rfc1684.txt
来自「<VC++网络游戏建摸与实现>源代码」· 文本 代码 · 共 564 行 · 第 1/2 页
TXT
564 行
RFC 1684 Introduction to X.500 White Pages Services August 1994 - Good alternative for paper Directories. The provision of White Pages services based on X.500 may be a good alternative for paper directories, because the latter directories are rarely up-to-date (due to the printing costs) and because X.500 not only can be used by humans but also by applications. Some important arguments in favour of X.500 for global use are: - By its distributed nature X.500 is particularly suited for a large global White Pages directory. Maintenance can take place in a distributed way. - Good searching capabilities. X.500 offers the possibility to do searches in any level or in any subtree of the DIT. In order to do a search an attribute type together with a value have to be specified. Then the Directory searches for all entries that contain an attribute of that type with the given value. For example one can search for all persons in an organisation having a particular common name, or all organisations within a country that have telecommunications as their business category. It is up to the organisations that maintain the DSA's to decide who may perform which searches and also how many levels deep a search may be. Searches can be done on the basis of an exact or approximate match. It is worthwile to note that distributed searches (that need connections to a lot of DSA's) may be expensive and are generally not encouraged. - There are DUA interfaces for the White Pages service availablefor all types of workstations (DOS, Macintosh OS, Unix). For an overview of X.500 available software see RFC 1292 [2] or updates of this document. - X.500 is an international standard. Using a standard obviously means less problems with interoperability and interworking.Also the standard is updated according to practical experience.4. Organisational aspects of X.500 (experience from Paradise) The organisational aspects involved in operating a local X.500 (or any other electronic) Directory can roughly be divided in three sub-aspects:datamanagement, legal issues and cost aspects. With respect to cost aspects there is no publicly known model or experience at the moment.RARE Working Group on Network Applications Support [Page 6]
RFC 1684 Introduction to X.500 White Pages Services August 1994 Therefore the focus in this document is on datamanagement and legal issues. Data management refers to issues that are related to inserting appropriate information into the Directory and keeping it up to date. From the experience of participants in Paradise we obtain that the following items are of first importance: - Executive commitment. Without this it is almost impossible to create an organisation wide up-to-date electronic Directory. - Structure of the local DIT. In joining the international infrastructure an organisation has to conform to some rules for the local DIT structure as presented to the global X.500 infrastructure. A recommendation on how to structure a local DIT and how to use the available attributes can be found in [7]. The most important recommendation in the latter document is to keep the local part of the DIT as simple (flat) as possible. The reason is that users from outside the organisation may otherwise have difficulties in finding entries of persons within the organisation (searches in the DIT are often only allowed one level deep). - Attributes to be used. For the existing infrastructure the objects and associated attributes that are globally used, are documented in [1]. - Sources of the data. An organisation has to find out where to get what kind of data and develop procedures for uploading its DSA('s). - Delegating responsibilities for updates. Procedures have to bedeveloped for updates of the local Directory. These procedures have to include delegation of responsibilities. - Security procedures. Rules have to be set for access and security. Who may contact the DSA? Who will have access to which subtrees and what attributes? A study of the legal consequences of presenting (address) information via X.500 lead to the main conclusion that in Europe an organisation has to formally register its data collections. Registration implies defining a goal for the application. This has to be done for the White Pages service as well as for any deviating local application of X.500. However, the different national laws may differ with respect to legal restrictions. For more information on this subject we refer to "Building a Directory Service, Final Report test phase SURFnetRARE Working Group on Network Applications Support [Page 7]
