CURRENT_MEETING_REPORT_ Reported by Ed Reed/Xerox Minutes of the OSI Directory Services Working Group (OSIDS) The Working Group began with introductions and was followed by a review of the Agenda and the Minutes of the November 1992 meeting. The Minutes were accepted without comment. The session continued with the Liaison Reports. 1. WG-NAP (Erik Huizer) There are three task forces working: o Work that Panos-Gavriil Tsigaridas is doing. o Data Management - how to get data into the directory, and keep it up to date and accurate. o Legal and Privacy issues - going to publish first results as an analysis of Dutch and other regulations recently published. 2. NADF (Tim Howes) Decided to open to users, but as non-voting members. Piloting continues. 3. DISI (Tim Howes) Reformed under the Integrated Directory Services Working Group, with the addition of Whois++, want to address general directory issues. 4. AARNet (Mark Prior) One of the divisions of Telecom have joined the pilot. Currently doing a Whois++ startup. Trying to get a new binary distribution of ISODE 8.0 ready. 5. Paradise The First project ended with 1992. Next Project (transition) will run sixteen months. Now also has Inrea as a partner. Using Quipu and Pizzaro implementations. DE now will perform very broad (c=??/cn=name) searches. China, Slovenia (means ISODE 8.0 required), Croatia, Slovakia have joined. A question was raised about the issue of intellectual property rights associated with DE and other Paradise tools. 6. NREN-NIS (Sri Sataluri/Mark Kosters) Internic will begin providing services April 1. - Internic 1 personal listings will be available. Will provide DE access, and other X.500 services and WAIS. Plan to make WAIS info avail via X.500, too, but not immediately. Plan to make registration data available via X.500. 7. DOD Defense messaging system will take over the old switches including Autodin. Will be X.400 based, and are building an X.500 directory support. 8. Integrated Services Panel (US/GSA) There's a newsletter describing efforts available. Directory services now are flat file, with X.500 direction. Progression of Standards (Erik Huizer) o Published the Strategy Document. There was a long discussion which had been prompted by John Curran but he was unable to be here to discuss. o LDAP It was not clear whether the Document was published, but it had left the IESG. There may be a block of some sort - Tim Howes took an action to see if it's being held up in the IAB. No other documents are pending immediate progression. DSA Metrics will be discussed later. Experiment Progress DIT Counting Character Set JPEG Concluded at previous meeting, other than for publication of new approach in updated RFC1274 QOS DE QOS: - Paul Barker Feature Added to latest DE Those familiar with Directory Knowledge * Which org's data likely to be available * Likely to be returned tolerably quickly * attempts to provide naive user with some info Doesn't follow OSI-DS 15 * coverage - 1 out of 62 GB orgs have QOS attributes 2 * Data vs DSA - emphasis should be on data avail, rather than DSA avail * Response time - no attempt made in OSI-DS 15 to indicate likely response time * Credibility - values self-assigned. Approach used DE uses simple database of information availability and response times - "result" of each query added to QOS database ((query times > threshhold time) && info for that query is database)) users told how long query usually takes or user told if query unlikely to succeed on basis of recent failures Shortcomings of current approach Database built only from 'simple' query mod power searching provides much more information No account taken of when a query is made (time of day) More hysteresis is needed Abandons are not recorded no timestamping of information Database trimming tools are needed Database is too simple at the moment. The Group has not concluded that the draft OSI-DS 15 should be abandoned, if more of the values specified there are in fact implemented. The question is whether DSA and DUA implementors will build OSI-DS 15 approaches, or not. There is some overlap between this experiment and the MADMAN efforts. Gavriil Tsigaridas reported some of their efforts have raised an issue with DS-15's use, or lack of, object type data in the QOS database. One approach is to just record information about times to find people. Information is probably only of interest at the local level - views are too different from other places via other access mechanisms. There is some value to share the implementation approach taken, but this is an experiment, still. Seems like we've gone far enough on DS-15, and we should look in some other direction. DS-15 is complementary, but should be extended with interface native information which doesn't belong in the directory. Paul will see if he can make what he's done available for others to implement. A poll of the Group indicated continued interest in developing OSI-DS 15, but no there were no volunteers to be the editor. 