Re: people CN

Andrew Waugh <A.Waugh@mel.dit.csiro.au> Thu, 26 November 1992 00:05 UTC

Message-Id: <9211252327.AA03189@squid.mel.dit.CSIRO.AU>
To: pays@faugeres.inria.fr
Cc: inria-x500@pamir.inria.fr, osi-ds@cs.ucl.ac.uk, wg-nap@rare.nl
Subject: Re: people CN
In-Reply-To: Your message of "25 Nov 92 23:24:50 BST." <722730290.15168.0@faugeres.inria.fr>
Date: Thu, 26 Nov 1992 10:27:18 +1100
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: Andrew Waugh <A.Waugh@mel.dit.csiro.au>

Paul,

> Preparing a new stage in the X.500 deployement within INRIA we are
> faced with the following difficult issue about people naming.

> being a large institution, we have to establish naming guidelines

> o  able to cope with several staff with the same Diven and Surname,
> and easy enough
> o  easy enough to be understood by internal and external DUA
> human users
> o  regular enough, for name-server type of usage (eg MHS routing)

[ a large number of restrictions deleted... ]

Given the number of restrictions, I don't think any system is going
to satisfy :-)

I must admit that I cannot stand using arbitrary suffixes:
	cn=Andrew Waugh%dis=1
	cn=Andrew Waugh 1
If some directory manager named me like this, I'd be cross!

One suggestion is to use the job description to disambiguate people:
	cn=Andrew Waugh%desc=X.500 Hacker

This has advantages:
	* Unlikely to get a naming clash as two people would have to
	  have the same name and do the same job. If this ever is the
	  case, I'd suggest there is likely to already be serious
	  naming confusion in the organization. The problem is also
	  easily fixed with a tweak to the description
	* Users can often identify whether they have the right person
	  just by inspecting the RDN. This is useful even if there are
	  no naming clashes, as people are often trying to identify
	  people by job function. It is especially useful with DUAs
	  which list RDNs and let the user select.
	* It can be systematically applied to entries as they are
	  added to the tree, avoiding hacks latter to disambiguate
	  names.
	* It uses a standard attribute (i.e. no problem with X.500
	  equipment that doesn't know your local schema).

It also has problems:
	* If a person changes job function, their name changes as
	  well. (This may not be a major problem if a full
	  organizational hierarchy is represented in the DIT, as
	  a person changing from one OU to another will have their
	  DN change anyway.)
	* The description is difficult to guess so the RDN cannot be
	  guessed. (Searching works fine, however, and the description
	  retrieved will help the user select amongst the answers
	  returned.)
	* The RDN is quite long, causing loss of efficiency. (This may
	  actually be considered as an advantage by the user, as
	  the user is not just concerned with finding an entry, but
	  also with verifying that the entry found is the correct one.
	  The efficiency of retrieving the entry may be slightly lower,
	  but the efficiency of identifying the correct entry may be
	  much higher.)

Incidentally, using descriptions to distinguish organizations
is worth considering. I believe that this is how such names are often
currently allocated. I can register a name used by another business
if it will not cause confusion -- i.e. the description of the business
is sufficiently different.

andrew waugh

people CN pays
Re: people CN Andrew Waugh
Re: people CN pays
Re: people CN Andrew Waugh
Re: people CN Thomas Lenggenhager
Re: people CN Ruenzler Walter
Re: people CN Alan.Young
Re: people CN Thomas Lenggenhager
Re: people CN Ruenzler Walter
Re: people CN Andrew Findlay
Re: people CN Thomas Lenggenhager
Re: people CN Christian Huitema
Re: people CN Andrew Findlay
Re: people CN Andrew Findlay
Re: people CN Thomas Lenggenhager
Re: people CN A.Macpherson
Re: people CN pays
Re: people CN Thomas Lenggenhager
Re: people CN pays
Re: people CN Tim Howes