46:02 -0800 (PST) Received: from BRUCE-LAPTOP.directory-applications.com ([66.120.211.227]) by ARKMAIL.arkivio.com with Microsoft SMTPSVC(5.0.2195.3779); Fri, 2 Nov 2001 15:40:34 -0800 Message-Id: <5.1.0.14.0.20011102153723.00a8dbd0@mail.dtasi.com> X-Sender: bgreenblatt@mail.dtasi.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Fri, 02 Nov 2001 15:39:44 -0800 To: "'ietf-ldup@imc.org'" From: Bruce Greenblatt Subject: Re: WG Last Call: LDAPv3 Operation Framing and Grouping Drafts In-Reply-To: <504D6456F0C87F4C8B11FB0C2021D6F602DACF3F@ex04.ummail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-OriginalArrivalTime: 02 Nov 2001 23:40:34.0997 (UTC) FILETIME=[C49FE650:01C163F7] Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: At 01:09 PM 11/2/2001 -0800, Christopher Apple wrote: >The purpose of this message is to initiate the LDUP >working group last call on two documents: > >1) Profile for Framing LDAPv3 Operations > >2) LDAPv3: Grouping of Related Operations Just out of curiosity, what LDAP server vendors are planning on supporting the functions supplied by these drafts/ From owner-ietf-ldup@mail.imc.org Mon Nov 5 16:10:14 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA07899 for ; Mon, 5 Nov 2001 16:10:13 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA5KXmk14706 for ietf-ldup-bks; Mon, 5 Nov 2001 12:33:48 -0800 (PST) Received: from va2mc.ummailbox.net (va2mc.ummailbox.net [64.210.247.17]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA5KXk814700 for ; Mon, 5 Nov 2001 12:33:47 -0800 (PST) Received: from ex04.ummail.com (ex04.ummail.com [64.210.247.105:25]) by va2mc.ummailbox.net with ESMTP id K1105-1533-700c00; Mon, 5 Nov 2001 20:33:45 GMT Received: by ex04.ummail.com with Internet Mail Service (5.5.2650.21) id ; Mon, 5 Nov 2001 15:31:01 -0500 Message-ID: <504D6456F0C87F4C8B11FB0C2021D6F602DACF5C@ex04.ummail.com> From: Christopher Apple To: "'ietf-ldup@imc.org'" Cc: "John Strassner (E-mail)" Subject: Revised WG Charter Proposal Date: Mon, 5 Nov 2001 15:30:56 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_00A5_01C1660E.BA420A30" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_00A5_01C1660E.BA420A30 Content-Type: multipart/mixed; boundary="----=_NextPart_001_00A6_01C1660E.BA420A30" ------=_NextPart_001_00A6_01C1660E.BA420A30 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Based on input from document editors and a little editing from me, please review the following. The open review period of this begins today, Monday, November 5, 2001 and will last for 7 days. The review period therefore ends on Monday, November 12, 2001. Silence equals consent. This will be sent to the ADs for review subject to incorporation of comments sent, discussed, and vetted on the WG mailing list shortly after November 12, 2001. LDAP Duplication/Replication/Update Protocols (ldup) Last Modified: 05-Nov-01 Chair(s): Chris Apple John Strassner Applications Area Director(s): Ned Freed Patrik Faltstrom Applications Area Advisor: Patrik Faltstrom Mailing Lists: General Discussion:ietf-ldup@imc.org To Subscribe: ietf-ldup-request@imc.org In Body: subscribe Archive: http://www.imc.org/ietf-ldup/ Description of Working Group: As LDAPv3 becomes more widely deployed, replication of data across servers running different implementations becomes an important part of providing a distributed directory service. However, the LDAPv3 community, to date, has focused on standardizing the client-server access protocol. Therefore, this group will standardize master-slave and multi-master LDAPv3 replication as defined below: o Multi-Master Replication - A replication model where entries can be written and updated on any of several replica copies, without requiring communication with other masters before the write or update is performed. o Master-Slave, or Single-Master Replication - A replication model that assumes only one server, the master, allows write access to the replicated data. Note that Master-Slave replication can be considered a proper subset of multi-master replication. The WG's approach is to first develop a set of requirements for LDAPv3 directory replication and write an applicability statement defining scenarios on which replication requirements are based. An engineering team was formed consisting of different vendors and the co-chairs in order to harmonize the existing approaches into a single standard approach. All of these have been accomplished during the pre-working group stage. It should be noted, however, that replication using heterogeneous servers is dependent on resolving access control issues, which are the domain of other working groups. Should these issues not be resolved outside of the LDUP WG in a timely manner relative to the WG's needs, the WG will be re-chartered subject to Applications AD/IESG approval to include the minimum required work. The new replication architecture support all forms of replication mentioned above. Seven areas of working group focus have been identified through LDUP Engineering Team discussions, each leading to one or more Engineering Team discussions, each leading to one or more documents to be published: o LDAPv3 Replication Architecture This documents a general-purpose LDAPv3 replication architecture, defines key components of this architecture, describes how these key components functionally behave, and describes how these components interact with each other when in various modes of operation. o LDAPv3 Replication Information Model Defines the schema and semantics of information used to operate, administer, maintain, and provision replication between LDAPv3 servers. Specifically, this document will contain common schema specifications intended to facilitate interoperable implementations with respect to: + replication agreements + consistency models + replication topologies + managing deleted objects and their states + administration and management o LDAPv3 Replication Information Transport Protocol LDAPv3 extended operation and control specifications required to allow LDAPv3 to be used as the transport protocol for information being replicated o LDAPv3 Mandatory Replica Management Specifications required to allow administration, maintenance, and provisioning of replicas and replication agreements. These specifications may take the form of definitions for LDAPv3 extended operations, controls, and/or new schema elements. o LDAPv3 Update Reconciliation Procedures Procedures for detection and resolution of conflicts between the state of multiple replicas that contain information from the same unit of replication. o LDAPv3 Replication Usage Profile Including the LDAPv3 Replication Architecture, Information Model, Protocol Extensions, and Update Reconciliation Procedures for: + LDAPv3 Master-Slave Directory Replication + LDAPv3 Multi-Master Directory Replication o LDAPv3 Client Update A protocol that enables an LDAP client to synchronize with the content of a directory information tree (DIT) stored by an LDAP server and to be notified about the changes to that content. The work being done in the LDUP WG should be coordinated to the closest extent possible with similar work being done in the ITU. This is necessary both because LDAP depends on X.500 and because it makes sense from an operational perspective. Goals and Milestones: Done Submit I-D on LDAPv3 Directory Replication Requirements. Done Submit Internet-Draft on LDAPv3 Replication Information Model. Done Submit I-D on LDAPv3 Update Reconciliation Procedures. Done Revise I-D on LDAPv3 Directory Replication Requirements. Done Revise I-D on LDAPv3 Replication Architecture. Done Revise I-D on LDAPv3 Replication Architecture. Done Revise I-D on LDAPv3 Replication Information Model. Done Submit I-D on LDAPv3 Replication Information Transport Protocol. Done LDAPv3 Directory Replication Requirements I-D goes to WG Last Call as Informational. Done Submit I-D on LDAPv3 Mandatory Replica Management. Done Submit I-D on General LDUP Usage Profile. Done Submit I-D on LDAPv3 Operations Framing. Oct 01 I-D on LDAPv3 Extended Operations for Framing goes to WG Last Call as Proposed Standard. Nov 01 Submit I-D on LDAPv3 Replication Information Transport Protocol. Nov 01 Revise I-D on General LDUP Usage Profile. Nov 01 Revise I-D on LDAPv3 Mandatory Replica Management. Dec 01 LDAPv3 Client Update Protocol I-D goes to WG Last Call as Proposed Standard. Feb 02 LDAPv3 Replication Architecture I-D goes to WG Last Call as Informational. Mar 02 LDAPv3 Update Reconciliation Procedures I-D goes to WG Last Call as Proposed Standard. Mar 02 LDAPv3 Mandatory Replica Management I-D goes to WG Last Call as Proposed Standard. Mar 02 LDAPv3 Replication Information Model I-D goes to WG Last Call as Proposed Standard. Mar 02 LDAPv3 Replication Information Transport Protocol I-D goes to WG Last Call as Proposed Standard. Mar 02 Re-evaluate Charter and Milestones. Chris Apple Program Manager - Integration Services United Messaging Inc. (V) +1 610 425 2860 ------=_NextPart_001_00A6_01C1660E.BA420A30 Content-Type: text/x-vcard; name="Christopher Apple (E-mail).vcf" Content-Disposition: attachment; filename="Christopher Apple (E-mail).vcf" Content-Transfer-Encoding: quoted-printable BEGIN:VCARD VERSION:2.1 N:Apple;Christopher FN:Christopher Apple (E-mail) ORG:UMI TITLE:Program Manager TEL;WORK;VOICE:(610) 425-2860 TEL;HOME;VOICE:(215) 873-0850 TEL;CELL;VOICE:(610) 585-4241 TEL;WORK;FAX:(610) 425-6501 ADR;WORK:;;1161 McDermott Drive;West Chester;Pa.;19380;United States of = America LABEL;WORK;ENCODING=3DQUOTED-PRINTABLE:1161 McDermott = Drive=3D0D=3D0AWest Chester, Pa. 19380=3D0D=3D0AUnited States of Amer=3D ica EMAIL;PREF;INTERNET:christopher.apple@unitedmessaging.com REV:20010925T181636Z END:VCARD ------=_NextPart_001_00A6_01C1660E.BA420A30-- ------=_NextPart_000_00A5_01C1660E.BA420A30 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIF5DCCAqQw ggINoAMCAQICAwXEtzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMTAwMTIwMzQ0NFoXDTAyMTAwMTIwMzQ0NFowVzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjE0MDIGCSqGSIb3DQEJARYlY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVk bWVzc2FnaW5nLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAskTzIWwgiwgpN1uw6lPW 18QSwRHJrA1gsUDc/BvJsjlfGmlsfKKWz1vyLR4FHrVOLY9J82K1aTOrq6ce/aQfoQ1hKGH3tDPo AqetRW/nSpM2Jp50I3BImiFUr4ddB8WdNpYQgddQNCmvRAchnS+rwzsLUccV9LuukmfWf1EhvaUC AwEAAaNCMEAwMAYDVR0RBCkwJ4ElY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVkbWVzc2FnaW5nLm5l dDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBAgUAA4GBAB2VoUyzMe1HFbQvgw5Z+UvKcG68eDAZ bE2fkCMQDvnaIeqQiMcKGx1AN6F6+JMgoKuoT60B2052mU0K/LoR5OYIIM9J3KlqYjgUNZtRu89U bz9GgtSzDWMSQm+lNOBNFV7BddVrhKBHCglHiAiYUmzO7bi/YOi96yz2R4RdX6AhMIIDODCCAqGg AwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHD T6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSbVIoT h/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB BAUAA4GBADGxS0dd+QFx5fVTbF151j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3 UFWobPcNrUwbvAP0teuiR59sogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+dAvNa28o8 9kTqJmmHf0iezqWf54TYyWJirQXGMYICyDCCAsQCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYD VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0w GwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg UlNBIDIwMDAuOC4zMAIDBcS3MAkGBSsOAwIaBQCgggGDMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwHAYJKoZIhvcNAQkFMQ8XDTAxMTEwNTIwMjk1OFowIwYJKoZIhvcNAQkEMRYEFNErvgwXOZbg tHMyn+magIHDNCwOMHYGCSqGSIb3DQEJDzFpMGcwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MAcGBSsOAwIHMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAcGBSsOAwIaMAcGBSsOAwIaMAoGCCqG SIb3DQIFMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3Rl MR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1h aWwgUlNBIDIwMDAuOC4zMAIDBcS3MA0GCSqGSIb3DQEBAQUABIGAd+Mg4WRwoyYV7/VgS10vbqWn oeX/5WKymw37HzpekxN/OfBcM3wtcKduBjvcll4eydFnW7+ZKvoiW0+Qb59uOIca5qu3Dt8e7r8Q 0Ys7nJOqUBpe9dwqrUhS4zgPzIVKEIZUysMd07Ecb2ymw4mPbpPH/wg0N79GmYTdqvVapaMAAAAA AAA= ------=_NextPart_000_00A5_01C1660E.BA420A30-- From owner-ietf-ldup@mail.imc.org Mon Nov 5 17:06:21 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA09423 for ; Mon, 5 Nov 2001 17:06:20 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA5Lh0816821 for ietf-ldup-bks; Mon, 5 Nov 2001 13:43:00 -0800 (PST) Received: from e1.ny.us.ibm.com (e1.ny.us.ibm.com [32.97.182.101]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA5Lgx816816; Mon, 5 Nov 2001 13:42:59 -0800 (PST) Received: from northrelay02.pok.ibm.com (northrelay02.pok.ibm.com [9.117.200.22]) by e1.ny.us.ibm.com (8.9.3/8.9.3) with ESMTP id QAA130622; Mon, 5 Nov 2001 16:40:20 -0500 Received: from d01mlc96.pok.ibm.com (d01mlc96.pok.ibm.com [9.117.250.33]) by northrelay02.pok.ibm.com (8.11.1m3/NCO v5.00) with ESMTP id fA5LgrR20110; Mon, 5 Nov 2001 16:42:53 -0500 To: Christopher Apple Cc: "'ietf-ldup@imc.org'" , "John Strassner (E-mail)" , owner-ietf-ldup@mail.imc.org Subject: Re: Revised WG Charter Proposal X-Mailer: Lotus Notes Release 5.0.5 September 22, 2000 From: "Timothy Hahn" Message-ID: Date: Mon, 5 Nov 2001 16:42:52 -0500 X-MIMETrack: Serialize by Router on D01MLC96/01/M/IBM(Build V509_10152001.dev02 |October 31, 2001) at 11/05/2001 04:42:54 PM, Serialize complete at 11/05/2001 04:42:54 PM MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="=_alternative 00767B0085256AFB_=" Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multipart message in MIME format. --=_alternative 00767B0085256AFB_= Content-Type: text/plain; charset="us-ascii" Chris, I have PROPOSED some modifications to the milestones section of the charter below, look for .. ... Done Submit I-D on LDAPv3 Directory Replication Requirements. Done Submit Internet-Draft on LDAPv3 Replication Information Model. Done Submit I-D on LDAPv3 Update Reconciliation Procedures. Done Revise I-D on LDAPv3 Directory Replication Requirements. Done Revise I-D on LDAPv3 Replication Architecture. Done Revise I-D on LDAPv3 Replication Architecture. Done Revise I-D on LDAPv3 Replication Information Model. Done Submit I-D on LDAPv3 Replication Information Transport Protocol. Done LDAPv3 Directory Replication Requirements I-D goes to WG Last Call as Informational. Done Submit I-D on LDAPv3 Mandatory Replica Management. Done Submit I-D on General LDUP Usage Profile. Done Submit I-D on LDAPv3 Operations Framing. Oct 01 I-D on LDAPv3 Extended Operations for Framing goes to WG Last Call as Proposed Standard. Nov 01 Revise(strike)Submit I-D on LDAPv3 Replication Information Transport Protocol. Nov 01 Revise I-D on LDAPv3 Replication Information Model. Nov 01 Revise I-D on General LDUP Usage Profile. Nov 01 Revise I-D on LDAPv3 Mandatory Replica Management. Dec 01 LDAPv3 Client Update Protocol I-D goes to WG Last Call as Proposed Standard. Feb 02 LDAPv3 Replication Architecture I-D goes to WG Last Call as Informational. Mar 02 LDAPv3 Update Reconciliation Procedures I-D goes to WG Last Call as Proposed Standard. Mar 02 LDAPv3 Mandatory Replica Management I-D goes to WG Last Call as Proposed Standard. Mar 02 LDAPv3 Replication Information Model I-D goes to WG Last Call as Proposed Standard. Mar 02 LDAPv3 Replication Information Transport Protocol I-D goes to WG Last Call as Proposed Standard. Mar 02 Re-evaluate Charter and Milestones. Regards, Tim Hahn Internet: hahnt@us.ibm.com Internal: Timothy Hahn/Endicott/IBM@IBMUS or IBMUSM00(HAHNT) phone: 607.752.6388 tie-line: 8/852.6388 fax: 607.752.3681 --=_alternative 00767B0085256AFB_= Content-Type: text/html; charset="us-ascii"
Chris,

I have PROPOSED some modifications to the milestones section of the charter below, look for <TJH> .. </TJH>

...

Done Submit I-D on LDAPv3 Directory Replication Requirements.
Done Submit Internet-Draft on LDAPv3 Replication Information Model.
Done Submit I-D on LDAPv3 Update Reconciliation Procedures.
Done Revise I-D on LDAPv3 Directory Replication Requirements.
Done Revise I-D on LDAPv3 Replication Architecture.
Done Revise I-D on LDAPv3 Replication Architecture.
Done Revise I-D on LDAPv3 Replication Information Model.
Done Submit I-D on LDAPv3 Replication Information Transport Protocol.

Done LDAPv3 Directory Replication Requirements I-D goes to WG Last Call as Informational.
Done Submit I-D on LDAPv3 Mandatory Replica Management.
Done Submit I-D on General LDUP Usage Profile.
Done Submit I-D on LDAPv3 Operations Framing.
Oct 01 I-D on LDAPv3 Extended Operations for Framing goes to WG Last Call as Proposed Standard.
Nov 01 <TJH>Revise</TJH><TJH>(strike)Submit</TJH> I-D on LDAPv3 Replication Information Transport Protocol.
<TJH>
Nov 01 Revise I-D on LDAPv3 Replication Information Model. </TJH>

Nov 01 Revise I-D on General LDUP Usage Profile.
Nov 01 Revise I-D on LDAPv3 Mandatory Replica Management.
Dec 01 LDAPv3 Client Update Protocol I-D goes to WG Last Call as Proposed Standard.
Feb 02 LDAPv3 Replication Architecture I-D goes to WG Last Call as Informational.
Mar 02 LDAPv3 Update Reconciliation Procedures I-D goes to WG Last Call as Proposed Standard.
Mar 02 LDAPv3 Mandatory Replica Management I-D goes to WG Last Call as Proposed Standard.
Mar 02 LDAPv3 Replication Information Model I-D goes to WG Last Call as Proposed Standard.
Mar 02 LDAPv3 Replication Information Transport Protocol I-D goes to WG Last Call as Proposed Standard.
Mar 02 Re-evaluate Charter and Milestones.

Regards,
Tim Hahn

Internet: hahnt@us.ibm.com
Internal: Timothy Hahn/Endicott/IBM@IBMUS or IBMUSM00(HAHNT)
phone: 607.752.6388 tie-line: 8/852.6388
fax: 607.752.3681
--=_alternative 00767B0085256AFB_=-- From owner-ietf-ldup@mail.imc.org Mon Nov 5 17:14:43 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA09605 for ; Mon, 5 Nov 2001 17:14:43 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA5Lsf717104 for ietf-ldup-bks; Mon, 5 Nov 2001 13:54:41 -0800 (PST) Received: from va2mc.ummailbox.net (va2mc.ummailbox.net [64.210.247.21]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA5Lse817099 for ; Mon, 5 Nov 2001 13:54:40 -0800 (PST) Received: from ex04.ummail.com (ex04.ummail.com [64.210.247.105:25]) by va2mc.ummailbox.net with ESMTP id G1105-1654-149900; Mon, 5 Nov 2001 21:54:33 GMT Received: by ex04.ummail.com with Internet Mail Service (5.5.2650.21) id ; Mon, 5 Nov 2001 16:51:49 -0500 Message-ID: <504D6456F0C87F4C8B11FB0C2021D6F602DACF60@ex04.ummail.com> From: Christopher Apple To: "'Timothy Hahn'" Cc: "'ietf-ldup@imc.org'" Subject: RE: Revised WG Charter Proposal Date: Mon, 5 Nov 2001 16:51:40 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=SHA1; boundary="----=_NextPart_000_0003_01C1661A.01564B60"; protocol="application/x-pkcs7-signature" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_0003_01C1661A.01564B60 Content-Type: multipart/mixed; boundary="----=_NextPart_001_0004_01C1661A.01564B60" ------=_NextPart_001_0004_01C1661A.01564B60 Content-Type: multipart/alternative; boundary="----=_NextPart_002_0005_01C1661A.01564B60" ------=_NextPart_002_0005_01C1661A.01564B60 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Comments below.... Chris Apple Program Manager - Integration Services United Messaging Inc. < http://www.unitedmessaging.com > < mailto:christopher.apple@unitedmessaging.com > (V) +1 610 425 2860 -----Original Message----- From: Timothy Hahn [mailto:hahnt@us.ibm.com] Sent: Monday, November 05, 2001 4:43 PM To: Christopher Apple Cc: 'ietf-ldup@imc.org'; John Strassner (E-mail); owner-ietf-ldup@mail.imc.org Subject: Re: Revised WG Charter Proposal Chris, I have PROPOSED some modifications to the milestones section of the charter below, look for .. ... Done Submit I-D on LDAPv3 Directory Replication Requirements. Done Submit Internet-Draft on LDAPv3 Replication Information Model. Done Submit I-D on LDAPv3 Update Reconciliation Procedures. Done Revise I-D on LDAPv3 Directory Replication Requirements. Done Revise I-D on LDAPv3 Replication Architecture. Done Revise I-D on LDAPv3 Replication Architecture. Done Revise I-D on LDAPv3 Replication Information Model. Done Submit I-D on LDAPv3 Replication Information Transport Protocol. Done LDAPv3 Directory Replication Requirements I-D goes to WG Last Call as Informational. Done Submit I-D on LDAPv3 Mandatory Replica Management. Done Submit I-D on General LDUP Usage Profile. Done Submit I-D on LDAPv3 Operations Framing. Oct 01 I-D on LDAPv3 Extended Operations for Framing goes to WG Last Call as Proposed Standard. Nov 01 Revise(strike)Submit I-D on LDAPv3 Replication Information Transport Protocol. [Christopher Apple] You are correct. My error. Change made. Nov 01 Revise I-D on LDAPv3 Replication Information Model. [Christopher Apple] My error. Apologize for the omission. Change made. Nov 01 Revise I-D on General LDUP Usage Profile. Nov 01 Revise I-D on LDAPv3 Mandatory Replica Management. Dec 01 LDAPv3 Client Update Protocol I-D goes to WG Last Call as Proposed Standard. Feb 02 LDAPv3 Replication Architecture I-D goes to WG Last Call as Informational. Mar 02 LDAPv3 Update Reconciliation Procedures I-D goes to WG Last Call as Proposed Standard. Mar 02 LDAPv3 Mandatory Replica Management I-D goes to WG Last Call as Proposed Standard. Mar 02 LDAPv3 Replication Information Model I-D goes to WG Last Call as Proposed Standard. Mar 02 LDAPv3 Replication Information Transport Protocol I-D goes to WG Last Call as Proposed Standard. Mar 02 Re-evaluate Charter and Milestones. Regards, Tim Hahn Internet: hahnt@us.ibm.com Internal: Timothy Hahn/Endicott/IBM@IBMUS or IBMUSM00(HAHNT) phone: 607.752.6388 tie-line: 8/852.6388 fax: 607.752.3681 ------=_NextPart_002_0005_01C1661A.01564B60 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Comments below....

Chris Apple
Program Manager - Integration = Services
United=20 Messaging Inc.
<http://www.unitedmessaging.com>
<mailto:christopher.= apple@unitedmessaging.com>
(V)=20 +1 610 425 2860

-----Original Message-----
From: Timothy Hahn=20 [mailto:hahnt@us.ibm.com]
Sent: Monday, November 05, 2001 = 4:43=20 PM
To: Christopher Apple
Cc: 'ietf-ldup@imc.org'; = John=20 Strassner (E-mail); owner-ietf-ldup@mail.imc.org
Subject: = Re:=20 Revised WG Charter Proposal

Chris,

I have PROPOSED some modifications to the = milestones=20 section of the charter below, look for <TJH> ..=20 </TJH>

... =

Done Submit I-D on LDAPv3 = Directory=20 Replication Requirements.
Done = =20 Submit Internet-Draft on LDAPv3 Replication Information=20 Model.
Done Submit = I-D on=20 LDAPv3 Update Reconciliation Procedures.
Done Revise I-D on LDAPv3 Directory = Replication=20 Requirements.
Done = Revise I-D=20 on LDAPv3 Replication Architecture.
Done=20 Revise I-D on LDAPv3 Replication=20 Architecture.
Done = Revise I-D=20 on LDAPv3 Replication Information Model.
Done Submit I-D on LDAPv3 Replication = Information=20 Transport Protocol.

Done = =20 LDAPv3 Directory Replication Requirements I-D goes to WG = Last Call as=20 Informational.
Done = Submit=20 I-D on LDAPv3 Mandatory Replica Management.
Done Submit I-D on General = LDUP Usage=20 Profile.
Done = =20 Submit I-D on LDAPv3 Operations = Framing.
Oct 01 I-D on LDAPv3 Extended = Operations=20 for Framing goes to WG Last Call as Proposed=20 Standard.
Nov 01 = =20 = <TJH>Revise</TJH><TJH>(strike)Submit</TJH> = I-D=20 on LDAPv3 Replication Information Transport Protocol. [Christopher=20 Apple] You are correct. My error. Change=20 made.

<TJH>=20
Nov 01 Revise I-D on = LDAPv3=20 Replication Information Model. </TJH>
[Christopher=20 Apple] My error. Apologize for the omission. Change=20 made.

Nov 01 Revise I-D on General = LDUP Usage=20 Profile.
Nov 01 = =20 Revise I-D on LDAPv3 Mandatory Replica=20 Management.
Dec 01 = =20 LDAPv3 Client Update Protocol I-D goes to WG Last Call = as Proposed=20 Standard.
Feb 02 = =20 LDAPv3 Replication Architecture I-D goes to WG Last Call=20 as Informational.
Mar 02 = =20 LDAPv3 Update Reconciliation Procedures I-D goes to WG = Last=20 Call as Proposed Standard.
Mar 02=20 LDAPv3 Mandatory Replica Management I-D = goes to WG=20 Last Call as Proposed Standard.
Mar 02=20 LDAPv3 Replication Information Model I-D = goes to WG=20 Last Call as Proposed Standard.
Mar 02=20 LDAPv3 Replication Information Transport = Protocol=20 I-D goes to WG Last Call as Proposed = Standard.
Mar 02 Re-evaluate Charter and = Milestones.

