On 4/7/2011 1:00 μμ, Howard Chu wrote:
Interleaved values such as above may never be returned by an LDAP
Search operation. Whether it's desirable for a client to reorganize
the data to display as such, I have no opinion.
I know, that's why I mentioned the issue, so that a solution might
possibly be found at design time. In long/complex ACLs (ours is already
about 1000 lines and growing - in standard format, not RTC), if comments
are decoupled from the statements concerned, then they lose a most of
I note that the accesslog overlay already allows you to track the
history of individual changes to attributes, so recording an "Entered
by <name> on <date>" comment seems both redundant and vague.
Of course; this was just an example to illustrate the use of two
comments per statement.
I hope other people will provide feedback on this as well.