Re: Chaining vs Referrals ?? -Reply Wed, 28 February 1996 23:06 UTC

Received: from by IETF.CNRI.Reston.VA.US id aa04499; 28 Feb 96 18:06 EST
Received: from CNRI.Reston.VA.US by IETF.CNRI.Reston.VA.US id aa04494; 28 Feb 96 18:06 EST
Received: from by CNRI.Reston.VA.US id aa16278; 28 Feb 96 18:06 EST
Received: from by with local SMTP id <>; Wed, 28 Feb 1996 17:05:12 +0000
Via:; Wed, 28 Feb 1996 17:04:58 +0000
Received: from by with SMTP (PP); Wed, 28 Feb 1996 17:04:48 +0000
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
Date: 28 Feb 96 16:43
Subject: Re: Chaining vs Referrals ?? -Reply
X-Mailer: University of Salford cc:Mail/SMTP gateway 1.75
Encoding: 27 TEXT
Message-ID: <9602281806.aa16278@CNRI.Reston.VA.US>

Content-Length: 1507
Content-Type: text/plain
Message-ID: <s12f080a.007@fromGW>
X-Mailer: Novell GroupWise 4.1
Date: Sat, 24 Feb 1996 12:20:14 -0800 
From: (Ed Reed)
Subject: Chaining vs Referrals ?? -Reply
Technically, the chaining approach is required when full DUA-DSA 
connectivity is not possible, either because there are multiple protocols 
and the DUAs don't support them all, or because of intentional 
discontinuities, such as Firewalls.
     You might be interested to know that we are building an X.500 firewall 
     at Salford (a proxy server - we actually call it a Guardian DSA), and 
     one of its features will be to take a DAP request from a DUA on the 
     secure network and forward it as another DAP request, to a DSA on the 
     insecure network (the latter DSA may for example have returned a 
     "returnToDUA referral") So this is another variant of the chaining 
     approach, only this time the Guardian DSA is acting as a proxy DUA.