Regards,
Tim Hahn

Internet: = hahnt@us.ibm.com
Internal:=20 Timothy Hahn/Endicott/IBM@IBMUS or IBMUSM00(HAHNT)
phone: = 607.752.6388=20 tie-line: 8/852.6388
fax:=20 607.752.3681

------=_NextPart_002_0005_01C1661A.01564B60-- ------=_NextPart_001_0004_01C1661A.01564B60 Content-Type: text/x-vcard; name="Christopher Apple (E-mail).vcf" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="Christopher Apple (E-mail).vcf" Content-Transfer-Encoding: quoted-printable BEGIN:VCARD VERSION:2.1 N:Apple;Christopher FN:Christopher Apple (E-mail) ORG:UMI TITLE:Program Manager TEL;WORK;VOICE:(610) 425-2860 TEL;HOME;VOICE:(215) 873-0850 TEL;CELL;VOICE:(610) 585-4241 TEL;WORK;FAX:(610) 425-6501 ADR;WORK:;;1161 McDermott Drive;West Chester;Pa.;19380;United States of = America LABEL;WORK;ENCODING=3DQUOTED-PRINTABLE:1161 McDermott = Drive=3D0D=3D0AWest Chester, Pa. 19380=3D0D=3D0AUnited States of Amer=3D ica EMAIL;PREF;INTERNET:christopher.apple@unitedmessaging.com REV:20010925T181636Z END:VCARD ------=_NextPart_001_0004_01C1661A.01564B60-- ------=_NextPart_000_0003_01C1661A.01564B60 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIF5DCCAqQw ggINoAMCAQICAwXEtzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMTAwMTIwMzQ0NFoXDTAyMTAwMTIwMzQ0NFowVzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjE0MDIGCSqGSIb3DQEJARYlY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVk bWVzc2FnaW5nLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAskTzIWwgiwgpN1uw6lPW 18QSwRHJrA1gsUDc/BvJsjlfGmlsfKKWz1vyLR4FHrVOLY9J82K1aTOrq6ce/aQfoQ1hKGH3tDPo AqetRW/nSpM2Jp50I3BImiFUr4ddB8WdNpYQgddQNCmvRAchnS+rwzsLUccV9LuukmfWf1EhvaUC AwEAAaNCMEAwMAYDVR0RBCkwJ4ElY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVkbWVzc2FnaW5nLm5l dDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBAgUAA4GBAB2VoUyzMe1HFbQvgw5Z+UvKcG68eDAZ bE2fkCMQDvnaIeqQiMcKGx1AN6F6+JMgoKuoT60B2052mU0K/LoR5OYIIM9J3KlqYjgUNZtRu89U bz9GgtSzDWMSQm+lNOBNFV7BddVrhKBHCglHiAiYUmzO7bi/YOi96yz2R4RdX6AhMIIDODCCAqGg AwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHD T6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSbVIoT h/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB BAUAA4GBADGxS0dd+QFx5fVTbF151j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3 UFWobPcNrUwbvAP0teuiR59sogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+dAvNa28o8 9kTqJmmHf0iezqWf54TYyWJirQXGMYICyDCCAsQCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYD VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0w GwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg UlNBIDIwMDAuOC4zMAIDBcS3MAkGBSsOAwIaBQCgggGDMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwHAYJKoZIhvcNAQkFMQ8XDTAxMTEwNTIxNTA0MlowIwYJKoZIhvcNAQkEMRYEFMPDWyimU9ua ZLDG16kxU9/ZIcgFMHYGCSqGSIb3DQEJDzFpMGcwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MAcGBSsOAwIHMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAcGBSsOAwIaMAcGBSsOAwIaMAoGCCqG SIb3DQIFMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3Rl MR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1h aWwgUlNBIDIwMDAuOC4zMAIDBcS3MA0GCSqGSIb3DQEBAQUABIGAbpgeLxJhdyfmuVLAA1pvK/3Y ZTeQTR9AbFBiMM91S0xXLfOSfXsEHG1cyyCPacYlzn+D0bsYZj8f38SUcynM8IuzplYcNKIkeR0c 2yR8aLwsn+ahwEP0wch8hq7Pk3EtFoCDp2JFXSk4wJu6VJJnH0475/hOqdS3Eaj7bXnIuZ8AAAAA AAA= ------=_NextPart_000_0003_01C1661A.01564B60-- From owner-ietf-ldup@mail.imc.org Mon Nov 5 20:48:59 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id UAA12252 for ; Mon, 5 Nov 2001 20:48:59 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA61RR421008 for ietf-ldup-bks; Mon, 5 Nov 2001 17:27:27 -0800 (PST) Received: from pretender.boolean.net (root@router.boolean.net [198.144.206.49]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA61RP821004 for ; Mon, 5 Nov 2001 17:27:25 -0800 (PST) Received: from nomad.OpenLDAP.org (root@localhost [127.0.0.1]) by pretender.boolean.net (8.11.3/8.11.1/Boolean/Hub) with ESMTP id fA61VtC84459; Tue, 6 Nov 2001 01:31:56 GMT (envelope-from Kurt@OpenLDAP.org) Message-Id: <5.1.0.14.0.20011102164743.017dd648@127.0.0.1> X-Sender: kurt@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Mon, 05 Nov 2001 17:27:02 -0800 To: Bruce Greenblatt From: "Kurt D. Zeilenga" Subject: Re: WG Last Call: LDAPv3 Operation Framing and Grouping Drafts Cc: "'ietf-ldup@imc.org'" In-Reply-To: <5.1.0.14.0.20011102153723.00a8dbd0@mail.dtasi.com> References: <504D6456F0C87F4C8B11FB0C2021D6F602DACF3F@ex04.ummail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: At 03:39 PM 2001-11-02, Bruce Greenblatt wrote: >At 01:09 PM 11/2/2001 -0800, Christopher Apple wrote: >>The purpose of this message is to initiate the LDUP >>working group last call on two documents: >> >>1) Profile for Framing LDAPv3 Operations >> >>2) LDAPv3: Grouping of Related Operations > >Just out of curiosity, what LDAP server vendors are planning on supporting the functions supplied by these drafts/ Both of these I-Ds provide mechanisms for future functions, including LDUP (uses framing), Transactions (uses grouping), and Proxy Authorization (uses grouping). Given this WG existence, I assume there are multiple vendors interested in implementing LDUP. I have heard significant interest expressed by vendors in Transactions (using grouping). As a Proxy Authorization (using grouping) I-D hasn't been written, I won't bothered to gauge interest yet. Kurt From owner-ietf-ldup@mail.imc.org Tue Nov 6 22:32:49 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA11084 for ; Tue, 6 Nov 2001 22:32:49 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA734mx16893 for ietf-ldup-bks; Tue, 6 Nov 2001 19:04:48 -0800 (PST) Received: from pretender.boolean.net (root@router.boolean.net [198.144.206.49]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA734l816889 for ; Tue, 6 Nov 2001 19:04:47 -0800 (PST) Received: from nomad.OpenLDAP.org (root@localhost [127.0.0.1]) by pretender.boolean.net (8.11.3/8.11.1/Boolean/Hub) with ESMTP id fA739JC89373; Wed, 7 Nov 2001 03:09:19 GMT (envelope-from Kurt@OpenLDAP.org) Message-Id: <5.1.0.14.0.20011106180143.0177fad8@127.0.0.1> X-Sender: kurt@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Tue, 06 Nov 2001 19:04:21 -0800 To: Christopher Apple From: "Kurt D. Zeilenga" Subject: Re: Revised WG Charter Proposal Cc: "'ietf-ldup@imc.org'" , "John Strassner (E-mail)" In-Reply-To: <504D6456F0C87F4C8B11FB0C2021D6F602DACF5C@ex04.ummail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: I am convinced the WG will need to extend the X.500 models in order to deliver a multi-master replication specification which meets the WG requirements. This activity does not appear to be presently within scope of the current or proposed charter. As the issue of whether this work is within scope or not has come up previously, I believe the charter should be clarified in this area. If the consensus is this work is within scope, I suggest: This WG will deliver a technical specification updates the X.500 models used by LDAP to support multi-master replication yet maintain consistency with the existing models when restricted to single-master replication. otherwise I suggest: This WG will deliver specifications which extend, but do not update or replace, the X.500 models used by LDAP. Note that I believe that this work is not within scope and should remain so and hence recommend the latter clarification. Kurt From owner-ietf-ldup@mail.imc.org Wed Nov 7 23:03:12 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA02096 for ; Wed, 7 Nov 2001 23:03:11 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA83iCZ26685 for ietf-ldup-bks; Wed, 7 Nov 2001 19:44:12 -0800 (PST) Received: from va2mc.ummailbox.net (va2mc.ummailbox.net [64.210.247.23]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA83iB826681 for ; Wed, 7 Nov 2001 19:44:11 -0800 (PST) Received: from ex04.ummail.com (ex04.ummail.com [64.210.247.105:25]) by va2mc.ummailbox.net with ESMTP id W1107-2244-624600; Thu, 8 Nov 2001 03:44:02 GMT Received: by ex04.ummail.com with Internet Mail Service (5.5.2650.21) id ; Wed, 7 Nov 2001 22:41:11 -0500 Message-ID: <504D6456F0C87F4C8B11FB0C2021D6F602DACF67@ex04.ummail.com> From: Christopher Apple To: "'Kurt D. Zeilenga'" Cc: "'ietf-ldup@imc.org'" , "John Strassner (E-mail)" Subject: RE: Revised WG Charter Proposal Date: Wed, 7 Nov 2001 22:41:10 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_0000_01C167DD.2DDFF590" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_0000_01C167DD.2DDFF590 Content-Type: multipart/mixed; boundary="----=_NextPart_001_0001_01C167DD.2DE302D0" ------=_NextPart_001_0001_01C167DD.2DE302D0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Kurt, This text to me sounds like its attempting to write in liaison activities between the IETF LDUP WG and the ITU. Such text is clearly out of scope for any IETF WG according to our ADs given that there is an official liaison between the IETF and the ITU. These sorts of concerns should be explicitly addressed via the person who currently occupies that role within the IESG. I can certainly supply this information to that person or you can - please let John and I know which way you'd prefer that be handled. With that said, while it is not appropriate to write in such liaison activities without an explicit requirement from our ADs/the IESG to do so, it would be appropriate to discuss the technical merit of both approaches during the discussion around the soon-to-be-published revision of the General Usage Profile draft. The General Usage Profile draft will contain information about multi-master replication. Similarly, it would be appropriate to discuss concerns over alignment (or lack thereof) of any WG document while that document is being actively discussed on the mailing list. I cannot conceive a way to legitimately add this text to the WG Charter given the position of our ADs and the IETF in general on liaison activities with other standards bodies. Chris Apple Program Manager - Integration Services United Messaging Inc. (V) +1 610 425 2860 -----Original Message----- From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org] Sent: Tuesday, November 06, 2001 10:04 PM To: Christopher Apple Cc: 'ietf-ldup@imc.org'; John Strassner (E-mail) Subject: Re: Revised WG Charter Proposal I am convinced the WG will need to extend the X.500 models in order to deliver a multi-master replication specification which meets the WG requirements. This activity does not appear to be presently within scope of the current or proposed charter. As the issue of whether this work is within scope or not has come up previously, I believe the charter should be clarified in this area. If the consensus is this work is within scope, I suggest: This WG will deliver a technical specification updates the X.500 models used by LDAP to support multi-master replication yet maintain consistency with the existing models when restricted to single-master replication. otherwise I suggest: This WG will deliver specifications which extend, but do not update or replace, the X.500 models used by LDAP. Note that I believe that this work is not within scope and should remain so and hence recommend the latter clarification. Kurt ------=_NextPart_001_0001_01C167DD.2DE302D0 Content-Type: text/x-vcard; name="Christopher Apple (E-mail).vcf" Content-Disposition: attachment; filename="Christopher Apple (E-mail).vcf" Content-Transfer-Encoding: quoted-printable BEGIN:VCARD VERSION:2.1 N:Apple;Christopher FN:Christopher Apple (E-mail) ORG:UMI TITLE:Program Manager TEL;WORK;VOICE:(610) 425-2860 TEL;HOME;VOICE:(215) 873-0850 TEL;CELL;VOICE:(610) 585-4241 TEL;WORK;FAX:(610) 425-6501 ADR;WORK:;;1161 McDermott Drive;West Chester;Pa.;19380;United States of = America LABEL;WORK;ENCODING=3DQUOTED-PRINTABLE:1161 McDermott = Drive=3D0D=3D0AWest Chester, Pa. 19380=3D0D=3D0AUnited States of Amer=3D ica EMAIL;PREF;INTERNET:christopher.apple@unitedmessaging.com REV:20010925T181636Z END:VCARD ------=_NextPart_001_0001_01C167DD.2DE302D0-- ------=_NextPart_000_0000_01C167DD.2DDFF590 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIF5DCCAqQw ggINoAMCAQICAwXEtzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMTAwMTIwMzQ0NFoXDTAyMTAwMTIwMzQ0NFowVzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjE0MDIGCSqGSIb3DQEJARYlY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVk bWVzc2FnaW5nLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAskTzIWwgiwgpN1uw6lPW 18QSwRHJrA1gsUDc/BvJsjlfGmlsfKKWz1vyLR4FHrVOLY9J82K1aTOrq6ce/aQfoQ1hKGH3tDPo AqetRW/nSpM2Jp50I3BImiFUr4ddB8WdNpYQgddQNCmvRAchnS+rwzsLUccV9LuukmfWf1EhvaUC AwEAAaNCMEAwMAYDVR0RBCkwJ4ElY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVkbWVzc2FnaW5nLm5l dDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBAgUAA4GBAB2VoUyzMe1HFbQvgw5Z+UvKcG68eDAZ bE2fkCMQDvnaIeqQiMcKGx1AN6F6+JMgoKuoT60B2052mU0K/LoR5OYIIM9J3KlqYjgUNZtRu89U bz9GgtSzDWMSQm+lNOBNFV7BddVrhKBHCglHiAiYUmzO7bi/YOi96yz2R4RdX6AhMIIDODCCAqGg AwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHD T6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSbVIoT h/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB BAUAA4GBADGxS0dd+QFx5fVTbF151j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3 UFWobPcNrUwbvAP0teuiR59sogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+dAvNa28o8 9kTqJmmHf0iezqWf54TYyWJirQXGMYICyDCCAsQCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYD VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0w GwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg UlNBIDIwMDAuOC4zMAIDBcS3MAkGBSsOAwIaBQCgggGDMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwHAYJKoZIhvcNAQkFMQ8XDTAxMTEwODAzNDAxOVowIwYJKoZIhvcNAQkEMRYEFDYAMQ+sIGAd Tre/TrGcajpjO9s1MHYGCSqGSIb3DQEJDzFpMGcwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MAcGBSsOAwIHMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAcGBSsOAwIaMAcGBSsOAwIaMAoGCCqG SIb3DQIFMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3Rl MR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1h aWwgUlNBIDIwMDAuOC4zMAIDBcS3MA0GCSqGSIb3DQEBAQUABIGAoWm60g1ESsh8CUrvgtaywfZf 5Bhd7Me99NS5n/1crmPIQHyTYPns8U/dfasYCixT0jjHRaAAS+jpUdy10tX31Gji1nybtEawHWxT RgAW6EGI6lPRvPL+VvuE7Jd1T403iAEVy1aokef8kwY88XWH2+kGo8e/XNCGt0cF/aqoaaIAAAAA AAA= ------=_NextPart_000_0000_01C167DD.2DDFF590-- From owner-ietf-ldup@mail.imc.org Wed Nov 7 23:55:16 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA03088 for ; Wed, 7 Nov 2001 23:55:16 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA84a2w28310 for ietf-ldup-bks; Wed, 7 Nov 2001 20:36:02 -0800 (PST) Received: from pretender.boolean.net (root@router.boolean.net [198.144.206.49]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA84a1828306 for ; Wed, 7 Nov 2001 20:36:01 -0800 (PST) Received: from nomad.OpenLDAP.org (root@localhost [127.0.0.1]) by pretender.boolean.net (8.11.3/8.11.1/Boolean/Hub) with ESMTP id fA84egC93840; Thu, 8 Nov 2001 04:40:42 GMT (envelope-from Kurt@OpenLDAP.org) Message-Id: <5.1.0.14.0.20011107201209.016b00d0@127.0.0.1> X-Sender: kurt@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Wed, 07 Nov 2001 20:35:38 -0800 To: Christopher Apple From: "Kurt D. Zeilenga" Subject: RE: Revised WG Charter Proposal Cc: "'ietf-ldup@imc.org'" , "John Strassner (E-mail)" In-Reply-To: <504D6456F0C87F4C8B11FB0C2021D6F602DACF67@ex04.ummail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: At 07:41 PM 2001-11-07, Christopher Apple wrote: >This text to me sounds like its attempting to >write in liaison activities between the IETF >LDUP WG and the ITU. No. I am attempting to add text to the charter which clarifies whether or not redefining the "X.500 data model as used by LDAP" [RFC2251, Section 3.2 & 3.3] is within scope or not of this working group. As chair, what is your opinion? Can this WG (under its present charter or the proposed charter) redefine the "X.500 data model as used by LDAP" or not? Kurt From owner-ietf-ldup@mail.imc.org Thu Nov 8 00:43:51 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA03887 for ; Thu, 8 Nov 2001 00:43:50 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA85PNA29796 for ietf-ldup-bks; Wed, 7 Nov 2001 21:25:23 -0800 (PST) Received: from pretender.boolean.net (root@router.boolean.net [198.144.206.49]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA85PL829791 for ; Wed, 7 Nov 2001 21:25:21 -0800 (PST) Received: from nomad.OpenLDAP.org (root@localhost [127.0.0.1]) by pretender.boolean.net (8.11.3/8.11.1/Boolean/Hub) with ESMTP id fA85TxC93952; Thu, 8 Nov 2001 05:29:59 GMT (envelope-from Kurt@OpenLDAP.org) Message-Id: <5.1.0.14.0.20011107210928.016afdc0@127.0.0.1> X-Sender: kurt@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Wed, 07 Nov 2001 21:24:54 -0800 To: Christopher Apple From: "Kurt D. Zeilenga" Subject: Re: Revised WG Charter Proposal Cc: "'ietf-ldup@imc.org'" , "John Strassner (E-mail)" In-Reply-To: <504D6456F0C87F4C8B11FB0C2021D6F602DACF5C@ex04.ummail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: I suggest striking all the "REVISE" milestones... and replacing all "WG Last Call" milestones with "Recommend to the IESG for consideration as a ...". From past experience, each document has multiple WG Last Calls... it's successfully completely the WG Last Call and progressing the I-D that counts. And I suggest the last milestone be: Revise charter or conclude as "Re-evaluate Charter and Milestones" doesn't sound like much of a commitment to successfully conclude. At 12:30 PM 2001-11-05, Christopher Apple wrote: >Based on input from document editors and a little editing from me, >please review the following. The open review period of this begins >today, Monday, November 5, 2001 and will last for 7 days. > >The review period therefore ends on Monday, November 12, 2001. > >Silence equals consent. This will be sent to the ADs for review >subject to incorporation of comments sent, discussed, and >vetted on the WG mailing list shortly after November 12, 2001. > >LDAP Duplication/Replication/Update Protocols (ldup) > >Last Modified: 05-Nov-01 > >Chair(s): > >Chris Apple >John Strassner > >Applications Area Director(s): > >Ned Freed >Patrik Faltstrom > >Applications Area Advisor: > >Patrik Faltstrom > >Mailing Lists: > >General Discussion:ietf-ldup@imc.org >To Subscribe: ietf-ldup-request@imc.org >In Body: subscribe >Archive: http://www.imc.org/ietf-ldup/ > >Description of Working Group: > >As LDAPv3 becomes more widely deployed, replication of data across >servers running different implementations becomes an important part >of providing a distributed directory service. However, the LDAPv3 >community, to date, has focused on standardizing the client-server >access protocol. Therefore, this group will standardize master-slave >and multi-master LDAPv3 replication as defined below: > >o Multi-Master Replication - A replication model where entries can > be written and updated on any of several replica copies, without > requiring communication with other masters before the write or > update is performed. > >o Master-Slave, or Single-Master Replication - A replication model > that assumes only one server, the master, allows write access to > the replicated data. Note that Master-Slave replication can be > considered a proper subset of multi-master replication. > >The WG's approach is to first develop a set of requirements for >LDAPv3 directory replication and write an applicability statement >defining scenarios on which replication requirements are based. >An engineering team was formed consisting of different vendors >and the co-chairs in order to harmonize the existing approaches >into a single standard approach. All of these have been accomplished >during the pre-working group stage. It should be noted, however, >that replication using heterogeneous servers is dependent on >resolving access control issues, which are the domain of other >working groups. Should these issues not be resolved outside of >the LDUP WG in a timely manner relative to the WG's needs, the >WG will be re-chartered subject to Applications AD/IESG approval >to include the minimum required work. > >The new replication architecture support all forms of replication >mentioned above. Seven areas of working group focus have been >identified through LDUP Engineering Team discussions, each leading >to one or more Engineering Team discussions, each leading to one >or more documents to be published: > >o LDAPv3 Replication Architecture > > This documents a general-purpose LDAPv3 replication architecture, > defines key components of this architecture, describes how these > key components functionally behave, and describes how these > components interact with each other when in various modes of > operation. > >o LDAPv3 Replication Information Model > > Defines the schema and semantics of information used to operate, > administer, maintain, and provision replication between LDAPv3 > servers. Specifically, this document will contain common schema > specifications intended to facilitate interoperable > implementations with respect to: > > + replication agreements > > + consistency models > > + replication topologies > > + managing deleted objects and their states > > + administration and management > >o LDAPv3 Replication Information Transport Protocol > > LDAPv3 extended operation and control specifications required to > allow LDAPv3 to be used as the transport protocol for information > being replicated > >o LDAPv3 Mandatory Replica Management > > Specifications required to allow administration, maintenance, and > provisioning of replicas and replication agreements. These > specifications may take the form of definitions for LDAPv3 > extended operations, controls, and/or new schema elements. > >o LDAPv3 Update Reconciliation Procedures > > Procedures for detection and resolution of conflicts between the > state of multiple replicas that contain information from the same > unit of replication. > >o LDAPv3 Replication Usage Profile > > Including the LDAPv3 Replication Architecture, Information Model, > Protocol Extensions, and Update Reconciliation Procedures for: > > + LDAPv3 Master-Slave Directory Replication > > + LDAPv3 Multi-Master Directory Replication > >o LDAPv3 Client Update > > A protocol that enables an LDAP client to synchronize with the > content of a directory information tree (DIT) stored by an LDAP > server and to be notified about the changes to that content. > >The work being done in the LDUP WG should be coordinated to the >closest extent possible with similar work being done in the ITU. >This is necessary both because LDAP depends on X.500 and because >it makes sense from an operational perspective. > > >Goals and Milestones: > >Done Submit I-D on LDAPv3 Directory Replication Requirements. > >Done Submit Internet-Draft on LDAPv3 Replication Information Model. > >Done Submit I-D on LDAPv3 Update Reconciliation Procedures. > >Done Revise I-D on LDAPv3 Directory Replication Requirements. > >Done Revise I-D on LDAPv3 Replication Architecture. > >Done Revise I-D on LDAPv3 Replication Architecture. > >Done Revise I-D on LDAPv3 Replication Information Model. > >Done Submit I-D on LDAPv3 Replication Information Transport Protocol. > > >Done LDAPv3 Directory Replication Requirements I-D goes to WG Last >Call as Informational. > >Done Submit I-D on LDAPv3 Mandatory Replica Management. > >Done Submit I-D on General LDUP Usage Profile. > >Done Submit I-D on LDAPv3 Operations Framing. > >Oct 01 I-D on LDAPv3 Extended Operations for Framing goes to WG Last >Call as Proposed Standard. > >Nov 01 Submit I-D on LDAPv3 Replication Information Transport Protocol. > > >Nov 01 Revise I-D on General LDUP Usage Profile. > >Nov 01 Revise I-D on LDAPv3 Mandatory Replica Management. > >Dec 01 LDAPv3 Client Update Protocol I-D goes to WG Last Call as >Proposed Standard. > >Feb 02 LDAPv3 Replication Architecture I-D goes to WG Last Call as >Informational. > >Mar 02 LDAPv3 Update Reconciliation Procedures I-D goes to WG Last Call >as Proposed Standard. > >Mar 02 LDAPv3 Mandatory Replica Management I-D goes to WG Last Call as >Proposed Standard. > >Mar 02 LDAPv3 Replication Information Model I-D goes to WG Last Call as >Proposed Standard. > >Mar 02 LDAPv3 Replication Information Transport Protocol I-D goes to WG >Last Call as Proposed Standard. > >Mar 02 Re-evaluate Charter and Milestones. > >Chris Apple >Program Manager - Integration Services >United Messaging Inc. > > >(V) +1 610 425 2860 > From owner-ietf-ldup@mail.imc.org Thu Nov 8 10:42:43 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA28798 for ; Thu, 8 Nov 2001 10:42:42 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA8FJgw23220 for ietf-ldup-bks; Thu, 8 Nov 2001 07:19:42 -0800 (PST) Received: from va2mc.ummailbox.net (va2mc.ummailbox.net [64.210.247.16]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA8FJf823216 for ; Thu, 8 Nov 2001 07:19:41 -0800 (PST) Received: from ex04.ummail.com (ex04.ummail.com [64.210.247.105:25]) by va2mc.ummailbox.net with ESMTP id S1108-1019-46af00; Thu, 8 Nov 2001 15:19:26 GMT Received: by ex04.ummail.com with Internet Mail Service (5.5.2650.21) id ; Thu, 8 Nov 2001 10:16:33 -0500 Message-ID: <504D6456F0C87F4C8B11FB0C2021D6F602DACF6A@ex04.ummail.com> From: Christopher Apple To: "'Kurt D. Zeilenga'" Cc: "'ietf-ldup@imc.org'" , "John Strassner (E-mail)" Subject: RE: Revised WG Charter Proposal Date: Thu, 8 Nov 2001 10:16:33 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_0009_01C1683E.5418FF70" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_0009_01C1683E.5418FF70 Content-Type: multipart/mixed; boundary="----=_NextPart_001_000A_01C1683E.541A8610" ------=_NextPart_001_000A_01C1683E.541A8610 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit The use of the "REVISE" and "WG Last Call" milestones is consistent with feedback we have received from the IESG/our ADs in the past. I don't plan to try changing that now. If the IESG or our ADs want to see milestones expressed in a different way, they will change them accordingly prior to charter approval. Chris Apple Program Manager - Integration Services United Messaging Inc. (V) +1 610 425 2860 -----Original Message----- From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org] Sent: Thursday, November 08, 2001 12:25 AM To: Christopher Apple Cc: 'ietf-ldup@imc.org'; John Strassner (E-mail) Subject: Re: Revised WG Charter Proposal I suggest striking all the "REVISE" milestones... and replacing all "WG Last Call" milestones with "Recommend to the IESG for consideration as a ...". From past experience, each document has multiple WG Last Calls... it's successfully completely the WG Last Call and progressing the I-D that counts. And I suggest the last milestone be: Revise charter or conclude as "Re-evaluate Charter and Milestones" doesn't sound like much of a commitment to successfully conclude. At 12:30 PM 2001-11-05, Christopher Apple wrote: >Based on input from document editors and a little editing from me, >please review the following. The open review period of this begins >today, Monday, November 5, 2001 and will last for 7 days. > >The review period therefore ends on Monday, November 12, 2001. > >Silence equals consent. This will be sent to the ADs for review >subject to incorporation of comments sent, discussed, and >vetted on the WG mailing list shortly after November 12, 2001. > >LDAP Duplication/Replication/Update Protocols (ldup) > >Last Modified: 05-Nov-01 > >Chair(s): > >Chris Apple >John Strassner > >Applications Area Director(s): > >Ned Freed >Patrik Faltstrom > >Applications Area Advisor: > >Patrik Faltstrom > >Mailing Lists: > >General Discussion:ietf-ldup@imc.org >To Subscribe: ietf-ldup-request@imc.org >In Body: subscribe >Archive: http://www.imc.org/ietf-ldup/ > >Description of Working Group: > >As LDAPv3 becomes more widely deployed, replication of data across >servers running different implementations becomes an important part >of providing a distributed directory service. However, the LDAPv3 >community, to date, has focused on standardizing the client-server >access protocol. Therefore, this group will standardize master-slave >and multi-master LDAPv3 replication as defined below: > >o Multi-Master Replication - A replication model where entries can > be written and updated on any of several replica copies, without > requiring communication with other masters before the write or > update is performed. > >o Master-Slave, or Single-Master Replication - A replication model > that assumes only one server, the master, allows write access to > the replicated data. Note that Master-Slave replication can be > considered a proper subset of multi-master replication. > >The WG's approach is to first develop a set of