Minutes of the Third IETF-Directory Services (OSI-DS) Working Group February 12-13, 1991 Menlo Park (SRI) 1. Attendees Mark Knopper Merit 313-763-6061 mak@merit.edu Tim Howes U-Michigan 313-764-2278 tim@d.cc.umich.edu Alex Pepple BNR 613-763-7684 alexp@bnr.ca Peter Mierswa DEC 508-486-5581 mierswa@smaug.enet.dec.com Bill Nowicki Legato 415-329-7856 nowicki@legato.com Russ Wright LBL 415-486-6965 wright@lbl.gov Arlene Getchell ESnet/NERSC 415-423-6349 getchell@nersc.gov Ruth Lang SRI 415-859-5608 rlang@nisc.sri.com Jose Garcia-Luna SRI 415-859-5647 garcia@sri.com Steve Kille UCL +44-71-380-7294 s.kille@cs.ucl.ac.uk M. T. Rose PSI 408-562-6222 mrose@psi.com Barry Holroyd Sun 415-336-2949 berries@eng.sun.com Paul Koski HP 408-447-3461 koski@hpindeg.cup.hp.com Peter Yee NASA 415-604-3812 yee@ames.arc.nasa.gov Chris Weider Merit 313-936-2090 clw@merit.edu Stuart Cain HP 408-447-2417 scain@hpindeg.cup.hp.com Cyrus Chow Nasa 415-604-6843 cchow@ames.arc.nasa. gov 2. Agenda, Revised a. Agenda, Revised b. Minutes of previous meeting c. Liaisons: RARE WG3, NIST, NADF, AARN, ANSI d. Replication i. Replication Requirements ii. Replication Solutions iii.Network Addresses iv. Presentation Addresses e. APIs for the Pilot f. User Friendly Naming g. Domains and X.500 h. Representation of Network Info in X.500 i. DSA Naming j. Building Internet Directory/Strategy k. Operational Pilot Status l. Monthly Reports on Pilots m. New working groups: Operations, User Support n. Internet Schema o. Naming Guidelines p. Naming for Internet Pilot q. Security r. Directory Assistance Protocol s. Quality of Service t. Date and Venue of next meeting 3. Introduction The meeting was opened by Steve Kille at 9:10am on February 12, 1991. The agenda was slightly revised and massively reordered. 4. Minutes of Previous Meeting Steve thanked Richard Colella and Peter Whittaker for producing the minutes. He reported on the status of some of the action items at the last meeting. The formatting of the documents has been improved. The "Infrastructure" document met with some difficulty in forwarding as an RFC. Steve was asked to produce a separate "Strategy" document and to revise the RFC. Steve contacted Al Grimstad to check on a user friendly naming related proposal, and found that this is no longer relevant. There were no corrections to the minutes. 5. Liaisons a. RARE WG3 Steve reported on this meeting which took place in Brussels in January. They discussed the activities of our IETF-DS group. Their next meeting is April 16-17 in Utrecht, Holland. They meet three times per year. They are very interested in getting more US participation. Future meetings are in July, and also October 31- November 1. Can the IAB find funding for international travel for IETF members? Steve will look into the funding question with appropriate people. European meetings usually have 1-2 representatives from each country. They would also like representation from the FOX project. b. NIST Stuart Cain reported on the Directory SIG meeting in December. They discussed implementation agreements for replication and access control. They would like to see the requirements from our group. NIST is working from the current CDAM. There is already a stable implementors agreement based on the 1988 CCITT recommendation. The new spec is expected by the end of the year. The next meeting will be in March. Steve has replied informally to the NIST liaison to encourage coordination between the two groups and also to share our documents on replication requirements and solution. The sense of this was agreed to by the group, and it will be used to generate a formal liaison response. The NIST group is concerned with "freezing" their agreements based on a DIS version of the standard, and will be working to avoid that kind of discrepancy. c. North American Directory Forum Marshall Rose reported that the last meeting was in October, before the last IETF-DS meeting. The next meeting is in March, after this meeting. Oh well. d. Australian Academic Research Network Steve received a liaison statement from George Michaelson. Standards Australia is working on X.500 naming and addressing standards. They will send people to the IETF some time this year. They have not been able to participate in this group due to lack of funds. e. ANSI US Directory Ad Hoc Group Roy Van Dorn (HP) reported that this group met last week. They are bringing ballot comments to ISO. Subordinate references will be replicated, according to the latest draft standard. Replicating cross-references will not occur. Hoyt Kesterson is the ISO Rapporteur. Skip Sloan will be the head of the US delegation. Steve will send them the replication documents from our group. There will be one more US meeting in March for ballot comments. The liaison of the group's documents to ISO will be done through ANSI by Paul Koski. Access control and replication are US priorities. Some of the schema document will get into the 1992 standard. The definitions of attributes will be more like 1988. The four types of object classes will continue. Subtrees and partial entries within subtrees can be replicated. A completeness flag is included in replication. Searches on attributes that don't exist will be referred for further lookup. The unit of replication is an entry, not an attribute within an entry. 