![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to text.tex CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / doc / whitepages / report-2|
Return to text.tex CVS log | Up to [CSRG BSD Unix] / 43BSDReno / contrib / isode-beta / doc / whitepages / report-2 |
1.1 root 1: % -*- LaTeX -*-
2:
3:
\newpage
4: \section {Introduction}
5: In July of {\oldstyle 1989},
6: NYSERNet started a pilot project offering a White Pages service using OSI
7: technology.
8: Since that time,
9: NYSERNet and PSI have been extending and evaluating the service in response to
10: experience gained during the operation of the pilot.
11:
12: The service is interesting in three respects:
13: it is a large,
14: distributed information service involving administration by multiple
15: organizations;
16: it is the first production-quality field test of the OSI Directory (X.500);
17: and,
18: it is the first large scale production application of OSI technology on top of
19: the popular Internet (TCP/IP) suite of protocols.
20:
21: The purpose of this document is to describe the ``refinements'' made to the
22: base X.500 Recommendations in order to produce a workable system.
23: It must be {\bf stressed\/} that none of these refinements are contrary to
24: either the spirit or letter of the X.500 protocols.
25: Rather,
26: if one begins with the assumption that one has a conformant X.500
27: implementation,
28: then these refinements consist of fleshing out the ``for further study'' and
29: ``local matter'' clauses of the X.500 Recommendations.
30: Further,
31: one should note that a system implementing these refinements will still be
32: able to interwork,
33: albeit with less functionality,
34: with conformant X.500 implementations that do not implement these refinements.
35:
36: For the remainder of this note,
37: the reader is assumed to have a basic understanding of X.500 technology.
38:
39: The purpose in presenting this information is to advance understanding of
40: these grey areas by describing operational experiences in offering a Public
41: Directory Service using X.500.
42: Having stated what this note is about,
43: it is also appropriate to state what this note is not about:
44: this note is not meant to provide any implementation-specific information.
45: That is,
46: this note considers only the externally visible aspects of a Directory Service
47: which incorporates these refinements.
48: As such,
49: these refinements should be applicable to {\bf any\/} conformant X.500
50: implementation.
51:
52: This note begins by reviewing the need for a White Pages Service and presents
53: a basic model for offering such a service using the X.500 protocols.
54: Next,
55: a brief overview of the technology used to realize this service is presented.
56: Following this,
57: this note is divided into two major sections:
58: first,
59: issues relating to the Directory System
60: (e.g., refinements in the operation of a DSA or use of the DSP)
61: are discussed;
62: second,
63: issues relating to a Directory User
64: (e.g., refinements in the operation of a DUA or use of the DAP)
65: are considered.
66:
67: \newpage
68: \subsection {For Further Reading}
69: There is very little ``new'' information presented in this note.
70: Rather,
71: it is a compilation of several sources,
72: organized to focus on the refinements necessary to produce a workable system
73: using X.500 technology.
74: Interested readers might wish to consult:
75: \begin{itemize}
76: \item \cite{WPP.Intro},
77: for an introduction to the NYSERNet/PSI White Pages Pilot Project;
78:
79: \item \cite{WPP.Report-1},
80: for the latest status report (as of this writing);
81:
82: \item \cite{WPP.User,WPP.XWP},
83: for information on user interfaces;
84:
85: \item \cite{WPP.Admin},
86: for information on administering a DMD within the pilot
87: (i.e., a PRDMD);
88:
89: \item \cite{QUIPU.Manual}
90: for programmatic information on the underlying X.500 implementation.
91: \end{itemize}
92: All of these documents (and many others) were consulted when this note was
93: written.
94:
95: \newpage
96: \subsection {Managing Infrastructural Information}
97: A natural function of computer networks is to form the {\em infrastructure\/}
98: between the users they interconnect.
99: For example,
100: the electronic mail service offered by computer networks provides a means for
101: users to collaborate towards some common goal.
102: In the simplest cases,
103: this collaboration may be solely for the dissemination of information.
104: In other cases,
105: two users may work on joint research project,
106: using electronic mail as their primary means of communication.
107:
108: Most network services are based on the implicit assumption that each user can
109: supply {\em infrastructural information} to
110: facilitate information transfers through the network.
111: For example,
112: electronic mail services expect that an originator can supply
113: addressing information
114: for all the intended recipients.
115: It is not necessarily the task of electronic mail, per se,
116: to provide this infrastructural information to the user.
117:
118: This model works fine in small environments,
119: particularly those where infrastructural information is not difficult to
120: obtain and remember.
121: However,
122: the model does not scale well.
123: Consider the case when the membership of a network consists of hundreds of
124: thousands of users belonging to thousands of organizations.
125: It is no longer reasonable for a single user to provide this information,
126: except in very limited circumstances.
127: Further,
128: it is likely that some of the information changes frequently,
129: due to personnel and other resource movement.
130: The goal of a {\em white pages\/} service is to
131: provide the necessary information, and to mask the complexity of the
132: infrastructural information.
133:
134: \subsection {A Public Directory Service}
135: In our context,
136: a public directory service allows a user to ascertain information
137: about a person whose name is (approximately) known.
138: In providing such a service using technology based on the X.500
139: Recommendations,
140: it is necessary to view this somewhat more concretely.
141:
142: In particular,
143: we assume that the information on a person is represented as an entry in the
144: OSI Directory.
145: As such,
146: the ``handle'' associated with each person is a Directory Distinguished Name
147: (DN).
148: However,
149: we further assume that a user need not know the value of this name.
150: Rather,
151: the user provides commonly known naming information about a person,
152: and the user interface to the Directory somehow determines the correct DN,
153: and then presents publically readable information from the entry associated
154: with that DN.