requirements for >LDAPv3 directory replication and write an applicability statement >defining scenarios on which replication requirements are based. >An engineering team was formed consisting of different vendors >and the co-chairs in order to harmonize the existing approaches >into a single standard approach. All of these have been accomplished >during the pre-working group stage. It should be noted, however, >that replication using heterogeneous servers is dependent on >resolving access control issues, which are the domain of other >working groups. Should these issues not be resolved outside of >the LDUP WG in a timely manner relative to the WG's needs, the >WG will be re-chartered subject to Applications AD/IESG approval >to include the minimum required work. > >The new replication architecture support all forms of replication >mentioned above. Seven areas of working group focus have been >identified through LDUP Engineering Team discussions, each leading >to one or more Engineering Team discussions, each leading to one >or more documents to be published: > >o LDAPv3 Replication Architecture > > This documents a general-purpose LDAPv3 replication architecture, > defines key components of this architecture, describes how these > key components functionally behave, and describes how these > components interact with each other when in various modes of > operation. > >o LDAPv3 Replication Information Model > > Defines the schema and semantics of information used to operate, > administer, maintain, and provision replication between LDAPv3 > servers. Specifically, this document will contain common schema > specifications intended to facilitate interoperable > implementations with respect to: > > + replication agreements > > + consistency models > > + replication topologies > > + managing deleted objects and their states > > + administration and management > >o LDAPv3 Replication Information Transport Protocol > > LDAPv3 extended operation and control specifications required to > allow LDAPv3 to be used as the transport protocol for information > being replicated > >o LDAPv3 Mandatory Replica Management > > Specifications required to allow administration, maintenance, and > provisioning of replicas and replication agreements. These > specifications may take the form of definitions for LDAPv3 > extended operations, controls, and/or new schema elements. > >o LDAPv3 Update Reconciliation Procedures > > Procedures for detection and resolution of conflicts between the > state of multiple replicas that contain information from the same > unit of replication. > >o LDAPv3 Replication Usage Profile > > Including the LDAPv3 Replication Architecture, Information Model, > Protocol Extensions, and Update Reconciliation Procedures for: > > + LDAPv3 Master-Slave Directory Replication > > + LDAPv3 Multi-Master Directory Replication > >o LDAPv3 Client Update > > A protocol that enables an LDAP client to synchronize with the > content of a directory information tree (DIT) stored by an LDAP > server and to be notified about the changes to that content. > >The work being done in the LDUP WG should be coordinated to the >closest extent possible with similar work being done in the ITU. >This is necessary both because LDAP depends on X.500 and because >it makes sense from an operational perspective. > > >Goals and Milestones: > >Done Submit I-D on LDAPv3 Directory Replication Requirements. > >Done Submit Internet-Draft on LDAPv3 Replication Information Model. > >Done Submit I-D on LDAPv3 Update Reconciliation Procedures. > >Done Revise I-D on LDAPv3 Directory Replication Requirements. > >Done Revise I-D on LDAPv3 Replication Architecture. > >Done Revise I-D on LDAPv3 Replication Architecture. > >Done Revise I-D on LDAPv3 Replication Information Model. > >Done Submit I-D on LDAPv3 Replication Information Transport Protocol. > > >Done LDAPv3 Directory Replication Requirements I-D goes to WG Last >Call as Informational. > >Done Submit I-D on LDAPv3 Mandatory Replica Management. > >Done Submit I-D on General LDUP Usage Profile. > >Done Submit I-D on LDAPv3 Operations Framing. > >Oct 01 I-D on LDAPv3 Extended Operations for Framing goes to WG Last >Call as Proposed Standard. > >Nov 01 Submit I-D on LDAPv3 Replication Information Transport Protocol. > > >Nov 01 Revise I-D on General LDUP Usage Profile. > >Nov 01 Revise I-D on LDAPv3 Mandatory Replica Management. > >Dec 01 LDAPv3 Client Update Protocol I-D goes to WG Last Call as >Proposed Standard. > >Feb 02 LDAPv3 Replication Architecture I-D goes to WG Last Call as >Informational. > >Mar 02 LDAPv3 Update Reconciliation Procedures I-D goes to WG Last Call >as Proposed Standard. > >Mar 02 LDAPv3 Mandatory Replica Management I-D goes to WG Last Call as >Proposed Standard. > >Mar 02 LDAPv3 Replication Information Model I-D goes to WG Last Call as >Proposed Standard. > >Mar 02 LDAPv3 Replication Information Transport Protocol I-D goes to WG >Last Call as Proposed Standard. > >Mar 02 Re-evaluate Charter and Milestones. > >Chris Apple >Program Manager - Integration Services >United Messaging Inc. > > >(V) +1 610 425 2860 > ------=_NextPart_001_000A_01C1683E.541A8610 Content-Type: text/x-vcard; name="Christopher Apple (E-mail).vcf" Content-Disposition: attachment; filename="Christopher Apple (E-mail).vcf" Content-Transfer-Encoding: quoted-printable BEGIN:VCARD VERSION:2.1 N:Apple;Christopher FN:Christopher Apple (E-mail) ORG:UMI TITLE:Program Manager TEL;WORK;VOICE:(610) 425-2860 TEL;HOME;VOICE:(215) 873-0850 TEL;CELL;VOICE:(610) 585-4241 TEL;WORK;FAX:(610) 425-6501 ADR;WORK:;;1161 McDermott Drive;West Chester;Pa.;19380;United States of = America LABEL;WORK;ENCODING=3DQUOTED-PRINTABLE:1161 McDermott = Drive=3D0D=3D0AWest Chester, Pa. 19380=3D0D=3D0AUnited States of Amer=3D ica EMAIL;PREF;INTERNET:christopher.apple@unitedmessaging.com REV:20010925T181636Z END:VCARD ------=_NextPart_001_000A_01C1683E.541A8610-- ------=_NextPart_000_0009_01C1683E.5418FF70 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIF5DCCAqQw ggINoAMCAQICAwXEtzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMTAwMTIwMzQ0NFoXDTAyMTAwMTIwMzQ0NFowVzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjE0MDIGCSqGSIb3DQEJARYlY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVk bWVzc2FnaW5nLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAskTzIWwgiwgpN1uw6lPW 18QSwRHJrA1gsUDc/BvJsjlfGmlsfKKWz1vyLR4FHrVOLY9J82K1aTOrq6ce/aQfoQ1hKGH3tDPo AqetRW/nSpM2Jp50I3BImiFUr4ddB8WdNpYQgddQNCmvRAchnS+rwzsLUccV9LuukmfWf1EhvaUC AwEAAaNCMEAwMAYDVR0RBCkwJ4ElY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVkbWVzc2FnaW5nLm5l dDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBAgUAA4GBAB2VoUyzMe1HFbQvgw5Z+UvKcG68eDAZ bE2fkCMQDvnaIeqQiMcKGx1AN6F6+JMgoKuoT60B2052mU0K/LoR5OYIIM9J3KlqYjgUNZtRu89U bz9GgtSzDWMSQm+lNOBNFV7BddVrhKBHCglHiAiYUmzO7bi/YOi96yz2R4RdX6AhMIIDODCCAqGg AwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHD T6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSbVIoT h/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB BAUAA4GBADGxS0dd+QFx5fVTbF151j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3 UFWobPcNrUwbvAP0teuiR59sogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+dAvNa28o8 9kTqJmmHf0iezqWf54TYyWJirQXGMYICyDCCAsQCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYD VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0w GwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg UlNBIDIwMDAuOC4zMAIDBcS3MAkGBSsOAwIaBQCgggGDMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwHAYJKoZIhvcNAQkFMQ8XDTAxMTEwODE1MTU0NVowIwYJKoZIhvcNAQkEMRYEFI79UxbmRR6V EwHVOGQvKO/3add2MHYGCSqGSIb3DQEJDzFpMGcwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MAcGBSsOAwIHMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAcGBSsOAwIaMAcGBSsOAwIaMAoGCCqG SIb3DQIFMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3Rl MR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1h aWwgUlNBIDIwMDAuOC4zMAIDBcS3MA0GCSqGSIb3DQEBAQUABIGAU5+KOv9RV7abt5S9DL7YRX74 GLKibsEi0aJKW+knweUsQpPzNW+UHWy5UQ0yXQ1NVCoQKNyeJvV8tkq2X1Yat2GZsdkLou3I0YcW /d7yAcFYGgKqdyLZmS8J2ddHSjrCEyckTX4HnCl1rP2qu41+PJvhMkhOj9wNHIhEWnZXbvoAAAAA AAA= ------=_NextPart_000_0009_01C1683E.5418FF70-- From owner-ietf-ldup@mail.imc.org Thu Nov 8 10:44:13 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA28833 for ; Thu, 8 Nov 2001 10:44:12 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA8FNUm23347 for ietf-ldup-bks; Thu, 8 Nov 2001 07:23:30 -0800 (PST) Received: from va2mc.ummailbox.net (va2mc.ummailbox.net [64.210.247.16]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA8FNT823342 for ; Thu, 8 Nov 2001 07:23:29 -0800 (PST) Received: from ex04.ummail.com (ex04.ummail.com [64.210.247.105:25]) by va2mc.ummailbox.net with ESMTP id N1108-1023-353e00; Thu, 8 Nov 2001 15:23:20 GMT Received: by ex04.ummail.com with Internet Mail Service (5.5.2650.21) id ; Thu, 8 Nov 2001 10:20:28 -0500 Message-ID: <504D6456F0C87F4C8B11FB0C2021D6F602DACF6B@ex04.ummail.com> From: Christopher Apple To: "'Kurt D. Zeilenga'" Cc: "'ietf-ldup@imc.org'" , "'John Strassner (E-mail)'" Subject: RE: Revised WG Charter Proposal Date: Thu, 8 Nov 2001 10:20:27 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_0014_01C1683E.DF9835C0" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_0014_01C1683E.DF9835C0 Content-Type: multipart/mixed; boundary="----=_NextPart_001_0015_01C1683E.DF9835C0" ------=_NextPart_001_0015_01C1683E.DF9835C0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Same response on the other comment. The language present in the milestones section of the charter is the language that the WG has been directed to use. So I don't plan to re-word the last milestone unless directed to do so by our ADs or the IESG. Chris Apple Program Manager - Integration Services United Messaging Inc. (V) +1 610 425 2860 -----Original Message----- From: Christopher Apple Sent: Thursday, November 08, 2001 10:17 AM To: 'Kurt D. Zeilenga' Cc: 'ietf-ldup@imc.org'; John Strassner (E-mail) Subject: RE: Revised WG Charter Proposal The use of the "REVISE" and "WG Last Call" milestones is consistent with feedback we have received from the IESG/our ADs in the past. I don't plan to try changing that now. If the IESG or our ADs want to see milestones expressed in a different way, they will change them accordingly prior to charter approval. Chris Apple Program Manager - Integration Services United Messaging Inc. (V) +1 610 425 2860 -----Original Message----- From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org] Sent: Thursday, November 08, 2001 12:25 AM To: Christopher Apple Cc: 'ietf-ldup@imc.org'; John Strassner (E-mail) Subject: Re: Revised WG Charter Proposal I suggest striking all the "REVISE" milestones... and replacing all "WG Last Call" milestones with "Recommend to the IESG for consideration as a ...". From past experience, each document has multiple WG Last Calls... it's successfully completely the WG Last Call and progressing the I-D that counts. And I suggest the last milestone be: Revise charter or conclude as "Re-evaluate Charter and Milestones" doesn't sound like much of a commitment to successfully conclude. At 12:30 PM 2001-11-05, Christopher Apple wrote: >Based on input from document editors and a little editing from me, >please review the following. The open review period of this begins >today, Monday, November 5, 2001 and will last for 7 days. > >The review period therefore ends on Monday, November 12, 2001. > >Silence equals consent. This will be sent to the ADs for review >subject to incorporation of comments sent, discussed, and >vetted on the WG mailing list shortly after November 12, 2001. > >LDAP Duplication/Replication/Update Protocols (ldup) > >Last Modified: 05-Nov-01 > >Chair(s): > >Chris Apple >John Strassner > >Applications Area Director(s): > >Ned Freed >Patrik Faltstrom > >Applications Area Advisor: > >Patrik Faltstrom > >Mailing Lists: > >General Discussion:ietf-ldup@imc.org >To Subscribe: ietf-ldup-request@imc.org >In Body: subscribe >Archive: http://www.imc.org/ietf-ldup/ > >Description of Working Group: > >As LDAPv3 becomes more widely deployed, replication of data across >servers running different implementations becomes an important part >of providing a distributed directory service. However, the LDAPv3 >community, to date, has focused on standardizing the client-server >access protocol. Therefore, this group will standardize master-slave >and multi-master LDAPv3 replication as defined below: > >o Multi-Master Replication - A replication model where entries can > be written and updated on any of several replica copies, without > requiring communication with other masters before the write or > update is performed. > >o Master-Slave, or Single-Master Replication - A replication model > that assumes only one server, the master, allows write access to > the replicated data. Note that Master-Slave replication can be > considered a proper subset of multi-master replication. > >The WG's approach is to first develop a set of requirements for >LDAPv3 directory replication and write an applicability statement >defining scenarios on which replication requirements are based. >An engineering team was formed consisting of different vendors >and the co-chairs in order to harmonize the existing approaches >into a single standard approach. All of these have been accomplished >during the pre-working group stage. It should be noted, however, >that replication using heterogeneous servers is dependent on >resolving access control issues, which are the domain of other >working groups. Should these issues not be resolved outside of >the LDUP WG in a timely manner relative to the WG's needs, the >WG will be re-chartered subject to Applications AD/IESG approval >to include the minimum required work. > >The new replication architecture support all forms of replication >mentioned above. Seven areas of working group focus have been >identified through LDUP Engineering Team discussions, each leading >to one or more Engineering Team discussions, each leading to one >or more documents to be published: > >o LDAPv3 Replication Architecture > > This documents a general-purpose LDAPv3 replication architecture, > defines key components of this architecture, describes how these > key components functionally behave, and describes how these > components interact with each other when in various modes of > operation. > >o LDAPv3 Replication Information Model > > Defines the schema and semantics of information used to operate, > administer, maintain, and provision replication between LDAPv3 > servers. Specifically, this document will contain common schema > specifications intended to facilitate interoperable > implementations with respect to: > > + replication agreements > > + consistency models > > + replication topologies > > + managing deleted objects and their states > > + administration and management > >o LDAPv3 Replication Information Transport Protocol > > LDAPv3 extended operation and control specifications required to > allow LDAPv3 to be used as the transport protocol for information > being replicated > >o LDAPv3 Mandatory Replica Management > > Specifications required to allow administration, maintenance, and > provisioning of replicas and replication agreements. These > specifications may take the form of definitions for LDAPv3 > extended operations, controls, and/or new schema elements. > >o LDAPv3 Update Reconciliation Procedures > > Procedures for detection and resolution of conflicts between the > state of multiple replicas that contain information from the same > unit of replication. > >o LDAPv3 Replication Usage Profile > > Including the LDAPv3 Replication Architecture, Information Model, > Protocol Extensions, and Update Reconciliation Procedures for: > > + LDAPv3 Master-Slave Directory Replication > > + LDAPv3 Multi-Master Directory Replication > >o LDAPv3 Client Update > > A protocol that enables an LDAP client to synchronize with the > content of a directory information tree (DIT) stored by an LDAP > server and to be notified about the changes to that content. > >The work being done in the LDUP WG should be coordinated to the >closest extent possible with similar work being done in the ITU. >This is necessary both because LDAP depends on X.500 and because >it makes sense from an operational perspective. > > >Goals and Milestones: > >Done Submit I-D on LDAPv3 Directory Replication Requirements. > >Done Submit Internet-Draft on LDAPv3 Replication Information Model. > >Done Submit I-D on LDAPv3 Update Reconciliation Procedures. > >Done Revise I-D on LDAPv3 Directory Replication Requirements. > >Done Revise I-D on LDAPv3 Replication Architecture. > >Done Revise I-D on LDAPv3 Replication Architecture. > >Done Revise I-D on LDAPv3 Replication Information Model. > >Done Submit I-D on LDAPv3 Replication Information Transport Protocol. > > >Done LDAPv3 Directory Replication Requirements I-D goes to WG Last >Call as Informational. > >Done Submit I-D on LDAPv3 Mandatory Replica Management. > >Done Submit I-D on General LDUP Usage Profile. > >Done Submit I-D on LDAPv3 Operations Framing. > >Oct 01 I-D on LDAPv3 Extended Operations for Framing goes to WG Last >Call as Proposed Standard. > >Nov 01 Submit I-D on LDAPv3 Replication Information Transport Protocol. > > >Nov 01 Revise I-D on General LDUP Usage Profile. > >Nov 01 Revise I-D on LDAPv3 Mandatory Replica Management. > >Dec 01 LDAPv3 Client Update Protocol I-D goes to WG Last Call as >Proposed Standard. > >Feb 02 LDAPv3 Replication Architecture I-D goes to WG Last Call as >Informational. > >Mar 02 LDAPv3 Update Reconciliation Procedures I-D goes to WG Last Call >as Proposed Standard. > >Mar 02 LDAPv3 Mandatory Replica Management I-D goes to WG Last Call as >Proposed Standard. > >Mar 02 LDAPv3 Replication Information Model I-D goes to WG Last Call as >Proposed Standard. > >Mar 02 LDAPv3 Replication Information Transport Protocol I-D goes to WG >Last Call as Proposed Standard. > >Mar 02 Re-evaluate Charter and Milestones. > >Chris Apple >Program Manager - Integration Services >United Messaging Inc. > > >(V) +1 610 425 2860 > ------=_NextPart_001_0015_01C1683E.DF9835C0 Content-Type: text/x-vcard; name="Christopher Apple (E-mail).vcf" Content-Disposition: attachment; filename="Christopher Apple (E-mail).vcf" Content-Transfer-Encoding: quoted-printable BEGIN:VCARD VERSION:2.1 N:Apple;Christopher FN:Christopher Apple (E-mail) ORG:UMI TITLE:Program Manager TEL;WORK;VOICE:(610) 425-2860 TEL;HOME;VOICE:(215) 873-0850 TEL;CELL;VOICE:(610) 585-4241 TEL;WORK;FAX:(610) 425-6501 ADR;WORK:;;1161 McDermott Drive;West Chester;Pa.;19380;United States of = America LABEL;WORK;ENCODING=3DQUOTED-PRINTABLE:1161 McDermott = Drive=3D0D=3D0AWest Chester, Pa. 19380=3D0D=3D0AUnited States of Amer=3D ica EMAIL;PREF;INTERNET:christopher.apple@unitedmessaging.com REV:20010925T181636Z END:VCARD ------=_NextPart_001_0015_01C1683E.DF9835C0-- ------=_NextPart_000_0014_01C1683E.DF9835C0 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIF5DCCAqQw ggINoAMCAQICAwXEtzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMTAwMTIwMzQ0NFoXDTAyMTAwMTIwMzQ0NFowVzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjE0MDIGCSqGSIb3DQEJARYlY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVk bWVzc2FnaW5nLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAskTzIWwgiwgpN1uw6lPW 18QSwRHJrA1gsUDc/BvJsjlfGmlsfKKWz1vyLR4FHrVOLY9J82K1aTOrq6ce/aQfoQ1hKGH3tDPo AqetRW/nSpM2Jp50I3BImiFUr4ddB8WdNpYQgddQNCmvRAchnS+rwzsLUccV9LuukmfWf1EhvaUC AwEAAaNCMEAwMAYDVR0RBCkwJ4ElY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVkbWVzc2FnaW5nLm5l dDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBAgUAA4GBAB2VoUyzMe1HFbQvgw5Z+UvKcG68eDAZ bE2fkCMQDvnaIeqQiMcKGx1AN6F6+JMgoKuoT60B2052mU0K/LoR5OYIIM9J3KlqYjgUNZtRu89U bz9GgtSzDWMSQm+lNOBNFV7BddVrhKBHCglHiAiYUmzO7bi/YOi96yz2R4RdX6AhMIIDODCCAqGg AwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHD T6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSbVIoT h/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB BAUAA4GBADGxS0dd+QFx5fVTbF151j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3 UFWobPcNrUwbvAP0teuiR59sogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+dAvNa28o8 9kTqJmmHf0iezqWf54TYyWJirQXGMYICyDCCAsQCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYD VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0w GwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg UlNBIDIwMDAuOC4zMAIDBcS3MAkGBSsOAwIaBQCgggGDMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwHAYJKoZIhvcNAQkFMQ8XDTAxMTEwODE1MTkzOVowIwYJKoZIhvcNAQkEMRYEFM+w+hDz8+Ro 9sEMAPp1QPDfqJKjMHYGCSqGSIb3DQEJDzFpMGcwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MAcGBSsOAwIHMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAcGBSsOAwIaMAcGBSsOAwIaMAoGCCqG SIb3DQIFMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3Rl MR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1h aWwgUlNBIDIwMDAuOC4zMAIDBcS3MA0GCSqGSIb3DQEBAQUABIGAsPVpG5CMF9/fmAt2XD32KfWa ILrURV3+vZOGHpo3C3ArmKXHgFklrL6Yh4EKjChpiW551imjr6LkVjd41aWU4GY2qtbJCu9NYj4j xWhonUWDvsBC15RIAP0M0KwE9EPs15DXf9N/t6EH3/rpFinucBZQgW/gC/AvTyDP4b1fyJAAAAAA AAA= ------=_NextPart_000_0014_01C1683E.DF9835C0-- From owner-ietf-ldup@mail.imc.org Thu Nov 8 10:53:26 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA29000 for ; Thu, 8 Nov 2001 10:53:25 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA8FXU723657 for ietf-ldup-bks; Thu, 8 Nov 2001 07:33:30 -0800 (PST) Received: from va2mc.ummailbox.net (va2mc.ummailbox.net [64.210.247.19]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA8FXT823653 for ; Thu, 8 Nov 2001 07:33:29 -0800 (PST) Received: from ex04.ummail.com (ex04.ummail.com [64.210.247.105:25]) by va2mc.ummailbox.net with ESMTP id K1108-1033-705600; Thu, 8 Nov 2001 15:33:16 GMT Received: by ex04.ummail.com with Internet Mail Service (5.5.2650.21) id ; Thu, 8 Nov 2001 10:30:24 -0500 Message-ID: <504D6456F0C87F4C8B11FB0C2021D6F602DACF6D@ex04.ummail.com> From: Christopher Apple To: "'Kurt D. Zeilenga'" Cc: "'ietf-ldup@imc.org'" , "John Strassner (E-mail)" Subject: RE: Revised WG Charter Proposal Date: Thu, 8 Nov 2001 10:30:23 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_0000_01C16840.42572E90" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_0000_01C16840.42572E90 Content-Type: multipart/mixed; boundary="----=_NextPart_001_0001_01C16840.42572E90" ------=_NextPart_001_0001_01C16840.42572E90 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Since there is nothing explicitly in the charter about this, I suppose it would be logical to say that it is not explicitly prohibited. With that said, I'm sure that there would be significant and quite heated debate on the topic if there was a document which did propose that the model you are referring to be altered in a way that is not somehow compatible with the currently published RFC. There would have to be consensus that such a thing is a good idea. I am uncertain as to what specifically has led you to raise the issue though. Please elaborate on your concerns. Chris Apple Program Manager - Integration Services United Messaging Inc. (V) +1 610 425 2860 -----Original Message----- From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org] Sent: Wednesday, November 07, 2001 11:36 PM To: Christopher Apple Cc: 'ietf-ldup@imc.org'; John Strassner (E-mail) Subject: RE: Revised WG Charter Proposal At 07:41 PM 2001-11-07, Christopher Apple wrote: >This text to me sounds like its attempting to >write in liaison activities between the IETF >LDUP WG and the ITU. No. I am attempting to add text to the charter which clarifies whether or not redefining the "X.500 data model as used by LDAP" [RFC2251, Section 3.2 & 3.3] is within scope or not of this working group. As chair, what is your opinion? Can this WG (under its present charter or the proposed charter) redefine the "X.500 data model as used by LDAP" or not? Kurt ------=_NextPart_001_0001_01C16840.42572E90 Content-Type: text/x-vcard; name="Christopher Apple (E-mail).vcf" Content-Disposition: attachment; filename="Christopher Apple (E-mail).vcf" Content-Transfer-Encoding: quoted-printable BEGIN:VCARD VERSION:2.1 N:Apple;Christopher FN:Christopher Apple (E-mail) ORG:UMI TITLE:Program Manager TEL;WORK;VOICE:(610) 425-2860 TEL;HOME;VOICE:(215) 873-0850 TEL;CELL;VOICE:(610) 585-4241 TEL;WORK;FAX:(610) 425-6501 ADR;WORK:;;1161 McDermott Drive;West Chester;Pa.;19380;United States of = America LABEL;WORK;ENCODING=3DQUOTED-PRINTABLE:1161 McDermott = Drive=3D0D=3D0AWest Chester, Pa. 19380=3D0D=3D0AUnited States of Amer=3D ica EMAIL;PREF;INTERNET:christopher.apple@unitedmessaging.com REV:20010925T181636Z END:VCARD ------=_NextPart_001_0001_01C16840.42572E90-- ------=_NextPart_000_0000_01C16840.42572E90 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIF5DCCAqQw ggINoAMCAQICAwXEtzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMTAwMTIwMzQ0NFoXDTAyMTAwMTIwMzQ0NFowVzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjE0MDIGCSqGSIb3DQEJARYlY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVk bWVzc2FnaW5nLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAskTzIWwgiwgpN1uw6lPW 18QSwRHJrA1gsUDc/BvJsjlfGmlsfKKWz1vyLR4FHrVOLY9J82K1aTOrq6ce/aQfoQ1hKGH3tDPo AqetRW/nSpM2Jp50I3BImiFUr4ddB8WdNpYQgddQNCmvRAchnS+rwzsLUccV9LuukmfWf1EhvaUC AwEAAaNCMEAwMAYDVR0RBCkwJ4ElY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVkbWVzc2FnaW5nLm5l dDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBAgUAA4GBAB2VoUyzMe1HFbQvgw5Z+UvKcG68eDAZ bE2fkCMQDvnaIeqQiMcKGx1AN6F6+JMgoKuoT60B2052mU0K/LoR5OYIIM9J3KlqYjgUNZtRu89U bz9GgtSzDWMSQm+lNOBNFV7BddVrhKBHCglHiAiYUmzO7bi/YOi96yz2R4RdX6AhMIIDODCCAqGg AwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHD T6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSbVIoT h/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB BAUAA4GBADGxS0dd+QFx5fVTbF151j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3 UFWobPcNrUwbvAP0teuiR59sogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+dAvNa28o8 9kTqJmmHf0iezqWf54TYyWJirQXGMYICyDCCAsQCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYD VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0w GwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg UlNBIDIwMDAuOC4zMAIDBcS3MAkGBSsOAwIaBQCgggGDMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwHAYJKoZIhvcNAQkFMQ8XDTAxMTEwODE1MjkzNFowIwYJKoZIhvcNAQkEMRYEFD3qLSGceSpx ZEyRIylcN6v/v6h+MHYGCSqGSIb3DQEJDzFpMGcwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MAcGBSsOAwIHMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAcGBSsOAwIaMAcGBSsOAwIaMAoGCCqG SIb3DQIFMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3Rl MR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1h aWwgUlNBIDIwMDAuOC4zMAIDBcS3MA0GCSqGSIb3DQEBAQUABIGAdxhxBdDPn/9SAz3U9IHeG87t 2EDPJZSXg/SZoV8LiDsAVOto56yVjx2FuPIksI/2E9h3QwSnA6F6P//ilmqTp+xNYjPyDpQo0ua/ 8WFC7bcHjyu8clVuhNX/fWUwjT2uKyOG+6Uj0wJ5CWHTCyCl0riZkiA4mxnsXab61v0BFrQAAAAA AAA= ------=_NextPart_000_0000_01C16840.42572E90-- From owner-ietf-ldup@mail.imc.org Thu Nov 8 11:30:25 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA29948 for ; Thu, 8 Nov 2001 11:30:24 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA8GAHm00118 for ietf-ldup-bks; Thu, 8 Nov 2001 08:10:17 -0800 (PST) Received: from scaup.prod.itd.earthlink.net (scaup.mail.pas.earthlink.net [207.217.120.49]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA8GA9800112 for ; Thu, 8 Nov 2001 08:10:09 -0800 (PST) Received: from sdn-ar-004cocsprp122.dialsprint.net ([158.252.163.186] helo=FARILJCS) by scaup.prod.itd.earthlink.net with smtp (Exim 3.33 #1) id 161rka-0002He-00; Thu, 08 Nov 2001 08:09:56 -0800 Reply-To: From: "John Strassner" To: "Kurt D. Zeilenga" , "Christopher Apple" Cc: Subject: RE: Revised WG Charter Proposal Date: Thu, 8 Nov 2001 09:09:53 -0700 MIME-Version: 1.0 Message-ID: X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <5.1.0.14.0.20011107210928.016afdc0@127.0.0.1> Importance: Normal Content-Type: multipart/signed; micalg=SHA1; boundary="----=_NextPart_000_00EC_01C16835.1E6140D0"; protocol="application/x-pkcs7-signature" X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_00EC_01C16835.1E6140D0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Kurt, there are many different WGs that use "REVISE" as well as many different WGs that use "WG Last Call". Furthermore, this wording is consistent with current practice. I do agree with your suggested change to the last milestone. regards, John -----Original Message----- From: owner-ietf-ldup@mail.imc.org [mailto:owner-ietf-ldup@mail.imc.org]On Behalf Of Kurt D. Zeilenga Sent: Wednesday, November 07, 2001 10:25 PM To: Christopher Apple Cc: 'ietf-ldup@imc.org'; John Strassner (E-mail) Subject: Re: Revised WG Charter Proposal I suggest striking all the "REVISE" milestones... and replacing all "WG Last Call" milestones with "Recommend to the IESG for consideration as a ...". From past experience, each document has multiple WG Last Calls... it's successfully completely the WG Last Call and progressing the I-D that counts. And I suggest the last milestone be: Revise charter or conclude as "Re-evaluate Charter and Milestones" doesn't sound like much of a commitment to successfully conclude. At 12:30 PM 2001-11-05, Christopher Apple wrote: >Based on input from document editors and a little editing from me, >please review the following. The open review period of this begins >today, Monday, November 5, 2001 and will last for 7 days. > >The review period therefore ends on Monday, November 12, 2001. > >Silence equals consent. This will be sent to the ADs for review >subject to incorporation of comments sent, discussed, and >vetted on the WG mailing list shortly after November 12, 2001. > >LDAP Duplication/Replication/Update Protocols (ldup) > >Last Modified: 05-Nov-01 > >Chair(s): > >Chris Apple >John Strassner > >Applications Area Director(s): > >Ned Freed >Patrik Faltstrom > >Applications Area Advisor: > >Patrik Faltstrom > >Mailing Lists: > >General Discussion:ietf-ldup@imc.org >To Subscribe: ietf-ldup-request@imc.org >In Body: subscribe >Archive: http://www.imc.org/ietf-ldup/ > >Description of Working Group: > >As LDAPv3 becomes more widely deployed, replication of data across >servers running different implementations becomes an important part >of providing a distributed directory service. However, the LDAPv3 >community, to date, has focused on standardizing the client-server >access protocol. Therefore, this group will standardize master-slave >and multi-master LDAPv3 replication as defined below: > >o Multi-Master Replication - A replication model where entries can > be written and updated on any of several replica copies, without > requiring communication with other masters before the write or > update is performed. > >o Master-Slave, or Single-Master Replication - A replication model > that assumes only one server, the master, allows write access to > the replicated data. Note that Master-Slave replication can be > considered a proper subset of multi-master replication. > >The WG's approach is to first develop a set of requirements for >LDAPv3 directory replication and write an applicability statement >defining scenarios on which replication requirements are based. >An engineering team was formed consisting of different vendors >and the co-chairs in order to harmonize the existing approaches >into a single standard approach. All of these have been accomplished >during the pre-working group stage. It should be noted, however, >that replication using heterogeneous servers is dependent on >resolving access control issues, which are the domain of other >working groups. Should these issues not be resolved outside of >the LDUP WG in a timely manner relative to the WG's needs, the >WG will be re-chartered subject to Applications AD/IESG approval >to include the minimum required work. > >The new replication architecture support all forms of replication >mentioned above. Seven areas of working group focus have been >identified through LDUP Engineering Team discussions, each leading >to one or more Engineering Team discussions, each leading to one >or more documents to be published: > >o LDAPv3 Replication Architecture > > This documents a general-purpose LDAPv3 replication architecture, > defines key components of this architecture, describes how these > key components functionally behave, and describes how these > components interact with each other when in various modes of > operation. > >o LDAPv3 Replication Information Model > > Defines the schema and semantics of information used to operate, > administer, maintain, and provision replication between LDAPv3 > servers. Specifically, this document will contain common schema > specifications intended to facilitate interoperable > implementations with respect to: > > + replication agreements > > + consistency models > > + replication topologies > > + managing deleted objects and their states > > + administration and management > >o LDAPv3 Replication Information Transport Protocol > > LDAPv3 extended operation and control specifications required to > allow LDAPv3 to be used as the transport protocol for information > being replicated > >o LDAPv3 Mandatory Replica Management > > Specifications required to allow administration, maintenance, and > provisioning of replicas and replication agreements. These > specifications may take the form of definitions for LDAPv3 > extended operations, controls, and/or new schema elements. > >o LDAPv3 Update Reconciliation Procedures > > Procedures for detection and resolution of conflicts between the > state of multiple replicas that contain information from the same > unit of replication. > >o LDAPv3 Replication Usage Profile > > Including the LDAPv3 Replication Architecture, Information Model, > Protocol Extensions, and Update Reconciliation Procedures for: > > + LDAPv3 Master-Slave Directory Replication > > + LDAPv3 Multi-Master Directory Replication > >o LDAPv3 Client Update > > A protocol that enables an LDAP client to synchronize with the > content of a directory information tree (DIT) stored by an LDAP > server and to be notified about the changes to that content. > >The work being done in the LDUP WG should be coordinated to the >closest extent possible with similar work being done in the ITU. >This is necessary both because LDAP depends on X.500 and because >it makes sense from an operational perspective. > > >Goals and Milestones: > >Done Submit I-D on LDAPv3 Directory Replication Requirements. > >Done Submit Internet-Draft on LDAPv3 Replication Information Model. > >Done Submit I-D on LDAPv3 Update Reconciliation Procedures. > >Done Revise I-D on LDAPv3 Directory Replication Requirements. > >Done Revise I-D on LDAPv3 Replication Architecture. > >Done Revise I-D on LDAPv3 Replication Architecture. > >Done Revise I-D on LDAPv3 Replication Information Model. > >Done Submit I-D on LDAPv3 Replication Information Transport Protocol. > > >Done LDAPv3 Directory Replication Requirements I-D goes to WG Last >Call as Informational. > >Done Submit I-D on LDAPv3 Mandatory Replica Management. > >Done Submit I-D on General LDUP Usage Profile. > >Done Submit I-D on LDAPv3 Operations Framing. > >Oct 01 I-D on LDAPv3 Extended Operations for Framing goes to WG Last >Call as Proposed Standard. > >Nov 01 Submit I-D on LDAPv3 Replication Information Transport Protocol. > > >Nov 01 Revise I-D on General LDUP Usage Profile. > >Nov 01 Revise I-D on LDAPv3 Mandatory Replica Management. > >Dec 01 LDAPv3 Client Update Protocol I-D goes to WG Last Call as >Proposed Standard. > >Feb 02 LDAPv3 Replication Architecture I-D goes to WG Last Call as >Informational. > >Mar 02 LDAPv3 Update Reconciliation Procedures I-D goes to WG Last Call >as Proposed Standard. > >Mar 02 LDAPv3 Mandatory Replica Management I-D goes to WG Last Call as >Proposed Standard. > >Mar 02 LDAPv3 Replication Information Model I-D goes to WG Last Call as >Proposed Standard. > >Mar 02 LDAPv3 Replication Information Transport Protocol I-D goes to WG >Last Call as Proposed Standard. > >Mar 02 Re-evaluate Charter and Milestones. > >Chris Apple >Program Manager - Integration Services >United Messaging Inc. > > >(V) +1 610 425 2860 > ------=_NextPart_000_00EC_01C16835.1E6140D0 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII9jCCApQw ggH9oAMCAQICAwSkbzANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMDQxOTE5MjY0NFoXDTAyMDQxOTE5MjY0NFowTzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjEsMCoGCSqGSIb3DQEJARYdam9obi5zdHJhc3NuZXJAaW50ZWxsaWRl bi5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKOQF9xvr2IzkspSZ5NHATzu64yNJl1D NVVu08Upy0q/Dvfm0/dWVRc/sg09Tr1seHcVLIjAlY6QWFJsPf5tuglzSuMPy+6bGj/mI3KSXpte dhD5o33qc0oBnIOyn+PuqW7fpWjIJwM2MNCLr7gG1IjrchggMput4b5jq2M3zXxJAgMBAAGjOjA4 MCgGA1UdEQQhMB+BHWpvaG4uc3RyYXNzbmVyQGludGVsbGlkZW4uY29tMAwGA1UdEwEB/wQCMAAw DQYJKoZIhvcNAQEEBQADgYEAtHVVEjLYbfAxqW9D1GxSpZYh7kWX/em+JcgXrxFom6kU3wgCrluP F0Ce97vS4VX/TTs9x9b9YUONsEi8kqN5XLY3995FwnFgT+s2ZVljKNFoCgk4COQJ3OS2l/bZWFRc xgR4auC8sLZmE2oxtOm1cigZMhbT8ZnKvWuBN/8q2tUwggMpMIICkqADAgECAgEMMA0GCSqGSIb3 DQEBBAUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlD YXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0 aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwg Q0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wHhcNMDAwODMw MDAwMDAwWhcNMDIwODI5MjM1OTU5WjCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4g Q2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRp ZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMw MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMzKmY8cJJUU+0m54J2eBxdqIGYKXDuNEKYpj NSptcDz63K737nRvMLwzkH/5NHGgo22Y8cNPomXbDfpL8dbdYaX5hc1VmjUanZJ1qCeu2HL5ugL2 17CR3hzpq+AYA6h8Q0JQUYeDPPA5tJtUihOH/7ObnUlmAC0JieyUa+mhaQIDAQABo04wTDApBgNV HREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMS0yOTcwEgYDVR0TAQH/BAgwBgEB/wIB ADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAcxtvJmWL/xU0S1liiu1EvknH6A27j7kN aiYqYoQfuIdjdBxtt88aU5FL4c3mONntUPQ6bDSSrOaSnG7BIwHCCafvS65y3QZn9VBvLli4tgvB UFe17BzX7xe21Yibt6KIGu05Wzl9NPy2lhglTWr0ncXDkS+plrgFPFL83eliA0gwggMtMIIClqAD AgECAgEAMA0GCSqGSIb3DQEBBAUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBD YXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYD VQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVy c29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0 ZS5jb20wHhcNOTYwMTAxMDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUadfUsJRk W3HpR9gMUbbqcpGwhF59LQ2PexLfhSV1KHQ6QixjJ5+Ve0vvfhmHHYbqo925zpZkGsIUbkSsfOaP 6E0PcR9AOKYAo4d49vmUhl6t6sBeduvZFKNdbnp8DKVLVX8GGSl/npom1Wq7OCQIapjHsdqjmJH9 edvlWsQcuQIDAQABoxMwETAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA4GBAMfskn5O +PWWpWdiKqTwTRFg0G+NYFhhrCa7UjVcCM8w+6hKloofYkIjjBcP9LpknBesRynfnZhe0mxgcVyi rNx54+duAEcftQ0o6AKd5Jr9E/Sm2Xyx+NxfIyYJkYBz0BQb3kOpgyXy5pwvFcr+pquKB3WLDN1R hGvk+NHOd6KBMYICqjCCAqYCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJu IENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0 aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MAIDBKRvMAkGBSsOAwIaBQCgggFlMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcN AQkFMQ8XDTAxMTEwODE2MDk0OVowIwYJKoZIhvcNAQkEMRYEFBnNrWER8jcWCZsrqTIUKZPDkqUo MFgGCSqGSIb3DQEJDzFLMEkwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMAcGBSsOAwIHMA0G CCqGSIb3DQMCAgEoMAcGBSsOAwIaMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMAIDBKRvMA0GCSqGSIb3DQEBAQUABIGAktV0 RTbWBVLh8Hxn2gCv24s4tciLFC/U+sA2mGIX7FeXjrwOeNV9vy27gl/Y1gCRLPIgxi6S1Pwhom95 UAzKYIoIPjTBqoxWHcKZh/rbftSmR9mz7exhB+mLJH6Lkev11kD2NffWfXIJFO7MI11DZGKFGnIZ 0BtR5sC/oHvcHncAAAAAAAA= ------=_NextPart_000_00EC_01C16835.1E6140D0-- From owner-ietf-ldup@mail.imc.org Thu Nov 8 12:55:40 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA02680 for ; Thu, 8 Nov 2001 12:55:39 -0500 (EST) Received: by above.proper.com (8.11.6/8.11.3) id fA8HSam03955 for ietf-ldup-bks; Thu, 8 Nov 2001 09:28:36 -0800 (PST) Received: from pretender.boolean.net (root@router.boolean.net [198.144.206.49]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA8HSY803948 for ; Thu, 8 Nov 2001 09:28:35 -0800 (PST) Received: from nomad.OpenLDAP.org (root@localhost [127.0.0.1]) by pretender.boolean.net (8.11.3/8.11.1/Boolean/Hub) with ESMTP id fA8HXFC95544; Thu, 8 Nov 2001 17:33:15 GMT (envelope-from Kurt@OpenLDAP.org) Message-Id: <5.1.0.14.0.20011108073506.017cc728@127.0.0.1> X-Sender: kurt@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Thu, 08 Nov 2001 09:28:09 -0800 To: Christopher Apple From: "Kurt D. Zeilenga" Subject: RE: Revised WG Charter Proposal Cc: "'ietf-ldup@imc.org'" , "John Strassner (E-mail)" In-Reply-To: <504D6456F0C87F4C8B11FB0C2021D6F602DACF6D@ex04.ummail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: At 07:30 AM 2001-11-08, Christopher Apple wrote: >I am uncertain as to what specifically has led you to >raise the issue though. Please elaborate on your concerns. I'm concerned that the charter doesn't reflect the scope of the work this group will have to undertake to be successful. It seems that this WG has not yet reached consensus on whether or not the WG needs make "redefine X.500 models used by LDAP" in order to deliver "multi-master replication" meeting its requirements. The problem is that if the WG chooses to "redefine X.500 models used by LDAP" it likely will run into significant contention (as you noted). And, if it chooses not to "redefine X.500 models used by LDAP" it likely won't be able to deliver multiple-master replication meeting its own requirements. I rather address this issue sooner than later. Later may be too late. Kurt From owner-ietf-ldup@mail.imc.org Thu Nov 8 16:37:51 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA08612 for ; Thu, 8 Nov 2001 16:37:50 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fA8LJ5n17858 for ietf-ldup-bks; Thu, 8 Nov 2001 13:19:05 -0800 (PST) Received: from va2mc.ummailbox.net (va2mc.ummailbox.net [64.210.247.20]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fA8LJ4817854 for ; Thu, 8 Nov 2001 13:19:04 -0800 (PST) Received: from ex04.ummail.com (ex04.ummail.com [64.210.247.105:25]) by va2mc.ummailbox.net with ESMTP id K1108-1618-2fa300; Thu, 8 Nov 2001 21:18:58 GMT Received: by ex04.ummail.com with Internet Mail Service (5.5.2650.21) id ; Thu, 8 Nov 2001 16:16:05 -0500 Message-ID: <504D6456F0C87F4C8B11FB0C2021D6F602DACF70@ex04.ummail.com> From: Christopher Apple To: "'Kurt D. Zeilenga'" Cc: "'ietf-ldup@imc.org'" , "John Strassner (E-mail)" Subject: RE: Revised WG Charter Proposal Date: Thu, 8 Nov 2001 16:16:04 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_001B_01C16870.8E7CBD50" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_001B_01C16870.8E7CBD50 Content-Type: multipart/mixed; boundary="----=_NextPart_001_001C_01C16870.8E7CBD50" ------=_NextPart_001_001C_01C16870.8E7CBD50 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit I believe that's a technical issue to be sorted out by the WG as it discusses relevant drafts which may seek to go one way or the other. Chris Apple Program Manager - Integration Services United Messaging Inc. (V) +1 610 425 2860 -----Original Message----- From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org] Sent: Thursday, November 08, 2001 12:28 PM To: Christopher Apple Cc: 'ietf-ldup@imc.org'; John Strassner (E-mail) Subject: RE: Revised WG Charter Proposal At 07:30 AM 2001-11-08, Christopher Apple wrote: >I am uncertain as to what specifically has led you to >raise the issue though. Please elaborate on your concerns. I'm concerned that the charter doesn't reflect the scope of the work this group will have to undertake to be successful. It seems that this WG has not yet reached consensus on whether or not the WG needs make "redefine X.500 models used by LDAP" in order to deliver "multi-master replication" meeting its requirements. The problem is that if the WG chooses to "redefine X.500 models used by LDAP" it likely will run into significant contention (as you noted). And, if it chooses not to "redefine X.500 models used by LDAP" it likely won't be able to deliver multiple-master replication meeting its own requirements. I rather address this issue sooner than later. Later may be too late. Kurt ------=_NextPart_001_001C_01C16870.8E7CBD50 Content-Type: text/x-vcard; name="Christopher Apple (E-mail).vcf" Content-Disposition: attachment; filename="Christopher Apple (E-mail).vcf" Content-Transfer-Encoding: quoted-printable BEGIN:VCARD VERSION:2.1 N:Apple;Christopher FN:Christopher Apple (E-mail) ORG:UMI TITLE:Program Manager TEL;WORK;VOICE:(610) 425-2860 TEL;HOME;VOICE:(215) 873-0850 TEL;CELL;VOICE:(610) 585-4241 TEL;WORK;FAX:(610) 425-6501 ADR;WORK:;;1161 McDermott Drive;West Chester;Pa.;19380;United States of = America LABEL;WORK;ENCODING=3DQUOTED-PRINTABLE:1161 McDermott = Drive=3D0D=3D0AWest Chester, Pa. 19380=3D0D=3D0AUnited States of Amer=3D ica EMAIL;PREF;INTERNET:christopher.apple@unitedmessaging.com REV:20010925T181636Z END:VCARD ------=_NextPart_001_001C_01C16870.8E7CBD50-- ------=_NextPart_000_001B_01C16870.8E7CBD50 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIF5DCCAqQw ggINoAMCAQICAwXEtzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMTAwMTIwMzQ0NFoXDTAyMTAwMTIwMzQ0NFowVzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjE0MDIGCSqGSIb3DQEJARYlY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVk bWVzc2FnaW5nLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAskTzIWwgiwgpN1uw6lPW 18QSwRHJrA1gsUDc/BvJsjlfGmlsfKKWz1vyLR4FHrVOLY9J82K1aTOrq6ce/aQfoQ1hKGH3tDPo AqetRW/nSpM2Jp50I3BImiFUr4ddB8WdNpYQgddQNCmvRAchnS+rwzsLUccV9LuukmfWf1EhvaUC AwEAAaNCMEAwMAYDVR0RBCkwJ4ElY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVkbWVzc2FnaW5nLm5l dDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBAgUAA4GBAB2VoUyzMe1HFbQvgw5Z+UvKcG68eDAZ bE2fkCMQDvnaIeqQiMcKGx1AN6F6+JMgoKuoT60B2052mU0K/LoR5OYIIM9J3KlqYjgUNZtRu89U bz9GgtSzDWMSQm+lNOBNFV7BddVrhKBHCglHiAiYUmzO7bi/YOi96yz2R4RdX6AhMIIDODCCAqGg AwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHD T6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSbVIoT h/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB BAUAA4GBADGxS0dd+QFx5fVTbF151j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3 UFWobPcNrUwbvAP0teuiR59sogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+dAvNa28o8 9kTqJmmHf0iezqWf54TYyWJirQXGMYICyDCCAsQCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYD VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0w GwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg UlNBIDIwMDAuOC4zMAIDBcS3MAkGBSsOAwIaBQCgggGDMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwHAYJKoZIhvcNAQkFMQ8XDTAxMTEwODIxMTUxN1owIwYJKoZIhvcNAQkEMRYEFPaP42WJURew sQWmEpTJIMJUh8neMHYGCSqGSIb3DQEJDzFpMGcwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MAcGBSsOAwIHMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAcGBSsOAwIaMAcGBSsOAwIaMAoGCCqG SIb3DQIFMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3Rl MR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1h aWwgUlNBIDIwMDAuOC4zMAIDBcS3MA0GCSqGSIb3DQEBAQUABIGAAIhXg+FlTpoaW6Nk/uxrrBXI H5whVIwZGwQefXyamsZQlUFBNAZq2B1KYQKFdWElrqK+x96XvAuk1APwDDDsNwnSB0OAXuvECpF4 ErEm65vUQ8eWiw2sVpERyQ1OUKHkmS21FyYkveQVFLbES6WuIp8oliTxSMls9Mmo6WgUygwAAAAA AAA= ------=_NextPart_000_001B_01C16870.8E7CBD50-- From owner-ietf-ldup@mail.imc.org Mon Nov 12 00:03:36 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA06066 for ; Mon, 12 Nov 2001 00:03:36 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fAC4ehN09769 for ietf-ldup-bks; Sun, 11 Nov 2001 20:40:43 -0800 (PST) Received: from swan.prod.itd.earthlink.net (swan.mail.pas.earthlink.net [207.217.120.123]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fAC4eg809764 for ; Sun, 11 Nov 2001 20:40:42 -0800 (PST) Received: from sdn-ar-004cocsprp225.dialsprint.net ([158.252.163.241] helo=FARILJCS) by swan.prod.itd.earthlink.net with smtp (Exim 3.33 #1) id 1638tM-0004Eh-00; Sun, 11 Nov 2001 20:40:17 -0800 Reply-To: From: "John Strassner" To: "Christopher Apple" , "'Kurt D. Zeilenga'" Cc: Subject: RE: Revised WG Charter Proposal Date: Sun, 11 Nov 2001 21:40:10 -0700 Message-ID: MIME-Version: 1.0 X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal In-Reply-To: <504D6456F0C87F4C8B11FB0C2021D6F602DACF70@ex04.ummail.com> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; boundary="----=_NextPart_000_01AB_01C16A8F.DD94D230"; micalg=SHA1 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_01AB_01C16A8F.DD94D230 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit I agree with Chris, and think that it is premature to come to the conclusion that we have to redefine these models. regards, John -----Original Message----- From: Christopher Apple [mailto:christopher.apple@UnitedMessaging.net] Sent: Thursday, November 08, 2001 2:16 PM To: 'Kurt D. Zeilenga' Cc: 'ietf-ldup@imc.org'; John Strassner (E-mail) Subject: RE: Revised WG Charter Proposal I believe that's a technical issue to be sorted out by the WG as it discusses relevant drafts which may seek to go one way or the other. Chris Apple Program Manager - Integration Services United Messaging Inc. (V) +1 610 425 2860 -----Original Message----- From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org] Sent: Thursday, November 08, 2001 12:28 PM To: Christopher Apple Cc: 'ietf-ldup@imc.org'; John Strassner (E-mail) Subject: RE: Revised WG Charter Proposal At 07:30 AM 2001-11-08, Christopher Apple wrote: >I am uncertain as to what specifically has led you to >raise the issue though. Please elaborate on your concerns. I'm concerned that the charter doesn't reflect the scope of the work this group will have to undertake to be successful. It seems that this WG has not yet reached consensus on whether or not the WG needs make "redefine X.500 models used by LDAP" in order to deliver "multi-master replication" meeting its requirements. The problem is that if the WG chooses to "redefine X.500 models used by LDAP" it likely will run into significant contention (as you noted). And, if it chooses not to "redefine X.500 models used by LDAP" it likely won't be able to deliver multiple-master replication meeting its own requirements. I rather address this issue sooner than later. Later may be too late. Kurt ------=_NextPart_000_01AB_01C16A8F.DD94D230 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII9jCCApQw ggH9oAMCAQICAwSkbzANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMDQxOTE5MjY0NFoXDTAyMDQxOTE5MjY0NFowTzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjEsMCoGCSqGSIb3DQEJARYdam9obi5zdHJhc3NuZXJAaW50ZWxsaWRl bi5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKOQF9xvr2IzkspSZ5NHATzu64yNJl1D NVVu08Upy0q/Dvfm0/dWVRc/sg09Tr1seHcVLIjAlY6QWFJsPf5tuglzSuMPy+6bGj/mI3KSXpte dhD5o33qc0oBnIOyn+PuqW7fpWjIJwM2MNCLr7gG1IjrchggMput4b5jq2M3zXxJAgMBAAGjOjA4 MCgGA1UdEQQhMB+BHWpvaG4uc3RyYXNzbmVyQGludGVsbGlkZW4uY29tMAwGA1UdEwEB/wQCMAAw DQYJKoZIhvcNAQEEBQADgYEAtHVVEjLYbfAxqW9D1GxSpZYh7kWX/em+JcgXrxFom6kU3wgCrluP F0Ce97vS4VX/TTs9x9b9YUONsEi8kqN5XLY3995FwnFgT+s2ZVljKNFoCgk4COQJ3OS2l/bZWFRc xgR4auC8sLZmE2oxtOm1cigZMhbT8ZnKvWuBN/8q2tUwggMpMIICkqADAgECAgEMMA0GCSqGSIb3 DQEBBAUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlD YXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0 aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwg Q0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wHhcNMDAwODMw MDAwMDAwWhcNMDIwODI5MjM1OTU5WjCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4g Q2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRp ZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMw MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMzKmY8cJJUU+0m54J2eBxdqIGYKXDuNEKYpj NSptcDz63K737nRvMLwzkH/5NHGgo22Y8cNPomXbDfpL8dbdYaX5hc1VmjUanZJ1qCeu2HL5ugL2 17CR3hzpq+AYA6h8Q0JQUYeDPPA5tJtUihOH/7ObnUlmAC0JieyUa+mhaQIDAQABo04wTDApBgNV HREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMS0yOTcwEgYDVR0TAQH/BAgwBgEB/wIB ADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAcxtvJmWL/xU0S1liiu1EvknH6A27j7kN aiYqYoQfuIdjdBxtt88aU5FL4c3mONntUPQ6bDSSrOaSnG7BIwHCCafvS65y3QZn9VBvLli4tgvB UFe17BzX7xe21Yibt6KIGu05Wzl9NPy2lhglTWr0ncXDkS+plrgFPFL83eliA0gwggMtMIIClqAD AgECAgEAMA0GCSqGSIb3DQEBBAUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBD YXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYD VQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVy c29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0 ZS5jb20wHhcNOTYwMTAxMDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUadfUsJRk W3HpR9gMUbbqcpGwhF59LQ2PexLfhSV1KHQ6QixjJ5+Ve0vvfhmHHYbqo925zpZkGsIUbkSsfOaP 6E0PcR9AOKYAo4d49vmUhl6t6sBeduvZFKNdbnp8DKVLVX8GGSl/npom1Wq7OCQIapjHsdqjmJH9 edvlWsQcuQIDAQABoxMwETAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA4GBAMfskn5O +PWWpWdiKqTwTRFg0G+NYFhhrCa7UjVcCM8w+6hKloofYkIjjBcP9LpknBesRynfnZhe0mxgcVyi rNx54+duAEcftQ0o6AKd5Jr9E/Sm2Xyx+NxfIyYJkYBz0BQb3kOpgyXy5pwvFcr+pquKB3WLDN1R hGvk+NHOd6KBMYICqjCCAqYCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJu IENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0 aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MAIDBKRvMAkGBSsOAwIaBQCgggFlMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcN AQkFMQ8XDTAxMTExMTE2MDQyN1owIwYJKoZIhvcNAQkEMRYEFCFCFRiVakUHBz/ys4dKsDXvo1La MFgGCSqGSIb3DQEJDzFLMEkwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMAcGBSsOAwIHMA0G CCqGSIb3DQMCAgEoMAcGBSsOAwIaMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMAIDBKRvMA0GCSqGSIb3DQEBAQUABIGAW6Tz Bxc0/jkbZvsinFfO7EY11Cm8Su4/3p2505nmF2gkom/LQ1kwbAETju+1DmLMTt3+jBrkowqbx/DH nB8KiX+xCnDjSFnSa0gh4PzxxDbvyFPonzOI+3xWV151rsNWPrhn/MJdQNplkhiDw8NmoxTIacEl C4EBBraxs6zT4l0AAAAAAAA= ------=_NextPart_000_01AB_01C16A8F.DD94D230-- From owner-ietf-ldup@mail.imc.org Mon Nov 12 11:15:27 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA09343 for ; Mon, 12 Nov 2001 11:15:27 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fACFwkO10825 for ietf-ldup-bks; Mon, 12 Nov 2001 07:58:46 -0800 (PST) Received: from cosds003.continuumnetworks.com ([12.41.184.243]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fACFwf810788 for ; Mon, 12 Nov 2001 07:58:43 -0800 (PST) Received: from FARILJCS ([12.41.186.49]) by cosds003.continuumnetworks.com (Netscape Messaging Server 4.15) with SMTP id GMP31400.O4V; Mon, 12 Nov 2001 08:58:16 -0700 Reply-To: From: "John Strassner" To: "'Ietf-Ldup@Imc. Org'" Cc: "Christopher Apple" Subject: Charter - last milestone Date: Mon, 12 Nov 2001 08:58:14 -0700 MIME-Version: 1.0 Message-ID: X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_0039_01C16B58.29D4CAB0" Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_0039_01C16B58.29D4CAB0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit For the record, Chris and I discussed the charter (again) with respect to the last milestone. Chris is indeed right - we were given prior guidance from our ADs and the IESG on this subject, and this statement should stay as written. Sorry for any confusion generated from my earlier note. regards, John ------=_NextPart_000_0039_01C16B58.29D4CAB0 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII9jCCApQw ggH9oAMCAQICAwSkbzANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMDQxOTE5MjY0NFoXDTAyMDQxOTE5MjY0NFowTzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjEsMCoGCSqGSIb3DQEJARYdam9obi5zdHJhc3NuZXJAaW50ZWxsaWRl bi5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKOQF9xvr2IzkspSZ5NHATzu64yNJl1D NVVu08Upy0q/Dvfm0/dWVRc/sg09Tr1seHcVLIjAlY6QWFJsPf5tuglzSuMPy+6bGj/mI3KSXpte dhD5o33qc0oBnIOyn+PuqW7fpWjIJwM2MNCLr7gG1IjrchggMput4b5jq2M3zXxJAgMBAAGjOjA4 MCgGA1UdEQQhMB+BHWpvaG4uc3RyYXNzbmVyQGludGVsbGlkZW4uY29tMAwGA1UdEwEB/wQCMAAw DQYJKoZIhvcNAQEEBQADgYEAtHVVEjLYbfAxqW9D1GxSpZYh7kWX/em+JcgXrxFom6kU3wgCrluP F0Ce97vS4VX/TTs9x9b9YUONsEi8kqN5XLY3995FwnFgT+s2ZVljKNFoCgk4COQJ3OS2l/bZWFRc xgR4auC8sLZmE2oxtOm1cigZMhbT8ZnKvWuBN/8q2tUwggMpMIICkqADAgECAgEMMA0GCSqGSIb3 DQEBBAUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlD YXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0 aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwg Q0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wHhcNMDAwODMw MDAwMDAwWhcNMDIwODI5MjM1OTU5WjCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4g Q2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRp ZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMw MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMzKmY8cJJUU+0m54J2eBxdqIGYKXDuNEKYpj NSptcDz63K737nRvMLwzkH/5NHGgo22Y8cNPomXbDfpL8dbdYaX5hc1VmjUanZJ1qCeu2HL5ugL2 17CR3hzpq+AYA6h8Q0JQUYeDPPA5tJtUihOH/7ObnUlmAC0JieyUa+mhaQIDAQABo04wTDApBgNV HREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMS0yOTcwEgYDVR0TAQH/BAgwBgEB/wIB ADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAcxtvJmWL/xU0S1liiu1EvknH6A27j7kN aiYqYoQfuIdjdBxtt88aU5FL4c3mONntUPQ6bDSSrOaSnG7BIwHCCafvS65y3QZn9VBvLli4tgvB UFe17BzX7xe21Yibt6KIGu05Wzl9NPy2lhglTWr0ncXDkS+plrgFPFL83eliA0gwggMtMIIClqAD AgECAgEAMA0GCSqGSIb3DQEBBAUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBD YXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYD VQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVy c29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0 ZS5jb20wHhcNOTYwMTAxMDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUadfUsJRk W3HpR9gMUbbqcpGwhF59LQ2PexLfhSV1KHQ6QixjJ5+Ve0vvfhmHHYbqo925zpZkGsIUbkSsfOaP 6E0PcR9AOKYAo4d49vmUhl6t6sBeduvZFKNdbnp8DKVLVX8GGSl/npom1Wq7OCQIapjHsdqjmJH9 edvlWsQcuQIDAQABoxMwETAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA4GBAMfskn5O +PWWpWdiKqTwTRFg0G+NYFhhrCa7UjVcCM8w+6hKloofYkIjjBcP9LpknBesRynfnZhe0mxgcVyi rNx54+duAEcftQ0o6AKd5Jr9E/Sm2Xyx+NxfIyYJkYBz0BQb3kOpgyXy5pwvFcr+pquKB3WLDN1R hGvk+NHOd6KBMYICqjCCAqYCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJu IENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0 aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MAIDBKRvMAkGBSsOAwIaBQCgggFlMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcN AQkFMQ8XDTAxMTExMjE1NTgxNFowIwYJKoZIhvcNAQkEMRYEFNjsBD5yclowQwXlSw2mi9Yaj9hA MFgGCSqGSIb3DQEJDzFLMEkwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMAcGBSsOAwIHMA0G CCqGSIb3DQMCAgEoMAcGBSsOAwIaMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMAIDBKRvMA0GCSqGSIb3DQEBAQUABIGAPLP6 lzmY1O0df6mVucQeaJyhysugqas5mFuKjzEVfd34MI6Cv9AJRzmF4+9N/Nxr7Pr5x6gz7pquH7Bw rBChzWGcfTd8wHeatW8LMllk/JRxSXT5bpZyw79cSV6a4FtK7ICpJZ6/PNxcznbVXyriu4XgbVBk NFjSLqZNa9B+hncAAAAAAAA= ------=_NextPart_000_0039_01C16B58.29D4CAB0-- From owner-ietf-ldup@mail.imc.org Tue Nov 13 14:13:15 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA13110 for ; Tue, 13 Nov 2001 14:13:15 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fADIr3505543 for ietf-ldup-bks; Tue, 13 Nov 2001 10:53:03 -0800 (PST) Received: from tconl91223.tconl.com (tconl91223.tconl.com [204.26.91.223]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fADIr1805538 for ; Tue, 13 Nov 2001 10:53:01 -0800 (PST) Received: (from jayhawk@localhost) by tconl91223.tconl.com (8.11.0/8.11.0) id fADIpX901298; Tue, 13 Nov 2001 12:51:33 -0600 Date: Tue, 13 Nov 2001 12:51:33 -0600 From: Ryan Moats To: internet-drafts@ietf.org Cc: ietf-ldup@imc.org Subject: Re: I-D ACTION:draft-ietf-ldup-framing-profile-00.txt Message-ID: <20011113125133.A1248@localhost.localdomain> References: <200108161102.HAA28184@ietf.