FINAL Summary and Meeting Minutes LDUP Working Group Meeting 50th IETF, Minneapolis Minutes recorded by John Strassner, March 19, 2000 The agenda was presented by John, and no adjustments were made. Discussion of Changes Made to Requirements I-D draft-ietf-ldup-replica-req-07 The discussion was led by one of the co-authors, Rick Huber. A summary of the changes made in response to Last Call comments was presented. The key points are as follows: - interoperability paragraph was rewritten and clarified - replaced the term "naming context" with the term "replication base entry" - replaced the term "replica ring" with the term "replica group" - deprecated the term "updateable replicas" - clarified model 1 and multi-master atomicity - requirements G9-G11 were added to cover what needs to be replicated at the attribute level - M3 was reworded for clarity - requirement P2 was split into two requirements, P2 and P3, and all subsequent P requirements were renumbered - moved (the old) P7 to G8 since it is not limited to protocol - rewrote P6 (now P7) to explicitly require propagation of atomicity of LDAP operations as defined in 2251 - explicitly noted (ongoing) ACL work in the security section - made text in section A.10 self-consistent - changed text in B.5.5 to clarify the term "at the same time" Questions: -Ellen asked about other documents that need to be brought in line. Will be tabled until later in the meeting -A question of why "updateable replica" was deprecated. It comes from Kurt's mail. -Point that P7 moving to G8 makes G2 and G8 copies of each other; authors to address this in the next revision of the requirements draft Rich then presented items that were deferred. The key points were: - external locking will be addressed in the profiles I-D - clarified that the term "area of replication" is equivalent to X.525's term "replicated area" Question: -Point about "area of replication" and X.525 "replicated area" brought the comment from Ed that the only requirement for LDUP is to define the contiguous sub-tree. Kurt wants a note that LDUP protocol may define it own administrative model. Request that the area of replication is a subset of X.500 and that the administrative model...authors seemed to agree Next steps: The authors will issue a new draft (-08) ASAP and are requesting another WG last call. John urged all members to *please* get their comments in this week or as soon as the document was issued so that the authors would have time to address any additional comments before doing another last call. Kurt wanted to know if this is really necessary? John responded yes, because technical changes have been made. John asked the meeting participants if anyone had any objections to the requirements draft going to last call, and there were no objections. Kurt said that he would look at the security section. ================================================ Discussion of Usage Profile I-D draft-ietf-ldup-usage-profile-00.txt The discussion was led by Rick Huber, one of the co-authors of the draft. Rick gave an overview of the -00 draft. Its scope is to discuss the design and development issues that may arise due to using replication in directory deployments. The document will discuss both single- and multi-master scenarios. The authors encourage any application-specific profiles to be added. Next steps would be to add a discussion of external locking from the requirements draft, and to discuss different ways to preserve atomicity across replication. The authors wanted to know whether the target track for this draft should be informational or BCP. The sense of the room was that this should be an informational track document, as there isn't a set of standards from which to recommend best current practices. John noted that this draft contains multi-master and master-slave profiles, so the charter needs correction. John further noted that this is a working, living draft, and not ready for last call any time soon. John urged everyone to read the draft and submit comments asap, in order to help the authors develop the next version of the draft. =========================================================== Discussion of Changes Made to Architecture Document draft-ietf-ldup-model-06.txt This discussion was led by Ed Reed, one of the authors of the draft. The authors think that it is ready for WG Last Call. This version is based largely on the comments made by Tim Hahn. The discussion of policy inheritance was removed from the document and placed into a new I-D. The one outstanding item that the authors know needs to be removed is to drop a reference to search filter visibility of subentries. Question from the floor - how well does this version correlate with the requirements document? A lengthy discussion then ensued. However, one of the major questions that arose was, what happened with operations that cross replication boundaries? How should they be handled? The answer lies in the direction of a distributed directory, but LDAP doesn't yet have a truly distributed model. LDAP Subentry can help. Problem with deleting superiors that have subordinate reference - you either delete the subordinate, move it to Lost+Found, or say that the operation is not allowed because it has children. But this last option is NOT currently in LDAP. More general question is, how do you take two portions of the namespace, where the superior and the subordinate are in different