6. Replication a. Replication Requirements It was agreed that this Internet Draft (Replication Requirements to Provide an Internet Directory Using X.500) be progressed to an RFC. b. Replication Solutions There was substantial discussion of this paper. Marshall and Steve revised the text during the meeting and redistributed the document. Marshall suggested that the title be changed to include the changes to Distributed Operations as well as replication. This suggestion was agreed to by all. A number of changes were suggested to make the document more clear. There was a suggestion to include a figure describing knowledge replication. None of the proposed changes require discussion at a further meeting, and Steve agreed to send a revised document out to the list on Monday (February 18). The group will respond within one week with any comments. After that the Internet Draft (Replication to Provide an Internet Directory Using X.500: A Proposed Solution. However the title may be changed.) will be progressed to an RFC. c. Network Addresses There were a few comments from the IAB regarding the Telex kludge. It was agreed that this Internet Draft (An Interim Approach to Use of Network Addresses) be progressed to an RFC. d. Presentation Addresses It was agreed that this Internet Draft (A String Encoding of Presentation Addresses) be progressed to an RFC. 7. APIs for the Pilot Ruth Lang said that this was an important area and would like to see suggestions for APIs (application programming interface). The only comment received so far on the list was from Peter Whittaker (BNR) about object management support in XOPEN. There was a discussion of the XDS agreements. Peter Mierswa said that DEC participated in XDS. The user-friendly and object-oriented aspects of XDS will cause applications to be large. It is difficult to extend the XDS object set. There are other technical drawbacks, but it was agreed to by a number of parties. DEC will support the XDS API but also a more functional layer. Quipu does not support XDS. XDS and object management documentation is available from Omnicom. It was felt that APIs did not fit into our group's charter. We may want to make recommendations but then move on to the technical infrastructure. This group is also not to manage projects or pilots. 8. User Friendly Naming Peter Mierswa tried to find a common syntax set with the OSF DCE naming (based on unix filesystem syntax) and the proposed X.400 annex for business card OR address format (uses semicolons and slashes, which evolved out of the RFC 987 work). However there was no such syntax in common and Peter gave up. The algorithm in this document is useful based on experience, though there may be scope for experimentation. It was noted that name space organization affects efficiency of searches. For example Cambridge University uses many levels of OU. It is recommended in the Naming Guidelines document (see section 18) that pilots be laid out so that this user friendly naming scheme works reasonably. It was agreed that this Internet Draft (Using the OSI Directory to Achieve User Friendly Naming) be progressed to an RFC. 9. Domains and X.500 UCL has done some work in implementing this scheme. There is a tool to do a white pages lookup based on a domain address. This is an experimental service. The general appropriateness of representing domain name system information in the Directory was discussed. This is viewed as controversial. The X.500 version of DNS may have be usable for other functions than those currently offered by the DNS, such as browsing. Mailbox records are included in the DNS, but are not widely used. Peter Mierswa said that it would not matter if this was not submitted as an RFC. Steve disagreed with that and would like to progress the work. Tim Howes suggested that we submit this with a disclaimer that it is experimental. Steve would like the IAB to discuss these issues. Jose Garcia-Luna felt that security should be discussed in this paper. It was eventually agreed that this Internet Draft (Domains and X.500) should be progressed as an RFC. 10. Representation of Network Information in X.500 Mark Knopper and Chris Weider gave a presentation on some work in progress at Merit, which will become part of the DARPA/NSF sponsored Field Operational X.500 (FOX) project. They have entered the network contacts part of the whois data into the @o=Internet part of the White Pages DIT. New object classes have been defined. Bill Nowicki noted that putting all of the IP network numbers into a single location in the DIT will not scale well. It was suggested that the network number entries be located within the owning organizations. This would obviously require much more participation in the X.500 projects. For now the net numbers can be entered in a separate tree under o=Internet and eventually these entries will just be pointers to the master network entries. Steve proposes another solution to this in the Domains and X.500 paper. It is scalable, but also requires more work to bootstrap. There will be further cooperation with SRI, ISI and PSI to allow the rest of the NIC's data to be entered into X.500. There were a number of useful suggestions on how the network information could be stored in the DIT. It was recommended that Merit produce an internet draft to document this effort, both work in progress as well as long term design. Chris agreed to do this by March 7. He will take the scalability issues into account. 11. DSA Naming The current South American wildlife names don't seem to be descriptive enough! The solutions outlined in this paper solve some operational problems with quipu-based pilots. Peter pointed out that the section on multinational organizations does not solve the problem. There were several suggestions for modifications, and discussion of this will be necessary at the next working group meeting. It was felt that after that, this Internet Draft (DSA Naming) can be progressed to an RFC. 12. Building Internet Directory/Strategy The infrastructure Internet Draft was held up in protracted discussion regarding how to submit RFCs. Steve wrote a new strategy document. It was agreed that APIs should be mentioned in this document. The "strategy" was removed from the I.D. and so that was renamed to a very long name beginning with "Overall Plan". The strategy document was agreed to in principle but will not be forwarded at this time. The Overall Plan Internet Draft was agreed to be progressed to an RFC again. 13. Operational Pilot Status a. PSI Pilot Marshall reported that there are about 70 organizations on the US pilot. Growth has been linear since the pilot began. ISODE 6.8 interim release is due out by the end of the month. It is a very stable and higher performance version. It will have Tim Howes' mods to quipu, and also the Directory Assistance Protocol (which allows splitting the DUA between two different hosts). FRED is faster now. There is a Macintosh DUA offered by PSI as shareware. A source license is available similar to the Nysernet SNMP license. The PSI pilot only allows DSAs to be connected via IP (and now CLNP). The quality of X.25 in the US "sucks dead pigs through a straw". [Ed. Note: It has been suggested offline to formalize this language to "provides pneumatic inward pork- pressure via narrow flexible tubing".] b. COSINE Pilots Steve reported that 19 out of 20 countries in COSINE are running X.500 pilots. The COSINE P2.1 pilot has been renamed as PARADISE, and has officially started. Its manager is David Goodman. ULCC has an operational facility to replace Giant Tortoise. Their plan is to support international pilots until the end of 1992. France has a research pilot based on quipu and also a commercial pilot based on Pizarro. Xtel and the Dutch PTT are involved in PARADISE. 14. Monthly Reports on Pilots It is felt that the operational pilots should distribute status reports on a monthly basis. The FOX project is interested in coordinating the US report. Ruth Lang contacted Jon Postel at ISI about this and Jon volunteered ISI to produce the reports. Some FOX mailing lists will be set up to help coordinate the US report. David Goodman, the PARADISE manager, will integrate this into the international report. FOX and PARADISE will agree on timescales for ensuring that this comes out each month. Reports will be timely, with noncontributors marked as "no report for XXX". This international report will be sent out as a part of the Internet Monthly Report and to a separate list for those not interested in other aspects of the IMR. The reports should be on "The State of the DIT". Organizations should be queried for their activities. Marshall gets regular statistics reports from the US DSAs. The Canadian pilot is operated by the University of Toronto. 15. New Working Groups a. X.500 User Support Working Group Chris Weider volunteered to chair a new working group. Steve will talk to the IETF area coordinators and suggest that the new group be jointly in the OSI and User Services areas. Several of the group participants were interested in joining the new group. The first meeting will be at the next IETF. Chris distributed a draft charter and several comments were made. Chris will talk to Joyce Reynolds and Dana Sitzler, to see whether it would be reasonable to model the group after the NISI working group. Perhaps the new group should be called DISI (pronounced "dizzy"). The group would provide a documentation package for sites, as well as a center of expertise for X.500 issues. b. X.500 Operations Working Group There was some interest in forming such a group but it was felt that this should wait until the activities of the main IETF-DS group come to an end, or at least go into "maintenance mode". It was viewed that the group will only last for one more meeting with the same high level of activity. After that the operations group will be formed. Marshall Rose and Chris Weider were involved in discussing the charter of the new group. 16. Internet Schema Marshall suggested that the name of the Internet Draft (COSINE and Internet Naming Architecture) be changed from "naming architecture" to "schema". This was accepted. There were comments on this document at the RARE WG3 meeting. The textEncodedORAddress attribute was deprecated by OSI purists, but some members felt it was useful in the pilots. This Internet Draft was agreed to be progressed to an RFC. 17. Naming Guidelines Steve introduced this Internet Draft and explained that it sets out some guidelines for how to lay out a pilot DIT. It is a followon to annex B of X.521. Marshall mentioned that the T.61 character sets for international symbols once were a problem but work now in quipu. Peter mentioned that this is not a solution for multinational organizations. It is viewed that this is a difficult problem, and that the acceptable solutions should be documented. There needs to be a definition of "multinational organization". HP would like to see a single "mount point". There was a discussion of organization naming strategy. Marshall suggested that the names be fully descriptive to avoid later, possibly legal, conflicts. The naming authorities must enforce unique names within the DMD. Long names were recommended. Marshall mentioned that a small DIT depth makes browsing less effective. It is not useful to define conformance rules for a guidelines document. Conformance is useful for a given national pilot. Steve and Paul Barker will edit the document and distribute to the group. At the next meeting it will be proposed that the Internet Draft (Naming Guidelines for Directory Pilots) be progressed to an RFC. 18. Naming for Internet Pilot Marshall gave a presentation of a paper he and Einar Stefferud had written