RFC 1684 Introduction to X.500 White Pages Services August 1994 X.500 pilot project", E. Huizer, SURFnet B.V., Utrecht NL, 1994. (copies available from SURFnet B.V.) Among the Paradise members there are several pilots running at the moment with the goal to evaluate the organisational aspects. Case studies coming from these pilots will be documented. Small or medium size organisations that have not too many entries to insert in the Directory may use one of the different national initiatives concerning a 'central DSA'. These central DSA's are operated by national service providers and contain the White Pages information of a lot of small and medium size organisations. For organisations in countries without such a national service there is also a European central DSA (Paradise) and an American central DSA (InterNIC). It is worth noting that the central DSA services are only technical services, i.e., a participating organisation still has to cover the organisational issues. However, part of a central DSA service may be consultancy with respect to datamanagement and legal issues.5. Applications of X.500 Besides for White Pages, X.500 can be useful for all kinds of distributed information storage from which humans or machines can benefit. Examples that are likely to use X.500 in the near future are: distribution list mechanism, public key distribution for Privacy Enhanced Mail (PEM), routing of X.400 messages, distribution of EDI identifiers, etc. For more information we refer to [7]. Below the first three applications are briefly discussed. The distribution list mechanism uses X.500 for finding the e-mail addresses of the persons that have subscribed to a list. The distributed approach of X.500 makes it possible that people change their e-mail address without having to change their subscription to distribution lists. PEM (see a.o. [8] or [4]) uses a public key mechanism for exchanging secure e-mail messages. For example: one will be able to end a secure message by encrypting a message with the publicly known (public) key of the recipient. Only the recipient of the message can decipher the message using his/her private key. In order to make such a mechanism work one must have access to the public keys of all possible recipients. X.500 can be used for this purpose. At this moment a world-wide pilot is running in which X.400 routing is done by means of X.500. X.400 MTA's use special DUA's to find via the Directory the MTA's to which the recipients of a message want their mail to be delivered. The distributed approach of X.500 willRARE Working Group on Network Applications Support [Page 8]
RFC 1684 Introduction to X.500 White Pages Services August 1994 mean much less routing management (currently tables are used that have to be updated/exchanged periodically).6. References [1] Barker, P., and S. Kille,"The COSINE and Internet X.500 Schema", RFC 1274, University College London, November 1991. [2] Getchell, A., and S. Sataluri, Editors, "A Revised Catalog of Available X.500 Implementations", FYI 11, RFC 1632, Lawrence Livermore National Laboratory, AT&T Bell Laboratories, May 1994. [3] Weider, C., and J. Reynolds, "Executive Introduction to Directory Services using the X.500 Protocol", FYI 13, RFC 1308, ANS, USC/Information Sciences Institute, March 1992. [4] Linn, J., "Privacy Enhancement for Internet Electronic Mail:Part I: Message Encryption and Authentication Procedures", RFC 1421, IAB IRTF PSRG, IETF PEM WGs, Feblruary 1993. [5] Hardcastle-Kille, S., Huizer, E., Cerf, V., Hobby, R., and S. Kent, "A Strategic Plan for Deploying an Internet X.500 Directory Service", RFC 1430, ISODE Consortium, SURFnet bv, Corporation for National Research Initiatives, University of California, Davis, Bolt, Beranek and Newman, February 1993. [6] Yeong, W., Howes, T., and S. Kille, "Lightweight Directory Access Protocol", RFC 1487, Performance Systems International, University of Michigan, ISODE Consortium, July 1993. [7] Weider, C., and R. Wright, R., "A Survey of Advanced Usages of X.500", FYI 21, RFC 1491, Merit Network, Inc, Lawrence Berkeley Laboratory, July 1993. [8] "Privacy Enhanced Mail in more detail", Zegwaart, E., Computer Networks for Research in Europe Vol. 2, pp. 63-71. [9] Barker, P., Kille, S., and T. Lenggenhager, T., "Naming and Structuring Guidelines for X.500 Directory Pilots", RTR 11/RFC 1617, University College London, ISODE Consortium, SWITCH, May 1994. For a good technical introduction to X.500 we also recommend: [10] Rose, M., "The Little Black Book", PSI Inc., Prentice Hall Inc., New Jersey, 1992. [11] Steedman, D., "The Directory standard and its application", Technology Appraisals, Twickenham (U.K.), 1993.RARE Working Group on Network Applications Support [Page 9]
RFC 1684 Introduction to X.500 White Pages Services August 19947. Security Considerations Security issues are not explicitly discussed in this memo.8. Author's Address Peter Jurg SURFnet bv Postbus 19035 NL-3501 DA Utrecht The Netherlands Phone: +31 30 310290 Fax: +31 20 340903 RFC822: Peter.Jurg@surfnet.nl X.400: C=nl; ADMD=400net; PRMD=surf; O=surfnet; S=jurgRARE Working Group on Network Applications Support [Page 10]
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?