On Apr 27, 2012, at 11.43, Viktor Dukhovni wrote: > Your LDAP schema should specify certfingerprint as a case-insensitive > attribute. This is a hexadecimal number (with some ":" characters > thrown in for readability), and the case of A-F is insignificant.
copied/pasted from my previous message- [...] "in this particular case, i've accommodated for this on the ldap side, by modifying the attribute's matching rules to be case insensitive [and it makes more sense anyway for an attribute like this] - i'm wondering though if there might be value in not case folding ldap lookups." [...] the point being that this particular example aside, case sensitive ldap attributes are a possibility, raising the question as to whether or not case folding of lookup keys should occur. to be clear, i'm asking in general, with regard to ldap, not regarding one particular attribute. -ben
