RE: History of X.500 (RE: gluing directories with draft-ietf-ldap ext-locate-02.txt)

["Lloyd, Alan" <Alan.Lloyd@ca.com>]

Once upon a time - there wasnt a phone system....
Once upon a time there wasnt any directory standards
Once upon a time X.500 directory standards  grade as it covered OO, standard
schema, distribution, authentication and ACI and DIT management,,,, And it
then covered X.509 PKI....

Once upon a time - DAP was down graded to LDAP to make the clients
simpler....

So wher is the distribution model of LDAP (servers) and what is the
distributed trusted security model of LDAP - and how does one deal with
global infrastructure and distributed user services and thier capacity with
LDAP servers...and what PKI model are these LDAP servers incorporating?

The point is --- we have a directory system design (X.500) that has wider
business utility if it is distributed - and all the LDAP approaches have
never ventured into this space..

As said do you want a little LDAP server or do you want a scaleable
distributed directory service... They are quite different..

regards as always alan



-----Original Message-----
From: Rich Salz [mailto:rsalz@caveosystems.com]
Sent: Friday, May 19, 2000 10:51 AM
To: Lloyd, Alan; Harald Tveit Alvestrand; ietf-ldapext@netscape.com;
Kurt@OpenLDAP.org
Subject: RE: History of X.500 (RE: gluing directories with
draft-ietf-ldapext-locate-02.txt)


>distribution was provided in 1988 as chained DSAs

Oh, you mean referrals?  Or is it DNS "recursion" :)

Thanks, Harald, for reminding me that X.500 '88 had no security model worth
the the use of the term.  A user could authentication, there was no
authorization,
and the authen was DN and password, and the schema said the user's password
was stored in the DIT as plaintext.  Alan, you have to admit that for a
certificate-propagation scheme, that is just plain nonsensical...
	/r$