155:
156: In the NYSERNet/PSI White Pages Pilot Project,
157: this first step is assumed to be an iterative process:
158: first,
159: ``areas'' of the Directory likely to contain the entry are identified,
160: usually by searching;
161: and,
162: second,
163: in each of those areas,
164: a search for the entry is initiated.
165: In a business context,
166: the area corresponds to an organizational object in the Directory.
167: In contrast,
168: for a personal context,
169: the area might correspond to a locality.
170: In the pilot project,
171: only the organizational case has been extensively used.
172: Nonetheless,
173: experience with the pilot software indicates that the search model is
174: sufficiently general to support either context.
175:
176: \subsection {An Implementation}
177: To implement a White Pages service using the OSI Directory,
178: three things are needed:
179: \begin{itemize}
180: \item an OSI infrastructure,
181: this is provided by the ISODE,
182: an openly available implementation of the upper-layers of OSI;
183:
184: \item an implementation of the OSI Directory,
185: this is provided by the ISODE implementation of the Directory,
186: QUIPU;
187: and,
188:
189: \item a White Pages abstraction,
190: provided by an administrative discipline along with at least one user
191: interface through which the service is accessed.
192: \end{itemize}
193: It is important to distinguish between the White Pages {\em service\/} and the
194: OSI Directory {\em technology} as defined in
195: \cite{ISO.Directory,CCITT.Directory}.
196: The White Pages abstraction is provided both by a focused use of the
197: underlying OSI Directory technology
198: and by special user interfaces.
199: Of course,
200: many might view the sole focus of the OSI Directory is to provide a white
201: pages service.
202: As such,
203: the abstraction can be seen simply as the administrative and operational
204: agreements necessary to use X.500.
205:
206: The ISODE (pronounced {\em I-SO-D-E\/}),
207: or {\em ISO Development Environment}, is a collection of library
208: routines and programs that implements an extensive set of OSI upper-layer
209: services\cite{Open.Book}.%
210: \footnote{It is an unfortunate historical coincidence that the first three
211: letters of the ISODE are ``ISO''.
212: This is not an acronym for the International Organization for Standardization,
213: but rather three letters which,
214: when pronounced in English,
215: produce a pleasing sound.}
216: In brief,
217: the ISODE implementation of the upper-layers of OSI is interesting in four
218: respects:
219: it provides extensive automatic tools for the development of OSI applications;
220: it supports OSI applications on top of both OSI and TCP/IP-based networks;
221: it provides a novel approach to the problems of OSI coexistence
222: and transition;
223: and,
224: it is openly available (non-proprietary).
225:
226: The ISODE implementation of the OSI Directory,
227: QUIPU\cite{QUIPU.Directory},
228: was donated by University College London.
229: QUIPU was originally developed as a part of the INCA
230: (Integrated Network Architecture) project
231: (under the auspices of the ESPRIT initiative of the EEC).
232: The Inca of Peru did not have writing.
233: Instead,
234: they stored information on strings,
235: carefully knotted in a specific manner with colored thread,
236: and attached to a larger rope.
237: Such a device was known as a {\em Quipu\/}
238: (pronounced {\em kwip-ooo}).
239: The encoding was obscure,
240: and could only be read by selected trained people:
241: the {\em Quipucamayocs}.
242: The Quipu was a key component of Inca society,
243: as it contained information about property and locations throughout
244: the extensive Inca empire.
245:
246: QUIPU is a complete implementation of the OSI Directory,
247: based on the {\oldstyle 1988\/} CCITT recommendations\cite{CCITT.Directory}
248: and ISO standards\cite{ISO.Directory}.
249: As with the entire ISODE,
250: QUIPU is coded in the {\em C\/} programming language\cite{C.Language} and runs
251: on the \unix/ operating system.
252:
253: The QUIPU Directory User Agent (DUA) supports a {\em C\/} language procedural
254: interface to access the full Directory Access Service.
255: The interface is relatively straight-forward,
256: mapping ``programmer-friendly'' procedure calls to the formal service.
257: Code to manipulate ASN.1 structures is automatically generated using
258: facilities provided by the ISODE.
259:
260: The DUA interface can be used directly at the programmatic level,
261: or exported from a interface process called \verb"dish"~---~the DIrectory
262: SHell.
263:
264: The QUIPU Directory System Agent (DSA) is memory-based:
265: it uses the native \unix/ file-system to provide stable-storage between
266: reboots, but otherwise maintains all data in program memory.
267: As might be expected,
268: providing that the DSA avoids paging,
269: execution of the lookup and search facilities of the Directory can be realized
270: in a timely fashion.
271: Naturally, when an update operation occurs,
272: the copy on disk is updated and a journal entry written before the update is
273: acknowledged.
274: The disk copy is stored in a textual format to facilitate examination.
275: As this copy is read only once~---~when the DSA starts,
276: typically when \unix/ goes multi-user~---~the cost of such a strategy is
277: believed to be relatively small if properly implemented and tuned.
278:
279: The DSA supports both Directory distributed operations (DSA-DSA) and the
280: Directory Abstract Service (DUA-DSA),
281: along with the full range of standard Directory object classes and attributes
282: types.
283: Further,
284: a large number of other attribute types have been defined,
285: both to facilitate experimentation and support the White Pages service.
286: Most notably these attribute types were necessary to support automatic use of
287: replication of information in the Directory.
288:
289: Having now briefly introduced the implementation used in the pilot project,
290: we now describe the refinements which were necessary to offer a working system.
291:
292:
\newpage
293: \section {Directory System Issues}
294: The system-related refinements used in the pilot project are all artifacts of
295: the QUIPU design\cite{QUIPU.Design}.
