分享
 
 
 

RFC1684 - Introduction to White Pages Services based on X.500

王朝other·作者佚名  2008-05-31
窄屏简体版  字體: |||超大  

Network Working Group P. Jurg

Request for Comments: 1684 SURFnet bv

Category: Informational August 1994

IntrodUCtion to White Pages Services based on X.500

Status of this Memo

This memo provides information for the Internet community. This memo

does not specify an Internet standard of any kind. Distribution of

this memo is unlimited.

Abstract

This document aims at organisations who are using local and global

electronic communication on a day to day basis and for whom using an

electronic White Pages Service is therefore indispensable.

The document provides an introduction to the international ITU-T

(formerly CCITT) X.500 and ISO 9594 standard, which is particularly

suited for providing an integrated local and global electronic White

Pages Service.

In addition a short overview of the eXPerience gained from the

Paradise X.500 pilot is given. References to more detailed

information are included.

The document should be useful for managers of the above mentioned

organisations who need to get the necessary executive commitment for

making the address information of their organisation available by

means of X.500.

Table Of Contents

1. Introduction ................................................ 2

2. Concept of X.500 ............................................ 3

2.1 Directory Model ......................................... 3

2.2 Information Model ....................................... 4

3. Benefits of X.500 .......................................... 5

4. Organisational ASPects of X.500(experience from Paradise) .. 6

5. Applications of X.500 ...................................... 8

6. References ................................................. 9

7. Security Considerations .................................... 10

8. Author's Address ........................................... 10

1. Introduction

Due to the tremendous growth and development of international

computer networks we have nowadays the possibility to overcome -

without having to travel - geographical distances when working

together with other people. Besides the possibility of using the

telephone we may use electronic data exchange to discuss working

documents, new ideas, plans or whatsoever. One of the most popular

means for this is electronic mail, which can be used to exchange

all kinds of electronic data: from informal pure text messages to

formatted and multi-media documents.

As the number of people connected to computer networks grows (and

it does continuously, it is at least doubling each year!), it

becomes more difficult to track down people's electronic (mail)

addresses. Hence, in order to make global communication over

computer networks work, a global White Pages service is

indispensable. Such a service should of course provide people's

electronic mail addresses, but could also easily contain telephone

and fax numbers and postal addresses.

Currently, one technical solution for a globally distributed

White Pages service is X.500 and there exists an international

infrastructure based on X.500 technology called 'Paradise'

(Piloting An inteRnationAl DIrectory SErvice), which contains about

1.5 million entries belonging to persons and 3,000 belonging to

organisations. Worldwide 35 countries are involved. Paradise is

also a project of the EC. The project continues until September

1994. Afterwards its operational tasks will be taken over by a

European service provider for the R&D community (DANTE).

The goal of Paradise and related national initiatives is to

stimulate and extend the use of the X.500 White Pages service.

Within the pilot attention is paid to technical and organisational

aspects. The Paradise infrastructure is mainly based on the

Internet Protocol. The specific issues that are related to the use

of the Internet Protocol for X.500 can be found in [5].

In the decision process of joining the international X.500

infrastructure and opening (part) of the local (address)

information to the outside world, it is important that an

organisation fully understands the technical and organisational

issues that are involved.

This document tries to be of help in this matter first by

explaining the main concepts of X.500 (section 2) and subsequently

by pointing out its benefits (section 3), the organisational

aspects that are involved (section 4), and for which other

applications the X.500 infrastructure may be used in the near

future (section 5).

2. Concept of X.500

The X.500 standard describes a so-called 'Directory Service', which

can be used for all types of electronic directories. This document

focusses on the use of X.500 for a global White Pages Directory.

The concept of X.500 may roughly be divided in the 'Directory

model' and the 'Information model'.

2.1 Directory model

X.500 uses a distributed approach to achieve the goal of a global

Directory Service. The idea is that local (communication oriented)

information of an organisation is maintained locally in one or more

so called Directory System Agents (DSA's). 'Locally' is a flexible

expression here: it is possible that one DSA keeps information of

more than one organisation. A DSA essentially is a database:

- in which the information is stored according to the X.500

standard (see section 2.2),

- that has the ability, where necessary, to exchange data

with other DSA's.

Through the communication among each other the DSA's form the

Directory Information Tree (DIT). The DIT is a virtual hierarchical

datastructure consisting of a 'root', below which 'countries' are

defined. Below the countries (usually) 'organisations' are defined,

and below an organisation 'persons', or first additional

'organisational units', are defined (see the simplified illustration

below where only three countries and no organisational units are

presented). The DIT is a representation of the global Directory.

root o

/ / / countries uk de fr

/ /\ / / \ organisations a b c d e f

persons .. .. ... .... ...