partitions? Note that you have DSE types - the object is in one management plane and the subordinate is in another management plane (note that LDAP doesn't have DSEs). We need to look at the namedref document. Both LDAPext and LDUP have a stake in how this comes out. In an LDAP environment, this is an issue that crops up regardless of whether there is replication. Since this appears to be a significant design issue, John called for a group of volunteers to form a design team to study and resolve this problem. The volunteers were: John McMeeking Mark Smith Mark Wahl Skip Sloane Steve Mclane Kurt Zeilenga Ed Reed This design team's first meeting is tomorrow at 3pm. They will report back to the LDUP WG. Their feedback will then be incorporated into the draft. ====================================================== Discussion on URP - ready for Last Call or not? draft-ietf-ldup-urp-03.txt Unfortunately, neither of the authors could attend this meeting due to work and illness. John relayed this information. With respect to the draft, it has timed out, and needs to be reissued. Note that it should be compared against the requirements draft, and nothing will happen until the requirements doc passes WG Last Call. ======================================================= Discussion on the LDUP Replication Update Protocol draft-ietf-ldup-protocol-02.txt The discussion was led by Ellen Stokes, one of the authors of the draft. This draft has timed out and needs to be reissued. Ellen suggested a hard deadline of Friday the 13th [ed: honest! ;-) ] of April due for an update due to a hard vacation deadline; Roger Harrison to give Ellen an update tomorrow. This document **appears** to be ready for Last Call - only minor comments were posted in the last revision. Poll of room - no negative comments, Roger thinks that it probably is ready as he has been through the document. ========================================== Discussion on LDUP Subentry Schema draft-ietf-ldup-subentry-07.txt This discussion was led by Ed Reed, one of the authors of the draft. Note that this is a product of both the LDUP and the LDAPext WGs. Issued version 7. Main changes included separating the inheritance discussion, and put that in a separate document (draft-reed-ldup-inheritance-00.txt). Removed the search-filter mechanism for visibility. The search operation behaves as though the visibility control is present, even though it isn't. In other words, it doesn't make any sense if you have used an LDAP Subentry as the base object of the search, and you didn't include the control to return the results of the search. Kurt pointed out that since these may be nested, and if the base object of the search is a subentry, then you should behave as if the control is present. Ed agreed. A discussion followed clarifying other operations. It was agreed that if the control is present and true, all you get is subentries, otherwise you do not get subentries. Kurt and Ed will recheck the draft one last time to be sure that this (and the above) behavior is specified this way in the draft. Ed agreed to add the description of an administrative area, and then state that you can't replicate either a rootDSE or any subentries of the rootDSE. The purpose of InheritableLDAPSubentry was to provide an example of how to add inheritance to policy. After a short discussion, it was agreed in the room that it would be best to remove this from the draft. ====================================================== Discussion of Policy Inheritance Mechanisms for LDAP draft-reed-ldup-inheritance-00.txt Ed made a short presentation Ed said that he would make these changes and try and publish the document asap. Ed further stated that he will actively look for an author to take up the inheritance work, because otherwise he will let it die. =============================================== Discussion on LDAP Client Update Protocol draft-natkovich-ldap-lcup-02.txt (Chair note: please resubmit this draft with as a wg draft (i.e.,draft-ietf-ldup-lcup-00.txt) This discussion was led by Mark Smith, one of the authors of the draft. Rich Megginson has taken over editing. It has been reviewed by the authors. No substantial changes, but a fair amount of clarifying text. Note that this is not really a -00, as there were several versions of persistent and triggered search, and lcup as an individual submission. Still some open issues in the document, so we need to decide as a group whether to punt because they are out of scope or not. It was noted that LCUP is replacing triggered search, persistent search, and dirSync. ====================================================== Discussion of other missing drafts John McMeeking and Ryan have offered to take up the Mandatory Replica Management draft. Tim Hahn has offered to take up the Infomod draft. ====================================================== Any other business It has become apparent that, after listening to the discussions on progress of the various drafts, that two things are missing. They are: - we need common naming and terminology applied to all drafts - we need someone to compare the requirements document to the other drafts John suggested that the co-chairs perform this policing (volunteers are solicited and welcome!). Draft authors can't really review the drafts for these points, as they already should be doing this, and we need independent people doing this review. End of meeting.