CURRENT_MEETING_REPORT_
Reported by Paul Barker/University College London
Minutes of the OSI Directory Services Working Group (OSIDS)
Special thanks to Sri Sataluri, Mark Prior and Ken Rossen for their
contributions to these minutes.
DSA Performance Study (Roland Hedberg)
DSA performance statistics are being circulated by Leggenhager
regularly. But this study is based on study of the logs.
Reachability
o level-0 DSAs
- Percentage of success vs. number of attempts.
The more seldome a DSA is accessed the greater the probability
of reaching it.
o level-0 DSAs
- Level-1 DSAs: some DSAs can never be reached.
This is where the real data is.
o Some 50% are working very badly while the other 50% are working
very well.
o EDB-updates of root cn=Giant [September 1993]
- It takes some time for all DSAs to get updated (more than two
days). Some people carry out updates every 10 minutes. Some
do it on a daily basis. So if one update fails/connection is
missed , it takes 48 hours for the update to go through.
o EDB updates of c=CH from cn =chinchilla [August 1993]
- All updates are done by 10 hours. Much better scene.
- Update speed and time between information changes. When some
things happen, a lot of things follow.
* NL has about 100 updates/month [max]. A slave DSA did one
update in two months during which 90 changes occurred.
o Question and Answer:
Erik: What are the reasons?
Wrong implementation? Negligence? Bad
configuration?
Roland: Peoples' ignorance.
In some cases the nature of the information is
important. Thus, one has to be careful.
Steve: Are there any messages for implementors? service
providers?
Roland: Reachability cannot be helped.
A reasonable time should be set for slave updates
(at least for country DSAs).
Sri: A particular DSAs unreachability does not imply the
unreachability of the related DIT---for c=US there
is a master and two slaves.
Would like to share the tools used in this study.
Roland: Will post the tools to the list.
CLDAP (Steve Kille)
This is a connectionless protocol for retrieving names (something more
similar to DNS) from the directory. It is an important element for
deploying the directory and it is generally agreed that it should be
moved speedily to a Proposed Standard.
Erik Huizer stated that a similar proposal has been discussed by
Christian, similar in functionality, but it has not been put on paper.
Steve Kille indicated the group will proceed as if there is no other
document. If Christian's document appears, and if it becomes necessary,
the group will review the present CLDAP document in that light. Both
CLDAP and Christian's proposal are LDAP-compatible. If one needs
authentication, Steve said LDAP will be used.
A period of two to three weeks will be allowed for electronic
discussion. After that, if there are no comments/changes and if there
is no review requirement in the light of the document which Christian
may issue, then the document will be submitted for consideration as a
Proposed Standard.
The above resolution was approved by a show of hands.
Networks in the Directory (Glenn Mansfield)
o OSI-DS 37/38 present status
- Two Internet-Drafts have been in circulation since July 9,
1993:
* draft-ietf-osids-chart-network-dir-00.txt
Explains the necessity of network maps and its possible
uses.
* draft-ietf-osids-ipinfo-x500-dir-00.txt
Contains the schemas for representing IP-networks in the
Directory.
Steve said that these Internet-Drafts will be recommended for
consideration as Experimental RFCs.
- So far, there have been no negative response/comments on
mailing list or via personal mail (and few positive ;-)
- Experiments/implementations are being carried out at several
sites.
- Waiting on working group action.
o Deployment strategy for Directory in the Internet
- document highlights
* issues
* bootstrapping
* DIT structure
* relationship to existing Directory
* deployment stages
- Status of deployment
* Network Information
* WHOIS
* DNS
The deployment document was circulated in Amsterdam and only minor
changes were necessary. Steve said that it needs to be made into
an OSI-DS document.
o Network Information
Applications based on this include:
- Network maps for configuration management.
- Connection trees (useful in intelligent polling/fault
management). All from the directory.
- Softpages
Clients make use of X.500 in several stages:
* get list of file-servers [Static-list/archie]
* get path to file servers [Static/traceroute]
* get attributes for computing cost of paths [Static/ping]
* search for file that is being sought [archie-server]
(Presently, if the information is unavailable from X.500,
alternate sources/methods are used.)
o JPNIC whois DB is in Progress.