3 Schema Working Group A previous meeting chartered a small subgroup to look at this. That Group never got together. There have been other issues (JPEG, etc.,) which have come up needing help, too, but still no volunteers to edit. Panos Gavriil Tsigaridas' Document Panos asked people to please read his document. Applications need the ability to use a common repository for information about management information, there would be a valuable synergy. Charter Review Steve and Erik each published Draft Charters. Steve doesn't think it makes sense to put things into the Charter which need to be done, if there's not support from the Working Group members to do them. He proposes four: 1. Liaisons 2. Schema Coordination 3. DSA/DUA Metrics 4. IP address representation Erik points out we need to be stricter in our procedures and resources as the IETF grows - specifically with regard to Charter and time schedules. Only if there are concrete objectives and times will the Charter be renewed. Erik's list includes: 1. Non-white pages use of the directory 2. Test strategies 3. Schema management 4. Guidelines for technical implementation, migration to 1993, and database coupling. Paradise has an objective including interoperation of directory services. Interoperation is more properly a target of pilot projects, with which the Group wants to liaison, but that should not be part of this Group's Charter. Perhaps if the Group defined where the holes in the standard exist which preclude interoperability, and publishes RFCs to fill the holes, then at least there would be a unified face to the implementors. For instance, Siemans has delivered an RFC based product, which goes beyond the OSI Standard, when pressed by pilot managers. To some extent, this seems to be a necessary activity, in spite of the continuing claims by vendors that the extensions are non-standard, and 4 will be obsoleted by the next standard. (Erik) - IDS will focus on general problems relating to directory services, while OSIDS will focus on X.500 specific issues. Metrics Roland - Has been testing the Siemens DSA. Has also had to look at interoperability testing. There are holes in the standards - schema handling, access control, etc. There appears to be holes in the metrics, too - they report good results, when you know there are problems. Paradise - Paul Barker Discussed new data management tools in more detail - which will be available shortly. Archie-like service based on X.500...begins with a leap of faith that it makes sense to record information about documents in the directory. The presentation provided an overview of the approach to be taken. The sense of the Group was that the it should take the project being done as a work item. Paul will edit the papers he's done towards an RFC. Representing WHOIS data in the X.500 Directory (Sri Sataluri) The objective is to provide access to information about network entities and to define a schema for representing that data. A concern was expressed that that approach may simply be replicating a centralized database, and not really distributing it - but there was disagreement with that concern. Charting Networks in the Directory (OSI-DS 37-39) - Glenn Mansfield and Thomas Johannsen The presentation included background, problem discussion and a description of a proposed solution. The objective is to provide a distributed map of the network. Not only topology, but the policies, costs, services, properties, administration and management attributes, and contacts. Many kinds of applications can use the information, but network management is the main thrust of the effort. CONMAN Project is addressing configuration management. SOFTPAGES Project is addressing cost computation, using the configuration 5 information from CONMAN, etc. In addition, file server contents is indexed in the directory. The consensus of the Group was that the it should be dealing with the problems described here. A subgroup of volunteers agreed to meet over dinner and plan work (Paul Barker, Tim Howes, Thomas Johannsen, Mark Knopper (silent volunteer) (missed dinner), Mark Kosters, Ruth Lang, Sylvain Langlois, Bruce Mackey, Glen Mansfield, Ed Reed, Sheri Repucci, Sri Sataluri, Mark Smith and Scott Williamson This group identified a list of documents to be published, and accepted volunteers to edit the them. o Roadmap (Steve H-K) o IP Addressing Schema (Glenn, Thomas, Mark Ko, Sri) o Network Objects Schema (Thomas, Sri, Ed, Mark Ko.) o RFC1279 Revision (Mark Ko.) o Naming Layout (Sri) o Transition Plan for Existing Services and Deployment (Scott, Glenn) o Business Process Model (Operations Guidelines) - Glenn o Security and Privacy (Tim) o OSI Addressing (to be determined) o XNS Addressing (Ed) Abstract: Charting Networks in the Directory. Work in progress at AIC, WIDE, Tohoku University. There is a dearth of information about the network - Interconnections, policy of transit n/w's, contact persons, .. The present status of the n/w info is piecemeal and diverse - geographical separations [ the various NICS, ...] - specific Usage oriented [ DNS, whois, .... ] A Unified view is proposed- something like a global annotated n/w map showing interconnections and their properties and policies the functions/services of the elements admin/mgmt related info form the base of Directory Services name , address , manager, policy, route, ... The Map may be used for Conf mgmt : see n/w configuration, designing/administration/planning Route mgmt: checking optimality of paths, support route servers, ... Fault mgmt: alternate paths, .. Service mgmt: information on servers/services, Managers, users, 6 By definition the Map is Huge, quasi-static, geographically distributed and requires distributed control & maintenance X.500 based distributed directory provides the base for such a map Points Addressed in the Proposal: -Scalability, distribution of control & maintenance, preservation of admin/political boundaries < X.500 based model -Simple representation < should be close to the real world -Minimize data duplication < images like organizationRole to be used -Use existing services/info [ DNS, NIC ] for bootstrapping -Address evolving technologies/problems [ supernetting, ..] The network Map: - comprises of networks, nodes, interfaces