Re: Comments from C Huitema ...

[pays@faugeres.inria.fr]

I don't understand why my "Reply-all" did not made its way to osi-ds...

here it is again

-- PAP

> Date: 06 Jan 93 10:22:59+0100
> From: pays@faugeres.inria.fr
> To: Christian.Huitema@sophia.inria.fr,
> 	wright@lbl.gov
> Subject: Re: Comments from Christian H. on LDAP
> cc: "(Paul-Andre.PAYS)" <Paul-Andre.Pays@faugeres.inria.fr>,
> 	wg-nap@rare.nl
>
> >
> > If you allow non-authoritative data to be modified in X.500, you must
> > provide an automatic way to transfer the information back to the
> > authoritative source.  I believe that the University of Michigan is doing
> > this.
> >
> >
> It would be interesting to start a discussion on this issue of
> X.500 data managemnt.
>
> 1. Could U. Michigan describe their solution?
>
> 2. One way we are just starting to explore is the following:
>
> to manage two parallel and well identified subtrees
>   . one will be the "authoritative" subtree
>      it will only be modified (probably not using DAP) ONLY by the
>      entity managing the subtree
>   . the second one will be "open"
>      ie. using the appropriate ACL the entries could be modified by
>      "delegated" authorities (typically the users for their personal
>      data, or network managers for a given network subtree aso.)
> Periodically the "authoritaive" manager would "collect" information
> from the "open" subtree, apply any filtering or checking suitable
> and then from this (and possibly from other sources) update the
> "authoritative" subtree. There is thus the possibility to
> control and correct incosistancies or eliminate "offensive or false"
> information ...
>
> The directory users will thus have the choice to search either for
> the "official" information with the responsibilty of the operator,
> or to select the "open" information such as provided by
> the users
>
> What about this solution?
>
> all my best wishes for '93
>
> -- PAP
>
>
>