Each DSA holds a part of the global Directory and is able to find

out, through the hierarchical DIT structure, which DSA holds which

parts of the Directory.

The standard does not describe how to distribute different part of

the Directory among DSA's. However, the information corresponding to

a single node of the DIT (i.e., a country, organisation, person)

cannot be distributed over several DSA's. In practice a large

organisation will maintain one or more DSA's that hold its part of

the Directory. Smaller organisations may share a DSA with other

organisations.The distribution among the DSA's is totally transparent

to the users of the Directory.

A user of the Directory can be a person or a computer. A user

Accesses the Directory through a so-called Directory User Agent

(DUA). The DUA automatically contacts a nearby DSA by means of which

the user may search or browse through the DIT and retrieve

corresponding information. A DUA can be implemented in all sorts of

user interfaces. Therefore users may access the Directory through

dedicated DUA interfaces or for example e-mail applications.

Currently most DUA nterfaces to be used by persons are dedicated, but

it is expected that in the near future a lot of DUA interfaces will

be integrated with other applications.

2.2 Information Model

Besides the Directory model, the X.500 standard also defines the

information model used in the Directory Service.

All information in the Directory is stored in 'entries', each of

which belongs to at least one so-called 'object class'. In the White

Pages application of X.500, on which we focus here, object classes

are defined such as 'country', 'organisation', 'organisational unit'

and 'person'.

The actual information in an entry is determined by so-called

'attributes' which are contained in that entry. The object classes to

which an entry belongs define what types of attributes an entry may

use and hence what information is specific for entries belonging to

that object class. The object class 'person' for example allows

attribute types like 'common name', 'telephone number', and 'e-mail

address' to be used and the object class 'organisation' allows for

attribute types like 'organisation name' and 'business category'.

Dependent on its type an attribute can take one or more values.

To specify the name of an entry in the DIT, at least one attribute

value of the entry is used. The entry of a person is usually named

after the value of the attribute type 'common name'. The name of an

entry must be unique on the same level in the suBTree of the DIT to

which the entry belongs.

An example of an entry belonging to the object class 'person' is:

Attribute type Attribute value

-------------- --------------

Object Class: top

person

Common Name: Thomas Lenggenhager

T. Lenggenhager

Surname: Lenggenhager

Postal Address: SWITCH

Limmatquai 138

CH-8001 Zuerich

Telephone Number: +41 1 268 1540

Facsimile Telephone Number: +41 1 268 1568

Mail: lenggenhager@switch.ch

This entry corresponds to the node in the DIT that occurs below the

node of the organisation 'SWITCH' and is named after the first value

of the attribute type 'common name': 'Thomas Lenggenhager'.

3. Benefits of X.500

Why should one use X.500 for a local White Pages service? Here are

some good arguments:

- The distributed character of the service. A large

organisation may distribute the responsibility for the

management of the information it presents through X.500 by

distributing this information over several DSA's (without

losing the overall structure)

- The flexibility of the service. Besides for public purposes,

X.500 may also be used for specific private Directory Service

applications. Whereas the definitions of the DIT, object

classes and attribute types of the public White Pages

information within an organisation have to conform to those

of the rest of world, the internal applications may use their

own DIT structure and their own definitions of object classes

and attributes (the values being only visible within (a part)

of the organisation). Nevertheless one local infrastructure

can be used for both the public and private computers.

- Good alternative for paper Directories. The provision of

White Pages services based on X.500 may be a good alternative

for paper directories, because the latter directories are

rarely up-to-date (due to the printing costs) and because

X.500 not only can be used by humans but also by

applications.

Some important arguments in favour of X.500 for global use are:

- By its distributed nature X.500 is particularly suited for a

large global White Pages directory. Maintenance can take

place in a distributed way.

- Good searching capabilities. X.500 offers the possibility to

do searches in any level or in any subtree of the DIT. In

order to do a search an attribute type together with a value

have to be specified. Then the Directory searches for all

entries that contain an attribute of that type with the given

value. For example one can search for all persons in an

organisation having a particular common name, or all

organisations within a country that have telecommunications

as their business category. It is up to the organisations

that maintain the DSA's to decide who may perform which

searches and also how many levels deep a search may be.