to be presented at the NADF, US-CCITT-Study Group D, and ANSI as well as to this group. The problem is that there are no OSI numbering authorities in the US, but they are needed for pilots to advance to a production stage. ANSI has accepted over 500 applications for OIDs under 1.2.840, but due to legal problems have not assigned any. Numbers are not a problem for ANSI but names are. The only legal method would be to assign the name and then publish the fact in the Federal Register with the reserve to revoke on a 6-month challenge procedure basis. GSA has been assigning NSAPs under AFI/IDI=47/0005, only for federal agencies. IANA has assigned several hundred OIDs under 1.3.6.1.4.1 for internet network management use. US-CCITT-SG-D is trying to make a national decision on naming, but only for an X.400 ADMD/PRMD registry and not for X.500. Possible naming universes are geographical, political or community. Civil authorities are the best choice as it gives a familiar and undisputed structure. However collisions in RDNs must be avoided. The proposal suggests using the numeric code assigned by ANSI for the RDN itself. This was heavily disputed, but as Marshall noted it would be legally defensible. The consensus was that we should fix ANSI rather than using numeric RDNs. Marshall and Stef believe that their presenting this proposal to the four groups will force a national decision. The proposal went on to recommend use of numeric codes for states and populated places. Naming of OSI entities was included, and there was a suggestion that non- OSI entities should get names too (eg. SNA, TCP/IP applications). Steve suggested that this be made into an Internet Draft but not a standard. Marshall will make the changes suggested by the group before the NADF presentation in March. He will "lean heavily" on ANSI to begin assigning names. Beth Summerville is ANSI's registrar for the naming authority function. 19. Security Peter Yee's paper was revised since the last meeting. There were not many changes due to lack of comments at Boulder. Marshall said that it will be necessary to consult with the IETF Security working group before progressing this document. Peter will contact Steve Crocker to get help on proper security terms and concepts. Marshall suggested splitting the discussion in the paper between authentication (simple now, strong later), and authorization (access control lists). Paul suggested including an ACL to control access for searching. Steve suggested that this should become an Internet Draft with title Security Requirements for X.500 in the Internet. There should be a companion document for Security Solutions, and this should reference the 1992 CCITT document. A problem at MIT is that they want to limit searching their organizations to return data only if less than n entries. HP wants to disallow searching their organization entirely. Peter will revise the document and send it out to the list by March 1. 20. Directory Assistance Protocol Marshall wrote an RFC describing a protocol used by PSI's Macintosh DUA client. It documents existing practice and is not a standard. The server is part of ISODE. He characterized the protocol as "horrid". Tim Howes has also been working on a Macintosh DUA with a different protocol. Tim will write an RFC for his DAP pretty soon. 21. Quality of Service Steve submitted an informal writeup to suggest that QOS attributes be added to the schema to represent the advertised quality of DSA services in the pilots. This was thought to be a good idea and there were no objections to including this in the Schema document. 22. Notable Actions, Dispositions and Promises a. RFC Progression The following documents were recommended to be progressed to RFC status: Replication Requirements to Provide an Internet Directory Using X.500 (section 6a) Replication Solution and Distributed Operations (section 6b) An Interim Approach to Use of Network Addresses (section 6c) A String Encoding of Presentation Addresses (section 6d) Using the OSI Directory to Achieve User-Friendly Naming (section 8) Domains and X.500 (section 9) Overall Plan (section 12) Internet Schema (section 16, and including QOS item in section 21) Naming Guidelines for Directory Pilots (section 17) b. Action Items Strategy document will be revised by Steve (sections 4, 12). The issue of travel funding will be investigated by Steve (section 5a). A formal response to NIST will be drafted by Steve (section 5b). The replication documents will be sent to ISO via ANSI and Paul Koski by Steve (section 5c). Jon Postel, for the FOX project, will set up a mailing list, and produce monthly reports coordinated with PARADISE and the Internet Monthly Reports (sections 10 and 14). Chris Weider will start up the new Directory Information Services Infrastructure working group (section 15a). Chris and Mark will write an RFC on representing network infrastructure information by March 7 (section 10). Marshall Rose will lean heavily on ANSI to assign organization ids and names (section 18). The security document will be revised by March 1 by Peter Yee (section 19). 23. Date and Venue of Next Meeting There will be no OSI-DS meeting at the March IETF. The next meeting will be after that, to be decided on the list. A possibility is a video conference, or alternatively a face to face meeting either in Ann Arbor or on the east coast in May or June. The choice depends on online discussion of the working drafts. Given some comments, it might be appropriate to wait until July. Steve will poll the group after the next round of editing. 23. Thanking the Host Ruth Lang and SRI International were thanked for their excellent services including a lunch.