On 27.6.2014 15:18, Simo Sorce wrote:
On Fri, 2014-06-27 at 13:23 +0200, Martin Kosek wrote:
It seems to me that we are being inconsistent with regards to our FreeIPA
version and the schema files.
We now have 60basev2.ldif containing FreeIPA 2.x schema, 60basev3.ldif
containing FreeIPA 3.x schema. However, we now also added FreeIPA 4.x schema to
60basev3.ldif which seems as an inconsistency to me.
Should we simply create 60basev4.ldif and move the new schema (mostly
permissionsv2 related) there?
If you think it make sense go ahead and do it. I think we kept
everything in the same file because at some point we changed (by adding
MAY attributes) older objectclasses and these modifications were made
before we decided to change version numbers to 4.0, but I find this
mostly cosmetic so I do not really care one way or the other.
I am wondering that in that case we may also
think about making a new OID space for v4 schema as current one is defined as
## Attributes: 2.16.840.1.1137220.127.116.11 - V3 base attributres
## ObjectClasses: 2.16.840.1.113718.104.22.168 - V3 base objectclasses
If we ever want to fix the OID space, now is the right time, it won't be
possible after release. Alternatively, we could also define
2.16.840.1.113722.214.171.124 and 2.16.840.1.1137126.96.36.199 as "V3+" space.
I do not think it makes any sense to change OID space now.
Feel free to mark the space as V3+
I agree with Simo as I personally don't see a reason to separate things by
Separation by purpose seems more useful to me. (We already do that - DNS, OTP,
PKCS#11 are in separate OID sub-trees.)
Freeipa-devel mailing list