296: These are best described in terms of the object classes and associated
297: attribute types which are manipulated by a QUIPU DSA.
298: However,
299: before these are introduced it is necessary to discuss two topics:
300: the textual convention used for writing DNs,
301: and how the DSAs navigate the DIT.
302:
303: \subsection {Writing Distinguished Names}
304: Although the textual notation used to write DNs should be unimportant.
305: For expository (and local) purposes it is important to have a concise notation.
306:
307: A Distinguished Name is written as an ordered series of RDNs separated by
308: an \verb"`@'"-sign with the most significant RDN appearing at the left;
309: e.g.,
310: \begin{quote}\small\begin{verbatim}
311: c=US@o=NYSERNet Inc.
312: \end{verbatim}\end{quote}
313: refers to an entry with an RDN of \verb"o=NYSERNet Inc."
314: whose parent has an RDN of \verb"c=US".
315: In turn,
316: this parent entry is an immediate child of the root.
317: To avoid any potential ambiguity,
318: one usually prefixes a \verb"`@'"-sign to a string when referring to a fully
319: qualified Distinguished Name;
320: e.g.,
321: \begin{quote}\small\begin{verbatim}
322: @c=US@o=NYSERNet Inc.
323: \end{verbatim}\end{quote}
324: always refers to the same entry regardless of context.
325: Finally,
326: if an RDN consists of multiple attributes,
327: then these are separated by a \verb"`%'"-sign;
328: e.g.,
329: \begin{quote}\small\begin{verbatim}
330: @l=North America@o=NYSERNet Inc.%l=US
331: \end{verbatim}\end{quote}
332:
333: Tables~\ref{attribute-std} and~\ref{attribute-new}
334: on pages~\pageref{attribute-std} and~\pageref{attribute-new},
335: respectively,
336: list the attribute types commonly used in the pilot project,
337: any abbreviations, and the syntax associated with each attribute's value.
338: In the interests of brevity,
339: the abbreviated form is used when writing DNs.
340:
341: \subsection {DIT Navigation}
342: When a DUA requests some action from a DSA
343: (e.g., to read an entry),
344: the DSA may not have that information resident.
345: In this case,
346: the DSA has a choice:
347: it may either contact another DSA which is ``closer'' to the information and
348: propagate the request
349: (i.e., {\em chaining\/}),
350: or it may return information about this ``closer'' DSA to the DUA,
351: and let the DUA re-issue its request (i.e., {\em referral\/}).
352: Of course,
353: when DSAs communicate between themselves,
354: they may also chain or refer requests.
355:
356: The key issue is to understand what the term ``resident'' means with respect
357: to information held by a DSA.
358: In order to improve performance,
359: DSAs {\em employ\/} both replication and caching of information in the
360: Directory.
361: Hence,
362: to explain residency of information,
363: some additional terminology must be introduced.
364:
365: \subsubsection {Entry Data Blocks}
366: First,
367: we think of the entire global Directory tree as consisting of discrete units
368: of information termed {\em entry data blocks},
369: or simply {\em blocks}.
370: A block consists of a small portion of the tree:
371: the immediate children of a particular node.
372: Thus the phrase ``this DSA holds a copy of the block for \verb"c=US"'' means
373: that the DSA in question has information about the {\em attributes\/} of
374: the nodes which exist immediately below the \verb"c=US" entry,
375: such as
376: \begin{quote}\small\begin{verbatim}
377: c=US@o=NYSERNet Inc.
378: \end{verbatim}\end{quote}
379: The phrase does not imply that the DSA has any information, whatsoever,
380: about {\em entries\/} beneath these immediately subordinate nodes,
381: e.g.,
382: \begin{quote}\small\begin{verbatim}
383: c=US@o=NYSERNet Inc.@ou=Research and Development
384: \end{verbatim}\end{quote}
385: There are three kinds of blocks that a DSA might hold:
386: \begin{itemize}
387: \item a {\em slave\/} copy refers to complete, authoritative information of
388: a block:
389: the DSA knows about all of the entries and all of the children of the node
390: corresponding to that particular block.
391: Slave copies are regularly updated by contacting an {\em upstream\/} DSA,
392: and comparing timestamps associated with the two copies of the block.
393:
394: \item a {\em cache\/} copy refers to possibly partial information that a DSA
395: has received during its execution lifetime:
396: the DSA may know about some of the children and possibly some of their attributes.
397: When a DSA chains a request for some information and the information returns
398: through the DSA,
399: that DSA may decide to cache that information for some short period of time
400: (e.g., 30~minutes).
401:
402: \item the term {\em master\/} copy is self-evident.
403: Only a single DSA may hold the master copy for any portion of the tree.
404: \end{itemize}
405:
406: With these terms now described,
407: the {\em residency requirement\/} is simply enumerated as:
408: \[\begin{tabular}{|r|l|}
409: \hline
410: \multicolumn{1}{|c|}{\bf Operation Requested}&
411: \multicolumn{1}{|c|}{\bf Copy Required for Residency}\\
412: \hline
413: read, compare& master, slave, or cache\\
414: list, search& master, or slave\\
415: update& master\\
416: \hline
417: \end{tabular}\]
418: (Actually,
419: a cached copy might be used to satisfy a list request,
420: depending on the service controls used with the operation.)
421:
422: Hence,
423: while the pilot relies primarily on replication (slave blocks) to speed
424: queries,
425: updates still rely on a centralized entity (containing the master block) being
426: available.
427: (This is the best compromise can be taken without making the system
428: tremendously more complex,
429: e.g.,
430: introducing distributed database technology.)
