RE: LDAP/X.500 location proposal (was: DN -> DNS: X.500 group's p roposal for using DNS to locate LDAP servers)

["Slone, Skip" <skip.slone@lmco.com>]

I expect to have an I-D on this ready to go in a few days (depending on the
number of outside interrupts).  In the meantime, I'll try to address the
"what happened to the discussion on SRV records?" question:

If you already know the applicable domain name (as is the case when there
are dc RDNs sprinkled throughout the DN), you can do a SRV record look-up
directly.  However, if you have a DN with no clues regarding the applicable
domain name (as is the case with "traditional" X.521-style names), where do
you go to query for SRV records?  The concept of the AVA record is to be
applied BEFORE doing the SRV record lookup -- it provides a mechanism for
determining the domain name. Once you have the domain name, then the SRV
record approach works just fine.  Until then, you're dead in the water with
an unresolvable DN.

As for Kurt's comment regarding "insurmountable technical, operational, and
administrative issues," can we take these one at a time?  That is, let's
look at the technical issues first. What are they? Can they be adequately
adequately addressed or are they truly "insurmountable?"  I believe that the
technical issues can be dealt with.  If we can get past that hurdle, we can
THEN look at administrative and operational issues.  Remember, there was a
time when today's concept of how we manage .com would be considered utterly
absurd.  Let's not discount things too quickly -- there is a real world
requirement for this...

 -- Skip

-----Original Message-----
From: Bruce Greenblatt [mailto:bgreenblatt@directory-applications.com]
Sent: Sunday, March 25, 2001 12:57 AM
To: ietf-ldapext@netscape.com
Subject: Re: LDAP/X.500 location proposal (was: DN -> DNS: X.500 group's
proposal for using DNS to locate LDAP servers)


At 04:08 PM 3/24/2001 -0800, you wrote:
>Frankly, I believe the approach is not viable due to numerous
>insurmountable technical, operational, and administrative
>issues of adding such RRs to the "." and TLDs.

I concur with Kurt.  I don't see the AVA resource record being added to the 
root or all top level domains.  I note that early in the document, it says: 
"We believe name resolution is a critical enabler to the ability to build 
cooperative directory systems. We see benefit in alignment work that 
addresses the following: ...
  -* allowing distributed name resolution to extend through X.500, LDAP, 
and DNS (most notably the SRV record) namespaces without the user having to 
know or care"

Yet later on, in Annex B where it talks about name resolution using DNS, 
the SRV record is not used or mentioned.  What happened?

>Kurt
>
>At 01:36 PM 3/22/01 -0500, Slone, Skip wrote:
> >As promised in the LDAPext meeting earlier this week, I am sending a set
of
> >links to the X.500 group's working document that outlines the group's
> >proposal for extending DNS to facilitate the location of LDAP servers
based
> >on the DN.  The document is the LDAP/X.500 alignment draft. The
background
> >concepts are presented in Annex A, and the proposal itself is found in
Annex
> >B.  The links below are to the Word and PDF versions of this WD,
> >respectively:
> >
>
>ftp://ftp.bull.com/pub/OSIdirectory/Geneva2001/TD%20Output/TD3044R1LDAPalig
n
> >ment2ndWD.doc
> >
>
>ftp://ftp.bull.com/pub/OSIdirectory/Geneva2001/TD%20Output/TD3044R1LDAPalig
n
> >ment2ndWD.pdf
> >
> > -- Skip Slone

==============================================
Bruce Greenblatt, Ph. D.
Directory Tools and Application Services, Inc.
http://www.directory-applications.com