Draft of new Executive Intro
Chris Weider <weider@ans.net> Mon, 02 March 1992 18:24 UTC
Received: by merit.edu (5.65/1123-1.0) id AA25045; Mon, 2 Mar 92 13:24:31 -0500
Received: from home.ans.net by merit.edu (5.65/1123-1.0) id AA25041; Mon, 2 Mar 92 13:24:28 -0500
Received: by home.ans.net id AA17229 (5.65c/IDA-1.4.4 for disi@merit.edu); Mon, 2 Mar 1992 13:17:24 -0500
Date: Mon, 02 Mar 1992 13:17:24 -0500
From: Chris Weider <weider@ans.net>
Message-Id: <199203021817.AA17229@home.ans.net>
To: disi
Subject: Draft of new Executive Intro
INTERNET-DRAFT C. Weider ANS J. Reynolds ISI February 1992 Executive Introduction to Directory Services Using the X.500 Protocol Status of this Memo This memo provides information for the Internet commmunity. It does not specify an Internet standard. Distribution of this memo is unlimited. Abstract This document is an Executive Introduction to Directory Services using the X.500 protocol. It briefly discusses the deficiencies in currently deployed Internet Directory Services, and then illustrates the solutions provided by X.500. This FYI RFC is a product of the Directory Information Services (pilot) Infrastructure Working Group (DISI). A combined effort of the User Services and the OSI Integration Areas of the Internet Engineering Task Force (IETF). 1. INTRODUCTION The Internet is growing at a phenomenal rate, with no deceleration in sight. Every month thousands of new users are added. New networks are added literally almost every day. In fact, it is entirely conceivable that in the future every human with access to a computer will be able to interact with every other over the Internet and her sister networks. However, the ability to interact with everyone is only useful if one can locate the people with whom they need to work. Thus, as the Internet grows, one of the limitations imposed on the effective use of the network will be determined by the quality and coverage of Directory Services available. Directory Services in this paper refers not only to the types of services provided by the telephone companies' White Pages, but to resource location, Yellow Pages services, mail address lookup, etc. We will take a brief look at the services available today, and at the problems they have, and then we will show how the X.500 standard solves those problems. 2. CURRENT SERVICES AND THEIR LIMITATIONS In the interests of brevity, we will only look at the WHOIS service, and at the DNS. Each will illustrate a particular philosophy, if you will, of Directory Services. The WHOIS service is maintained by the Network Information Center, or NIC. It is currently maintained at GSI for the IP portion of the Internet. It contains information about IP networks, IP network managers, a scattering of Big Names in the Internet, and a large amount of information related specifically to the MILNET systems. As the NIC is responsible for assigning new networks out of the pool of IP addresses, it is very easily able to collect this information when a new network is registered. However, the WHOIS database is big enough and comprehensive enough to exhibit many of the flaws of a large centralized database. First, centralized location of the WHOIS database causes slow response during times of peak querying activity, storage limitations, and also causes the entire service to be unavailable if the link to GSI is broken. Second, centralized administration of the database, where any changes to the database have to be mailed off to GSI for human transcription into the database, increases the turnaround time before the changes are propogated, and also introduces another source of potential error in the accuracy of the information. These particular problems affect to different degrees any system which attempts to provide Directory Services through a centralized database. The Domain Name Service, or DNS, contains information about the mapping of host and domain names, such as home.ans.net, to IP addresses. This is done so that humans can use easily remembered names for machines rather than strings of numbers. It is maintained in a distributed fashion, with each DNS server providing nameservice for a limited number of domains. Also, secondary nameservers can be identified for each domain, so that one unreachable network will not necessarily cut off nameservice. However, even though the DNS is superlative at providing these services, there are some problems when we attempt to provide other Directory Services in the DNS. First, the DNS has very limited search capabilities. Second, the DNS would be very hard pressed, if not completely unable, to provide non-text services, such as photos and sound. 3. THE X.500 SOLUTION X.500 is a CCITT protocol which is designed to build a distributed, global directory. It offers the following features: * Decentralized Maintenance: Each site running X.500 is responsible ONLY for its local part of the Directory, so updates and maintenance can be done instantly. * Powerful Searching Capabilities: X.500 provides powerful searching facilities that allow users to construct arbitrarily complex queries. * Single Global Namespace: Much like the DNS, X.500 provides a single homogeneous namespace to users. The X.500 namespace is more flexible and expandable than the DNS. * Structured Information Framework: X.500 defines the information framework used in the Directory, allowing local extentions. * Standards-Based Directory Services: As X.500 can be used to build a standards-based directory, applications which require directory information (e-mail, automated resources locators, special-purpose directory tools) can access a planet's worth of information in a uniform manner, no matter where they are based or currently running. With these features alone, X.500 is being used today to provide the backbone of a global White Pages service. There is almost 3 years of operational experience with X.500, and it is being used widely in Europe and Australia in addition to North America. In addition, the various X.500 implementations add some other features, such as photographs in G3-FAX format, and color photos in JPEG format. However, as X.500 is standards based, there are very few incompatabilities between the various versions of X.500, and as the namespace is consistent, the information in the Directory can be accessed by any implementation. Also, work is being done in providing Yellow Pages services and other information resource location tasks in the Directory. The X.500 Directory is taking us closer to the day when we will indeed have the entire world on our desktops, and X.500 will help insure that we can find whom and what we need. 4: FOR FURTHER INFORMATION For a more detailed technical introduction to X.500 and an extensive bibliography, see "Technical Overview of Directory Services Using the X.500 Protocol", by Weider, Reynolds, and Heker. This is available from the NIC as FYI ##, RFC 13##. For a catalogue of X.500 implementations, see "A Catalog of Available X.500 Implementations", ed. Lang and Wright. This is available from the NIC as FYI 11, RFC 1292. 5: SECURITY CONSIDERATIONS Security issues are not discussed in this paper. 6: AUTHORS' ADDRESSES Chris Weider Advanced Network and Services, Inc. 2901 Hubbard, G-1 Ann Arbor, MI 48105-2437 Phone (313) 663-2482 E-mail: weider@ans.net Joyce K. Reynolds Information Sciences Institute University of Southern California 4676 Admirality Way Marina del Rey, CA 90292 Phone: (310) 622-1511 E-Mail: jkrey@isi.edu
- Draft of new Executive Intro Chris Weider