431:
432: Finally,
433: note that the EDB approach is much coarser than a
434: ``distributed entry'' capability.
435: Although distributing across several DSAs the attribute and children
436: information for a single entry may be administrative attractive,
437: it is felt to be technically intractable at this time.
438:
439: \subsubsection {Use of Presentation Address}
440: Only within a single OSI community can homogeneous interworking be achieved.
441: It is important to realize that the value of a white pages service increases
442: as its scope increases.
443: As such,
444: it is important to appreciate that OSI applications are implemented on a wide
445: range of end-to-end protocol combinations.
446: Sadly,
447: these are largely incompatible (e.g., TP4/CLNP and TP0/X.25).
448: In order to provide homogeneous service to the user,
449: the DSAs must be able to compare two OSI presentation addresses and determine
450: if an association can be established directly between the two.
451: This need arises in two cases.
452:
453: First,
454: a DSA wishes to perform an operation and realizes that it must either chain or
455: refer.
456: The DSA compares the presentation address of the application entity
457: on whose behalf it is performing the operation,
458: with the presentation address of a DSA which is closer to the information.
459: If the two addresses belong to the same ``community''
460: (i.e., are compatible),
461: then the DSA knows that it is safe to return a referral.
462: If not,
463: then the DSA realizes that,
464: barring service controls to the contrary,
465: it should chain.
466:
467: Second,
468: a DSA might wish to contact other DSAs.
469: In this case,
470: the DSA sees if the presentation address of the other DSA is in one of the
471: communities of the local end-system.
472: If so,
473: the DSA knows that it is possible to chain operations to that DSA.
474: Otherwise,
475: in the absence of transport-level bridging,
476: the DSA knows that it can not reach the other DSA.
477:
478: To further complicate matters,
479: Directory service may be offered by application entities using non-standard
480: end-to-end protocol combinations
481: (e.g., RFC1006/TCP \cite{TSAP.on.TCP}).
482: There must be a means whereby the addresses associated with such entities can
483: be stored in the Directory and subsequently interpreted by entities with
484: knowledge of these non-standard communities.
485: A mechanism for achieving this is defined in \cite{Interim.Addresses}.
486:
487: Finally,
488: the textual notation used to write presentation addresses should be
489: unimportant.
490: For expository (and local) purposes it is important to have a concise notation.
491: \cite{String.Addresses} defines such a notation.
492:
493: \subsection {Objects}
494: The abstract syntax of the classes and attributes described in this note are
495: largely taken from the THORN naming architecture\cite{thorn-na},
496: which was developed in the RARE community.
497: These are optional extensions to what is defined in the X.500 recommendations.
498:
499: \subsubsection {Object Class: friendlyCountry}
500: In order to provide more intuitive identification of sovereign nations,
501: a new object class,
502: subordinate to the \verb"country" class,
503: has been added.
504: This has but a single mandatory attribute:
505: \begin{describe}
506: \item[friendlyCountryName:]
507: gives a user-friendly rendition of the
508: country's name (hence the term \verb"friendlyCountry").
509: \end{describe}
510:
511: \subsubsection {Object Class: domainRelatedObject}
512: In order to experiment with mappings from user's Internet mailboxes into DNs,
513: a means for inverting the Internet Domain Name System (DNS) is needed.
514: A new object class, \verb"domainRelatedObject", is used for this purpose.
515: There is one mandatory attribute:
516: \begin{describe}
517: \item[associatedDomain:]
518: identifies a portion of the DNS which is conceptually
519: located at an entry of this class.
520: \end{describe}
521:
522: \subsubsection {Object Class: quipuObject}
523: In order to provide access control to the Directory,
524: an \verb"accessControlList" attribute type,
525: consisting of zero or more positive-access rules,
526: has been defined.
527: This is a attribute type is mandatory of objects within the \verb"quipuObject"
528: class.
529: Further,
530: all entries occuring in an EDB must be of this class.
531:
532: In addition,
533: there are two optional attribute types.
534: These are maintained automatically by the DSA:
535: \begin{describe}
536: \item[lastModifiedBy:]
537: identifies the Directory entity which last modified
538: this entry.
539:
540: \item[lastModifiedTime:]
541: identifies the time at which this entry was last
542: modified.
543: \end{describe}
544:
545: \subsubsection {Object Class: quipuNonLeafObject}
546: In order to provide navigational information for DSAs,
547: all non-leaf objects are within the \verb"quipuNonLeafObject".
548: There is one mandatory attribute type:
549: \begin{describe}
550: \item[masterDSA:]
551: identifies the Directory entity which is responsible
552: for maintaining the MASTER EDB for the children of
553: this entry.
554: \end{describe}
555: In addition,
556: there are two optional attribute types:
557: \begin{describe}
558: \item[slaveDSA:]
559: identifies DSA(s) which also have authoritative
560: information on the immediate children of a non-leaf
561: entry.
562:
563: \item[treeStructure:]
564: if present, lists those object classes which the
565: immediate children are allowed to take.
566: \end{describe}
567:
568: \subsubsection {Object Class: quipuDSA}
569: It is necessary to introduce an additional object class,
570: \verb"quipuDSA",
571: to identify those DSAs
572: which implement these refinements.
573: There are several mandatory attribute types:
574: \begin{describe}
575: \item[eDBinfo:]
576: Indicates how the DSA participates when propagating
577: authoritative EDB information.
578: Each attribute lists the DN of a non-leaf entry,
579: along with (optionally) the DN of the upstream DSA
580: which provides the associated EDB to this DSA,
581: and with (optionally) a list of DNs of downstream DSAs
582: to which this DSA provides the associated EDB.
