On Thursday 03 June 2004 19:01, Douglas Gray Stephens wrote: > > Since you're sending junk to the servers, the server's *should* be > > rejecting your modify operations. That they're not is a defect in each > > of the servers, and you can't really expect any sort of sane behaviour > > from them. > > So iPlanet 5.1HF2, SunOne 5.2HF1, and one of my Innosoft servers all > correctly updated the record. One of the Innosoft servers had a > problem, but NONE of the server rejected the request.
Rejecting illegal updates depends on the servers ability to check the syntax of the attributes updated. Although this is possible since certificate attributes in LDAP have a standard syntax it might have proven quite complex so that the vendors did not implement it. Maybe some of the servers (presumably the older ones) even use another syntax that makes it impossible for them to distinguish a correct certificate from a bunch of bytes. Peter -- Peter Marschall eMail: [EMAIL PROTECTED]
