CURRENT_MEETING_REPORT_
Reported by Ed Reed/Xerox
Minutes of the OSI Directory Services Working Group (OSIDS)
The Working Group began with introductions and was followed by a review
of the Agenda and the Minutes of the November 1992 meeting. The Minutes
were accepted without comment. The session continued with the Liaison
Reports.
1. WG-NAP (Erik Huizer)
There are three task forces working:
o Work that Panos-Gavriil Tsigaridas is doing.
o Data Management - how to get data into the directory, and keep
it up to date and accurate.
o Legal and Privacy issues - going to publish first results as an
analysis of Dutch and other regulations recently published.
2. NADF (Tim Howes)
Decided to open to users, but as non-voting members. Piloting
continues.
3. DISI (Tim Howes)
Reformed under the Integrated Directory Services Working Group,
with the addition of Whois++, want to address general directory
issues.
4. AARNet (Mark Prior)
One of the divisions of Telecom have joined the pilot. Currently
doing a Whois++ startup. Trying to get a new binary distribution
of ISODE 8.0 ready.
5. Paradise
The First project ended with 1992. Next Project (transition) will
run sixteen months. Now also has Inrea as a partner. Using Quipu
and Pizzaro implementations. DE now will perform very broad
(c=??/cn=name) searches. China, Slovenia (means ISODE 8.0
required), Croatia, Slovakia have joined. A question was raised
about the issue of intellectual property rights associated with DE
and other Paradise tools.
6. NREN-NIS (Sri Sataluri/Mark Kosters)
Internic will begin providing services April 1. - Internic
1
�
personal listings will be available. Will provide DE access, and
other X.500 services and WAIS. Plan to make WAIS info avail via
X.500, too, but not immediately. Plan to make registration data
available via X.500.
7. DOD
Defense messaging system will take over the old switches including
Autodin. Will be X.400 based, and are building an X.500 directory
support.
8. Integrated Services Panel (US/GSA)
There's a newsletter describing efforts available. Directory
services now are flat file, with X.500 direction.
Progression of Standards (Erik Huizer)
o Published the Strategy Document.
There was a long discussion which had been prompted by John Curran
but he was unable to be here to discuss.
o LDAP
It was not clear whether the Document was published, but it had
left the IESG. There may be a block of some sort - Tim Howes took
an action to see if it's being held up in the IAB.
No other documents are pending immediate progression. DSA Metrics will
be discussed later.
Experiment Progress
DIT Counting
Character Set
JPEG
Concluded at previous meeting, other than for publication of
new approach in updated RFC1274
QOS
DE QOS: - Paul Barker
Feature Added to latest DE
Those familiar with Directory Knowledge
* Which org's data likely to be available
* Likely to be returned tolerably quickly
* attempts to provide naive user with some info
Doesn't follow OSI-DS 15
* coverage - 1 out of 62 GB orgs have QOS attributes
2
�
* Data vs DSA - emphasis should be on data avail,
rather than DSA avail
* Response time - no attempt made in OSI-DS 15 to indicate
likely response time
* Credibility - values self-assigned.
Approach used
DE uses simple database of information availability and
response times
- "result" of each query added to QOS database
((query times > threshhold time) &&
info for that query is database))
users told how long query usually takes
or
user told if query unlikely to succeed on basis
of recent failures
Shortcomings of current approach
Database built only from 'simple' query mod
power searching provides much more information
No account taken of when a query is made (time of day)
More hysteresis is needed
Abandons are not recorded
no timestamping of information
Database trimming tools are needed
Database is too simple at the moment.
The Group has not concluded that the draft OSI-DS 15 should be
abandoned, if more of the values specified there are in fact
implemented. The question is whether DSA and DUA implementors will
build OSI-DS 15 approaches, or not.
There is some overlap between this experiment and the MADMAN efforts.
Gavriil Tsigaridas reported some of their efforts have raised an issue
with DS-15's use, or lack of, object type data in the QOS database. One
approach is to just record information about times to find people.
Information is probably only of interest at the local level - views are
too different from other places via other access mechanisms.
There is some value to share the implementation approach taken, but this
is an experiment, still.
Seems like we've gone far enough on DS-15, and we should look in some
other direction. DS-15 is complementary, but should be extended with
interface native information which doesn't belong in the directory.