583: (The dual of the \verb"masterDSA" and \verb"slaveDSA"
584: attribute types.)
585:
586: \item[userPassword:]
587: a string containing a password used by the DSA to
588: authenticate itself to other DSAs.
589: This attribute is not used for DSP authentication
590: as it introduces a livelock problem.
591: (When strong authentication matures,
592: DSP authentication will be used instead.)
593:
594: \item[manager:]
595: the DN of an entry corresponding to the ``super-user''
596: for this DSA.
597:
598: \item[quipuVersion:]
599: a simple string relating the version of the software
600: being run by this DSA.
601: \end{describe}
602: along with the \verb"acl" attribute.
603: There is also an optional one:
604: \begin{describe}
605: \item[description:]
606: a textual description of the DSA.
607: \end{describe}
608: along with the \verb"lastModifiedBy" and \verb"lastModifiedTime" attribute
609: types.
610:
611: A DSA which implements these refinements also has the value
612: \verb"quipuDSP" for its \verb"supportedApplicationContext" attribute.
613: In addition to offering all of the DSP services on this application context,
614: there is an additional operation,
615: \verb"getEDB",
616: which is used by a downstream DSA to request EDB information from an upstream
617: DSA,
618: if that EDB information has changed.
619:
620: When a \verb"quipuDSA" must contact another DSA,
621: and several choices are available,
622: it favors those DSAs of the \verb"quipuDSA" class.
623: For example,
624: caching can not occur without an understanding of the access control
625: policy being applied to an entry.
626:
627: \subsection {Naming DSAs}
628: If a \verb"quipuDSA" does not have information resident to satisfy a request,
629: it identifies,
630: to its local knowledge,
631: the furthest non-leaf entry along the path to the desired entry.
632: The \verb"masterDSA" and \verb"slaveDSA" attributes of this entry are
633: consulted to derive the DNs of DSAs which are more likely to be able to
634: perform the desired operation.
635:
636: Obviously,
637: in order to resolve the \verb"presentationAddress" attribute of the entries
638: corresponding to the closer DSAs,
639: additional lookup in the Directory is needed.
640: As such,
641: a DSA should be at least one level-higher in the DIT than any EDB for which it
642: holds authoritative information.
643:
644: To see why this is so,
645: consider a DSA named:
646: \begin{quote}\small\begin{verbatim}
647: c=US@o=NYSERNet Inc.@cn=losing
648: \end{verbatim}\end{quote}
649: which,
650: according to the entry for
651: \begin{quote}\small\begin{verbatim}
652: c=US@o=NYSERNet Inc.
653: \end{verbatim}\end{quote}
654: is a \verb"masterDSA",
655: and that there are no \verb"slaveDSA"s for that entry.
656: Now suppose another DSA,
657: called ``naive'',
658: with knowledge only of \verb"c=US",
659: wishes to satisfy a request for a (possibly distant) child of this
660: organization.
661: In order to satisfy the request,
662: the ``naive'' DSA must know the address of the ``losing'' DSA,
663: which can obviously not be determined.
664:
665: \subsection {DSA Management}
666: In order to provide a management capability for these refinements,
667: a new attribute type, \verb"control", is defined for use over the DAP.
668: When a DUA is bound as the DSA's manager,
669: it may issue the modify operation to add a value of type \verb"control".
670: This is interpreted by the DSA rather than being applied to the DIT.
671:
672: The operations of interest are:
673: \begin{itemize}
674: \item abort DSA;
675:
676: \item restart DSA;
677:
678: \item refresh EDB from local stable-storage;
679:
680: \item rewrite EDB to local stable-storage;
681:
682: \item mark EDB as read-only (lock EDB);
683:
684: \item unlock EDB;
685:
686: \item initiate EDB update procedure from upstream DSA
687: (either for all EDBs or a particular EDB).
688: \end{itemize}
689: For example,
690: if it is necessary to make a substantive change to an EDB for which the DAP is
691: unappropriate,
692: a DSA manager tells the DSA to lock the EDB,
693: edits the EDB on local stable-storage,
694: tells the DSA re-read the EDB from local stable-storage,
695: and then tells the DSA to unlock the EDB.
696:
697: Intead,
698: if a DUA issues a read for the \verb"control" attribute of an entry,
699: then the value returned consists of a string:
700: \begin{quote}\scriptsize\begin{verbatim}
701: %d Master entries (in %d EDBs), %d Slave entries (in %d EDBs), %d Cached entries
702: \end{verbatim}\end{quote}
703: giving some very basic information about the EDBs/entries resident in the DSA.
704:
705:
\newpage
706: \section {Directory User Issues}
707: An important task in any pilot project is to objectively focus the scope of
708: the project:
709: projects with ill-defined goals tend to fail.
710: In the context of the pilot project,
711: an explicit decision was made to focus solely on data relating to persons and
712: organizations.
713: Thus, although the pilot project software supports the full range of Directory
714: objects and attributes, the objects supported in the pilot project are limited
715: to:
716: \begin{quote}\small\begin{tabular}{l}
717: organizations\\ organizational units\\ organizational roles (e.g., ``Chair of
718: the Department'')\\ localities (for those individuals not belonging to an
719: organization)\\ persons
720: \end{tabular}\end{quote}
721: In addition to supporting the appropriate attribute types for these objects,
722: some additional attributes were defined. For example, users can store a
723: facsimile image of themselves as their \verb"photo" attribute.
724:
725: The list of standard attribute types supported in the pilot is shown in
726: Table~\ref{attribute-std}.
727: Table~\ref{attribute-new} shows additional attribute types which have been
728: defined for use with the pilot.