- WHOIS-DB ! X.500 mapping done
* translation is difficult -
+Names do not match ...
+Characters [ Kanji ] do not match
+Multi-lingual attributes
* translation is in progress can be seen under @c=JP@o=Japan
Network Information Center@l=Registered Organizations
- ``register'' schema is necessary
o DNS in the directory
There are problems with the present schema. Improvements and
changes are being made and the group hopes to circulate a draft by
the end of November and to commence deployment by the end of
December.
- Improvements/Changes
* DomainSOA object contains the SOA related detail
* Object for each resource record type
* Object DNSMailBox for the mailbox info is a subclass of top
(unlike in RFC 1279)
o Application Support
- NTP
* Configuration of the NTP tree
* Query the directory to find out possible peers
- WWFS
* Configuration of the file system
* Good choice from the users point of view
- Other maps
Glenn indicated that the group was in the process of preparing a
document on this.
o Operational issues
- Real life applications are starting
- Reliability of DSAs has to be improved
- In case of problems due to other domains ...
* Complain privately to the responsible person for the domain.
* Complain publicly to the responsible person for the domain.
* Complain to the parent domain authorities.
* Ask the parent authorities to excommunicate the domain.
(Quote from RFC 1033)
Steve stressed the importance of having an operations guide. Glenn
said it is being worked on and presently it is an image of the DNS
Administrator's Guide. A first draft will be posted the to the
list for discussion.
Liaisons
o ISO/IEC/ITU-T (Ken Rossen) (ITU-T is the successor organization to
CCITT)
The ISO/IEC Directory group has not met since the previous report
to the IETF. Work on Management of the Directory is receiving the
most attention, and an interim meeting of the Directory group is
expected for February 1994 in Geneva in order to focus on
progressing this work.
The ITU last-call ballot on the ITU-T X.500 1993 extensions, which
is the last hurdle to be cleared by the new edition of the
standard, is drawing to a close. This vote is expected to be
uneventful, and to allow publication of the 1993 [ISO/IEC 9594 j The
ITU-T X.500 Series of Recommendations] before the end of the year.
Output documents from the last ISO/IEC/ITU Directory group meeting
are available from the OIW DS SIG archive (see below). Ken Rossen
or Hoyt Kesterson can supply further information, if needed.
o OIW DS SIG (Ken Rossen)
The DS SIG has been devoting most of its effort to contributions to
the ISO work on Directory Management and collaborative work with
the X.400 API Association (XAPIA) on Directory Synchronization.
In Directory Management, the SIG has been soliciting and reviewing
MIBs and management models from a variety of sources (including
relevant IETF drafts) and, at its December meeting, will consider
generating a working paper for input to the next ISO/IEC/ITU
meeting. Of particular interest to the SIG has been a management
requirements document and GDMO-defined MIB for the Directory
written up in a paper from the University of Missouri, Kansas City
by a team led by Dr. Adrian Tang.
The synchronization work arose in the XAPIA as an endeavor to
address the problem of keeping LAN E-Mail directory information
current across heterogeneous technologies, and in the DS SIG as an
effort also to provide for interworking and eventual migration to
X.500. The SIG has proposed that lightweight versions of Directory
protocols (DISP, DAP, or a combination) be used to model the
X.500/proprietary directory interaction, and vendors have also
supplied several now-proprietary schemes as alternatives. This
group will meet in November in Mountain View, and jointly in
conjunction with the next DS SIG meeting in Gaithersburg in
December.
The DS SIG mailing list is accessible by sending mail to
dssig-request@nist.gov, and the archive of working documents
including notes on all of the above is on
nemo.ncsl.nist.gov:~pub/oiw/dssig. For more information, contact
Ken Rossen.
o NADF (Tim Howes)
Tim reported that the NADF has now created a ``user organization''
membership category. Thus NADF will now be comprised of both
providers and users of directory services. The pilot is on-going.
