[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [no subject]
"
In X.501 [2] the ASN.1 structure of distinguished name is defined as:
DistinguishedName ::= RDNSequence
RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
RelativeDistinguishedName ::= SET SIZE (1..MAX) OF
AttributeTypeAndValue
AttributeTypeAndValue ::= SEQUENCE {
type AttributeType,
value AttributeValue }
"
and later in RFC 2253:
"As an example, strings for a few of the attribute types frequently seen in RDNs include:
String X.500 AttributeType
------------------------------
CN commonName
L localityName
ST stateOrProvinceName
O organizationName
OU organizationalUnitName
C countryName
STREET streetAddress
DC domainComponent
UID userid
"
Each DN is made up of a sequence of relative distinguished names, each which is a type/value.
In defining a binding, we have to declare which "type" the local part of the XRI gets mapped to. I suppose the obvious choice is "commonName", and we'd have to specify escaping rules to make a relative part of an XRI conform to the syntax for relative distinguished names.
The other option is to define (or discover) another type (represented by a OID) which is specific to XRI local parts.
-Gabe
> -----Original Message-----
> From: Veizades, John
> Sent: Monday, November 03, 2003 10:09 AM
> To: Wachob, Gabe; 'Drummond Reed'; XRI Editors (E-mail)
> Subject: RE: [xri-editors] LDAP or DSML as local access protocol
>
>
> The way I see local resolution working with LDAP is that
> instead of doing the HTTP stuff we have defined in the spec
> you would issue an LDAP_search with the DN set to the entry
> you are interested and the scope set to LDAP_SCOPE_BASE and
> the filter function set to objectclass=*. This should return
> all the attributes for that entry, using the ldap_results
> call. A couple of cool thing about LDAP when it comes to
> secure resolution it allows for binding to the LDAP server
> using standard credentials, it also supports a modification
> function using the same credentials and finally it is a
> fairly well understood widely deployed service.
>
> One other note is that DSML is not an access protocol and is
> used for representing the results of a directory lookup, I
> don't know if anyone has developed a web services directory
> access protocol.
>
> John...
>
> -----Original Message-----
> From: Wachob, Gabe
> Sent: Monday, November 03, 2003 9:05 AM
> To: 'Drummond Reed'; XRI Editors (E-mail)
> Subject: RE: [xri-editors] LDAP or DSML as local access protocol
>
>
> Well, if you don't define the LDAP query, then you can't have
> any interoperability and therefore whats the purpose of
> "defining" an LDAP local access protocol?
>
> To put it concretely, if I have an XRI of "@example/foo.bar",
> and @example identifies a particular LDAP server, then what
> LDAP query do I perform? If thats not specified, then a local
> access protocol binding really hasn't been defined..
>
> -Gabe
>
> > -----Original Message-----
> > From: Drummond Reed [mailto:drummond.reed@onename.com]
> > Sent: Monday, November 03, 2003 12:37 AM
> > To: Wachob, Gabe; XRI Editors (E-mail)
> > Subject: RE: [xri-editors] LDAP or DSML as local access protocol
> >
> >
> > I agree that defining a translation would be useful, but it's not
> > actaully required, is it? Say I have an XRI for "@foo.bar"
> and then I
> > want to make an LDAP query about a distinguished name at
> the endpoint
> > identified by "@foo.bar". In that case I don't have to express that
> > distinguished name as an XRI, I just need to know is that LDAP is a
> > supported local access protocol at that endpoint, yes?
> >
> > =Drummond
> >
> > -----Original Message-----
> > From: Wachob, Gabe [mailto:gwachob@visa.com]
> > Sent: Sunday, November 02, 2003 8:32 PM
> > To: Drummond Reed; XRI Editors (E-mail)
> > Subject: RE: [xri-editors] LDAP or DSML as local access protocol
> >
> > Well, thats OK, but there a bit of work to do. We have to
> define how a
> > XRI gets translated into a LDAP or DSML query. This is not a
> > straightforward process, and there are probably a multitude
> of ways to
> > do it (an LDAP query is *structured* and I'm not sure how
> > that structure
> > is created).
> >
> > Does someone have a proposal for how to do this in a flexible way?
> >
> > -Gabe
> >
> > > -----Original Message-----
> > > From: Drummond Reed [mailto:drummond.reed@onename.com]
> > > Sent: Friday, October 31, 2003 4:12 PM
> > > To: XRI Editors (E-mail)
> > > Subject: [xri-editors] LDAP or DSML as local access protocol
> > >
> > >
> > > Gabe, I forgot that one of my notes in first reading the
> resolution
> > > section was why LDAP or DSML wasn't included as an option
> > > alongside X2R
> > > as a local access protocol? This is in relation to 3.2.2 an 3.4.
> > >
> > > =Drummond
> > >
> > > To unsubscribe from this mailing list (and be removed from
> > > the roster of the OASIS TC), go to
> > > http://www.oasis-open.org/apps/org/workgroup/xri-editors/membe
> > rs/leave_workgroup.php.
> >
> > To unsubscribe from this mailing list (and be removed from
> > the roster of the OASIS TC), go to
> > http://www.oasis-open.org/apps/org/workgroup/xri-editors/membe
> rs/leave_workgroup.php.
>
> To unsubscribe from this mailing list (and be removed from
> the roster of the OASIS TC), go to
> http://www.oasis-open.org/apps/org/workgroup/xri-editors/membe
rs/leave_workgroup.php.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]