729: \tagtable[tp]{INT-1}{Supported Standard Attribute Types}{attribute-std}
730: \tagtable[tp]{INT-2}{Additional Attribute Types}{attribute-new}
731:
732: \subsection {Objects}
733: In the pilot project,
734: all of the objects described above are modeled by the standard the
735: corresponding object class,
736: with one exception.
737:
738: \subsubsection {Object Class: pilotPerson}
739: The \verb"pilotPerson" object class is used to refer to a person in the pilot
740: project.
741: An entry belonging to this class may have any of several additional attributes:
742: \begin{describe}
743: \item[favouriteDrink:]
744: which is a string describing the user's favorite drink.
745:
746: \item[homePhone:]
747: which is a string describing the phone number of the object
748: using the international notation; e.g., ``+1 518-283-8860''.
749:
750: \item[homePostalAddress:]
751: which describes how physical mail is addressed to the
752: person's home.
753:
754: \item[info:]
755: which is additional, textual information about the
756: person.
757:
758: \item[mobileTelephoneNumber:]
759: which is a string describing the user's mobile
760: number (e.g., for a cellular phone).
761:
762: \item[otherMailbox:]
763: which is the user's computer mail address
764: in various domains.
765: The string syntax of this attribute's value is special:
766: \begin{quote}\small\begin{verbatim}
767: <domain> $ <mailbox>
768: \end{verbatim}\end{quote}
769: e.g., ``internet \$ [email protected]''.
770: The current list of mail domains are:
771: applelink, bitnet, compuserve, genie, internet, mcimail, nasamail,
772: preferred, and uucp.
773:
774: \item[pagerTelephoneNumber:]
775: which is a string describing the user's pager number.
776:
777: \item[photo:]
778: which is a facsimile bitmap of the user's face.
779:
780: \item[rfc822Mailbox:]
781: which is the user's computer mail address in the
782: Internet.
783:
784: \item[roomNumber:]
785: which is a string describing where the person resides
786: at the location.
787:
788: \item[secretary:]
789: which is the Distinguished Name of the user's
790: administrative support.
791:
792: \item[userClass:]
793: which describe's the user's classification; e.g.,
794: ``staff''.
795:
796: \item[userid:]
797: which is the user's login name; e.g., ``mrose''.
798: \end{describe}
799: Thus,
800: Table~\ref{pilot-person} shows all the attributes that might be associated
801: with a person.
802: \tagtable[tp]{INT-3}{Attribute Types for the pilotPerson Object Class}%
803: {pilot-person}
804:
805: \subsubsection {Other Object Classes}
806: For completeness sake,
807: Tables~\ref{friendlyCountry-attributes}
808: through~\ref{organizationalRole-attributes} starting on
809: page~\pageref{friendlyCountry-attributes} list the attributes supported for
810: the standard object classes in use by the pilot.
811: \tagtable[tp]{INT-4}{Attribute Types for the friendlyCountry Object Class}%
812: {friendlyCountry-attributes}
813: \tagtable[tp]{INT-5}{Attribute Types for the organization Object Class}%
814: {organization-attributes}
815: \tagtable[tp]{INT-6}{Attribute Types for the organizationalUnit Object Class}%
816: {organizationalUnit-attributes}
817: \tagtable[tp]{INT-7}{Attribute Types for the locality Object Class}%
818: {locality-attributes}
819: \tagtable[tp]{INT-8}{Attribute Types for the alias Object Class}%
820: {alias-attributes}
821: \tagtable[tp]{INT-9}{Attribute Types for the organizationalRole Object Class}%
822: {organizationalRole-attributes}
823:
824: \subsection {Naming}
825: In the pilot project,
826: the structure of the DIT is straight-forward:
827: at the root,
828: countries and country-level DSAs reside;
829: in \verb"c=US",
830: organizations and organizational-level DSAs reside.
831: Beyond this,
832: the administrators of the \verb"c=US" DMD are not concerned with how
833: individual organizations are internally structured.
834:
835: In addition to this simple structure,
836: to aid searching in North America,
837: there is also a top-level locality,
838: \verb"l=North America",
839: which contains aliases to all organizations in the \verb"c=US" and \verb"c=CA"
840: DMDs,
841: e.g.,
842: \begin{quote}\small\begin{verbatim}
843: @l=North America@o=NYSERNet Inc.%l=US
844: \end{verbatim}\end{quote}
845: which has an \verb"aliasedObjectName" attribute value of
846: \begin{quote}\small\begin{verbatim}
847: @c=US@o=NYSERNet Inc.
848: \end{verbatim}\end{quote}
849:
850: The tasks of the country-level DSAs
851: (there are currently three for \verb"c=US")
852: are:
853: \begin{itemize}
854: \item provide authoritative information on the root and \verb"c=US"
855: for replication purposes to organizational-level DSAs;
856: and,
857:
858: \item act as a conduit for chaining to/from foreign DMDs.
859: \end{itemize}
860: The former task is to allow high replication of top-level information to speed
861: searching.
862: The latter task is to permit a means of harmonizing between different
863: end-to-end protocol combinations.
864:
865: The RDN for organizations is the full name.
866: However,
867: to aid searching,
868: other name forms are allowed as attribute values.
869: For example,
870: the entry
871: \begin{quote}\small\begin{verbatim}
872: @c=US@o=Performance Systems International
873: \end{verbatim}\end{quote}
874: might have an additional attribute value of ``PSI'' which is not used in its
875: RDN.
876: Because the Directory searches on the basis of attribute values and not RDNs,
877: a user supplying a search string of ``PSI'' will find (at least) the right
878: entry.
879:
880: \subsection {Searching}
881: The single most important aspect of the user interface is to relate the naming
882: architecture to a search algorithm.