The next meeting of the NADF is in Reston, Virginia, the week of
November 8, 1993.
o AARNet (Mark Prior)
- AARNet Engineering Working Group (AEWG): AARNet has formed an
AARNet Engineering Working Group to provide advice to AARNet on
operational issues. The existing working groups, including the
the OSI Directory Services Working Group, will be motherhooded
into this new structure. The AEWG will be officially announced
in a couple of weeks at the Australian Networkshop (November 30
- December 3).
- New ISODE Binary kits: The AARNet DS working group has
produced two updates to their binary kit releases, one for DEC
MIPS and the other Sun SPARC. These kits are based on ISODE
8.0. Another release is expected soon that incorporates LDAP
3.0. These kits are available on archie.au.
- Shadowing reorganization: In Australia we try to shadow all
country level EDB files in order to improve local performance
(all other DSA's have Bush Dog as a prefered DSA). This has
worked OK but reliability problems are occurring due to Quipu
going into a coma while fetching a new EDB file. This is
especially impacting Anaconda the Australian master.
We hope to reorganize our DSAs so that only Bush Dog does the
remote fetches, thus allowing Anaconda to be available for
local update.
It is hoped that other countries will make the EDB file
available for anonymous FTP and that way we could do some non
X.500 based shadowing.
This wouldn't be a problem if there was an incremental EDB
update facility.
- Public access to the directory from archie.au: A public access
point to the directory is run on archie.au (userid=de) and last
month there were just over 4000 accesses to this facility and
nearly 10,000 queries made to the directory.
Mark sends his thanks to the IETF for multicasting this meeting and
thus permitting him to participate. Further, he expresses his
appreciation to all speakers who used the microphone.
o PARADISE (Roland Hedberg)
PARADISE has not met since the Amsterdam IETF. The next meeting is
scheduled for November 1993 in London, England. The PARADISE
project will officially end in April 1994. The future of the
project is as yet unknown and will be the subject of discussion at
the next meeting. PARADISE is on the verge of releasing the
Bulkloading tools. Paul Barker has just sent out a Request For
Comments on possible additions to the DE client.
o NREN-NIS (Sri Sataluri)
The InterNIC Directory and Database Services is running a level-0
DSA named ``Pied Tamarin'' for c=US. This DSA slaves almost all
data mastered by cn=Alpaca and permits slave updates.
So far, twenty-eight organizations are using the InterNIC
facilities to list their organizations. The Gopher to X.500
gateway is the most heavily used DUA interface. We also use the
ISODE Quipu 8.0 DE as a public-access DUA and have not yet upgraded
to later versions. We are waiting for a response from the RARE
Operational Unit granting permission for us to use the software.
Schema Working Group
Members include Sri Sataluri, Tim Howes, Ken Rossen, and Russ Wright.
The goals of this group are to:
o Identify a repository and appropriate useful formats for
publicizing and distributing schema elements (object classes and
attributes) to the Internet community.
o Facilitate broad-based experimentation with new applications of
X.500 by publicizing experimental schema elements.
o Maintain a stable production schema for the Internet, including
definitions both for common core of elements and
application-specific subschemas.
A draft document was sent out to the osi-ds mailing list on November 4,
1993. To receive a copy please send mail to sri@internic.net. A
revised form of this document (Procedures and Guidelines) will be
released as an Internet-Draft in the first week of December and should
eventually become an Informational RFC. Please send comments ASAP to
schema@ds.internic.net and/or osi-ds@cs.ucl.ac.uk.
In addition to the procedures document, the schema group will publish a
standards-track RFC that will document the ``core Internet Schema''
(successor to RFC 1274) and an Informational RFC documenting the current
Internet Schema will be issued on a six-month update cycle.
The schema group will announce the availability of the ``Internet
Schema'' and will start accepting updates on December 1, 1993.
Comments, suggestions, and submissions should be sent to
schema@ds.internic.net. As and when the ``Internet Schema'' gets
updated, an announcement will be sent out using a mailing-list
schema-announce@ds.internic.net. To join this list, please send a
message to schema-announce-request@ds.internic.net.
RFC 1384 Update - X.500 Naming Guidelines (Steve Kille)
The members agreed to progress this document as an Informational RFC.
Comments should be directed to the authors and/or to the list ASAP.
