Re: DBIS - new IETF drafts
Mark R Bannister <dbis <at> proseconsulting.co.uk>
2014-01-10 14:13:15 GMT
On 09/01/2014 18:03, Simo wrote:
> On Thu, 2014-01-09 at 16:48 +0100, Michael Ströder wrote:
>> Mark R Bannister wrote:
>>> Yes as you'll see from my recent reply to Simo, the case sensitivity issue was
>>> one of the problems I faced at a large installation,
>> This could be easily solved with RFC2307bis. Or not?
>> In my deployments I simply define additional (OpenLDAP) constraints for those
>> attributes (e.g. to enforce lower-case 'uid' values).
>> IMHO only re-defining the matching rules does not fully solve the case problem
>> anyway. Restricting to lower-case attribute values helps better.
> I'd go beyond this, supporting case-sensitive user names is actively
> harmful for various reasons.
UNIX is traditionally case sensitive. I am currently working at a large
installation where there is an important distinction between lower-case
and upper-case user names. This debate isn't just about user names
anyway. There are loads of NIS fields that were case sensitive, and
UNIX isn't going to change. They will always be case sensitive. So
trying to represent them in case insensitive fields is just, well, wrong.
> - Assuming users (and admins) should be able to distinguish based on
> case is wrong, we naturally consider the strings 'Admin' and 'admin' to
> be the same thing.
If you're used to Microsoft Windows, yes. DBIS is not aimed at Microsoft.
> - Some systems are case-preserving (meaning they'll show you back the