Searches can be done on the basis of an exact or approximate

match. It is worthwile to note that distributed searches

(that need connections to a lot of DSA's) may be expensive

and are generally not encouraged.

- There are DUA interfaces for the White Pages service

availablefor all types of workstations (DOS, Macintosh OS,

Unix). For an overview of X.500 available software see

RFC1292 [2] or updates of this document.

- X.500 is an international standard. Using a standard

obviously means less problems with interoperability and

interworking.Also the standard is updated according to

practical experience.

4. Organisational aspects of X.500 (experience from Paradise)

The organisational aspects involved in operating a local X.500 (or

any other electronic) Directory can roughly be divided in three

sub-aspects:datamanagement, legal issues and cost aspects. With

respect to cost aspects there is no publicly known model or

experience at the moment.

Therefore the focus in this document is on datamanagement and legal

issues.

Data management refers to issues that are related to inserting

appropriate information into the Directory and keeping it up to date.

From the experience of participants in Paradise we obtain that the

following items are of first importance:

- Executive commitment. Without this it is almost impossible to

create an organisation wide up-to-date electronic Directory.

- Structure of the local DIT. In joining the international

infrastructure an organisation has to conform to some rules

for the local DIT structure as presented to the global X.500

infrastructure. A recommendation on how to structure a local

DIT and how to use the available attributes can be found in

[7]. The most important recommendation in the latter document

is to keep the local part of the DIT as simple (flat) as

possible. The reason is that users from outside the

organisation may otherwise have difficulties in finding

entries of persons within the organisation (searches in the

DIT are often only allowed one level deep).

- Attributes to be used. For the existing infrastructure the

objects and associated attributes that are globally used, are

documented in [1].

- Sources of the data. An organisation has to find out where to

get what kind of data and develop procedures for uploading

its DSA('s).

- Delegating responsibilities for updates. Procedures have to

bedeveloped for updates of the local Directory. These

procedures have to include delegation of responsibilities.

- Security procedures. Rules have to be set for access and

security. Who may contact the DSA? Who will have access to

which subtrees and what attributes?

A study of the legal consequences of presenting (address) information

via X.500 lead to the main conclusion that in Europe an organisation

has to formally register its data collections. Registration implies

defining a goal for the application. This has to be done for the

White Pages service as well as for any deviating local application of

X.500. However, the different national laws may differ with respect

to legal restrictions. For more information on this subject we refer

to "Building a Directory Service, Final Report test phase SURFnet

X.500 pilot project", E. Huizer, SURFnet B.V., Utrecht NL, 1994.

(copies available from SURFnet B.V.)

Among the Paradise members there are several pilots running at the

moment with the goal to evaluate the organisational aspects. Case

studies coming from these pilots will be documented.

Small or medium size organisations that have not too many entries to

insert in the Directory may use one of the different national

initiatives concerning a 'central DSA'. These central DSA's are

operated by national service providers and contain the White Pages

information of a lot of small and medium size organisations. For

organisations in countries without such a national service there is

also a European central DSA (Paradise) and an American central DSA

(InterNIC). It is worth noting that the central DSA services are only

technical services, i.e., a participating organisation still has to

cover the organisational issues. However, part of a central DSA

service may be consultancy with respect to datamanagement and legal

issues.

5. Applications of X.500

Besides for White Pages, X.500 can be useful for all kinds of

distributed information storage from which humans or machines can

benefit. Examples that are likely to use X.500 in the near future

are: distribution list mechanism, public key distribution for Privacy

Enhanced Mail (PEM), routing of X.400 messages, distribution of EDI

identifiers, etc. For more information we refer to [7]. Below the

first three applications are briefly discussed.

The distribution list mechanism uses X.500 for finding the e-mail

addresses of the persons that have subscribed to a list. The

distributed approach of X.500 makes it possible that people change

their e-mail address without having to change their subscription to

distribution lists.

PEM (see a.o. [8] or [4]) uses a public key mechanism for exchanging

secure e-mail messages. For example: one will be able to end a secure

message by encrypting a message with the publicly known (public) key

of the recipient. Only the recipient of the message can decipher the

message using his/her private key. In order to make such a mechanism

work one must have access to the public keys of all possible

recipients. X.500 can be used for this purpose.

At this moment a world-wide pilot is running in which X.400 routing

is done by means of X.500. X.400 MTA's use special DUA's to find via

the Directory the MTA's to which the recipients of a message want

their mail to be delivered. The distributed approach of X.500 will

mean much less routing management (currently tables are used that

have to be updated/exchanged periodically).