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200108161102.HAA28184@ietf.org>; from Internet-Drafts@ietf.org on Thu, Aug 16, 2001 at 07:02:27AM -0400 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: I-D editor: please insert the following (below '...===cuthere') as draft-ietf-ldup-mrm-00.txt. LDUP: Here's -00 of Mandatory LDAP Replica Management. Many thanks to Mark and Ed for the initial text. A lot of this document is still TBD (as you will see), but we wanted to get something in the repository for SLC and we've fleshed out enough of it for us to ask the WG for consensus on the following issues. 1. In Section 4.5, do we need the ability to copy (i.e. read and set) all operational attributes as part of this operation? If so, LDAP will need a change. 2. Section 4.6 currently requires that all replicaSubentries representing the same server have the same entryUUID. How is this accomplished? 3. Section 5.1.1 posits some out-of-band transport for the initial copy of the source server. Is LDIF appropriate for this transport? If so, how do we carry replication meta-data (e.g. CSNs)? 4. Should the operations in section 5.12 be condensed into a single extended operation? The rationale behind an extended operation is that this should be a mechanical process. Having a mechanism to "replicate" this from one server to the others: - reduces likelihood of missing something - allows replication framework to ensure that this information gets to every server in the event that a server is down or so Enjoy Ryan Moats (for the authors) =============================cut here Internet-Draft Ryan Moats LDAP Duplication/Replication/Update Lemur Networks, Inc. Protocols WG Rick Huber Intended Category: Standard AT&T Laboratories Expires May 2002 John McMeeking IBM November 2001 Mandatory LDAP Replica Management Filename: draft-ietf-ldup-mrm-00.txt Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/lid-abstracts.txt. The list of Internet-Drafts Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Copyright Notice Copyright (C) The Internet Society (2000). All Rights Reserved. Abstract The goal of standards for LDAP replication is to allow interoperable replication among products from many different vendors. Defining the mechanism to move data among replicas is a necessary part of this work, but management of the replicated environment must also be standardized for replication to be truly interoperable. This document presents the replication management functions that must be performed. Whenever possible, these functions are defined in terms of existing LDAP functionality using existing LDAP operations and existing data definitions. In some cases, changes or additions to the existing model are requires, and specifications for these changes are included in this document. Moats, et al Expires May 2002 [Page 1] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 1 Table of Contents Status of this Memo...................................................1 Abstract..............................................................1 1 Table of Contents ..................................................2 2 Introduction .......................................................3 3 Administrative Precursors ..........................................4 4 Operational "Atoms" ................................................4 4.1 Create replicaContext on a single server .......................5 4.2 Delete replicaContext from a single server .....................5 4.3 Add area of replication to a server ............................5 4.4 Delete area of replication from a server .......................6 4.5 Copy base of area of replication between servers ...............6 4.6 Create server entry in area of replication .....................6 4.7 Delete Server Entry for an area of replication .................7 4.8 Modify replica .................................................7 4.8.1 Change Replica Type .........................................7 4.8.2 Change Between Full/Partial Replica .........................7 4.8.3 Change Replica URI for one server for one area of replication 7 4.9 Add Replication Agreement ......................................7 4.10 Delete Replication Agreement .................................8 4.11 Modify Replication Agreement .................................8 4.12 Suspend Replication ..........................................8 4.13 Resume Replication ...........................................8 4.14 Trigger an Immediate Replica Cycle ...........................8 5 Common Tasks .......................................................8 5.1 Add a new replica to an existing replica group .................9 5.1.1 Large area of replication support ...........................9 5.2 Set up (but do not start) replication between two servers ......9 5.3 Set up (but do not start) replication between a server and an existing replica group ..............................................9 5.4 Verify replication information is present between two servers ..9 5.5 Start replication between two servers. .........................9 5.6 Start replication between an existing replica group and a new server ..............................................................9 5.7 Temporarily Suspend all replication activity from a given server 9 5.8 Halt replication on all areas of a server ......................9 5.9 List status of a particular area of replication on a given server ..............................................................9 5.10 List all areas of replication defined on a given server and their status .......................................................10 5.11 Restore a server and replication agreements after a server crash 10 5.12 Split an Area of Replication ................................10 5.13 Move an existing area of replication to a new server ........10 5.14 Join two Areas of Replication ...............................10 5.14.1 Preconditions ............................................10 Moats, et al Expires May 2002 [Page 2] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 5.14.2 Procedure ................................................10 5.14.3 Server requirements ......................................11 5.15 Stop Replicating an Area of Replication. ....................11 5.16 Suspending and Resuming Replication .........................12 5.17 Convert a read-only replica to an updateable replica ........12 5.18 Changing Replica URI on all servers handling an area of replication ........................................................12 5.19 Postpone a Replica Cycle to a Later Time ....................12 5.20 Examine Replication Audit History on a Server ...............12 5.21 Compare Two Replicas on Two Servers for Differences .........12 5.22 Fix an Entry Without Triggering Replication .................12 5.23 Check Reported Schema Mismatches Discovered During Replication 13 5.24 Adding a new directory server to a replica group and initializing the contents ..........................................13 5.25 Restore from the master failure in a single-master system ...13 6 Formal Specifications .............................................13 6.1 New/Modified Object Classes ...................................13 6.2 New/Modified Attributes .......................................13 6.3 New/Modified Extended Operations ..............................13 6.4 New/Modified Replication Primitives ...........................14 7 Security Considerations ...........................................14 8 Acknowledgements ..................................................14 9 References ........................................................14 Author's Addresses:..................................................15 Full Copyright Statement.............................................15 2 Introduction In the LDAP replication architecture [Arch], the LDAP servers and replication agreements between them are represented by entries in the directory tree, as part of the replicated naming context. The LDAP replication information model [InfoMod] describes the contents of these entries. Replication management entries, such as replicaSubentries or replication agreements, can be altered on any updateable replica. These entries are implicitly included in the directory entries governed by any agreement associated with this area of replication. As a result, all servers with a replica of an area of replication will have access to information about all other replicas of that area of replication and associated agreements. The deployment and maintenance of a replicated directory network involves the creation and management on the replicas themselves and associated replication control information (e.g. replicationSubentries and replication agreements). This document outlines the administrative actions necessary to create and maintain replication agreements. Typically, administrative tools will guide the administrator and facilitate these actions. Moats, et al Expires May 2002 [Page 3] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 3 Administrative Precursors In this document the term "administrative user" refers to an identity that will be performing replication configuration by binding to and invoking operations on directory servers. Most LDAP server implementations have the concept of a superuser or power user, however this need not be the same as the administrative user, so long as the administrative user has been granted appropriate privileges. The administrative user MAY be running as an autonomous process, and MUST be capable of securely maintaining its own credentials. Servers SHOULD support the concept of there being multiple administrative users, and SHOULD allow each to have distinct rights from the others. Deployments SHOULD create an administrative user identity that is granted access to all servers holding a replica of a naming context to perform the procedures described below, in particular to read the root DSE, the replicationContext prefix entry and all subordinate subentries. The administrative user who will be viewing or modifying the replication status MUST have already been provided with and established in the directory server or servers appropriate authentication credentials and authorization rights to retrieve attributes and invoke DIT modification operations that are beyond the ability of the 'average' directory user. Through out-of-band means one of the following will have occurred: 1. the administrative user and the directory server have agreed upon a shared secret which the administrator will use to authenticate itself, or 2. the administrative user will have a certificate that can be validated by the directory server. Note that the secret in the first case need not be held by the directory server itself but could be maintained by an authentication service trusted by the directory server. 4 Operational "Atoms" The following operational atoms are used to build up more complex tasks in section 5. Most of these operational "atoms" make the following assumptions: Through prior LDAP or out-of-band means the administrative user MUST have been granted the following access control permissions to the directory in order to establish replication: -Modify the attribute 'replicaContextRoots' of the root DSE by adding values -Create the naming context prefix entry Moats, et al Expires May 2002 [Page 4] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 -Create subentries immediately below the naming context prefix entry In several sections below, we refer to "source" and "target" servers. The "source" server is a server that already holds a copy of the area of replication. It may already be replicating that area with other servers. The "target" server does not currently hold a copy of the area of replication. The "target" is being added to the replica-group. Issue: Any write or modify being done to a readOnly replica requires some thought. Issue: Whether each of these atoms is propagated by replication and how it impacts the replication process. 4.1 Create replicaContext on a single server The client SHOULD invoke a ModifyRequest in which the object field is the empty string (naming the root DSE), and the modification list consists of a single item to add the distinguished name of the context prefix to the attribute replicaContextRoots. If the server responds with the resultCode attributeOrValueExists, then the value is already there. If the server responds with a resultCode other than attributeOrValueExists or success, then this is an error. 4.2 Delete replicaContext from a single server The client SHOULD invoke a ModifyRequest in which the object field is the empty string (naming the root DSE), and the modifications list consists of a single item, to delete the value of the distinguished name of the context prefix from the attribute replicaContextRoots. If the server responds with the resultCode noSuchAttribute, then the value has already been removed. If the server responds with a resultCode other than noSuchAttribute or success, then this is an error. 4.3 Add area of replication to a server The client SHOULD invoke a ModifyRequest in which the object field is the context prefix of the replication context, and the modification list consists of a single item to add the value replicationContext to the attribute objectClass. If the server responds with the resultCode attributeOrValueExists, then the value is already there. If the server responds with a resultCode other than attributeOrValueExists or success, then this is an error. Should an error occur at this point, the server is in an inconsistent state and needs to be fixed. After this step is completed, the server will begin storing change information for this area of replication. WG ISSUE: If replicaContextRoots were an operational attribute, then it would be possible to have the server maintain that attribute when replicationContext is added or deleted. Without it, these steps need Moats, et al Expires May 2002 [Page 5] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 to be separate LDAP protocol operations and thus it is possible to have inconsistent states. 4.4 Delete area of replication from a server The client SHOULD invoke a ModifyRequest in which the object field is the context prefix of the replication context, and the modification list consists of a single item to remove the value replicationContext to the attribute objectClass. If the server responds with the resultCode noSuchAttribute, then the value has already been removed. If the server responds with a resultCode other than noSuchAttribute or success, then this is an error. After this step is completed, the server will no longer replicate this area of replication. 4.5 Copy base of area of replication between servers In this section, the 'target server' is the server on which the client has just modified the root DSE. The client MUST separately contact another server, one that already holds a copy of this replication context, and issue a SearchRequest on that server in which the baseObject is the DN of the of base the area of replication, the scope baseObject, the filter "(objectClass=*)" and the attributes list "*". If the client cannot obtain the single entry at this point, the procedure will fail, and the client SHOULD invoke on the slave server a ModifyRequest in which the object field is the empty string, and the modifications list consists of a single item, a delete of the attribute replicaContextRoots with the value the distinguished name of the context prefix. WG Issue: Do we need the ability to copy (i.e. read and set) all operational attributes as part of this operation? If so, LDAP will need a change. Now that it has the entry, the client SHOULD invoke an AddRequest on the target server with entry set to the DN of the base of the area of replication and attributes the same list as obtained in the previous search. If the server returns a resultCode other than success, it is an error, and the server will be in an inconsistent state. 4.6 Create server entry in area of replication Each server needs to have in its copy of the area of replication a replicaSubentry for each of the servers involved in replicating that area before replication can be started. These entries MUST have the following attributes: 1. objectclass, with values top, ldapSubentry and replicaSubentry 2. cn 3. replicaURI Moats, et al Expires May 2002 [Page 6] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 4. replicaType 5. replicaOnline and MAY contain other attributes, as described in the Information Model [InfoMod]. WG Issue: This requires that all replicaSubentries representing the same server have the same entryUUID. How is this accomplished? 4.7 Delete Server Entry for an area of replication The client SHOULD issue a SearchRequest in which the baseObject is the DN of the context prefix, the scope oneLevel, the filter "(objectClass=replicaSubentries)" and the attributes list. For each entry returned, the client SHOULD then issue a DeleteReques in which the object field is the DN of the entry. If the server responds with the resultCode noSuchObject, then the entry has already been removed. If the server responds with a resultCode other than noSuchObject or success, then this is an error. 4.8 Modify replica 4.8.1 Change Replica Type Note: This section covers only the simple protocol operation to change the replica type. Section 5.17 coverts the full set of operations for converting from a ReadOnly to an Updateable replica. The client SHOULD invoke a ModifyRequest in which the object field is the replicationSubentry, and the modification list consists of a single item to change the value of the attribute replicaType. If the server responds with the resultCode attributeOrValueExists, then the value is already there. If the server responds with a resultCode other than attributeOrValueExists or success, then this is an error. 4.8.2 Change Between Full/Partial Replica TBD 4.8.3 Change Replica URI for one server for one area of replication Note: This section covers only the simple protocol operation to change the replica type. Section 5.18 covers the full set of operations for changing the replica URI on all servers. The client SHOULD invoke a ModifyRequest in which the object field is the replicationSubentry, and the modification list consists of a single item to change the value of the attribute replicaURI to the new value. If the server responds with the resultCode attributeOrValueExists, then the value is already there. If the server responds with a resultCode other than attributeOrValueExists or success, then this is an error. 4.9 Add Replication Agreement TBD Moats, et al Expires May 2002 [Page 7] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 4.10 Delete Replication Agreement The termination of replication agreements should be done with caution as it can easily result in a partition of the directory servers if performed incorrectly. Once all replication agreements have been terminated between a server and others for a naming context, then that copy of the context on the server will be divergent, and any updates made there will not be propagated to any other server. TBD 4.11 Modify Replication Agreement TBD 4.12 Suspend Replication The client SHOULD invoke a ModifyRequest in which the object field is the DN of the target replicationSubentry, and the modification list consists of a single item to change the value of replicaOnline attribute to false. If the server responds with the resultCode attributeOrValueExists, then the value is already there. If the server responds with a resultCode other than attributeOrValueExists or success, then this is an error. 4.13 Resume Replication The client SHOULD invoke a ModifyRequest in which the object field is the DN of the target replicationSubentry, and the modification list consists of a single item to change the value of replicaOnline attribute to true. If the server responds with the resultCode attributeOrValueExists, then the value is already there. If the server responds with a resultCode other than attributeOrValueExists or success, then this is an error. 4.14 Trigger an Immediate Replica Cycle TBD Issue: An administrative client could trigger an immediate replication cycle by issuing a "Trigger Replication" extended operation to the supplier server. The extended operation value specifies the DN of a replication agreement between the supplier and target replicas, and the type of replication session to be performed (full update or incremental update). The replication agreement is used to specify the target replica, connection information, and authentication information. 5 Common Tasks There are many tasks that administrators need to perform in a replicated environment. This section describes many typical tasks and describes how they are performed in terms of the atoms defined above. Moats, et al Expires May 2002 [Page 8] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 5.1 Add a new replica to an existing replica group TBD 5.1.1 Large area of replication support In some cases, an area of replication is so large or available bandwidth so small that out-of-band mechanisms (e.g. mailing a tape) need to be used to transport the initial copy from the source to the target. The target then needs to be updated with changes made to the source since the copy was made. This section describes how this situation is handled. Details TBD. WG Issue: is LDIF appropriate for this transport? If so, how do we carry replication meta-data (e.g. CSNs)? 5.2 Set up (but do not start) replication between two servers TBD 5.3 Set up (but do not start) replication between a server and an existing replica group TBD 5.4 Verify replication information is present between two servers TBD 5.5 Start replication between two servers. For this operation, the client SHOULD follow the steps in Section 5.2 followed by starting replication as specified in Section 4.13. 5.6 Start replication between an existing replica group and a new server For this operation, the client SHOULD follow the steps in Section 5.3 followed by starting replication as specified in Section 4.13. 5.7 Temporarily Suspend all replication activity from a given server TBD 5.8 Halt replication on all areas of a server TBD 5.9 List status of a particular area of replication on a given server TBD Moats, et al Expires May 2002 [Page 9] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 5.10 List all areas of replication defined on a given server and their status TBD 5.11 Restore a server and replication agreements after a server crash TBD 5.12 Split an Area of Replication To split an area of replication, the atoms are: 1. Add the subordinate area of replication to the servers' replicaContextRoots (Section 4.1) 2. Add the replicationContext objectclass to the root entry of the area of replication (Section 4.3) 3. Create replicaSubentry objects under the new area of replication for each replica of the parent area of replication (Section 4.6) 4. Create replicaAgreement objects (and schedules?) under the new replicaSubentries, where agreements are created that correspond to each agreement defined for the parent (Section 4.9). These operations must be performed on each server containing a replica of the parent area of replication. WG Issue: Extended op or not? The rationale behind an extended operation is that this should be a mechanical process. Having a mechanism to "replicate" this from one server to the others: - reduces likelihood of missing something - allows replication framework to ensure that this information gets to every server in the event that a server is down or some other error prevents the client from completing all of these operations. 5.13 Move an existing area of replication to a new server TBD 5.14 Join two Areas of Replication This section describes how to join two areas of replication. 5.14.1 Preconditions Before joining two areas of replication there are certain preconditions that need to be satisfied: 1. Any server that contains a replica of one area of replication must also contain a replica of the other area of replication. This may require copying either area of replication to additional servers, or deleting either area of replication from servers. 2. The replicas on any given server MUST be of the same type. Both replicas must be updateable, both-readonly, or both primary. Furthermore, if the replicas are readonly, they must both be full replicas, or must both be fractional replicas with identical fractional entry specifications. 5.14.2 Procedure Moats, et al Expires May 2002 [Page 10] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 1. On each server, delete the replicationContext objectclass value from the subordinate area of replication (Section TBD). We'd like this to be replicated under the parent area of replication, and we'd like this to have the affect of causing all not yet replicated updates and future client changes as if they occurred under the parent area f replication. This is going to cause problems with respect to CSNs if there are "old" changes in the subordinate context. Maybe we require that there be no pending updates? This is going to be potentially ugly. 2. Delete all replication agreements for the subordinate area of replication 3. Delete all replicaSubentries for the subordinate area of replication 5.14.3 Server requirements When the replicationContext objectclass is removed from the root of an area of replication, the server MUST immediately treat entries within the area of replication as belonging to the parent area of replication (if there is any). This includes replicating any pending replication updates (those not yet replicated to other replicas) as if they occurred under the parent area of replication, as well as preserving any Lost and Found entries. If a server receives a request to delete the replicationContext from an area of replication, and there is a parent area of replication, the Server MUST verify that these replicas are of the same type, and if fractional, that the fractional entry specifications are identical. If the replicas are not of the same type, the request MUST be failed with resultCode unwillingToPerform. 5.15 Stop Replicating an Area of Replication. This section describes how to stop replicating an area of replication. At the end of the procedure, the subtree represented by the area of replication will exist on one server, all replication agreements will have been deleted, and the root of the area of replication will no longer be an area of replication. The server on which the subtree will remain is referred to as the surviving replica. To stop replicating an area of replication, a client with administrative authority should perform the following operations: 1. Halt replication After halting, the client MAY optionally delete information by: 2. Delete all replication agreements (Section 4.10). 