Home · About · A-Z Index · Search · Contacts · Press · Register · Login

BLITS 3.0 Change History

You are here: Directory Interoperabiliy Forum > BLITS > Version 3.0 > Change History

Changes for This Version

The Change History has been separated from the Test Cases, and these pages have been linked to a main index page which also contains links to the test data. The page style has been changed. The paragraph dealing with copying of BLITS has been removed, and a copyright statement has been added, together with a statement that copying and use is permissible under The Open Group Directory Test Suite License. There have been no technical changes.

Changes for Version 2.5

• A new set of certificates has been created, including CRLs that revoke the "BadCA" certificates. The description of these certificates in section 3.3.11 has been updated.

  All tests in 3.3.15 should work with these new certificates. The caveats have been removed from the descriptions of 3.3.15.1.3.4 and 3.3.15.1.3.4, which would not work with the previous CRLs, have been removed.

• The filter in test 3.3.2.9.2 has been changed so that the search would be successful if it were not for the fact that the base object does not exist (which is the point of the test).
• There have been (yet more) changes to the alias tests in 3.3.2.7.

  RFC 2251 says, "derefInSearching dereference aliases in subordinates of the base object in searching, but not in locating the base object of the search". This implies that

  • the BLITS 2.3 version of 3.3.2.7.4 is wrong because the Jonathan Adams entry does not match the "cn=Jonny*" filter
  • but the BlITS 2.4 version of 3.3.2.7.4 is also wrong because it expects the dereferencing to be done in locating the base object (in a base search, the question of finding subordinates of the base object does not arise)
  • what 3.3.2.7.4 should do is a derefInSearching single-level search with base "Europe" and filter "telephonenumber=*", expecting the Jonathan Adams entry to be returned.

  3.3.2.7.6 is similar to 3.3.2.7.4 but expects that the entry in question will not be returned for a derefFindingBaseObj as opposed to a derefInSearching search. What probably happened was that, when 3.3.2.7.4 was changed, 3.3.2.7.6 was derived by taking the new 3.3.2.7.4, changing the type of search, and reversing the outcome.

  Based on this rationale, the following changes have been made for version 2.5.

  • Test 3.3.2.7.2 does a neverDerefAliases single-level search with base "Europe" and filter "telephonenumber=*", expecting no entry to be returned.
  • Test 3.3.2.7.6 does a derefFindingBaseObj single-level search with base "Europe" and filter "telephonenumber=*", expecting no entry to be returned.
  • Test 3.3.2.7.8 does a derefAlways single-level search with base "Europe" and filter "telephonenumber=*", expecting the Jonathan Adams entry to be returned.
  • "base" is changed to "leaf" in the "Purpose" section of 3.3.2.7.8.
• The Pablo Picasso entry in the X.500 naming LDIF file for basic tests has been corrected: "ou=IMC" has been changed to "o=IMC".
• The employeenumber attribute was used for searches with numeric comparisons and for sorting, but this attribute does not have an ORDERING matching rule. All uses of this attribute have therefore been replaced by uses the dnqualifier attribute. In the LDIF files, a dnqualifier attribute has been added to each entry that had an employeenumber attribute, with the same value as the employeenumber attribute. (The employeenumber attributes have been retained.)

Changes for Version 2.4

• A new section 4 has been added for application-specific tests, with section 3 renamed as "General Tests". This has involved some reorganization of the table of contents. However, the section numbers of all existing tests have been kept unchanged.
• The tests in 3.3.11 have been modified to use just the "CATS" certificates. Sets of these certificates have been provided.
• The descriptions of the tests in 3.3.15 (Transport Security) have been updated. (These tests also use the "CATS" certificates.)
• A new section 3.3.16 has been added for server location.
• Referrals tests have been added in section 3.3.14.
• The descriptions of the tests in 3.3.12.5 (Language Tags) have been updated to reflect the fact that the language tags draft became an RFC. A correction was made to test 3.3.12.5.6.
• The tests in 3.3.2.7 (Alias Dereferencing) have been changed. (There was input from Annette Suendermann, Russ Ennis, Ludovic Poitou, Jim Sermersheim, Steve Trottier, and Kurt Zeilenga. But if it's wrong it's the author's fault.)
• The descriptions of tests 3.3.2.9.2-4 have been clarified (following input from Christopher Oliva and Vincent Ryan).
• Tests implying an equality matching rule for facsimileTelephoneNumber have been changed, following input from Annette Suendermann and Kurt Zeilenga, since facsimileTelephoneNumber does not in fact have an equality matching rule. Attribute internationaliSDNNumber (which has a matching rule) has been used instead. This affects tests 3.3.2.2.3.3, 3.3.2.2.9.1, 3.3.3.2.4.2, and 3.3.7.3.1.
• Test 3.3.1.3.1 has been changed in the light of the following input from Annette Suendermann: The entry used in this test case is "cn=Paul Cezanne,ou= ...". It holds a surname attribute with 1 value, sn=Cezanne, and surname is a multivalued attribute. So adding a second non-existent value, sn=Thatcher, must succeed. To invoke the attributeOrValueExists error, we must attempt to add an already present value, that is sn=Cezanne.
• Following input from Beth Keach, dc-naming DNs in section 3.3.1 (bind/unbind) have been corrected by inserting a missing "dc=Relative, ".
  