883: The interaction model is simple.
884: The user provides the interface with:
885: \begin{enumerate}
886: \item (optionally) the kind of object being looked for;
887:
888: \item naming information about where the object resides;
889: and,
890:
891: \item (optionally) qualifying information on the object.
892: \end{enumerate}
893: Based on the kind of object being looked for,
894: the user interface constructs a ``basic'' filter:
895: \[\begin{tabular}{|r|l|}
896: \hline
897: \multicolumn{1}{|c|}{\bf What}&
898: \multicolumn{1}{|c|}{\bf Basic Filter}\\
899: \hline
900: default& \tt cn$\approx$X $\lor$ sn$\approx$X $\lor$ mail=X@*\\
901: organization& \tt o$\approx$X\\
902: unit& \tt ou$\approx$X\\
903: role& \tt cn$\approx$X\\
904: locality& \tt l$\approx$X\\
905: person& \tt sn$\approx$X $\lor$ mail=X@*\\
906: (or) person& \tt cn$\approx$X\\
907: \hline
908: \end{tabular}\]
909: where ``$\approx$'' indicates either wildcard, imprecise, or exact matching,
910: based on user-preference,
911: and ``$=$'' indicates exact matching.
912: If wildcarding is desired,
913: but the user does not explicitly specify the substrings,
914: the string ``\verb"*X*"'' is used.
915:
916: After the basic filter is constructed,
917: if the user supplied qualifying information on the object,
918: an ``info'' filter is appended to the basic filter using logical-AND.
919: \[\begin{tabular}{|r|l|}
920: \hline
921: \multicolumn{1}{|c|}{\bf What}&
922: \multicolumn{1}{|c|}{\bf Info Filter}\\
923: \hline
924: organization& \tt businessCategory=X\\
925: unit& \tt businessCategory=X\\
926: role& \tt title=X\\
927: person& \tt title=X\\
928: \hline
929: \end{tabular}\]
930: Next the depth of search must be determined:
931: \[\begin{tabular}{|r|l|}
932: \hline
933: \multicolumn{1}{|c|}{\bf What}&
934: \multicolumn{1}{|c|}{\bf Depth}\\
935: \hline
936: default& whole-subtree\\
937: organization& single-level\\
938: unit& whole-subtree\\
939: role& whole-subtree\\
940: locality& single-level\\
941: person& whole-subtree\\
942: \hline
943: \end{tabular}\]
944: Finally,
945: a search is performed with these service controls:
946: \begin{quote}\small\begin{verbatim}
947: -preferchaining
948: -dontdereferencealias
949: -notimelimit
950: -nosizelimit
951: -nosearchaliases
952: -types rfc822Mailbox telephoneNumber aliasedObjectName
953: -values
954: \end{verbatim}\end{quote}
955: The last two lines are probably somewhat cryptic.
956: They indicate that for all matched entries,
957: the DSA should return any values associated with those three attribute types.
958:
959: The task of the user interface is simple:
960: \begin{itemize}
961: \item if no matches are found,
962: it reports this to the user;
963:
964: \item if exactly one match is found,
965: then it reads this entry and displays its to the user;
966: otherwise,
967:
968: \item if more than one match is found,
969: the user interface displays each entry in a concise one-line format
970: containing either the mailbox or telephone number.
971: This aids the user in determining which entry might be the one
972: actually desired.
973: The user can then direct the interface to expand that particular entry.
974: \end{itemize}
975: If an entry is read,
976: then the service controls are:
977: \begin{quote}\small\begin{verbatim}
978: -preferchaining
979: -dontdereferencealias
980: -notimelimit
981: -nosizelimit
982: \end{verbatim}\end{quote}
983:
984: All that need be explained now is how the ``baseobject'' for the search is
985: determined.
986: Recall that the user might have supplied something called
987: \begin{quote}
988: ``naming information where the user resides''
989: \end{quote}
990: to the interface.
991: For each kind of object,
992: the user interface maintains a default area (DN) used for searching.
993: These are set by the system administrator,
994: e.g.,
995: \[\begin{tabular}{|r|l|}
996: \hline
997: \multicolumn{1}{|c|}{\bf What}&
998: \multicolumn{1}{|c|}{\bf Base}\\
999: \hline
1000: default& \tt @c=US@o=NYSERNet Inc.\\
1001: organization& \tt @l=North America\\
1002: unit& \tt @c=US@o=NYSERNet Inc.\\
1003: role& \tt @c=US@o=NYSERNet Inc.\\
1004: locality& \tt @c=US\\
1005: person& \tt @c=US@o=NYSERNet Inc.\\
1006: \hline
1007: \end{tabular}\]
1008: in order to provide sensible searching.
1009: The user may override this by supplying additional naming information.
1010:
1011: So,
1012: the user interface decides if the additional information was for an
1013: organization, organizational unit, or locality,
1014: constructs a basic filter, and performs a search.
1015: \begin{itemize}
1016: \item if no matches are found,
1017: it reports this to the user;
1018:
1019: \item if exactly one match is found,
1020: then it uses that DN as the baseobject for the search;
1021: otherwise,
1022:
1023: \item if more than one match is found,
1024: the user interface displays each entry in a concise one-line format
1025: containing either the mailbox or telephone number.
1026: This aids the user in determining which entry might be the one
1027: actually desired.
1028: The user can then direct the interface to continue searching in the
1029: appropriate areas.
1030: \end{itemize}
1031: Note that prior to using one of these area entries as a baseobject,
1032: the user interface sees if the search returned an \verb"aliasedObjectName"
1033: attribute for the area.
