[Date Prev][Date Next] [Chronological] [Thread] [Top]

[ldapext] RE: draft-ietf-ldapext-locate

To: Patrik Fältström <paf@cisco.com>
Subject: [ldapext] RE: draft-ietf-ldapext-locate
From: "RL 'Bob' Morgan" <rlmorgan@washington.edu>
Date: Thu, 15 Aug 2002 08:45:57 -0700 (PDT)
Cc: Paul Leach <paulle@windows.microsoft.com>, Michael Armijo <micharm@exchange.microsoft.com>, Levon Esibov <levone@windows.microsoft.com>, <ldapext@ietf.org>, Ned Freed <ned.freed@mrochek.com>, <ietf-ldap@paf.se>
In-reply-to: <26690956.1029337899@localhost>

On Wed, 14 Aug 2002, [ISO-8859-1] Patrik Fältström wrote:

> Example of a problem:
>
> Take the domain name issues, and the project which try to have LDAP
> access to Whois data.
>
> We have whois data both at the registry and the registar about a domain
> name. In the project, both records, the referral thing in the registry
> and the actual whois info at the registrar use the same DN, and that is
> exactly the dc components of the domain name itself. And, then the user
> himself probably want/will have an LDAP server himself for the same DN.
>
> Example, my domain paf.se with "dc=paf, dc=se" might exists on three
> different locations.
>
> The registry, the registrar and myself.

The entry naming you propose for this application raises the question of
the information model for the directory, and for this application, and
whether they are consistent.

The traditional information model for the X.500 directory is that a DN
names a distinct entry, and that entry provides the same information
regardless of the physical server it resides on; this is the same
information model as the DNS.  In practice, due to the lack of a global
view of an X.500 DIT, it is common for different DSAs to contain entries
with identical DNs but which contain different information; this puts the
burden on the client (or application) to know the difference between the
entries held by different servers.

If the Whois application you describe intends to have exactly the same
info in each of the DC-named entries, regardless of whether it is held by
the registry, the registrar, or the domain name holder, then its
requirements are perfectly well met by the draft-ldapext-locate scheme.
The SRV record would contain pointers to each of the locations, and it
wouldn't matter which the client went to.

If, in this application, the information provided by the different servers
for the same DN is different, then there's a problem.  Either you've
designed a case where SRV-record lookup won't work, so it's up to your
application to figure out how to map from names to servers, and to
distinguish the different kinds of servers; or you need to change your
entry naming to reflect the fact that the logical entry held by the
different servers about the same DNS name is a different entry.

So which is it?

 - RL "Bob"

_______________________________________________
Ldapext mailing list
Ldapext@ietf.org
https://www1.ietf.org/mailman/listinfo/ldapext

References:
- [ldapext] RE: draft-ietf-ldapext-locate
  - From: Patrik Fältström <paf@cisco.com>

Prev by Date: RE: [ldapext] draft-ietf-ldapext-locate
Next by Date: RE: [ldapext] Directory Best Practice Guide
Index(es):
- Chronological
- Thread