[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: LDAP/X.500 location proposal (was: DN -> DNS: X.500 group's p roposal for using DNS to locate LDAP servers)

To: "Slone, Skip" <skip.slone@lmco.com>
Subject: RE: LDAP/X.500 location proposal (was: DN -> DNS: X.500 group's p roposal for using DNS to locate LDAP servers)
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Mon, 26 Mar 2001 07:54:05 -0800
Cc: "'Bruce Greenblatt'" <bgreenblatt@directory-applications.com>, ietf-ldapext@netscape.com
In-reply-to: <B23207A86E7BD411A7000008C7E6693C77F9FC@emss03m03.orl.lmco. com>

My suggestion would be to use some approach which didn't rely on information
at the root and TLDs.  One approach would be to place mapping information
under some other domain.  You likely can avoid having to introduce new
RRs.  Off the cuff, one could have a domain like "o-example.c-us.x.itu.int"
hold location information for "o=example,c=us".

I think you need to look at technical, operational, and administrative issues
concurrently.  It's pointless to spend time on a technical approach which
cannot be deployed for operational and administrative reasons.

 -- Kurt

At 08:33 AM 3/26/01 -0500, Slone, Skip wrote:
>I expect to have an I-D on this ready to go in a few days (depending on the
>number of outside interrupts).  In the meantime, I'll try to address the
>"what happened to the discussion on SRV records?" question:
>
>If you already know the applicable domain name (as is the case when there
>are dc RDNs sprinkled throughout the DN), you can do a SRV record look-up
>directly.  However, if you have a DN with no clues regarding the applicable
>domain name (as is the case with "traditional" X.521-style names), where do
>you go to query for SRV records?  The concept of the AVA record is to be
>applied BEFORE doing the SRV record lookup -- it provides a mechanism for
>determining the domain name. Once you have the domain name, then the SRV
>record approach works just fine.  Until then, you're dead in the water with
>an unresolvable DN.
>
>As for Kurt's comment regarding "insurmountable technical, operational, and
>administrative issues," can we take these one at a time?  That is, let's
>look at the technical issues first. What are they? Can they be adequately
>adequately addressed or are they truly "insurmountable?"  I believe that the
>technical issues can be dealt with.  If we can get past that hurdle, we can
>THEN look at administrative and operational issues.  Remember, there was a
>time when today's concept of how we manage .com would be considered utterly
>absurd.  Let's not discount things too quickly -- there is a real world
>requirement for this...
>
> -- Skip
>
>-----Original Message-----
>From: Bruce Greenblatt [mailto:bgreenblatt@directory-applications.com]
>Sent: Sunday, March 25, 2001 12:57 AM
>To: ietf-ldapext@netscape.com
>Subject: Re: LDAP/X.500 location proposal (was: DN -> DNS: X.500 group's
>proposal for using DNS to locate LDAP servers)
>
>
>At 04:08 PM 3/24/2001 -0800, you wrote:
>>Frankly, I believe the approach is not viable due to numerous
>>insurmountable technical, operational, and administrative
>>issues of adding such RRs to the "." and TLDs.
>
>I concur with Kurt.  I don't see the AVA resource record being added to the 
>root or all top level domains.  I note that early in the document, it says: 
>"We believe name resolution is a critical enabler to the ability to build 
>cooperative directory systems. We see benefit in alignment work that 
>addresses the following: ...
>  -* allowing distributed name resolution to extend through X.500, LDAP, 
>and DNS (most notably the SRV record) namespaces without the user having to 
>know or care"
>
>Yet later on, in Annex B where it talks about name resolution using DNS, 
>the SRV record is not used or mentioned.  What happened?
>
>>Kurt
>>
>>At 01:36 PM 3/22/01 -0500, Slone, Skip wrote:
>> >As promised in the LDAPext meeting earlier this week, I am sending a set
>of
>> >links to the X.500 group's working document that outlines the group's
>> >proposal for extending DNS to facilitate the location of LDAP servers
>based
>> >on the DN.  The document is the LDAP/X.500 alignment draft. The
>background
>> >concepts are presented in Annex A, and the proposal itself is found in
>Annex
>> >B.  The links below are to the Word and PDF versions of this WD,
>> >respectively:
>> >
>>
>>ftp://ftp.bull.com/pub/OSIdirectory/Geneva2001/TD%20Output/TD3044R1LDAPalig
>n
>> >ment2ndWD.doc
>> >
>>
>>ftp://ftp.bull.com/pub/OSIdirectory/Geneva2001/TD%20Output/TD3044R1LDAPalig
>n
>> >ment2ndWD.pdf
>> >
>> > -- Skip Slone
>
>==============================================
>Bruce Greenblatt, Ph. D.
>Directory Tools and Application Services, Inc.
>http://www.directory-applications.com

Prev by Date: Re: DN->DNS mapping in draft-ietf-ldapext-locate-05.txt
Next by Date: IllegalArgumentException (WG last call on the Java API)
Index(es):
- Chronological
- Thread