The LDAPv3 case was a little odd. LDAPv2 was already out there
without any useful security. For various reasons, we wanted
to encourage people to move to LDAPv3, and LDAPv3 wasn't any
worse security-wise than LDAPv2. The IESG note was the
carrot part of the compromise that was worked out. The stick
was that the LDAP folks were supposed to do security before
anything else. It didn't work very well; they drug their
feet about security.
> I maintain that even a read-only implementation of LDAPv3 without
> any security (for read) is a good deal more dangerous in the
> business liability and exposure sense that an implementation
> of IPP without any security in some printers is.
Obviously it depends on what information you're making available
through LDAPv3, and whether you're just doing so within your
enterprise vs. exporting it to the rest of the world.