Paul will see if he can make what he's done available for others to
implement.
A poll of the Group indicated continued interest in developing OSI-DS
15, but no there were no volunteers to be the editor.
3
�
Schema Working Group
A previous meeting chartered a small subgroup to look at this. That
Group never got together. There have been other issues (JPEG, etc.,)
which have come up needing help, too, but still no volunteers to edit.
Panos Gavriil Tsigaridas' Document
Panos asked people to please read his document. Applications need the
ability to use a common repository for information about management
information, there would be a valuable synergy.
Charter Review
Steve and Erik each published Draft Charters. Steve doesn't think it
makes sense to put things into the Charter which need to be done, if
there's not support from the Working Group members to do them. He
proposes four:
1. Liaisons
2. Schema Coordination
3. DSA/DUA Metrics
4. IP address representation
Erik points out we need to be stricter in our procedures and resources
as the IETF grows - specifically with regard to Charter and time
schedules. Only if there are concrete objectives and times will the
Charter be renewed. Erik's list includes:
1. Non-white pages use of the directory
2. Test strategies
3. Schema management
4. Guidelines for technical implementation, migration to 1993, and
database coupling.
Paradise has an objective including interoperation of directory
services. Interoperation is more properly a target of pilot projects,
with which the Group wants to liaison, but that should not be part of
this Group's Charter.
Perhaps if the Group defined where the holes in the standard exist which
preclude interoperability, and publishes RFCs to fill the holes, then at
least there would be a unified face to the implementors. For instance,
Siemans has delivered an RFC based product, which goes beyond the OSI
Standard, when pressed by pilot managers.
To some extent, this seems to be a necessary activity, in spite of the
continuing claims by vendors that the extensions are non-standard, and
4
�
will be obsoleted by the next standard.
(Erik) - IDS will focus on general problems relating to directory
services, while OSIDS will focus on X.500 specific issues.
Metrics
Roland - Has been testing the Siemens DSA. Has also had to look at
interoperability testing. There are holes in the standards - schema
handling, access control, etc. There appears to be holes in the
metrics, too - they report good results, when you know there are
problems.
Paradise - Paul Barker
Discussed new data management tools in more detail - which will be
available shortly. Archie-like service based on X.500...begins with a
leap of faith that it makes sense to record information about documents
in the directory. The presentation provided an overview of the approach
to be taken.
The sense of the Group was that the it should take the project being
done as a work item. Paul will edit the papers he's done towards an
RFC.
Representing WHOIS data in the X.500 Directory (Sri Sataluri)
The objective is to provide access to information about network entities
and to define a schema for representing that data. A concern was
expressed that that approach may simply be replicating a centralized
database, and not really distributing it - but there was disagreement
with that concern.
Charting Networks in the Directory (OSI-DS 37-39) - Glenn Mansfield and
Thomas Johannsen
The presentation included background, problem discussion and a
description of a proposed solution. The objective is to provide a
distributed map of the network.
Not only topology, but the policies, costs, services, properties,
administration and management attributes, and contacts. Many kinds of
applications can use the information, but network management is the main
thrust of the effort.
CONMAN Project is addressing configuration management. SOFTPAGES
Project is addressing cost computation, using the configuration
5
�
information from CONMAN, etc. In addition, file server contents is
indexed in the directory.
The consensus of the Group was that the it should be dealing with the
problems described here. A subgroup of volunteers agreed to meet over
dinner and plan work (Paul Barker, Tim Howes, Thomas Johannsen, Mark
Knopper (silent volunteer) (missed dinner), Mark Kosters, Ruth Lang,
Sylvain Langlois, Bruce Mackey, Glen Mansfield, Ed Reed, Sheri Repucci,
Sri Sataluri, Mark Smith and Scott Williamson
This group identified a list of documents to be published, and accepted
volunteers to edit the them.
o Roadmap (Steve H-K)
o IP Addressing Schema (Glenn, Thomas, Mark Ko, Sri)
o Network Objects Schema (Thomas, Sri, Ed, Mark Ko.)
o RFC1279 Revision (Mark Ko.)
o Naming Layout (Sri)
o Transition Plan for Existing Services and Deployment (Scott, Glenn)
o Business Process Model (Operations Guidelines) - Glenn
o Security and Privacy (Tim)
o OSI Addressing (to be determined)
o XNS Addressing (Ed)
Abstract: Charting Networks in the Directory. Work in progress at AIC,
WIDE, Tohoku University.
