Re: Comments from C Huitema ...
pays@faugeres.inria.fr Thu, 07 January 1993 13:54 UTC
Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa01679; 7 Jan 93 8:54 EST
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa01671; 7 Jan 93 8:54 EST
Received: from ietf.cnri.reston.va.us by CNRI.Reston.VA.US id aj02923; 7 Jan 93 8:55 EST
Received: from haig.cs.ucl.ac.uk by IETF.CNRI.Reston.VA.US id aa26482; 7 Jan 93 6:49 EST
Received: from bells.cs.ucl.ac.uk by haig.cs.ucl.ac.uk with local SMTP id <g.01954-0@haig.cs.ucl.ac.uk>; Thu, 7 Jan 1993 10:53:42 +0000
Received: from faugeres.inria.fr by bells.cs.ucl.ac.uk with Internet SMTP id <g.22387-0@bells.cs.ucl.ac.uk>; Thu, 7 Jan 1993 10:53:32 +0000
X400-Received: by /PRMD=inria/ADMD=atlas/C=fr/; Relayed; 07 Jan 93 11:53:09+0100
Date: Thu, 07 Jan 1993 11:53:09 +0100
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: pays@faugeres.inria.fr
To: pays@faugeres.inria.fr, rosenthl@mcc.com
Subject: Re: Comments from C Huitema ...
cc: wg-nap@rare.nl, osi-ds@cs.ucl.ac.uk
Message-ID: <726403989.28488.0@faugeres.inria.fr>
> From: Doug Rosenthal <rosenthl@mcc.com> > > > > The directory users will thus have the choice to search either for > > the "official" information with the responsibilty of the operator, > > or to select the "open" information such as provided by > > the users > > > > ... > > > Do users really want to have to decide which one to look at? Do you > want them to have to know about the existence of both? Other > distributed systems use the concept of authoritative/non-authoritative > information, but the end users aren't required to make an explicit > choice. > > There are 2 aspects 1. I don't see any feature of X.500 that would enable, according to the requestor identity, to select automaticaly and transparently either the authoritative ot the non-authoritative information [[that could be an improvement of X.500 to allow for attributes to have different tagged values, some being tagged as being authoritative and other non-authoritative. But this is a different story :-( ]] 2. I think it is useful to have the possibility to explicitely select which one is needed for a specific application . applications (eg. payroll or other) will allways use the authoritative subtree. The only one for which some administration/operator would bring the responsiblity for the contained information . interactive-users may select explicitely what they want . the subtree official manager will (as explained in my 1rst posting) periodically run an application which would after any desirable control update the authoritative subtree using the non-authoritative one (at disposal of the end-users for modifying their own non-protected data such as fax-number email aso) By now, my only solution is to clearly use different and explicit RDN for the relative root of the 2 subtrees, so that giving a complete DN one or the other would be obtained using a search, both could be given back BUT with a returned DN showing clearly that . one is the "authoritative" answer . the other is the "non-authoritative" answer eg. something like <C=FR; O=INRIA; OU=DMI; CN="Paul-Andre PAYS"> and <C=FR; O=INRIA; <OU=DMI-Non-Authoritative>; CN="Paul-Andre PAYS"> or better (probabaly) usage of a multi-attribute RDN such as <C=FR; O=INRIA; <OU=DMI; Status=Authoritative>; .... <C=FR; O=INRIA; <OU=DMI; Status=Non-Authoritative>; ... regards, -- PAP