Charter Discussion
Erik Huizer, an Applications Area co-Director, presented a short summary
of the previous day's meeting. Here are the salient points:
o The OSI-DS Working Group in its present form cannot continue and
should be disbanded and a set of small focussed working groups be
set up.
o WHOIS++ and X.500 address similar issues and hence common problems
need to be identified and worked on. Resources are too scarce for
duplication of effort.
A strategy (proposed by Steve Kille and accepted by everyone) is to
identify a set of working groups that will work on the open issues of
the OSIDS Working Group and prepare charters for these new groups. The
charters, and the need for more or fewer groups, should be discussed in
the osi-ds mailing lists. By the Seattle IETF, the new working groups
should be constituted and the OSIDS Working Group should be disbanded.
There was strong support for continuing to maintain the osi-ds
mailing-list.
A list of possible working groups and chairs was composed at the
meeting:
o Lightweight Protocols for Access and Synchronization (LDAP, CLDAP,
SOS, SOLO, etc.) -- Tim Howes
o Data Structure and Schema Management (will use a design team
approach for schema issues; deal with naming issues) -- Sri
Sataluri
o Index Services and Distributed Search (Index DSAs, Centroids, etc.)
-- Simon Spero
o Use of Directory for Network Management -- Glenn Mansfield
o URN --> URL Resolution
The following suggestions were made:
o There is a need for the Data Structure and Schema group. Similar
efforts in other groups should also be folded in.
o Access and synchronization issues should be split.
o Do not fragment the work into too many things.
o There is widespread desire for creating a group to discuss
operational issues. This motion was seconded later by Linda
Millington, Mark Prior, and Arlene Getchell.
o Operations issues must be dealt with in the operations area. There
are plans to create an IOTF (Internet Operations Task Force) since,
in several projects, the technical work is more or less finished
and operations issues are becoming vital. Until the IOTF is formed
the IDS Working Group will be used to get the operations work done.
o In the IIIR Working Group meeting the issue of forming a working
group to discuss Quality Assurance Issues for X.500, Gopher, WAIS,
WHOIS++, etc. was discussed. There will be a BOF at the Seattle
IETF. A mailing-list (quality@sunsite.unc.edu) is being formed to
discuss the quality issues. To join, send a note to
(listserv@sunsite.unc.edu) with the following body:
subscribe quality
<your email address>
Attendees
Claudio Allocchio Claudio.Allocchio@elettra.trieste.it
Glen Cairns cairns@mprgate.mpr.ca
Richard desJardins desjardi@eos.nasa.gov
Urs Eppenberger eppenberger@switch.ch
Qin Fang qin_fang@unc.edu
Jill Foster Jill.Foster@newcastle.ac.uk
Vincent Gebes vgebes@sys.attjens.co.jp
Arlene Getchell getchell@es.net
Mei-Jean Goh goh@mpr.ca
Chris Gorsuch chrisg@lobby.ti.com
Roland Hedberg Roland.Hedberg@rc.tudelft.nl
Tim Howes tim@umich.edu
Richard Huber rvh@ds.internic.net
Erik Huizer Erik.Huizer@SURFnet.nl
Barbara Jennings bjjenni@sandia.gov
Steve Kille S.Kille@isode.com
Kanchei Loa loa@sps.mot.com
Glenn Mansfield glenn@aic.co.jp
Wayne McDilda wayne@dir.texas.gov
Lars-Gunnar Olsson Lars-Gunnar.Olsson@data.slu.se
Rakesh Patel rapatel@pilot.njin.net
Karen Petraska-Veum karen.veum@gsfc.nasa.gov
Marshall T. Rose mrose@dbc.mtview.ca.us
Kenneth Rossen kenr@shl.com
Srinivas Sataluri sri@internic.net
Rickard Schoultz schoultz@sunet.se
Vincent Shekher vin@sps.mot.com
Mark Smith mcs@umich.edu
David Staudt dstaudt@nsf.gov
Jackie Wilson Jackie.Wilson@msfc.nasa.gov
Russ Wright wright@lbl.gov
Peter Yee yee@atlas.arc.nasa.gov
Weiping Zhao zhao@nacsis.ac.jp