3. Delete all replicaSubentries under the area of replication (section 4.7) 4. Issue a modifyRequest to the surviving server where the object field is the DN of the area of replication, and the modifications list consists of a single item, delete the attribute objectclasss with value replicationContext. Moats, et al Expires May 2002 [Page 11] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 5. Delete replicaContext from that server (Section 4.2) 6. Delete the area of replication from servers containing other replicas (Section 4.4). Note that client updates accepted on the non-surviving replicas during this procedure may be lost (because they were not replicated to the surviving server). 5.16 Suspending and Resuming Replication To suspend replication of an area of replication to a specific server, an administrative client can perform a modifyRequest of the replicaSubentry, with a modification list replacing the replicaOnline attribute with the value false. Performing this request on the specified server causes the server to stop accepting or initiating replication requests for that area of replication. This procedure can also be performed on any other replica. The modifyRequest will be replicated to other servers. When a server other than that specified by the replicaSubentry receives the request the server MUST stop sending replication updates to the specified server. The unsent changes MUST be saved until the replicaOnline attribute is chnaged to true. Servers MUST continue to repond to replication updates sent from the specified server. To resume replication of an area of replication to a specific server, an administrative client can perform a modifyRequest of the replicaSubentry, with a modification list replacing the replicaOnline attribute with the value false. This request must be performed on the specified server, or it will not resume replication. This operation may also be performed on other servers. 5.17 Convert a read-only replica to an updateable replica TBD 5.18 Changing Replica URI on all servers handling an area of replication The client issues this request to the server whose address has been changed, which replicates it to the other replicas like other client updates. It may be necessary to issue the same request to other replicas, for example, when the server does not have proper replication agreements to fully replicate this change (as in consumer initiated replication). 5.19 Postpone a Replica Cycle to a Later Time TBD 5.20 Examine Replication Audit History on a Server TBD 5.21 Compare Two Replicas on Two Servers for Differences TBD 5.22 Fix an Entry Without Triggering Replication When conflicts cause entries to be put in the Lost+Found area, the administrator needs a mechanism to make appropriate changes. These Moats, et al Expires May 2002 [Page 12] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 changes should not trigger replication since they are used to fix previous replication problems. In addition, these changes may include fixes to UUIDs, CSNs, or other control data that cannot be changed using normal LDAP operations. TBD 5.23 Check Reported Schema Mismatches Discovered During Replication TBD 5.24 Adding a new directory server to a replica group and initializing the contents In this case, the client: 1. Creates the replicaContext on the new server (section 4.1) 2. Copies the base entry for the area of replication from a source to the target (section 4.5) 3. Create the entries for the new server on all servers in the replica group (section 4.6) 4. Create the entries for the existing replica group servers on the new (section 4.6) 5. Create the replication agreement on all servers (section 4.9) 6. Client issues a "Initiate Full Update" request to a full replica for the new replica -- or new replica requests consumer initiated full update 5.25 Restore from the master failure in a single-master system TBD 6 Formal Specifications The Replica Management features depend heavily on defined LDAP and LDUP structure, operations, and data formats. But some changes will be needed to accommodate Replica Management. All these changes are pulled together in this section for easy reference. 6.1 New/Modified Object Classes TBD 6.2 New/Modified Attributes TBD 6.3 New/Modified Extended Operations Trigger Replica Operation TBD Moats, et al Expires May 2002 [Page 13] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 6.4 New/Modified Replication Primitives TBD 7 Security Considerations In all cases, it is assumed that the client establishes a connection to the LDAP server and SHOULD authenticate using a recommended authentication method [RFC2829] that establishes the identity of the client user and SHOULD provide for connection integrity. In deployments where the underlying network service is vulnerable to eavesdropping and clients are intending to retrieve sensitive server credentials, the chosen method SHOULD also provide for encryption of data in transit. In general, where the client is unaware of any network level protection services, it is RECOMMENDED that the client immediately after connection establishment invoke Start TLS to establish connection integrity and confidentiality, and follow this by authentication by one of: - the "DIGEST-MD5" SASL mechanism, - the "simple" authentication choice, or - the "EXTERNAL" SASL mechanism if the client provided its certificate during TLS establishment. The client MAY determine the supported authentication mechanisms of the server from the supportedSASLMechanisms attribute of the root DSE after Start TLS has been invoked, and use this to decide whether to use DIGEST-MD5 or EXTERNAL. See [RFC2830] for more information on TLS. 8 Acknowledgements Thanks to Mark Wahl and Ed Reed for providing a lot of the initial text. This document is a product of the LDUP Working Group of the IETF. The contributions of its members are greatly appreciated. 9 References [Arch] J. Merrells, E. Reed, U. Srinvasan, "LDAP Replication Architecture", draft-ietf-ldup-model-01.txt. [InfoMod] E. Reed, "LDAP Replication Information Model", draft-ietf- ldup-infomod-00.txt [RFC2119] S. Bradner, "Key Words for Use in RFCs to Indicate Requirement Levels", RFC 2119, March 1997. [RFC2829] M. Wahl, H. Alvestrand, J. Hodges, RL Morgan, "Authentication Methods for LDAP", RFC 2829, May 2000. Moats, et al Expires May 2002 [Page 14] INTERNET DRAFT Mandatory LDAP Replica Management November 2001 [RFC2830] J. Hodges, R. Morgan, M. Wahl, "Lightweight Directory Access Protocol (v3): Extension for Transport Layer Security", RFC 2830, May 2000. Author's Addresses: Ryan Moats Lemur Networks, Inc. Email: rmoats@lemurnetworks.net Rick Huber AT&T Laboratories Email: rvh@qsun.att.com John McMeeking IBM Email: jmcmeek@us.ibm.com Full Copyright Statement Copyright (C) The Internet Society (2000). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society. Moats, et al Expires May 2002 [Page 15] From owner-ietf-ldup@mail.imc.org Tue Nov 13 14:16:46 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA13273 for ; Tue, 13 Nov 2001 14:16:46 -0500 (EST) Received: by above.proper.com (8.11.6/8.11.3) id fADHcnA29618 for ietf-ldup-bks; Tue, 13 Nov 2001 09:38:49 -0800 (PST) Received: from patan.sun.com (patan.Sun.COM [192.18.98.43]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fADHcf829609 for ; Tue, 13 Nov 2001 09:38:45 -0800 (PST) Received: from rowlf.Central.Sun.COM ([129.153.131.70]) by patan.sun.com (8.9.3+Sun/8.9.3) with ESMTP id KAA25076; Tue, 13 Nov 2001 10:38:17 -0700 (MST) Received: from sun.com (dhcp-aus07-187 [129.153.129.187]) by rowlf.Central.Sun.COM (8.10.2+Sun/8.10.2/ENSMAIL,v2.1p1) with ESMTP id fADHcXl12735; Tue, 13 Nov 2001 11:38:33 -0600 (CST) Message-ID: <3BF15936.65CD9072@sun.com> Date: Tue, 13 Nov 2001 11:32:38 -0600 From: Mark Wahl X-Mailer: Mozilla 4.77 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: john.strassner@intelliden.com, christopher.apple@unitedmessaging.com CC: roland@catalogix.se, ietf-ldup@imc.org, ietf-ldapext@netscape.com Subject: moving access control discussion to LDUP Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Content-Transfer-Encoding: 7bit It may be worthwhile to consider adding the access control standardization discussion to LDUP, as LDUP will need the replication of access control information for many of its scenarios. This activity was ongoing in LDAPEXT, but LDAPEXT is shutting down and has not reached rough consensus on access control specification. Mark Wahl Sun Microsystems Inc. From owner-ietf-ldup@mail.imc.org Tue Nov 13 14:33:07 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA14098 for ; Tue, 13 Nov 2001 14:33:06 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fADJA9N06223 for ietf-ldup-bks; Tue, 13 Nov 2001 11:10:09 -0800 (PST) Received: from tconl91223.tconl.com (tconl91223.tconl.com [204.26.91.223]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fADJA7806218 for ; Tue, 13 Nov 2001 11:10:07 -0800 (PST) Received: (from jayhawk@localhost) by tconl91223.tconl.com (8.11.0/8.11.0) id fADJ9ET01307; Tue, 13 Nov 2001 13:09:14 -0600 Date: Tue, 13 Nov 2001 13:09:14 -0600 From: Ryan Moats To: ietf-ldup@imc.org Cc: ietf-ldup@imc.org Subject: -00 of Mandatory Replica Management (and a few questions) Message-ID: <20011113130914.B1248@localhost.localdomain> References: <200108161102.HAA28184@ietf.org> <20011113125133.A1248@localhost.localdomain> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011113125133.A1248@localhost.localdomain>; from rmoats@lemurnetworks.net on Tue, Nov 13, 2001 at 12:51:33PM -0600 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Doh... lets try this with a correct subject... On Tue, Nov 13, 2001 at 12:51:33PM -0600, Ryan Moats wrote: | LDUP: | | Here's -00 of Mandatory LDAP Replica Management. Many thanks to Mark | and Ed for the initial text. A lot of this document is still TBD | (as you will see), but we wanted to get something in the repository | for SLC and we've fleshed out enough of it for us to ask the WG | for consensus on the following issues. | | 1. In Section 4.5, do we need the ability to copy (i.e. read and set) all | operational attributes as part of this operation? If so, LDAP will need | a change. | | 2. Section 4.6 currently requires that all replicaSubentries representing the | same server have the same entryUUID. How is this accomplished? | | 3. Section 5.1.1 posits some out-of-band transport for the initial copy | of the source server. Is LDIF appropriate for this transport? If so, | how do we carry replication meta-data (e.g. CSNs)? | | 4. Should the operations in section 5.12 be condensed into a single extended | operation? The rationale behind an extended operation is that this should | be a mechanical process. Having a mechanism to "replicate" this from one | server to the others: | - reduces likelihood of missing something | - allows replication framework to ensure that this information gets to | every server in the event that a server is down or so | | Enjoy | Ryan Moats (for the authors) | | | =============================cut here | | | | | Internet-Draft Ryan Moats | LDAP Duplication/Replication/Update Lemur Networks, Inc. | Protocols WG Rick Huber | Intended Category: Standard AT&T Laboratories | | Expires May 2002 John McMeeking | IBM | November 2001 | | | Mandatory LDAP Replica Management | Filename: draft-ietf-ldup-mrm-00.txt | | | Status of this Memo | | This document is an Internet-Draft and is in full conformance with all | provisions of Section 10 of RFC2026. | | Internet-Drafts are working documents of the Internet Engineering Task | Force (IETF), its areas, and its working groups. Note that other | groups may also distribute working documents as Internet-Drafts. | | Internet-Drafts are draft documents valid for a maximum of six months | and may be updated, replaced, or obsoleted by other documents at any | time. It is inappropriate to use Internet-Drafts as reference material | or to cite them other than as "work in progress." | | The list of current Internet-Drafts can be accessed at | http://www.ietf.org/ietf/lid-abstracts.txt. | | The list of Internet-Drafts Shadow Directories can be accessed at | http://www.ietf.org/shadow.html. | | Copyright Notice | | Copyright (C) The Internet Society (2000). All Rights Reserved. | | Abstract | | The goal of standards for LDAP replication is to allow interoperable | replication among products from many different vendors. Defining the | mechanism to move data among replicas is a necessary part of this work, | but management of the replicated environment must also be standardized | for replication to be truly interoperable. | | This document presents the replication management functions that must | be performed. Whenever possible, these functions are defined in terms | of existing LDAP functionality using existing LDAP operations and | existing data definitions. In some cases, changes or additions to the | existing model are requires, and specifications for these changes are | included in this document. | | | | Moats, et al Expires May 2002 [Page 1] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | document are to be interpreted as described in [RFC2119]. | | 1 Table of Contents | | | Status of this Memo...................................................1 | Abstract..............................................................1 | 1 Table of Contents ..................................................2 | 2 Introduction .......................................................3 | 3 Administrative Precursors ..........................................4 | 4 Operational "Atoms" ................................................4 | 4.1 Create replicaContext on a single server .......................5 | 4.2 Delete replicaContext from a single server .....................5 | 4.3 Add area of replication to a server ............................5 | 4.4 Delete area of replication from a server .......................6 | 4.5 Copy base of area of replication between servers ...............6 | 4.6 Create server entry in area of replication .....................6 | 4.7 Delete Server Entry for an area of replication .................7 | 4.8 Modify replica .................................................7 | 4.8.1 Change Replica Type .........................................7 | 4.8.2 Change Between Full/Partial Replica .........................7 | 4.8.3 Change Replica URI for one server for one area of replication | 7 | 4.9 Add Replication Agreement ......................................7 | 4.10 Delete Replication Agreement .................................8 | 4.11 Modify Replication Agreement .................................8 | 4.12 Suspend Replication ..........................................8 | 4.13 Resume Replication ...........................................8 | 4.14 Trigger an Immediate Replica Cycle ...........................8 | 5 Common Tasks .......................................................8 | 5.1 Add a new replica to an existing replica group .................9 | 5.1.1 Large area of replication support ...........................9 | 5.2 Set up (but do not start) replication between two servers ......9 | 5.3 Set up (but do not start) replication between a server and an | existing replica group ..............................................9 | 5.4 Verify replication information is present between two servers ..9 | 5.5 Start replication between two servers. .........................9 | 5.6 Start replication between an existing replica group and a new | server ..............................................................9 | 5.7 Temporarily Suspend all replication activity from a given server | 9 | 5.8 Halt replication on all areas of a server ......................9 | 5.9 List status of a particular area of replication on a given | server ..............................................................9 | 5.10 List all areas of replication defined on a given server and | their status .......................................................10 | 5.11 Restore a server and replication agreements after a server | crash 10 | 5.12 Split an Area of Replication ................................10 | 5.13 Move an existing area of replication to a new server ........10 | 5.14 Join two Areas of Replication ...............................10 | 5.14.1 Preconditions ............................................10 | | Moats, et al Expires May 2002 [Page 2] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | 5.14.2 Procedure ................................................10 | 5.14.3 Server requirements ......................................11 | 5.15 Stop Replicating an Area of Replication. ....................11 | 5.16 Suspending and Resuming Replication .........................12 | | 5.17 Convert a read-only replica to an updateable replica ........12 | 5.18 Changing Replica URI on all servers handling an area of | replication ........................................................12 | 5.19 Postpone a Replica Cycle to a Later Time ....................12 | 5.20 Examine Replication Audit History on a Server ...............12 | 5.21 Compare Two Replicas on Two Servers for Differences .........12 | 5.22 Fix an Entry Without Triggering Replication .................12 | 5.23 Check Reported Schema Mismatches Discovered During Replication | 13 | 5.24 Adding a new directory server to a replica group and | initializing the contents ..........................................13 | 5.25 Restore from the master failure in a single-master system ...13 | 6 Formal Specifications .............................................13 | 6.1 New/Modified Object Classes ...................................13 | 6.2 New/Modified Attributes .......................................13 | 6.3 New/Modified Extended Operations ..............................13 | 6.4 New/Modified Replication Primitives ...........................14 | 7 Security Considerations ...........................................14 | 8 Acknowledgements ..................................................14 | 9 References ........................................................14 | Author's Addresses:..................................................15 | Full Copyright Statement.............................................15 | | | | 2 Introduction | | In the LDAP replication architecture [Arch], the LDAP servers and | replication agreements between them are represented by entries in the | directory tree, as part of the replicated naming context. The LDAP | replication information model [InfoMod] describes the contents of these | entries. | | Replication management entries, such as replicaSubentries or | replication agreements, can be altered on any updateable replica. These | entries are implicitly included in the directory entries governed by | any agreement associated with this area of replication. As a result, | all servers with a replica of an area of replication will have access | to information about all other replicas of that area of replication and | associated agreements. | | The deployment and maintenance of a replicated directory network | involves the creation and management on the replicas themselves and | associated replication control information (e.g. replicationSubentries | and replication agreements). This document outlines the administrative | actions necessary to create and maintain replication agreements. | | Typically, administrative tools will guide the administrator and | facilitate these actions. | | | | Moats, et al Expires May 2002 [Page 3] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | 3 Administrative Precursors | In this document the term "administrative user" refers to an identity | that will be performing replication configuration by binding to and | invoking operations on directory servers. Most LDAP server | implementations have the concept of a superuser or power user, however | this need not be the same as the administrative user, so long as the | administrative user has been granted appropriate privileges. The | administrative user MAY be running as an autonomous process, and MUST | be capable of securely maintaining its own credentials. | | Servers SHOULD support the concept of there being multiple | administrative users, and SHOULD allow each to have distinct rights | from the others. | | Deployments SHOULD create an administrative user identity that is | granted access to all servers holding a replica of a naming context to | perform the procedures described below, in particular to read the root | DSE, the replicationContext prefix entry and all subordinate | subentries. The administrative user who will be viewing or modifying | the replication status MUST have already been provided with and | established in the directory server or servers appropriate | authentication credentials and authorization rights to retrieve | attributes and invoke DIT modification operations that are beyond the | ability of the 'average' directory user. | | Through out-of-band means one of the following will have occurred: | | 1. the administrative user and the directory server have agreed upon | a shared secret which the administrator will use to authenticate | itself, or | 2. the administrative user will have a certificate that can be | validated by the directory server. | | Note that the secret in the first case need not be held by the | directory server itself but could be maintained by an authentication | service trusted by the directory server. | | 4 Operational "Atoms" | | The following operational atoms are used to build up more complex tasks | in section 5. | | Most of these operational "atoms" make the following assumptions: | | Through prior LDAP or out-of-band means the administrative user MUST | have been granted the following access control permissions to the | directory in order to establish replication: | | -Modify the attribute 'replicaContextRoots' of the root DSE by | adding values | -Create the naming context prefix entry | | | | Moats, et al Expires May 2002 [Page 4] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | -Create subentries immediately below the naming context prefix | entry | | In several sections below, we refer to "source" and "target" servers. | The "source" server is a server that already holds a copy of the area | of replication. It may already be replicating that area with other | servers. The "target" server does not currently hold a copy of the | area of replication. The "target" is being added to the replica-group. | | Issue: Any write or modify being done to a readOnly replica requires | some thought. | | Issue: Whether each of these atoms is propagated by replication and how | it impacts the replication process. | | 4.1 Create replicaContext on a single server | | The client SHOULD invoke a ModifyRequest in which the object field is | the empty string (naming the root DSE), and the modification list | consists of a single item to add the distinguished name of the context | prefix to the attribute replicaContextRoots. If the server responds | with the resultCode attributeOrValueExists, then the value is already | there. If the server responds with a resultCode other than | attributeOrValueExists or success, then this is an error. | | 4.2 Delete replicaContext from a single server | | The client SHOULD invoke a ModifyRequest in which the object field is | the empty string (naming the root DSE), and the modifications list | consists of a single item, to delete the value of the distinguished | name of the context prefix from the attribute replicaContextRoots. If | | the server responds with the resultCode noSuchAttribute, then the value | has already been removed. If the server responds with a resultCode | other than noSuchAttribute or success, then this is an error. | | 4.3 Add area of replication to a server | | The client SHOULD invoke a ModifyRequest in which the object field is | the context prefix of the replication context, and the modification | list consists of a single item to add the value replicationContext to | the attribute objectClass. If the server responds with the resultCode | attributeOrValueExists, then the value is already there. If the server | responds with a resultCode other than attributeOrValueExists or | success, then this is an error. Should an error occur at this point, | the server is in an inconsistent state and needs to be fixed. | | After this step is completed, the server will begin storing change | information for this area of replication. | | WG ISSUE: If replicaContextRoots were an operational attribute, then it | would be possible to have the server maintain that attribute when | replicationContext is added or deleted. Without it, these steps need | | | Moats, et al Expires May 2002 [Page 5] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | to be separate LDAP protocol operations and thus it is possible to have | inconsistent states. | | 4.4 Delete area of replication from a server | | The client SHOULD invoke a ModifyRequest in which the object field is | the context prefix of the replication context, and the modification | list consists of a single item to remove the value replicationContext | to the attribute objectClass. If the server responds with the | resultCode noSuchAttribute, then the value has already been removed. | If the server responds with a resultCode other than noSuchAttribute or | success, then this is an error. | | After this step is completed, the server will no longer replicate this | area of replication. | | 4.5 Copy base of area of replication between servers | In this section, the 'target server' is the server on which the client | has just modified the root DSE. | | The client MUST separately contact another server, one that already | holds a copy of this replication context, and issue a SearchRequest on | that server in which the baseObject is the DN of the of base the area | of replication, the scope baseObject, the filter "(objectClass=*)" and | the attributes list "*". If the client cannot obtain the single entry | at this point, the procedure will fail, and the client SHOULD invoke on | the slave server a ModifyRequest in which the object field is the empty | string, and the modifications list consists of a single item, a delete | of the attribute replicaContextRoots with the value the distinguished | name of the context prefix. | | WG Issue: Do we need the ability to copy (i.e. read and set) all | operational attributes as part of this operation? If so, LDAP will need | a change. | | Now that it has the entry, the client SHOULD invoke an AddRequest on | the target server with entry set to the DN of the base of the area of | replication and attributes the same list as obtained in the previous | search. | | If the server returns a resultCode other than success, it is an error, | and the server will be in an inconsistent state. | | 4.6 Create server entry in area of replication | | Each server needs to have in its copy of the area of replication a | replicaSubentry for each of the servers involved in replicating that | area before replication can be started. These entries MUST have the | following attributes: | | 1. objectclass, with values top, ldapSubentry and replicaSubentry | 2. cn | 3. replicaURI | | Moats, et al Expires May 2002 [Page 6] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | 4. replicaType | 5. replicaOnline | | and MAY contain other attributes, as described in the Information Model | [InfoMod]. | | WG Issue: This requires that all replicaSubentries representing the | same server have the same entryUUID. How is this accomplished? | | 4.7 Delete Server Entry for an area of replication | | The client SHOULD issue a SearchRequest in which the baseObject is the | DN of the context prefix, the scope oneLevel, the filter | "(objectClass=replicaSubentries)" and the attributes list. For each | entry returned, the client SHOULD then issue a DeleteReques in which | the object field is the DN of the entry. If the server responds with | the resultCode noSuchObject, then the entry has already been removed. | If the server responds with a resultCode other than noSuchObject or | success, then this is an error. | | 4.8 Modify replica | | 4.8.1 Change Replica Type | | Note: This section covers only the simple protocol operation to change | the replica type. Section 5.17 coverts the full set of operations for | converting from a ReadOnly to an Updateable replica. | | The client SHOULD invoke a ModifyRequest in which the object field is | the replicationSubentry, and the modification list consists of a single | item to change the value of the attribute replicaType. If the server | responds with the resultCode attributeOrValueExists, then the value is | already there. If the server responds with a resultCode other than | attributeOrValueExists or success, then this is an error. | | 4.8.2 Change Between Full/Partial Replica | | TBD | | 4.8.3 Change Replica URI for one server for one area of replication | | Note: This section covers only the simple protocol operation to change | the replica type. Section 5.18 covers the full set of operations for | changing the replica URI on all servers. | | The client SHOULD invoke a ModifyRequest in which the object field is | the replicationSubentry, and the modification list consists of a single | item to change the value of the attribute replicaURI to the new value. | If the server responds with the resultCode attributeOrValueExists, then | the value is already there. If the server responds with a resultCode | other than attributeOrValueExists or success, then this is an error. | | 4.9 Add Replication Agreement | | TBD | Moats, et al Expires May 2002 [Page 7] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | 4.10 Delete Replication Agreement | | The termination of replication agreements should be done with caution | as it can easily result in a partition of the directory servers if | performed incorrectly. | | Once all replication agreements have been terminated between a server | and others for a naming context, then that copy of the context on the | server will be divergent, and any updates made there will not be | propagated to any other server. | | TBD | | 4.11 Modify Replication Agreement | | TBD | | 4.12 Suspend Replication | The client SHOULD invoke a ModifyRequest in which the object field is | the DN of the target replicationSubentry, and the modification list | consists of a single item to change the value of replicaOnline | attribute to false. If the server responds with the resultCode | attributeOrValueExists, then the value is already there. If the server | responds with a resultCode other than attributeOrValueExists or | success, then this is an error. | | 4.13 Resume Replication | The client SHOULD invoke a ModifyRequest in which the object field is | the DN of the target replicationSubentry, and the modification list | consists of a single item to change the value of replicaOnline | attribute to true. If the server responds with the resultCode | attributeOrValueExists, then the value is already there. If the server | responds with a resultCode other than attributeOrValueExists or | success, then this is an error. | | 4.14 Trigger an Immediate Replica Cycle | | TBD | | Issue: An administrative client could trigger an immediate replication | cycle by issuing a "Trigger Replication" extended operation to the | supplier server. The extended operation value specifies the DN of a | replication agreement between the supplier and target replicas, and the | type of replication session to be performed (full update or incremental | update). The replication agreement is used to specify the target | replica, connection information, and authentication information. | | 5 Common Tasks | There are many tasks that administrators need to perform in a | replicated environment. This section describes many typical tasks and | describes how they are performed in terms of the atoms defined above. | | | Moats, et al Expires May 2002 [Page 8] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | 5.1 Add a new replica to an existing replica group | | TBD | | 5.1.1 Large area of replication support | | In some cases, an area of replication is so large or available | bandwidth so small that out-of-band mechanisms (e.g. mailing a tape) | need to be used to transport the initial copy from the source to the | target. The target then needs to be updated with changes made to the | source since the copy was made. This section describes how this | situation is handled. | | Details TBD. | | WG Issue: is LDIF appropriate for this transport? If so, how do we | carry replication meta-data (e.g. CSNs)? | | 5.2 Set up (but do not start) replication between two servers | | TBD | | 5.3 Set up (but do not start) replication between a server and an | existing replica group | | TBD | | 5.4 Verify replication information is present between two servers | | TBD | | 5.5 Start replication between two servers. | | For this operation, the client SHOULD follow the steps in Section 5.2 | followed by starting replication as specified in Section 4.13. | | 5.6 Start replication between an existing replica group and a new | server | For this operation, the client SHOULD follow the steps in Section 5.3 | followed by starting replication as specified in Section 4.13. | | 5.7 Temporarily Suspend all replication activity from a given server | | TBD | | 5.8 Halt replication on all areas of a server | | TBD | | 5.9 List status of a particular area of replication on a given server | | TBD | | Moats, et al Expires May 2002 [Page 9] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | | 5.10 List all areas of replication defined on a given server and their | status | | TBD | | 5.11 Restore a server and replication agreements after a server crash | | TBD | | 5.12 Split an Area of Replication | | To split an area of replication, the atoms are: | 1. Add the subordinate area of replication to the servers' | replicaContextRoots (Section 4.1) | 2. Add the replicationContext objectclass to the root entry of the | area of replication (Section 4.3) | 3. Create replicaSubentry objects under the new area of replication | for each replica of the parent area of replication (Section 4.6) | 4. Create replicaAgreement objects (and schedules?) under the new | replicaSubentries, where agreements are created that correspond to | each agreement defined for the parent (Section 4.9). | These operations must be performed on each server containing a replica | of the parent area of replication. | | WG Issue: Extended op or not? The rationale behind an extended | operation is that this should be a mechanical process. Having a | mechanism to "replicate" this from one server to the others: | - reduces likelihood of missing something | - allows replication framework to ensure that this information gets to | every server in the event that a server is down or some other error | prevents the client from completing all of these operations. | | 5.13 Move an existing area of replication to a new server | | TBD | | 5.14 Join two Areas of Replication | | This section describes how to join two areas of replication. | | 5.14.1 Preconditions | | Before joining two areas of replication there are certain preconditions | that need to be satisfied: | 1. Any server that contains a replica of one area of replication must | also contain a replica of the other area of replication. This may | require copying either area of replication to additional servers, | or deleting either area of replication from servers. | 2. The replicas on any given server MUST be of the same type. Both | replicas must be updateable, both-readonly, or both primary. | Furthermore, if the replicas are readonly, they must both be full | replicas, or must both be fractional replicas with identical | fractional entry specifications. | | 5.14.2 Procedure | | | Moats, et al Expires May 2002 [Page 10] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | 1. On each server, delete the replicationContext objectclass value from | the subordinate area of replication (Section TBD). | | We'd like this to be replicated under the parent area of replication, | and we'd like this to have the affect of causing all not yet | replicated updates and future client changes as if they occurred | under the parent area f replication. This is going to cause problems | with respect to CSNs if there are "old" changes in the subordinate | context. Maybe we require that there be no pending updates? This is | going to be potentially ugly. | 2. Delete all replication agreements for the subordinate area of | replication | 3. Delete all replicaSubentries for the subordinate area of replication | | 5.14.3 Server requirements | | When the replicationContext objectclass is removed from the root of an | area of replication, the server MUST immediately treat entries within | the area of replication as belonging to the parent area of replication | (if there is any). This includes replicating any pending replication | updates (those not yet replicated to other replicas) as if they | occurred under the parent area of replication, as well as preserving | any Lost and Found entries. | | If a server receives a request to delete the replicationContext from an | area of replication, and there is a parent area of replication, the | Server MUST verify that these replicas are of the same type, and if | fractional, that the fractional entry specifications are identical. If | the replicas are not of the same type, the request MUST be failed with | resultCode unwillingToPerform. | | 5.15 Stop Replicating an Area of Replication. | | This section describes how to stop replicating an area of replication. | At the end of the procedure, the subtree represented by the area of | replication will exist on one server, all replication agreements will | have been deleted, and the root of the area of replication will no | longer be an area of replication. The server on which the subtree will | remain is referred to as the surviving replica. | To stop replicating an area of replication, a client with | administrative authority should perform the following operations: | | 1. Halt replication | | After halting, the client MAY optionally delete information by: | | 2. Delete all replication agreements (Section 4.10). | 3. Delete all replicaSubentries under the area of replication | (section 4.7) | 4. Issue a modifyRequest to the surviving server where the object | field is the DN of the area of replication, and the modifications | list consists of a single item, delete the attribute objectclasss | with value replicationContext. | | Moats, et al Expires May 2002 [Page 11] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | 5. Delete replicaContext from that server (Section 4.2) | 6. Delete the area of replication from servers containing other | replicas (Section 4.4). | | Note that client updates accepted on the non-surviving replicas during | this procedure may be lost (because they were not replicated to the | surviving server). | | 5.16 Suspending and Resuming Replication | | To suspend replication of an area of replication to a specific server, | an administrative client can perform a modifyRequest of the | replicaSubentry, with a modification list replacing the replicaOnline | attribute with the value false. Performing this request on the | specified server causes the server to stop accepting or initiating | replication requests for that area of replication. This procedure can | also be performed on any other replica. The modifyRequest will be | replicated to other servers. When a server other than that specified | by the replicaSubentry receives the request the server MUST stop | sending replication updates to the specified server. The unsent | changes MUST be saved until the replicaOnline attribute is chnaged to | true. Servers MUST continue to repond to replication updates sent from | the specified server. | | To resume replication of an area of replication to a specific server, | an administrative client can perform a modifyRequest of the | replicaSubentry, with a modification list replacing the replicaOnline | attribute with the value false. This request must be performed on the | specified server, or it will not resume replication. This operation | may also be performed on other servers. | | 5.17 Convert a read-only replica to an updateable replica | | TBD | | 5.18 Changing Replica URI on all servers handling an area of | replication | | The client issues this request to the server whose address has been | changed, which replicates it to the other replicas like other client | updates. It may be necessary to issue the same request to other | replicas, for example, when the server does not have proper replication | agreements to fully replicate this change (as in consumer initiated | replication). | | 5.19 Postpone a Replica Cycle to a Later Time | | TBD | | 5.20 Examine Replication Audit History on a Server | | TBD | | 5.21 Compare Two Replicas on Two Servers for Differences | | TBD | | 5.22 Fix an Entry Without Triggering Replication | | When conflicts cause entries to be put in the Lost+Found area, the | administrator needs a mechanism to make appropriate changes. These | Moats, et al Expires May 2002 [Page 12] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | changes should not trigger replication since they are used to fix | previous replication problems. In addition, these changes may include | fixes to UUIDs, CSNs, or other control data that cannot be changed | using normal LDAP operations. | | TBD | | 5.23 Check Reported Schema Mismatches Discovered During Replication | | TBD | | 5.24 Adding a new directory server to a replica group and initializing | the contents | | In this case, the client: | | 1. Creates the replicaContext on the new server (section 4.1) | 2. Copies the base entry for the area of replication from a source to | the target (section 4.5) | 3. Create the entries for the new server on all servers in the replica | group (section 4.6) | 4. Create the entries for the existing replica group servers on the new | (section 4.6) | 5. Create the replication agreement on all servers (section 4.9) | 6. Client issues a "Initiate Full Update" request to a full replica for | the new replica -- or new replica requests consumer initiated full | update | | | | 5.25 Restore from the master failure in a single-master system | | TBD | | 6 Formal Specifications | | The Replica Management features depend heavily on defined LDAP and LDUP | structure, operations, and data formats. But some changes will be | needed to accommodate Replica Management. All these changes are pulled | together in this section for easy reference. | | 6.1 New/Modified Object Classes | | TBD | | 6.2 New/Modified Attributes | | TBD | | 6.3 New/Modified Extended Operations | | Trigger Replica Operation | | TBD | | | Moats, et al Expires May 2002 [Page 13] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | | 6.4 New/Modified Replication Primitives | | TBD | | 7 Security Considerations | | In all cases, it is assumed that the client establishes a connection to | the LDAP server and SHOULD authenticate using a recommended | authentication method [RFC2829] that establishes the identity of the | client user and SHOULD provide for connection integrity. In | deployments where the underlying network service is vulnerable to | eavesdropping and clients are intending to retrieve sensitive server | credentials, the chosen method SHOULD also provide for encryption of | data in transit. | | In general, where the client is unaware of any network level protection | services, it is RECOMMENDED that the client immediately after | connection establishment invoke Start TLS to establish connection | integrity and confidentiality, and follow this by authentication by one | of: | | - the "DIGEST-MD5" SASL mechanism, | - the "simple" authentication choice, or | - the "EXTERNAL" SASL mechanism if the client provided its | certificate during TLS establishment. | | The client MAY determine the supported authentication mechanisms of the | server from the supportedSASLMechanisms attribute of the root DSE after | Start TLS has been invoked, and use this to decide whether to use | DIGEST-MD5 or EXTERNAL. See [RFC2830] for more information on TLS. | | 8 Acknowledgements | | Thanks to Mark Wahl and Ed Reed for providing a lot of the initial | text. | | This document is a product of the LDUP Working Group of the IETF. The | contributions of its members are greatly appreciated. | | 9 References | [Arch] J. Merrells, E. Reed, U. Srinvasan, "LDAP Replication | Architecture", draft-ietf-ldup-model-01.txt. | | [InfoMod] E. Reed, "LDAP Replication Information Model", draft-ietf- | ldup-infomod-00.txt | | [RFC2119] S. Bradner, "Key Words for Use in RFCs to Indicate | Requirement Levels", RFC 2119, March 1997. | | [RFC2829] M. Wahl, H. Alvestrand, J. Hodges, RL Morgan, "Authentication | Methods for LDAP", RFC 2829, May 2000. | | | | | Moats, et al Expires May 2002 [Page 14] | | | INTERNET DRAFT Mandatory LDAP Replica Management November 2001 | [RFC2830] J. Hodges, R. Morgan, M. Wahl, "Lightweight Directory Access | Protocol (v3): Extension for Transport Layer Security", RFC 2830, May | 2000. | | Author's Addresses: | | Ryan Moats | Lemur Networks, Inc. | Email: rmoats@lemurnetworks.net | | Rick Huber | AT&T Laboratories | Email: rvh@qsun.att.com | | John McMeeking | IBM | Email: jmcmeek@us.ibm.com | | Full Copyright Statement | | Copyright (C) The Internet Society (2000). All Rights Reserved. | | This document and translations of it may be copied and furnished to | others, and derivative works that comment on or otherwise explain it or | assist in its implementation may be prepared, copied, published and | distributed, in whole or in part, without restriction of any kind, | provided that the above copyright notice and this paragraph are | included on all such copies and derivative works. However, this | document itself may not be modified in any way, such as by removing the | copyright notice or references to the Internet Society or other | Internet organizations, except as needed for the purpose of developing | Internet standards in which case the procedures for copyrights defined | in the Internet Standards process must be followed, or as required to | translate it into languages other than English. | | The limited permissions granted above are perpetual and will not be | revoked by the Internet Society or its successors or assigns. | | This document and the information contained herein is provided on an | "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING | TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT | NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL | NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR | FITNESS FOR A PARTICULAR PURPOSE. | | Acknowledgement | | Funding for the RFC Editor function is currently provided by the | Internet Society. | | | | | | | | Moats, et al Expires May 2002 [Page 15] From owner-ietf-ldup@mail.imc.org Wed Nov 14 04:51:45 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA16908 for ; Wed, 14 Nov 2001 04:51:45 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fAE9XCh27324 for ietf-ldup-bks; Wed, 14 Nov 2001 01:33:12 -0800 (PST) Received: from mercury.Sun.COM (mercury.Sun.COM [192.9.25.1]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fAE9XA827310 for ; Wed, 14 Nov 2001 01:33:10 -0800 (PST) Received: from sunfra.France.Sun.COM ([129.157.188.1]) by mercury.Sun.COM (8.9.3+Sun/8.9.3) with ESMTP id BAA23140; Wed, 14 Nov 2001 01:33:00 -0800 (PST) Received: from hamble.France.Sun.COM (hamble.France.Sun.COM [129.157.192.53]) by sunfra.France.Sun.COM (8.8.8+Sun/8.8.8/ENSMAIL,v2.1p1) with ESMTP id KAA02620; Wed, 14 Nov 2001 10:32:58 +0100 (MET) Received: from sun.com (localhost [127.0.0.1]) by hamble.France.Sun.COM (8.9.3+Sun/8.9.3) with ESMTP id KAA08969; Wed, 14 Nov 2001 10:30:44 +0100 (MET) Message-ID: <3BF239C4.AB8C3B40@sun.com> Date: Wed, 14 Nov 2001 10:30:44 +0100 From: Rob Byrne - Sun Microsystems X-Mailer: Mozilla 4.7 [en] (X11; I; SunOS 5.8 sun4u) X-Accept-Language: en MIME-Version: 1.0 To: Mark Wahl CC: john.strassner@intelliden.com, christopher.apple@unitedmessaging.com, roland@catalogix.se, ietf-ldup@imc.org, ietf-ldapext@netscape.com Subject: Re: moving access control discussion to LDUP References: <3BF15936.65CD9072@sun.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Content-Transfer-Encoding: 7bit All, My own (vendor-centric) opinion on the progreess of the acl draft, is that, unfortunately, in LDAP life-time terms it is very (if not, too) late to successfully progress this to a standard. I would categorize the main problem as "entrenched vendors". Seems like everyone agrees in principle that standard access control would be a good idea but when it comes to the crunch vendors are reluctant to reinvest in developing a new access control system in their servers. So it seems the best we could do would be to preserve the work (some of which may still be useful to vendors polishing their implementations) by moving it to the experimental or informational category. I think there may also be scope for pulling some of the sections out and submitting them as independent ID's; for example the getEffectiveRights section could probably be expressed in sufficiently general terms that any vendor could support it. Perhaps the best opportunity for standard directory access acontrol will occur as/if directories evolve to integrate more with the XML world. The XML guys are currently recasting the wheel in XML terms and for example the XACML work stands a chance of success as they don't have the entrenched vendor problem. I would advise the LDUP chairs to poll the LDUP group and ensure that there is enough (preferably more than enough!) support for completing the acl draft in LDUP, before adopting it. Rob. Mark Wahl wrote: > It may be worthwhile to consider adding the access control standardization > discussion to LDUP, as LDUP will need the replication of access control > information for many of its scenarios. This activity was ongoing in LDAPEXT, > but LDAPEXT is shutting down and has not reached rough consensus on > access control specification. > > Mark Wahl > Sun Microsystems Inc. From owner-ietf-ldup@mail.imc.org Wed Nov 14 07:20:40 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA19378 for ; Wed, 14 Nov 2001 07:20:39 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fAEC2fM11727 for ietf-ldup-bks; Wed, 14 Nov 2001 04:02:41 -0800 (PST) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fAEC2e811722 for ; Wed, 14 Nov 2001 04:02:40 -0800 (PST) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA18659; Wed, 14 Nov 2001 07:02:37 -0500 (EST) Message-Id: <200111141202.HAA18659@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-ldup@imc.org From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-ldup-infomod-04.txt Date: Wed, 14 Nov 2001 07:02:37 -0500 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the LDAP Duplication/Replication/Update Protocols Working Group of the IETF. Title : LDUP Replication Information Model Author(s) : E. Reed, T. Hahn Filename : draft-ietf-ldup-infomod-04.txt Pages : 32 Date : 13-Nov-01 [LDUP Model] describes the architectural approach to replication of LDAP directory contents. This document describes the information model and schema elements which support LDAP Replication Services which conform to [LDUP Model]. Directory schema is extended to provide object classes, subentries, and attributes to describe areas of the namespace which are under common administrative authority, units of replication (ie, subtrees, or partitions of the namespace, which are replicated), servers which hold replicas of various types for the various partitions of the namespace, which namespaces are held on given servers, and the progress of various namespace management and replication operations. Among other things, this knowledge of where directory content is located will provide the basis for dynamic generation of LDAP referrals for clients who can follow them. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ldup-infomod-04.txt To remove yourself from the IETF Announcement list, send a message to ietf-announce-request with the word unsubscribe in the body of the message. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-ldup-infomod-04.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-ldup-infomod-04.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <20011113143814.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-ldup-infomod-04.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ldup-infomod-04.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <20011113143814.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-ietf-ldup@mail.imc.org Wed Nov 14 07:23:47 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA19443 for ; Wed, 14 Nov 2001 07:23:46 -0500 (EST) Received: by above.proper.com (8.11.6/8.11.3) id fAEC2ke11736 for ietf-ldup-bks; Wed, 14 Nov 2001 04:02:46 -0800 (PST) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fAEC2j811731 for ; Wed, 14 Nov 2001 04:02:45 -0800 (PST) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA18675; Wed, 14 Nov 2001 07:02:43 -0500 (EST) Message-Id: <200111141202.HAA18675@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-ldup@imc.org From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-ldup-protocol-03.txt Date: Wed, 14 Nov 2001 07:02:42 -0500 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the LDAP Duplication/Replication/Update Protocols Working Group of the IETF. Title : The LDUP Replication Update Protocol Author(s) : E. Stokes, G. Good, R. Harrison, T. Hahn Filename : draft-ietf-ldup-protocol-03.txt Pages : 19 Date : 13-Nov-01 The protocol described in this document is designed to allow one LDAP server to replicate its directory content to another LDAP server. The protocol is designed to be used in a replication configuration where multiple updateable servers are present. Provisions are made in the protocol to carry information that allows the server receiving updates to apply a total ordering to all updates in the replicated system. This total ordering allows all replicas to correctly resolve conflicts that arise when LDAP clients submit changes to different servers that later replicate to one another. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ldup-protocol-03.txt To remove yourself from the IETF Announcement list, send a message to ietf-announce-request with the word unsubscribe in the body of the message. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-ldup-protocol-03.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-ldup-protocol-03.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <20011113143834.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-ldup-protocol-03.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ldup-protocol-03.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <20011113143834.