[x500standard] LDAP schema in X.500
- From: "Erik Andersen" <era@xxxxxxx>
- To: "Directory list" <x500standard@xxxxxxxxxxxxx>, "SG17-Q11" <t09sg17q11@xxxxxxxxxxxxx>
- Date: Sun, 11 Dec 2011 10:40:56 +0100
Edition 5 of X.500 included some support for interworking between X.500 and
LDAP systems, meaning that a directory may consists of one or more DSA and
zero or more LDAP server and some mixture of DUAs and LDAP clients. It has
become clear the specification for providing this support were not correct,
as first pointed out by Steven Legg. We are attempting to correct and
improve this support in edition 7.
In such a configuration an operation started in a DUA may end up in an LDAP
server, which actually requires a specification for an interface or gateway
function between a DUA and an LDAP server. Such a gateway will have to be
provided by the DSA (LDAP requestor) interfacing to the LDAP server.
The specification of such an interface, and possibly also the
implementation, may be simplified if the LDAP schema were integrated into
the X.500 schema (as an example, an attribute definition would include the
LDAP specific aspects). It is just a thought not worked completely through.
However, I could see the following advantages in addition to above:
1) A DSA would have the necessary specifications to support LDAP
requests;
2) An LDIF stream could be easily handled;
3) When new attribute types are defined within X.500, e.g., to support
password policy and RFID support, they would at the same type provide the
necessary LDAP specifications using X.500 OIDs. It may not be necessary to
define separate RFCs;
Any comments?
Erik Andersen
Andersen's L-Service
Elsevej 48,
DK-3500 Vaerloese
Denmark
Mobile: +45 2097 1490
e-amail: era@xxxxxxx
Skype: andersen-erik
http://www.x500.eu/
http://www.x500standard.com/
<http://dk.linkedin.com/in/andersenerik>
http://dk.linkedin.com/in/andersenerik
Other related posts:
