[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [no subject]
" In X.501 [2] the ASN.1 structure of distinguished name is defined as: DistinguishedName ::= RDNSequence RDNSequence ::= SEQUENCE OF RelativeDistinguishedName RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue AttributeTypeAndValue ::= SEQUENCE { type AttributeType, value AttributeValue } " and later in RFC 2253: "As an example, strings for a few of the attribute types frequently seen in RDNs include: String X.500 AttributeType ------------------------------ CN commonName L localityName ST stateOrProvinceName O organizationName OU organizationalUnitName C countryName STREET streetAddress DC domainComponent UID userid " Each DN is made up of a sequence of relative distinguished names, each which is a type/value. In defining a binding, we have to declare which "type" the local part of the XRI gets mapped to. I suppose the obvious choice is "commonName", and we'd have to specify escaping rules to make a relative part of an XRI conform to the syntax for relative distinguished names. The other option is to define (or discover) another type (represented by a OID) which is specific to XRI local parts. -Gabe > -----Original Message----- > From: Veizades, John > Sent: Monday, November 03, 2003 10:09 AM > To: Wachob, Gabe; 'Drummond Reed'; XRI Editors (E-mail) > Subject: RE: [xri-editors] LDAP or DSML as local access protocol > > > The way I see local resolution working with LDAP is that > instead of doing the HTTP stuff we have defined in the spec > you would issue an LDAP_search with the DN set to the entry > you are interested and the scope set to LDAP_SCOPE_BASE and > the filter function set to objectclass=*. This should return > all the attributes for that entry, using the ldap_results > call. A couple of cool thing about LDAP when it comes to > secure resolution it allows for binding to the LDAP server > using standard credentials, it also supports a modification > function using the same credentials and finally it is a > fairly well understood widely deployed service. > > One other note is that DSML is not an access protocol and is > used for representing the results of a directory lookup, I > don't know if anyone has developed a web services directory > access protocol. > > John... > > -----Original Message----- > From: Wachob, Gabe > Sent: Monday, November 03, 2003 9:05 AM > To: 'Drummond Reed'; XRI Editors (E-mail) > Subject: RE: [xri-editors] LDAP or DSML as local access protocol > > > Well, if you don't define the LDAP query, then you can't have > any interoperability and therefore whats the purpose of > "defining" an LDAP local access protocol? > > To put it concretely, if I have an XRI of "@example/foo.bar", > and @example identifies a particular LDAP server, then what > LDAP query do I perform? If thats not specified, then a local > access protocol binding really hasn't been defined.. > > -Gabe > > > -----Original Message----- > > From: Drummond Reed [mailto:drummond.reed@onename.com] > > Sent: Monday, November 03, 2003 12:37 AM > > To: Wachob, Gabe; XRI Editors (E-mail) > > Subject: RE: [xri-editors] LDAP or DSML as local access protocol > > > > > > I agree that defining a translation would be useful, but it's not > > actaully required, is it? Say I have an XRI for "@foo.bar" > and then I > > want to make an LDAP query about a distinguished name at > the endpoint > > identified by "@foo.bar". In that case I don't have to express that > > distinguished name as an XRI, I just need to know is that LDAP is a > > supported local access protocol at that endpoint, yes? > > > > =Drummond > > > > -----Original Message----- > > From: Wachob, Gabe [mailto:gwachob@visa.com] > > Sent: Sunday, November 02, 2003 8:32 PM > > To: Drummond Reed; XRI Editors (E-mail) > > Subject: RE: [xri-editors] LDAP or DSML as local access protocol > > > > Well, thats OK, but there a bit of work to do. We have to > define how a > > XRI gets translated into a LDAP or DSML query. This is not a > > straightforward process, and there are probably a multitude > of ways to > > do it (an LDAP query is *structured* and I'm not sure how > > that structure > > is created). > > > > Does someone have a proposal for how to do this in a flexible way? > > > > -Gabe > > > > > -----Original Message----- > > > From: Drummond Reed [mailto:drummond.reed@onename.com] > > > Sent: Friday, October 31, 2003 4:12 PM > > > To: XRI Editors (E-mail) > > > Subject: [xri-editors] LDAP or DSML as local access protocol > > > > > > > > > Gabe, I forgot that one of my notes in first reading the > resolution > > > section was why LDAP or DSML wasn't included as an option > > > alongside X2R > > > as a local access protocol? This is in relation to 3.2.2 an 3.4. > > > > > > =Drummond > > > > > > To unsubscribe from this mailing list (and be removed from > > > the roster of the OASIS TC), go to > > > http://www.oasis-open.org/apps/org/workgroup/xri-editors/membe > > rs/leave_workgroup.php. > > > > To unsubscribe from this mailing list (and be removed from > > the roster of the OASIS TC), go to > > http://www.oasis-open.org/apps/org/workgroup/xri-editors/membe > rs/leave_workgroup.php. > > To unsubscribe from this mailing list (and be removed from > the roster of the OASIS TC), go to > http://www.oasis-open.org/apps/org/workgroup/xri-editors/membe rs/leave_workgroup.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]