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-ietf-ldup@mail.imc.org Wed Nov 14 12:05:22 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA04113 for ; Wed, 14 Nov 2001 12:05:21 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fAEGY4103066 for ietf-ldup-bks; Wed, 14 Nov 2001 08:34:04 -0800 (PST) Received: from va2mc.ummailbox.net (va2mc.ummailbox.net [64.210.247.21]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fAEGY2803062 for ; Wed, 14 Nov 2001 08:34:02 -0800 (PST) Received: from ex04.ummail.com (ex04.ummail.com [64.210.247.105:25]) by va2mc.ummailbox.net with ESMTP id N1114-1133-3d5900; Wed, 14 Nov 2001 16:33:32 GMT Received: by ex04.ummail.com with Internet Mail Service (5.5.2650.21) id ; Wed, 14 Nov 2001 11:30:20 -0500 Message-ID: <504D6456F0C87F4C8B11FB0C2021D6F602DACF91@ex04.ummail.com> From: Christopher Apple To: "'Rob Byrne - Sun Microsystems'" , Mark Wahl Cc: john.strassner@intelliden.com, roland@catalogix.se, ietf-ldup@imc.org, ietf-ldapext@netscape.com Subject: RE: moving access control discussion to LDUP Date: Wed, 14 Nov 2001 11:30:12 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_002F_01C16CFF.92F62630" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_002F_01C16CFF.92F62630 Content-Type: multipart/mixed; boundary="----=_NextPart_001_0030_01C16CFF.92F62630" ------=_NextPart_001_0030_01C16CFF.92F62630 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Neither John nor I are wed to the idea of keeping the ACM document in exactly its present form. What the WG has clearly achieved consensus on (several times and each time the issue has been raised) is that without some baseline ACM for LDAP, LDUP has little chance of being inteoperable (at least not in a secure way) across implementations from multiple vendors. Some of the more active WG members have explicitly requested that the LDUP co-chairs consider moving the work from LDAPEXT to LDUP as LDAPEXT is closing down and concensus has not been reached on the ACM document's content. It may be that we have to specify in LDUP the minimum required ACM for LDUP to work as expected. We're just proposing that the current document be used as a starting point for discussion within the LDUP WG. Chris Apple Program Manager - Integration Services United Messaging Inc. (V) +1 610 425 2860 -----Original Message----- From: Rob Byrne - Sun Microsystems [mailto:robert.byrne@sun.com] Sent: Wednesday, November 14, 2001 4:31 AM To: Mark Wahl Cc: john.strassner@intelliden.com; christopher.apple@unitedmessaging.com; roland@catalogix.se; ietf-ldup@imc.org; ietf-ldapext@netscape.com Subject: Re: moving access control discussion to LDUP All, My own (vendor-centric) opinion on the progreess of the acl draft, is that, unfortunately, in LDAP life-time terms it is very (if not, too) late to successfully progress this to a standard. I would categorize the main problem as "entrenched vendors". Seems like everyone agrees in principle that standard access control would be a good idea but when it comes to the crunch vendors are reluctant to reinvest in developing a new access control system in their servers. So it seems the best we could do would be to preserve the work (some of which may still be useful to vendors polishing their implementations) by moving it to the experimental or informational category. I think there may also be scope for pulling some of the sections out and submitting them as independent ID's; for example the getEffectiveRights section could probably be expressed in sufficiently general terms that any vendor could support it. Perhaps the best opportunity for standard directory access acontrol will occur as/if directories evolve to integrate more with the XML world. The XML guys are currently recasting the wheel in XML terms and for example the XACML work stands a chance of success as they don't have the entrenched vendor problem. I would advise the LDUP chairs to poll the LDUP group and ensure that there is enough (preferably more than enough!) support for completing the acl draft in LDUP, before adopting it. Rob. Mark Wahl wrote: > It may be worthwhile to consider adding the access control standardization > discussion to LDUP, as LDUP will need the replication of access control > information for many of its scenarios. This activity was ongoing in LDAPEXT, > but LDAPEXT is shutting down and has not reached rough consensus on > access control specification. > > Mark Wahl > Sun Microsystems Inc. ------=_NextPart_001_0030_01C16CFF.92F62630 Content-Type: text/x-vcard; name="Christopher Apple (E-mail).vcf" Content-Disposition: attachment; filename="Christopher Apple (E-mail).vcf" Content-Transfer-Encoding: quoted-printable BEGIN:VCARD VERSION:2.1 N:Apple;Christopher FN:Christopher Apple (E-mail) ORG:UMI TITLE:Program Manager TEL;WORK;VOICE:(610) 425-2860 TEL;HOME;VOICE:(215) 873-0850 TEL;CELL;VOICE:(610) 585-4241 TEL;WORK;FAX:(610) 425-6501 ADR;WORK:;;1161 McDermott Drive;West Chester;Pa.;19380;United States of = America LABEL;WORK;ENCODING=3DQUOTED-PRINTABLE:1161 McDermott = Drive=3D0D=3D0AWest Chester, Pa. 19380=3D0D=3D0AUnited States of Amer=3D ica EMAIL;PREF;INTERNET:christopher.apple@unitedmessaging.com REV:20010925T181636Z END:VCARD ------=_NextPart_001_0030_01C16CFF.92F62630-- ------=_NextPart_000_002F_01C16CFF.92F62630 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIF5DCCAqQw ggINoAMCAQICAwXEtzANBgkqhkiG9w0BAQIFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMTAwMTIwMzQ0NFoXDTAyMTAwMTIwMzQ0NFowVzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjE0MDIGCSqGSIb3DQEJARYlY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVk bWVzc2FnaW5nLm5ldDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAskTzIWwgiwgpN1uw6lPW 18QSwRHJrA1gsUDc/BvJsjlfGmlsfKKWz1vyLR4FHrVOLY9J82K1aTOrq6ce/aQfoQ1hKGH3tDPo AqetRW/nSpM2Jp50I3BImiFUr4ddB8WdNpYQgddQNCmvRAchnS+rwzsLUccV9LuukmfWf1EhvaUC AwEAAaNCMEAwMAYDVR0RBCkwJ4ElY2hyaXN0b3BoZXIuYXBwbGVAdW5pdGVkbWVzc2FnaW5nLm5l dDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBAgUAA4GBAB2VoUyzMe1HFbQvgw5Z+UvKcG68eDAZ bE2fkCMQDvnaIeqQiMcKGx1AN6F6+JMgoKuoT60B2052mU0K/LoR5OYIIM9J3KlqYjgUNZtRu89U bz9GgtSzDWMSQm+lNOBNFV7BddVrhKBHCglHiAiYUmzO7bi/YOi96yz2R4RdX6AhMIIDODCCAqGg AwIBAgIQZkVyt8x09c9jdkWE0C6RATANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTAwMDgzMDAwMDAwMFoXDTA0MDgyNzIzNTk1OVowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEA3jMypmPHCSVFPtJueCdngcXaiBmClw7jRCmKYzUqbXA8+tyu9+50bzC8M5B/+TRxoKNtmPHD T6Jl2w36S/HW3WGl+YXNVZo1Gp2Sdagnrthy+boC9tewkd4c6avgGAOofENCUFGHgzzwObSbVIoT h/+zm51JZgAtCYnslGvpoWkCAwEAAaNOMEwwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDEtMjk3MBIGA1UdEwEB/wQIMAYBAf8CAQAwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB BAUAA4GBADGxS0dd+QFx5fVTbF151j2YwCYTYoEipxL4IpXoG0m3J3sEObr85vIk65H6vewNKjj3 UFWobPcNrUwbvAP0teuiR59sogxYjTFCCRFssBpp0SsSskBdavl50OouJd2K5PzbDR+dAvNa28o8 9kTqJmmHf0iezqWf54TYyWJirQXGMYICyDCCAsQCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYD VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0w GwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwg UlNBIDIwMDAuOC4zMAIDBcS3MAkGBSsOAwIaBQCgggGDMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0B BwEwHAYJKoZIhvcNAQkFMQ8XDTAxMTExNDE2MjkwOFowIwYJKoZIhvcNAQkEMRYEFAIdsbDvqF8h waDpUfMCmPY+IYUGMHYGCSqGSIb3DQEJDzFpMGcwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA MAcGBSsOAwIHMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAcGBSsOAwIaMAcGBSsOAwIaMAoGCCqG SIb3DQIFMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3Rl MR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1h aWwgUlNBIDIwMDAuOC4zMAIDBcS3MA0GCSqGSIb3DQEBAQUABIGATDeWb1qemL3vJL3nyAJWWdWK iOuUjlrC+SQS1LEaH+WFyl8s12HiNRZGOEWrNDTKcTxVLIWjnkuLhwez7ir/R/QaY1IDJoA/3Zj3 vuVxpfPUdFVqc5We/8Dxww1tTwyVgMmabLXzCeRX7hEsUymFfuW2ynBX7/PMxLhTkA86p3IAAAAA AAA= ------=_NextPart_000_002F_01C16CFF.92F62630-- From owner-ietf-ldup@mail.imc.org Wed Nov 14 17:23:22 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA19454 for ; Wed, 14 Nov 2001 17:23:21 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fAELsl925929 for ietf-ldup-bks; Wed, 14 Nov 2001 13:54:47 -0800 (PST) Received: from pretender.boolean.net (root@router.boolean.net [198.144.206.49]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fAELsk825924 for ; Wed, 14 Nov 2001 13:54:46 -0800 (PST) Received: from nomad.OpenLDAP.org (root@localhost [127.0.0.1]) by pretender.boolean.net (8.11.3/8.11.1/Boolean/Hub) with ESMTP id fAELxfC34184; Wed, 14 Nov 2001 21:59:41 GMT (envelope-from Kurt@OpenLDAP.org) Message-Id: <5.1.0.14.0.20011114134304.016f4740@127.0.0.1> X-Sender: kurt@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Wed, 14 Nov 2001 13:53:14 -0800 To: Christopher Apple From: "Kurt D. Zeilenga" Subject: RE: moving access control discussion to LDUP Cc: "'Rob Byrne - Sun Microsystems'" , Mark Wahl , john.strassner@intelliden.com, roland@catalogix.se, ietf-ldup@imc.org In-Reply-To: <504D6456F0C87F4C8B11FB0C2021D6F602DACF91@ex04.ummail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Please note that I feel the LDUP WG should not undertake the LDAP ACM work or any other new work. The LDUP WG needs to narrow its focus and trim its workload if it is ever to successfully conclude. And also I ask that the charter be clarified as to the extent of work this WG is undertaking (or intends to undertake). In particular, the charter should state whether or not the group intends to: 1) Update LDAPv3 "core" specification (including its normative references), 2) Define an ACM for LDAPv3, and/or 3) Define an authentication identity to authorization identity mapping scheme. (Note that the mapping scheme is needed for an ACM to provide any reasonable level of consistent access to client entities in a replicated environment.) Kurt From owner-ietf-ldup@mail.imc.org Wed Nov 14 17:27:05 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA19535 for ; Wed, 14 Nov 2001 17:27:05 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fAEM5wh27118 for ietf-ldup-bks; Wed, 14 Nov 2001 14:05:58 -0800 (PST) Received: from cosds003.continuumnetworks.com ([12.41.184.243]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fAEM5v827113 for ; Wed, 14 Nov 2001 14:05:57 -0800 (PST) Received: from FARILJCS ([12.41.186.49]) by cosds003.continuumnetworks.com (Netscape Messaging Server 4.15) with SMTP id GMT9D900.G6A; Wed, 14 Nov 2001 15:05:33 -0700 Reply-To: From: "John Strassner" To: "Kurt D. Zeilenga" , "Christopher Apple" Cc: "'Rob Byrne - Sun Microsystems'" , "Mark Wahl" , , Subject: RE: moving access control discussion to LDUP Date: Wed, 14 Nov 2001 15:05:39 -0700 Message-ID: MIME-Version: 1.0 X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal In-Reply-To: <5.1.0.14.0.20011114134304.016f4740@127.0.0.1> Content-Type: multipart/signed; boundary="----=_NextPart_000_01EA_01C16D1D.D2920A70"; micalg=SHA1; protocol="application/x-pkcs7-signature" X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: This is a multi-part message in MIME format. ------=_NextPart_000_01EA_01C16D1D.D2920A70 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit So how will the protocol be able to interoperate without a common ACM? thanks, John -----Original Message----- From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org] Sent: Wednesday, November 14, 2001 2:53 PM To: Christopher Apple Cc: 'Rob Byrne - Sun Microsystems'; Mark Wahl; john.strassner@intelliden.com; roland@catalogix.se; ietf-ldup@imc.org Subject: RE: moving access control discussion to LDUP Please note that I feel the LDUP WG should not undertake the LDAP ACM work or any other new work. The LDUP WG needs to narrow its focus and trim its workload if it is ever to successfully conclude. And also I ask that the charter be clarified as to the extent of work this WG is undertaking (or intends to undertake). In particular, the charter should state whether or not the group intends to: 1) Update LDAPv3 "core" specification (including its normative references), 2) Define an ACM for LDAPv3, and/or 3) Define an authentication identity to authorization identity mapping scheme. (Note that the mapping scheme is needed for an ACM to provide any reasonable level of consistent access to client entities in a replicated environment.) Kurt ------=_NextPart_000_01EA_01C16D1D.D2920A70 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Disposition: attachment; filename="smime.p7s" Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII9jCCApQw ggH9oAMCAQICAwSkbzANBgkqhkiG9w0BAQQFADCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdl c3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsT FENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAw MC44LjMwMB4XDTAxMDQxOTE5MjY0NFoXDTAyMDQxOTE5MjY0NFowTzEfMB0GA1UEAxMWVGhhd3Rl IEZyZWVtYWlsIE1lbWJlcjEsMCoGCSqGSIb3DQEJARYdam9obi5zdHJhc3NuZXJAaW50ZWxsaWRl bi5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKOQF9xvr2IzkspSZ5NHATzu64yNJl1D NVVu08Upy0q/Dvfm0/dWVRc/sg09Tr1seHcVLIjAlY6QWFJsPf5tuglzSuMPy+6bGj/mI3KSXpte dhD5o33qc0oBnIOyn+PuqW7fpWjIJwM2MNCLr7gG1IjrchggMput4b5jq2M3zXxJAgMBAAGjOjA4 MCgGA1UdEQQhMB+BHWpvaG4uc3RyYXNzbmVyQGludGVsbGlkZW4uY29tMAwGA1UdEwEB/wQCMAAw DQYJKoZIhvcNAQEEBQADgYEAtHVVEjLYbfAxqW9D1GxSpZYh7kWX/em+JcgXrxFom6kU3wgCrluP F0Ce97vS4VX/TTs9x9b9YUONsEi8kqN5XLY3995FwnFgT+s2ZVljKNFoCgk4COQJ3OS2l/bZWFRc xgR4auC8sLZmE2oxtOm1cigZMhbT8ZnKvWuBN/8q2tUwggMpMIICkqADAgECAgEMMA0GCSqGSIb3 DQEBBAUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlD YXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0 aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwg Q0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wHhcNMDAwODMw MDAwMDAwWhcNMDIwODI5MjM1OTU5WjCBkjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4g Q2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMQ8wDQYDVQQKEwZUaGF3dGUxHTAbBgNVBAsTFENlcnRp ZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25hbCBGcmVlbWFpbCBSU0EgMjAwMC44LjMw MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMzKmY8cJJUU+0m54J2eBxdqIGYKXDuNEKYpj NSptcDz63K737nRvMLwzkH/5NHGgo22Y8cNPomXbDfpL8dbdYaX5hc1VmjUanZJ1qCeu2HL5ugL2 17CR3hzpq+AYA6h8Q0JQUYeDPPA5tJtUihOH/7ObnUlmAC0JieyUa+mhaQIDAQABo04wTDApBgNV HREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMS0yOTcwEgYDVR0TAQH/BAgwBgEB/wIB ADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEEBQADgYEAcxtvJmWL/xU0S1liiu1EvknH6A27j7kN aiYqYoQfuIdjdBxtt88aU5FL4c3mONntUPQ6bDSSrOaSnG7BIwHCCafvS65y3QZn9VBvLli4tgvB UFe17BzX7xe21Yibt6KIGu05Wzl9NPy2lhglTWr0ncXDkS+plrgFPFL83eliA0gwggMtMIIClqAD AgECAgEAMA0GCSqGSIb3DQEBBAUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBD YXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYD VQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVy c29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0 ZS5jb20wHhcNOTYwMTAxMDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCB0TELMAkGA1UEBhMCWkExFTAT BgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUg Q29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIG A1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25h bC1mcmVlbWFpbEB0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDUadfUsJRk W3HpR9gMUbbqcpGwhF59LQ2PexLfhSV1KHQ6QixjJ5+Ve0vvfhmHHYbqo925zpZkGsIUbkSsfOaP 6E0PcR9AOKYAo4d49vmUhl6t6sBeduvZFKNdbnp8DKVLVX8GGSl/npom1Wq7OCQIapjHsdqjmJH9 edvlWsQcuQIDAQABoxMwETAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBAUAA4GBAMfskn5O +PWWpWdiKqTwTRFg0G+NYFhhrCa7UjVcCM8w+6hKloofYkIjjBcP9LpknBesRynfnZhe0mxgcVyi rNx54+duAEcftQ0o6AKd5Jr9E/Sm2Xyx+NxfIyYJkYBz0BQb3kOpgyXy5pwvFcr+pquKB3WLDN1R hGvk+NHOd6KBMYICqjCCAqYCAQEwgZowgZIxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJu IENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0 aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4z MAIDBKRvMAkGBSsOAwIaBQCgggFlMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcN AQkFMQ8XDTAxMTExNDIyMDUzOVowIwYJKoZIhvcNAQkEMRYEFLCN/FED6ffpG/QGlo1PpOK18uC8 MFgGCSqGSIb3DQEJDzFLMEkwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMAcGBSsOAwIHMA0G CCqGSIb3DQMCAgEoMAcGBSsOAwIaMAoGCCqGSIb3DQIFMIGrBgkrBgEEAYI3EAQxgZ0wgZowgZIx CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEP MA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDIwMDAuOC4zMAIDBKRvMA0GCSqGSIb3DQEBAQUABIGAo3YS QMA38SrZYIJ+a43pgwO/ZZF6Avst/Qdc9JPoSbYpOQ5mDR6IbksCS56xXFoFcaJyaajOgVf5q2xc ekPrTPJbZC1tx+DlV91lhHFNGERzTZVvptd1Oj3YlmjUo6hY7WpHva/wUVl3S3vptIlM0xfC+1OJ cha2e4Gpj5NFzksAAAAAAAA= ------=_NextPart_000_01EA_01C16D1D.D2920A70-- From owner-ietf-ldup@mail.imc.org Wed Nov 14 18:34:21 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA21482 for ; Wed, 14 Nov 2001 18:34:20 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fAENF5N04778 for ietf-ldup-bks; Wed, 14 Nov 2001 15:15:05 -0800 (PST) Received: from pretender.boolean.net (root@router.boolean.net [198.144.206.49]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fAENF4804774 for ; Wed, 14 Nov 2001 15:15:04 -0800 (PST) Received: from nomad.OpenLDAP.org (root@localhost [127.0.0.1]) by pretender.boolean.net (8.11.3/8.11.1/Boolean/Hub) with ESMTP id fAENK4C34466; Wed, 14 Nov 2001 23:20:04 GMT (envelope-from Kurt@OpenLDAP.org) Message-Id: <5.1.0.14.0.20011114140834.016a3568@127.0.0.1> X-Sender: kurt@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Wed, 14 Nov 2001 15:14:30 -0800 To: From: "Kurt D. Zeilenga" Subject: RE: moving access control discussion to LDUP Cc: "Christopher Apple" , "'Rob Byrne - Sun Microsystems'" , "Mark Wahl" , , In-Reply-To: References: <5.1.0.14.0.20011114134304.016f4740@127.0.0.1> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: At 02:05 PM 2001-11-14, John Strassner wrote: >So how will the protocol be able to interoperate without a common ACM? At the level of interoperability this WG is attempting to achieve, it cannot. But then, this WG will needs much more than a common ACM to provide the level of interoperability it is attempting to achieve. IMO, the WG as bitten off more that it can chew and bitting off more will only cause the WG to choke. So, I wonder, what is beyond scope of this working group? Kurt From owner-ietf-ldup@mail.imc.org Thu Nov 15 07:31:58 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA19685 for ; Thu, 15 Nov 2001 07:31:57 -0500 (EST) Received: by above.proper.com (8.11.6/8.11.3) id fAFC6vI22986 for ietf-ldup-bks; Thu, 15 Nov 2001 04:06:57 -0800 (PST) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fAFC6s822982 for ; Thu, 15 Nov 2001 04:06:54 -0800 (PST) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA18779; Thu, 15 Nov 2001 07:06:53 -0500 (EST) Message-Id: <200111151206.HAA18779@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-ldup@imc.org From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-ldup-mrm-00.txt Date: Thu, 15 Nov 2001 07:06:52 -0500 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the LDAP Duplication/Replication/Update Protocols Working Group of the IETF. Title : Mandatory LDAP Replica Management Author(s) : R. Moats, R. Huber, J. McMeeking Filename : draft-ietf-ldup-mrm-00.txt Pages : 15 Date : 14-Nov-01 The goal of standards for LDAP replication is to allow interoperable replication among products from many different vendors. Defining the mechanism to move data among replicas is a necessary part of this work, but management of the replicated environment must also be standardized for replication to be truly interoperable. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ldup-mrm-00.txt To remove yourself from the IETF Announcement list, send a message to ietf-announce-request with the word unsubscribe in the body of the message. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-ldup-mrm-00.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-ldup-mrm-00.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <20011114151117.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-ldup-mrm-00.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ldup-mrm-00.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <20011114151117.I-D@ietf.org> --OtherAccess-- --NextPart-- From owner-ietf-ldup@mail.imc.org Thu Nov 15 09:36:32 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id JAA25313 for ; Thu, 15 Nov 2001 09:36:31 -0500 (EST) Received: by above.proper.com (8.11.6/8.11.3) id fAFEG4C29958 for ietf-ldup-bks; Thu, 15 Nov 2001 06:16:04 -0800 (PST) Received: from hotmail.com (f233.law9.hotmail.com [64.4.9.233]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fAFEFx829941 for ; Thu, 15 Nov 2001 06:16:03 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 15 Nov 2001 06:15:47 -0800 Received: from 65.14.159.170 by lw9fd.law9.hotmail.msn.com with HTTP; Thu, 15 Nov 2001 14:15:47 GMT X-Originating-IP: [65.14.159.170] From: "Chris Apple" To: ietf-ldup@imc.org, ietf-ldapbis@OpenLDAP.org, ietf-ldapext@netscape.com Cc: paf@cisco.com, john.strassner@intelliden.com, ned.freed@mrochek.com, scoya@ietf.org Subject: e-mail address change Date: Thu, 15 Nov 2001 09:15:47 -0500 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 15 Nov 2001 14:15:47.0662 (UTC) FILETIME=[0591AEE0:01C16DE0] Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: My e-mail address has changed again. I have requested of my former employer to have e-mail addressed to: christopher.apple@unitedmessaging.com forwarded to: imcapple@hotmail.com However, until further notice, please use imcapple@hotmail.com for all IETF (and other) communications. Chris Apple Currently thinking from Olde City, Philadelphia about what life means... _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp From owner-ietf-ldup@mail.imc.org Thu Nov 15 11:08:48 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA00331 for ; Thu, 15 Nov 2001 11:08:47 -0500 (EST) Received: by above.proper.com (8.11.6/8.11.3) id fAFFfri04659 for ietf-ldup-bks; Thu, 15 Nov 2001 07:41:53 -0800 (PST) Received: from ssymexc.anassoc.com (anai.dslwan.toad.net [162.33.140.194]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fAFFfp804655 for ; Thu, 15 Nov 2001 07:41:51 -0800 (PST) X-MimeOLE: Produced By Microsoft Exchange V6.0.4417.0 content-class: urn:content-classes:message Subject: RE: moving access control discussion to LDUP MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Date: Thu, 15 Nov 2001 10:41:52 -0500 Message-ID: Thread-Topic: moving access control discussion to LDUP Thread-Index: AcFtZ8nsWG5sDF0wQNOCIuCl7+XCQQAfXodA From: "Matt Hirsch" To: "Kurt D. Zeilenga" , Cc: "Christopher Apple" , "Rob Byrne - Sun Microsystems" , "Mark Wahl" , , , "Roddy A. Sue (E-mail)" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by above.proper.com id fAFFfq804656 Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Content-Transfer-Encoding: 8bit Hi all, Typing on a government machine, I agree with Chris Apple. We need to continue development of the AC draft. In my mind this document should serve as the foundation for establishing security in managing, controlling access to, and replicating information in the LDAP world. It is obvious that LDAP is the directory access protocol of choice (at least today and most likely for the next few years). The Government, in it's continuing drive to remain vendor independent and in compliance with commercial standards, is extremely interested in continuing to develop the Access Control LDAP standards and will most likely be able to contribute to the furtherance of this early next year with the award of a rather large contract that is geared towards standards development. My vote (speaking for the NSA V51) is that we continue to develop the Access Control Model for LDAP V3 in either the LDUP WG or in a revived LDAP EXT WG tiger team and finish the draft to a RFC state. At this point, it could be turned over to the LDUP WG. Regards, Matt Hirsch A&N Associates Inc. Management & Technology Consulting 410-772-5060 ext 22 -----Original Message----- From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org] Sent: Wednesday, November 14, 2001 6:15 PM To: john.strassner@intelliden.com Cc: Christopher Apple; 'Rob Byrne - Sun Microsystems'; Mark Wahl; roland@catalogix.se; ietf-ldup@imc.org Subject: RE: moving access control discussion to LDUP At 02:05 PM 2001-11-14, John Strassner wrote: >So how will the protocol be able to interoperate without a common ACM? At the level of interoperability this WG is attempting to achieve, it cannot. But then, this WG will needs much more than a common ACM to provide the level of interoperability it is attempting to achieve. IMO, the WG as bitten off more that it can chew and bitting off more will only cause the WG to choke. So, I wonder, what is beyond scope of this working group? Kurt From owner-ietf-ldup@mail.imc.org Thu Nov 15 12:44:30 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA07155 for ; Thu, 15 Nov 2001 12:44:29 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fAFHOds14091 for ietf-ldup-bks; Thu, 15 Nov 2001 09:24:39 -0800 (PST) Received: from interlock2.lexmark.com (interlock2.lexmark.com [192.146.101.10]) by above.proper.com (8.11.6/8.11.3) with SMTP id fAFHOc814087 for ; Thu, 15 Nov 2001 09:24:38 -0800 (PST) Received: by interlock2.lexmark.com id MAA21523 (InterLock SMTP Gateway 4.2 for ietf-ldup@imc.org); Thu, 15 Nov 2001 12:22:52 -0500 Message-Id: <200111151722.MAA21523@interlock2.lexmark.com> Received: by interlock2.lexmark.com (Protected-side Proxy Mail Agent-1); Thu, 15 Nov 2001 12:22:52 -0500 X-Lotus-Fromdomain: LEXMARK@LEXMTA From: dsweigar@lexmark.com To: "Kurt D. Zeilenga" , john.strassner@intelliden.com, "Christopher Apple" , "Rob Byrne - Sun Microsystems" , "Mark Wahl" , roland@catalogix.se, ietf-ldup@imc.org, "Roddy A. Sue (E-mail)" , dsweigar@lexmark.com Date: Thu, 15 Nov 2001 12:22:34 -0500 Subject: LDAP/X.500 directories vs. IBM's SecureWAy with a DB2 back-end. Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Team: I am curious if anyone in the group as researched a comparison of LDAP/X.500 directories vs. IBM's SecureWAy with a DB2 back-end. I wonder if anyone would want to comment on this comparison ? Dave From owner-ietf-ldup@mail.imc.org Thu Nov 15 12:57:34 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA08087 for ; Thu, 15 Nov 2001 12:57:33 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fAFHfpj14490 for ietf-ldup-bks; Thu, 15 Nov 2001 09:41:51 -0800 (PST) Received: from patan.sun.com (patan.Sun.COM [192.18.98.43]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fAFHfm814486 for ; Thu, 15 Nov 2001 09:41:48 -0800 (PST) Received: from rowlf.Central.Sun.COM ([129.153.131.70]) by patan.sun.com (8.9.3+Sun/8.9.3) with ESMTP id KAA00408; Thu, 15 Nov 2001 10:41:27 -0700 (MST) Received: from sun.com (dhcp-aus07-187 [129.153.129.187]) by rowlf.Central.Sun.COM (8.10.2+Sun/8.10.2/ENSMAIL,v2.1p1) with ESMTP id fAFHfgl24852; Thu, 15 Nov 2001 11:41:42 -0600 (CST) Message-ID: <3BF3FCDD.6CA90CEF@sun.com> Date: Thu, 15 Nov 2001 11:35:25 -0600 From: Mark Wahl X-Mailer: Mozilla 4.77 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: dsweigar@lexmark.com CC: "Kurt D. Zeilenga" , john.strassner@intelliden.com, Christopher Apple , Rob Byrne - Sun Microsystems , roland@catalogix.se, ietf-ldup@imc.org, "Roddy A. Sue (E-mail)" Subject: Re: LDAP/X.500 directories vs. IBM's SecureWAy with a DB2 back-end. References: <200111151722.MAA21523@interlock2.lexmark.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: Content-Transfer-Encoding: 7bit dsweigar@lexmark.com wrote: > > I am curious if anyone in the group as researched a comparison of > LDAP/X.500 directories vs. IBM's SecureWAy with a DB2 back-end. A "vs" of particular implementations is not in the scope of a standards working group. I would recommend that you consider instead contacting industry analysts or directory consultants that compare different LDAP implementations. The Burton Group is one such organization. Mark Wahl Sun Microsystems Inc. From owner-ietf-ldup@mail.imc.org Thu Nov 15 14:30:32 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA13991 for ; Thu, 15 Nov 2001 14:30:31 -0500 (EST) Received: from localhost (localhost [[UNIX: localhost]]) by above.proper.com (8.11.6/8.11.3) id fAFJDx920094 for ietf-ldup-bks; Thu, 15 Nov 2001 11:13:59 -0800 (PST) Received: from metainc2.metagroup.com ([63.122.26.75]) by above.proper.com (8.11.6/8.11.3) with ESMTP id fAFJDs820090 for ; Thu, 15 Nov 2001 11:13:55 -0800 (PST) Subject: Re: LDAP/X.500 directories vs. IBM's SecureWAy with a DB2 back-end. To: Mark Wahl Cc: Christopher Apple , dsweigar@lexmark.com, ietf-ldup@imc.org, john.strassner@intelliden.com, "Kurt D. Zeilenga" , owner-ietf-ldup@mail.imc.org, Rob Byrne - Sun Microsystems , roland@catalogix.se, "Roddy A. Sue (E-mail)" X-Mailer: Lotus Notes Release 5.0.4 June 8, 2000 Message-ID: From: Earl.Perkins@metagroup.com Date: Thu, 15 Nov 2001 13:50:14 -0500 X-MIMETrack: Serialize by Router on METAINC2/META Group(Release 5.0.8 |June 18, 2001) at 11/15/2001 02:07:02 PM MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii Sender: owner-ietf-ldup@mail.imc.org Precedence: bulk List-Archive: List-ID: List-Unsubscribe: I monitor this thread and work for META Group, a competing firm to Burton. I cover this space at META Group. If you would like a perspective, let me know. Earl Perkins Sr. Program Director, Global Networking Strategies META Group, Inc. 330 Morgan St, Unit 606, New Orleans, LA 70114, USA Phone: 504.362.0291 Mark Wahl cc: "Kurt D. Zeilenga" , Sent by: john.strassner@intelliden.com, Christopher Apple owner-ietf-ldup@ma , Rob Byrne - Sun Microsystems il.imc.org , roland@catalogix.se, ietf-ldup@imc.org, "Roddy A. Sue (E-mail)" Subject: Re: LDAP/X.500 directories vs. IBM's SecureWAy with a DB2 11/15/2001 12:35 back-end. PM dsweigar@lexmark.com wrote: > > I am curious if anyone in the group as researched a comparison of > LDAP/X.500 directories vs. IBM's SecureWAy with a DB2 back-end. A "vs" of particular implementations is not in the scope of a standards working group. I would recommend that you consider instead contacting industry analysts or directory consultants that compare different LDAP implementations. The Burton Group is one such organization. Mark Wahl Sun Microsystems Inc. ---------------------------------------------------------------- Register Today! "Scaling the Peaks of CIO Performance: IT Excellence and Business Transformation" META Group's Executive Directions Forum December 3-4, 2001 Marriott's Camelback Inn Resort, Golf Club & Spa; Scottsdale, AZ http://www.metagroup.com/ed2001 ---------------------------------------------------------------/ From owner-ietf-ldup@mail.imc.org Thu Nov 15 14:54:59 2001 Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA15660 for