1034: If so,
1035: then the value of this attribute is used for the baseobject.
1036: This is used,
1037: for example,
1038: when the areas being searched are under \verb"l=North America".
1039:
1040: \subsection {Browsing}
1041: To browse the White Pages,
1042: a listing capability is needed.
1043: Rather than use the Directory list operation,
1044: it is usually more direct to perform a single-level search looking for any
1045: entry which has
1046: \begin{quote}\small\tt
1047: objectClass$\neq$dSA
1048: \end{quote}
1049:
1050: \subsection {Searching Revisited}
1051: Actually,
1052: there are a couple of additional searching capabilities provided by the White
1053: Pages.
1054:
1055: Although its use is discouraged
1056: interfaces should be able to accept a DN as typed by a user for either naming
1057: or area information.
1058:
1059: If the naming information given by the user appears to be an Internet-style
1060: mailbox,
1061: then an entirely different search algorithm is used.
1062: Suppose the user enters ``\verb"X"'' in the form:
1063: \begin{quote}\small\begin{verbatim}
1064: local@domain
1065: \end{verbatim}\end{quote}
1066: and either there is wildcarding present in \verb"domain",
1067: or the user specifies area information.
1068: In this case,
1069: a search filter is constructed,
1070: one of
1071: \begin{quote}\small\begin{verbatim}
1072: rfc822Mailbox=*@domain
1073: \end{verbatim}\end{quote}
1074: if no \verb"local" portion was given in ``\verb"X"'';
1075: \begin{quote}\small\begin{verbatim}
1076: rfc822Mailbox=local@*
1077: \end{verbatim}\end{quote}
1078: if no \verb"domain" portion was given in ``\verb"X"'';
1079: or,
1080: \begin{quote}\small\tt
1081: rfc822Mailbox=X $\lor$ otherMailbox="internet \$ X"
1082: \end{quote}
1083: otherwise,
1084: and a whole-subtree search is done.
1085:
1086: Otherwise,
1087: the user does not specify area information and there is no wildcarding present
1088: in \verb"domain",
1089: the user interface performs an special search to identify those areas likely
1090: to contain the mailbox.
1091: For each DN in the list of areas,
1092: the interface uses that DN as a base object for a whole-subtree search using
1093: the filter:
1094: \begin{quote}\small\tt
1095: rfc822Mailbox=X $\lor$ otherMailbox="internet \$ X"
1096: \end{quote}
1097: So,
1098: how is this list of areas generated?
1099: The user-interface repeatedly performs single-level searches looking for
1100: entries which have an \verb"associatedDomain" value equal to the domain in
1101: question.
1102: If a match is not found,
1103: then a sub-domain is stripped off,
1104: and the search is tried again.
1105: If one or matches are found,
1106: the routine recurses and searching begins anew.
1107: In this fashion,
1108: the routine finds the deepest entries in the DIT associated information about
1109: a (sub-)domain of the DNS.
1110:
1111:
\newpage
1112: \section {Acknowledgements}
1113: The NYSERNet/PSI White Pages Pilot Project builds on the work of many others:
1114: \begin{itemize}
1115: \item At the core,
1116: the ISODE provides the programmatic infrastructure for OSI
1117: applications.
1118: So many people have contributed to the ISODE that it is presumptuous
1119: to attempt to list them.
1120:
1121: \item The QUIPU directory from University College London,
1122: designed by Stephen E.~Kille and programmed primarily by
1123: Colin J.~Robbins, form the heart of the pilot's functionality.
1124:
1125: \item Although NYSERNet and PSI have devoted considerable resources to the
1126: hardening of QUIPU,
1127: it should be noted that UCL has been responsible for the vast majority
1128: of improvements and fixes.
1129:
1130: \item The white pages abstraction was designed primarily at NYSERNet with
1131: the help of several experts: Kille, Robbins, and Einar Stefferud.
1132:
1133: \item Geoffrey S.~Goodfellow was kind enough to be the alpha tester for the
1134: white pages abstraction.
1135:
1136: \item The white pages administrators have been patient as the software
1137: twitches.
1138:
1139: \item Finally,
1140: it should be noted that none of this would be possible if it
1141: weren't for the excellent end-to-end services provided by the Internet
1142: suite of protocols (namely the TCP and the IP).
1143: \end{itemize}
1144:
1145:
\newpage
1146: \section* {Appendix: Differences from NIST OIW Agreements}
1147: Although QUIPU attempts to be faithful to various Directory implementation
1148: profiles,
1149: it is not entirely successful.
1150: QUIPU is believed to be aligned with with the NIST OIW Agreements on the
1151: Directory,
1152: with these exceptions:
1153: \begin{itemize}
1154: \item QUIPU doesn't enforce the bounds constraints on attributes, filters or
1155: APDU size.
1156:
1157: \item QUIPU does not reject T.61 string formatting characters.
1158:
1159: \item QUIPU does not check to if the value of the \verb"countryName"
1160: attribute is defined in ISO3166.
1161:
1162: \item If a DN is supplied with no password in an unprotected simple bind,
1163: then QUIPU does not check to see if the DN exists.
1164:
1165: \item When comparing attribute of UTCtime syntax,
1166: if the seconds field is omitted,
1167: then QUIPU does not perform the match correctly.
1168: (i.e.,
1169: the seconds field in the attribute values should be ignored, but are not).
1170:
1171: \item QUIPU always supplies the optional Chaining argument \verb"originator"
1172: even if the CommonArgument \verb"requestor" is used.
1173:
1174: \item QUIPU always supplies the optional Chaining argument \verb"target"
1175: even if the base object in the DAP arguments is the same.
1176: \end{itemize}
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.