Changes for Version 2.3

• The tests in section 3.3.11 (Certificate Storage, Retrieval, and Comparison) have been modified to allow use of certificates generated by different products.
• New tests added to section 3.3.11 to cover CA Certificates and CRLs generated by different products.
• Tests 3.3.15.1.3/3.3.15.2.3 (Bind with Valid Certificate over TLS) and 3.3.15.1.5/3.3.15.2.5 (Bind with Revoked Certificate over TLS) have been modified to use certificates generated by different products. (These tests could not previously be used as there were no certificates for them.) Additional tests have been added to cover the case where client and server trust certificates issued by different CAs. The tests in section 3.3.15.1 and 3.3.15.2 have been re-numbered to allow for the additional tests.
  These tests and the additional tests described in the two bullets above use the "New Certificate Tests" LDIF files.
• In test 3.3.1.4.3 (Bind with invalid DN Syntax), the requirement to check that result code 34 (invalidDNSyntax) is returned has been removed, since this is not an allowed BindResult according to the RFCs. Discussions in the IETF may change this; meanwhile, the test must be aligned with the published standard.
• Test 3.3.1.4.4 (Bind with inappropriate authentication) has been changed because the result returned in the test should arguably be invalidCredentials rather than inappropriateAuthentication. To enable the new test to be carried out, the access control arrangements for the Directory Manager user have been altered. Further discussion looks to be needed, however, on this test, and also on test 3.3.1.4.2.
• Note that, although there have been questions on the Alias Dereferencing tests (3.3.2.7), the resolution of this complex area seems insufficiently clear at this point to make changes to these tests.

Changes for Version 2.2

• Certificate tests added in section 3.3.11.

An LDIF addendum file has been created for the certificates tests, which do not use any of the previous test data. The new entries are in three new subtrees of the DIT: Certificates, CertificateAdd and CertificateModify. The previous entries are left undisturbed. The CertificateAdd and CertificateModify subtrees are structured in a similar way to the Add and Modify subtrees to allow up to 20 vendors, each with up to 10 clients, to participate in the tests.

Changes for version 2.1 Draft 2

• Tests 3.3.1.3.x and 3.3.1.4.x: Added DN with dc-naming form.
• Test 3.3.1.4.2 (Bind With Missing Password) Fixed DN "cn=Paul Cezanne, ou=Americas, ou=Search, o=IMC, c=US" (ou=Americas was missing).
• Test 3.3.2.3 (Search for Entry with Multi-Valued RDN) Definition of the entry was missing. The test is a base search.

Changes for version 2.1 Draft 0

• Test 3.3.1.3.1 (Bind With Simple Password) bind with "cn=Paul Cezanne, ou=Americas, ou=Search, o=IMC, c=US" password "Paul0005"
• Test 3.3.1.4.1 (Bind with Incorrect Credentials) Correction in user's DN : "cn=Paul Cezanne, ou=Americas, ou=Search, o=IMC, c=US"
• Test 3.3.2.1.4 (Less-Than-Or-Equal-To Matching) updated list of entries expected to be returned (5).
• Test 3.3.2.2.1.4 (Substring OR Approximate) Change the approximate part of the filter to (cn~=body). Body is approximately closer to Bette and Buddy than the old value (doh).
• Test 3.3.2.2.3.1 ((Substring OR Substring) AND (Presence AND Presence)) Corrected Merry Aboods name (was Marry).
• Test 3.3.2.2.3.2 ((Approximate AND Substring) OR (Approximate AND Substring)) changed approximate filter (cn~=doh) to (cn=~body) as in 3.3.2.2.1.4. Corrected other part of the filter (homephonenumber was used but not present in any entry).
• Test 3.3.2.7.5 (Dereference Finding Base Object - Aliased Base Object) and Test 3.3.2.7.7 (Always Dereference - Aliased Base Object) are returning 2 entries when success (2 Margaret Thatcher).
• Test 3.3.2.9.7 (invalidDNSyntax for Base-Level Search) base DN has been modified so it is now invalid (no closing quote).
• Test 3.3.3.3.3 (Delete Attribute Using Modify-Replace) the attribute givenname is used instead of uid which is not present in the entry.
  
• New tests 3.3.13.xxx for Schema related tests.
• Updated references to the RFC 2251, 2252, 2253, 2256.

Changes for version 2.0

• Test 3.3.1.3 (Bind With Correct Credentials) is re-numbered and re-named as 3.3.1.3.1 - Bind With Simple Password.
• New tests 3.3.1.3.2 and 3.3.1.4.6 have been added for CRAM-MD5.
• New tests have been added in Section 3.3.12 (which was previously empty) for Paged Results, Server-Side Sorting, Feature Interactions with Paged and Sorted Results, Scrolling View Browsing of Search Results and Language Tags.
• A new section 3.3.15 has been added for tests of Transport Security.

An LDIF addendum file has been created for the extensions tests, which do not use any of the previous test data. The new entries are in four new subtrees of the DIT: ExtendedSearch, ExtendedAdd, ExtendedModify and Security. The previous entries are left undisturbed. The ExtendedSearch subtree contains subtrees "Corporate" and "Languages". The ExtendedAdd and ExtendedModify subtrees are structured in a similar way to the Add and Modify subtrees to allow up to 20 vendors, each with up to 10 clients, to participate in the tests.