There is a dearth of information about the network
- Interconnections, policy of transit n/w's, contact persons, ..
The present status of the n/w info is piecemeal and diverse
- geographical separations [ the various NICS, ...]
- specific Usage oriented [ DNS, whois, .... ]
A Unified view is proposed- something like a global annotated n/w map
showing interconnections and their properties and policies
the functions/services of the elements
admin/mgmt related info
form the base of Directory Services
name , address , manager, policy, route, ...
The Map may be used for
Conf mgmt : see n/w configuration, designing/administration/planning
Route mgmt: checking optimality of paths, support route servers, ...
Fault mgmt: alternate paths, ..
Service mgmt: information on servers/services, Managers, users,
6
�
By definition the Map is Huge, quasi-static, geographically distributed and
requires distributed control & maintenance
X.500 based distributed directory provides the base for such a map
Points Addressed in the Proposal:
-Scalability, distribution of control & maintenance, preservation of
admin/political boundaries < X.500 based model
-Simple representation < should be close to the real world
-Minimize data duplication < images like organizationRole to be used
-Use existing services/info [ DNS, NIC ] for bootstrapping
-Address evolving technologies/problems [ supernetting, ..]
The network Map:
- comprises of networks, nodes, interfaces
Images:
- allow several functional images of the same physical n/w
OSI/IP/SNA descriptions of the same n/w is possible
The Applications that are coming up:
- ConMan Project
- Configuration info supplements other mgmt info
- Displays map, finds manager who should be contacted
- Suggests bypasses in case of problems
- SoftPages Project
- Target is to optimize document retrieval
- The "Map" gives the cost [function of speed, tariff, ...]
from the user to the ftp servers
- The "Map" also contains info about the servers and contents
- The "cheapest" server from the user is found
- NIC info server
- provides a single-window whois-type service
Status:
- Pilots have been implemented [ Thomas will present ]
- experimentation has been carried out [ Thomas will present ]
Plan of Action
- develop strategies/tools for populating the Directory
- take the pilot to wider [ national -> international] arena
link NICs, Maps
- develop nice UAs, applications
Time Frame
- Next IETF:
More Results, population, coverage, usage.
Bootstrapping strategies.
7
�
Notes to talk of Thomas Johannsen:
Implementation of OSI-DS 37-39 in national pilot done.
Aim: representing
- networks
- IP numbers
- ftp archives
Interaction of following information supported by references
and tree structure:
- white spaces namespace
- network descriptions
- IP number namespace
- DNS namespace
1) Networks in the Directory:
Populating
=> in general no config database available
=> upload existing data from WHOIS, BITNET.NODES, DNS...
=> gathering data "by hand" from network admins, ...
==> Technical and administrative support needed.
NIC support
experimental upload of parts of JNIC-WHOIS database into
X.500 done.
Autoconvert for part of JNICs database (IP numbers 133.*.0.0) produces:
X.500 object number
organization 194
organizationalUnit 247
pilotPerson 429
IPnetwork 228
IPgroup 228
=> uploading WHOIS to X.500 helps populating white pages
space, too!
Problems of autoconvert:
- non-unique use of org-names
- addition of organizational entries over DSA boundaries difficult
- X.500 access rights
X.500 based whois responder as user agent provides access to
white pages and non-white pages information. Send mail to
x500-query@aic-wide.aic.co.jp with subject 'help'.
8
�
2) Pilot Directory configuration (for OSI-DS-38/39)
3 DSAs form isolated pilot world for experiments
number of objects in pilot DSAs:
object Sazae Saki Guppy total
organization 8 3 193 204
org.-Unit 19 11 244 274
pilotPerson 34 7 416 457
network 13 0 0 13
ipNw'Image 41 8 202 251
node 71 0 0 71
ipNd'Image 80 5 2 87
port 49 0 0 49
ipPortImage 83 8 3 94
del.Block 0 0 24 24
ipGroup 0 0 244 244
ipReference 0 0 65 65
fileServer 8 4 3 15
file 12287 2839 7895 23021
total 12693 2885 9291 24869
3) Soft Pages Project (OSI-DS-39)
aim: reduce unnecessary ftp traffic
- provide help for efficient and network optimized file retrieval
- use of network connection properties
- representation of contents of fileservers in the Directory
Maintaining SoftPages:
- initial loading of all filenames into the Directory (once
only)
- daily addition and deleteion of new or outdated files
(number of files depends on size and activity of fileserver)
- final deletion of all filenames from Directory when fileserver goes
out of operation (once only)
=> can be done by crontab job which reads ls-lR, builds diff
to previous entry and has DUA functionality (add/del in DIB)
estimated size of ftp servers to track: typically 3000 -
10000 files; with several tens to hundreds changes per day.
