About aliases an X.500....

[Harald Tveit Alvestrand <Harald.Alvestrand@maxware.no>]

Alan,
on a completely different topic:
I've thought for a long time that using aliases is the only way
one can sensibly use the distinguished name for uniqueness and for
search scope limitation at the same time.

I think I have also got a fairly solid gut feeling for how it's being used
(basically adding empty records of type "alias", with only the naming
attribute; assuming that searches follow aliases encountered in a
subtree traversal unless the appropriate control is invoked).

But I was trying to find supporting text for this picture in the X.500
series when I came across this entry in X.501(93) 12.3.3:

>NOTE - The object class alias does not specify appropriate attribute types
>for the RDN of an alias entry. Administrative Authorities may specify 
>subclasses of the class alias which specify useful attribute types for RDNs
>of alias entries.

Put this together with the fact that X.520 does not mention aliasing,
and that naming rules don't seem to give either permission or restriction
on the use of RDNs for aliases, and it seems to me that the standard and
its usage is somewhat underspecified.

I see two possibilities:

- The industry has ignored naming rules where aliases are concerned, and
  is buliding products that "allow anything".
- The industry is shipping private schemas that specify rules for how one
  can use aliases, but these are not standardized.

Obviously, software developed to the two paradigms above will not necessarily
interoperate.

Can you help me understand this one?

Regards,

                         Harald T. Alvestrand

-- 
Harald Tveit Alvestrand, Maxware, Norway
Harald.Alvestrand@maxware.no