IETF Logo Mail Archive

RE: LDAP outcome entry

"Steve Kille" <steve.kille@isode.com> Mon, 22 February 2010 17:20 UTC

Return-Path: <steve.kille@isode.com>
X-Original-To: apps-discuss@core3.amsl.com
Delivered-To: apps-discuss@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EFA6A28C119 for <apps-discuss@core3.amsl.com>; Mon, 22 Feb 2010 09:20:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.55
X-Spam-Level:
X-Spam-Status: No, score=-0.55 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_23=0.6, MSGID_MULTIPLE_AT=1.449]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B2RmbIwTtDyQ for <apps-discuss@core3.amsl.com>; Mon, 22 Feb 2010 09:20:58 -0800 (PST)
Received: from rufus.isode.com (rufus.isode.com [62.3.217.251]) by core3.amsl.com (Postfix) with ESMTP id BC46E28C0E5 for <discuss@apps.ietf.org>; Mon, 22 Feb 2010 09:20:57 -0800 (PST)
Received: from Liathach (shiny.isode.com [62.3.217.250]) by rufus.isode.com (submission channel) via TCP with ESMTPA id <S4K9awBl=qYO@rufus.isode.com>; Mon, 22 Feb 2010 17:22:56 +0000
From: Steve Kille <steve.kille@isode.com>
To: 'Eliot Lear' <lear@cisco.com>, dcrocker@bbiw.net
References: <4B82AF43.1090304@dcrocker.net> <4B82B4D6.8000508@cisco.com>
In-Reply-To: <4B82B4D6.8000508@cisco.com>
Subject: RE: LDAP outcome entry
Date: Mon, 22 Feb 2010 17:22:52 -0000
Message-ID: <01dd01cab3e3$acba9ea0$062fdbe0$@kille>
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Acqz3pBjUSRDGQP2Syakw7e+wbF28wAAf8Gw
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Language: en-gb
X-Mailman-Approved-At: Mon, 22 Feb 2010 09:28:17 -0800
Cc: 'Steve Kille' <steve.kille@isode.com>, discuss@apps.ietf.org, 'Erik Andersen' <era@x500.eu>, 'Kurt Zeilenga' <Kurt.Zeilenga@Isode.com>
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Feb 2010 17:20:59 -0000

Dave, Eliot,

This got passed to me twice, so let me share a few thoughts.  I'm cc'ing
Kurt Zeilenga, who edited the last round of LDAP core specs, and Erik
Anderson who leads ongoing X.500 standardization

1.  LDAP was originally designed as a lightweight protocol to access X.500
servers.  (Tim Howes and Wengyik Yeong deserve a mention here).

2.  In LDAPv3, it was decoupled from X.500 to the extent that a server
implementing LDAP has no requirement to implement any of the X.500
protocols.

3.  Technically, LDAP is very much based on X.500, and references X.500.  It
is not an independent specification.   I consider it as alternate to the
X.500 DAP (which can now be used directly over TCP without an OSI stack).
X.500 defines the service and information model.   

4.  LDAP is a client access protocol only.   In a distributed directory, it
can be used with proprietary distribution (e.g., Microsoft AD) or with X.500
(which defines server to server protocols and access control).   (IETF
attempts to standardize access control and server/server protocols were
abandoned).

5.  Ongoing LDAP and X.500 standardization is tightly coordinated.
Changes were made in X.500(2009) to align it to LDAP!   


6.  I view that LDAP is very successful (although I am biased).   The most
widely deployed servers are LDAP only.   All X.500 servers that I know of
support LDAP, and use it as a primary client access mechanism.   X.500 is
offered by large vendors (CA and Siemens) as well as smaller companies, and
is important in deployments that need open server/sever interworking.


Hope this is of some help


Regards


Steve





> -----Original Message-----
> From: apps-discuss-bounces@ietf.org [mailto:apps-discuss-
> bounces@ietf.org] On Behalf Of Eliot Lear
> Sent: 22 February 2010 16:46
> To: dcrocker@bbiw.net
> Cc: discuss@apps.ietf.org
> Subject: Re: LDAP outcome entry
> 
>   Hi Dave,
> 
> As I see it there are two parts to LDAP- the transport and the schema.
> If you were to break it up as such, you could say that the transport
> had
> little to do with X.500 and the schema can be said to be a derivative
> work, based on experimental experiences of the Quippu folk, led by
> Marshall Rose & Steve Kille.
> 
> Eliot
> 
> On 2/22/10 5:22 PM, Dave CROCKER wrote:
> > Folks,
> >
> > I'd like to get a consensus assessment on the LDAP entry in the IETF
> > Outcomes wiki:
> >
> > <http://trac.tools.ietf.org/misc/outcomes/wiki/IetfApplications#LDAP>
> >
> >
> > Specifically:
> >
> >
> > 1.  Origin:  LDAP is an X.500 derivative, but it indeed might be more
> > accurate to describe it as having been a fresh IETF effort that used
> > X.500 as input. This would explain the current entry's Origina
> > setting.  Does anyone disagree with the current entry's claim that
> > LDAP originated in the IETF?
> >
> >
> > 2.  Usage: My impression is that LDAP is hugely deployed and used
> > within enterprises, so that the ++ is correct.  Yes?  I'm curious
> > about the listing's asserting significant derivative work.  While it
> > makes sense there would be this, I'd like to get confirmation here.
> >
> >
> > Thanks.
> >
> > d/
> 
> _______________________________________________
> Apps-Discuss mailing list
> Apps-Discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/apps-discuss

v2.23.0 | Report a Bug | By Email