Bulk loading tests performed on pilot DSAs.
Summary: addition of 10000 file objects takes approx. 30 minutes
daily updates takes about 1 minute
Using SPP
Searching filenames as
- full match,
- leading substring match,
9
�
- non-leading substring match.
Result of tests: searching one object takes about 1 second
for amount of up to 10000 objects in one ftp-mirror.
Investigating impact of SPP
cost = f (speed, traffic, charge, priority)
cost calculation in experiment done by using ftpd-logs and
simplified backbone network map of Japan Internet.
- randomly chosen logs of 5 ftp sites
- scanned about 35000 anonymous get operations
- checked for filename, size, date against 45 ftp sites
- IF file was found in ls-lR of a cheaper ftp site THEN
non-optimal retrieval.
results expressed as non-optimality ratios:
no. of files 32 %
bytes 38 %
total cost 50 %
4) Summary
Non-white pages X.500 usage by several applications,
e.g. NIC control, ConMan project, SoftPages project.
Attendees
Claudio Allocchio Claudio.Allocchio@elettra.trieste.it
Jules Aronson aronson@nlm.nih.gov
Paul Barker p.barker@cs.ucl.ac.uk
Russell Blaesing rrb@one.com
John Boatright bryan_boatright@ksc.nasa.gov
George Chang gkc@ctt.bellcore.com
Wayne Clark wclark@cisco.com
Robert Cooney cooney@wnyose.nctsw.navy.mil
Simon Coppins coppins@arch.adelaide.edu.au
Thomas DeWitt tdewitt@osi.ncsl.nist.gov
Marcello Frutig frutig@rnp.impa.br
Roland Hedberg Roland.Hedberg@rc.tudelft.nl
Marco Hernandez marco@mh-slip.cren.edu
Gerd Holzhauer holzhauer1@applelink.apple.com
Jeroen Houttuin houttuin@rare.nl
Tim Howes tim@umich.edu
Erik Huizer huizer@surfnet.nl
Barbara Jennings bjjenni@sandia.gov
10
�
Thomas Johannsen Thomas.Johannsen@ebzaw1.et.tu-dresden.de
Kevin Jordan Kevin.E.Jordan@cdc.com
David Katinsky dmk@pilot.njin.net
Steve Kille S.Kille@isode.com
Mark Knopper mak@merit.edu
Mark Kosters markk@internic.net
Lakshman Krishnamurthy lakashman@ms.uky.edu
Mary La Roche maryl@cos.com
Ruth Lang rlang@nisc.sri.com
Sylvain Langlois Sylvain.Langlois@exp.edf.fr
Bruce Mackey brucem@cinops.xerox.com
Bill Manning bmanning@sesqui.net
Glenn Mansfield glenn@aic.co.jp
Judy Nasar jdnasar@magnus.acs.ohio-state.edu
Geir Pedersen Geir.Pedersen@usit.uio.no
Mark Prior mrp@itd.adelaide.edu.au
Edward Reed eer@cinops.xerox.com
Sheri Repucci smr@merit.edu
Jim Romaguera romaguera@cosine-mhs.switch.ch
Yzhak Ronen y.ronen@homxa.att.com
Marshall Rose mrose@dbc.mtview.ca.us
Srinivas Sataluri sri@qsun.att.com
Mark Smith mcs@umich.edu
Larry Snodgrass snodgrass@bitnic.educom.edu
Catherine Summers cfs@cos.com
Louisa Thomson louisa@whitney.hac.com
Panos-Gavriil Tsigaridas Tsigaridas@fokus.berlin.gmd.dbp.de
Alan Williamson scottw@nic.ddn.mil
Russ Wright wright@lbl.gov
11