6. References

[1] Barker, P., and S. Kille,"The COSINE and Internet X.500 Schema",

RFC1274, University College London, November 1991.

[2] Getchell, A., and S. Sataluri, Editors, "A Revised Catalog of

Available X.500 Implementations", FYI 11, RFC1632, Lawrence

Livermore National Laboratory, AT&T Bell Laboratories, May 1994.

[3] Weider, C., and J. Reynolds, "Executive Introduction to Directory

Services using the X.500 Protocol", FYI 13, RFC1308, ANS,

USC/Information Sciences Institute, March 1992.

[4] Linn, J., "Privacy Enhancement for Internet Electronic Mail:Part

I: Message Encryption and Authentication Procedures", RFC1421,

IAB IRTF PSRG, IETF PEM WGs, Feblruary 1993.

[5] Hardcastle-Kille, S., Huizer, E., Cerf, V., Hobby, R., and S.

Kent, "A Strategic Plan for Deploying an Internet X.500 Directory

Service", RFC1430, ISODE Consortium, SURFnet bv, Corporation for

National Research Initiatives, University of California, Davis,

Bolt, Beranek and Newman, February 1993.

[6] Yeong, W., Howes, T., and S. Kille, "Lightweight Directory Access

Protocol", RFC1487, Performance Systems International,

University of Michigan, ISODE Consortium, July 1993.

[7] Weider, C., and R. Wright, R., "A Survey of Advanced Usages of

X.500", FYI 21, RFC1491, Merit Network, Inc, Lawrence Berkeley

Laboratory, July 1993.

[8] "Privacy Enhanced Mail in more detail", Zegwaart, E., Computer

Networks for Research in Europe Vol. 2, pp. 63-71.

[9] Barker, P., Kille, S., and T. Lenggenhager, T., "Naming and

Structuring Guidelines for X.500 Directory Pilots", RTR 11/RFC

1617, University College London, ISODE Consortium, SWITCH, May

1994. For a good technical introduction to X.500 we also

recommend:

[10] Rose, M., "The Little Black Book", PSI Inc., Prentice Hall Inc.,

New Jersey, 1992.

[11] Steedman, D., "The Directory standard and its application",

Technology Appraisals, Twickenham (U.K.), 1993.

7. Security Considerations

Security issues are not explicitly discussed in this memo.

8. Author's Address

Peter Jurg

SURFnet bv

Postbus 19035

NL-3501 DA Utrecht

The Netherlands

Phone: +31 30 310290

Fax: +31 20 340903

RFC822: Peter.Jurg@surfnet.nl

X.400: C=nl; ADMD=400net; PRMD=surf; O=surfnet; S=jurg

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
2023年上半年GDP全球前十五强
 百态   2023-10-24
美众议院议长启动对拜登的弹劾调查
 百态   2023-09-13
上海、济南、武汉等多地出现不明坠落物
 探索   2023-09-06
印度或要将国名改为“巴拉特”
 百态   2023-09-06
男子为女友送行,买票不登机被捕
 百态   2023-08-20
手机地震预警功能怎么开?
 干货   2023-08-06
女子4年卖2套房花700多万做美容:不但没变美脸,面部还出现变形
 百态   2023-08-04
住户一楼被水淹 还冲来8头猪
 百态   2023-07-31
女子体内爬出大量瓜子状活虫
 百态   2023-07-25
地球连续35年收到神秘规律性信号,网友:不要回答!
 探索   2023-07-21
全球镓价格本周大涨27%
 探索   2023-07-09
钱都流向了那些不缺钱的人,苦都留给了能吃苦的人
 探索   2023-07-02
倩女手游刀客魅者强控制(强混乱强眩晕强睡眠)和对应控制抗性的关系
 百态   2020-08-20
美国5月9日最新疫情:美国确诊人数突破131万
 百态   2020-05-09
荷兰政府宣布将集体辞职
 干货   2020-04-30
倩女幽魂手游师徒任务情义春秋猜成语答案逍遥观:鹏程万里
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案神机营:射石饮羽
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案昆仑山:拔刀相助
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案天工阁:鬼斧神工
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案丝路古道:单枪匹马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:与虎谋皮
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:李代桃僵
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:指鹿为马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:小鸟依人
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:千金买邻
 干货   2019-11-12
 
推荐阅读
 
 
 
>>返回首頁<<
 
靜靜地坐在廢墟上,四周的荒凉一望無際,忽然覺得,淒涼也很美
© 2005- 王朝網路 版權所有