--On Monday, June 6, 2022 10:29 AM +0200 Felix Schäfer
<[email protected]> wrote:
Hi,
Am 06.06.2022 um 06:06 schrieb Lucio De Re <[email protected]>:
So I disagree with Felix that this is a show stopper and recommend
staying within the boundaries of the standards as far as possible,
preferably encouraging others to do the same.
Again, my point isn't to say that one or the other approach is better
or even that dynlist should adhere to whatever memberof did. However
propping up dynlist to be a drop-in replacement for memberof, which it
clearly is not, and especially without caveats attached to that claim, is
at least dangerous for whomever might switch later and not pay as much
attention, if not disingenuous.
If someone wrote code depending on memberOf to always maintain case with
non-case sensitive attributes than their client was broken to begin with,
as that was never a guarantee. I.e., the behavior of slapo-memberof could
change at any time. So your starting position is invalid since it's based
on incorrect assumptions.
slapo-dynlist is a functional replacement for the slapo-memberof that keeps
the actual guarantees around the LDAP RFCs. Hope that helps.
--Quanah