Images: - allow several functional images of the same physical n/w OSI/IP/SNA descriptions of the same n/w is possible The Applications that are coming up: - ConMan Project - Configuration info supplements other mgmt info - Displays map, finds manager who should be contacted - Suggests bypasses in case of problems - SoftPages Project - Target is to optimize document retrieval - The "Map" gives the cost [function of speed, tariff, ...] from the user to the ftp servers - The "Map" also contains info about the servers and contents - The "cheapest" server from the user is found - NIC info server - provides a single-window whois-type service Status: - Pilots have been implemented [ Thomas will present ] - experimentation has been carried out [ Thomas will present ] Plan of Action - develop strategies/tools for populating the Directory - take the pilot to wider [ national -> international] arena link NICs, Maps - develop nice UAs, applications Time Frame - Next IETF: More Results, population, coverage, usage. Bootstrapping strategies. 7 Notes to talk of Thomas Johannsen: Implementation of OSI-DS 37-39 in national pilot done. Aim: representing - networks - IP numbers - ftp archives Interaction of following information supported by references and tree structure: - white spaces namespace - network descriptions - IP number namespace - DNS namespace 1) Networks in the Directory: Populating => in general no config database available => upload existing data from WHOIS, BITNET.NODES, DNS... => gathering data "by hand" from network admins, ... ==> Technical and administrative support needed. NIC support experimental upload of parts of JNIC-WHOIS database into X.500 done. Autoconvert for part of JNICs database (IP numbers 133.*.0.0) produces: X.500 object number organization 194 organizationalUnit 247 pilotPerson 429 IPnetwork 228 IPgroup 228 => uploading WHOIS to X.500 helps populating white pages space, too! Problems of autoconvert: - non-unique use of org-names - addition of organizational entries over DSA boundaries difficult - X.500 access rights X.500 based whois responder as user agent provides access to white pages and non-white pages information. Send mail to x500-query@aic-wide.aic.co.jp with subject 'help'. 8 2) Pilot Directory configuration (for OSI-DS-38/39) 3 DSAs form isolated pilot world for experiments number of objects in pilot DSAs: object Sazae Saki Guppy total organization 8 3 193 204 org.-Unit 19 11 244 274 pilotPerson 34 7 416 457 network 13 0 0 13 ipNw'Image 41 8 202 251 node 71 0 0 71 ipNd'Image 80 5 2 87 port 49 0 0 49 ipPortImage 83 8 3 94 del.Block 0 0 24 24 ipGroup 0 0 244 244 ipReference 0 0 65 65 fileServer 8 4 3 15 file 12287 2839 7895 23021 total 12693 2885 9291 24869 3) Soft Pages Project (OSI-DS-39) aim: reduce unnecessary ftp traffic - provide help for efficient and network optimized file retrieval - use of network connection properties - representation of contents of fileservers in the Directory Maintaining SoftPages: - initial loading of all filenames into the Directory (once only) - daily addition and deleteion of new or outdated files (number of files depends on size and activity of fileserver) - final deletion of all filenames from Directory when fileserver goes out of operation (once only) => can be done by crontab job which reads ls-lR, builds diff to previous entry and has DUA functionality (add/del in DIB) estimated size of ftp servers to track: typically 3000 - 10000 files; with several tens to hundreds changes per day. Bulk loading tests performed on pilot DSAs. Summary: addition of 10000 file objects takes approx. 30 minutes daily updates takes about 1 minute Using SPP Searching filenames as - full match, - leading substring match, 9 - non-leading substring match. Result of tests: searching one object takes about 1 second for amount of up to 10000 objects in one ftp-mirror. Investigating impact of SPP cost = f (speed, traffic, charge, priority) cost calculation in experiment done by using ftpd-logs and simplified backbone network map of Japan Internet. - randomly chosen logs of 5 ftp sites - scanned about 35000 anonymous get operations - checked for filename, size, date against 45 ftp sites - IF file was found in ls-lR of a cheaper ftp site THEN non-optimal retrieval. results expressed as non-optimality ratios: no. of files 32 % bytes 38 % total cost 50 % 4) Summary Non-white pages X.500 usage by several applications, e.g. NIC control, ConMan project, SoftPages project. Attendees Claudio Allocchio Claudio.Allocchio@elettra.trieste.it Jules Aronson aronson@nlm.nih.gov Paul Barker p.barker@cs.ucl.ac.uk Russell Blaesing rrb@one.com John Boatright bryan_boatright@ksc.nasa.gov George Chang gkc@ctt.bellcore.com Wayne Clark wclark@cisco.com Robert Cooney cooney@wnyose.nctsw.navy.mil Simon Coppins coppins@arch.adelaide.edu.au Thomas DeWitt tdewitt@osi.ncsl.nist.gov Marcello Frutig frutig@rnp.impa.br Roland Hedberg Roland.Hedberg@rc.tudelft.nl Marco Hernandez marco@mh-slip.cren.edu Gerd Holzhauer holzhauer1@applelink.apple.com Jeroen Houttuin houttuin@rare.nl Tim Howes tim@umich.edu Erik Huizer huizer@surfnet.nl Barbara Jennings bjjenni@sandia.gov 10 Thomas Johannsen Thomas.Johannsen@ebzaw1.et.tu-dresden.de Kevin Jordan Kevin.E.Jordan@cdc.com David Katinsky dmk@pilot.njin.net Steve Kille S.Kille@isode.com Mark Knopper mak@merit.edu Mark Kosters markk@internic.net Lakshman Krishnamurthy lakashman@ms.uky.edu Mary La Roche maryl@cos.com Ruth Lang rlang@nisc.sri.com Sylvain Langlois Sylvain.Langlois@exp.edf.fr Bruce Mackey brucem@cinops.xerox.com Bill Manning bmanning@sesqui.net Glenn Mansfield glenn@aic.co.jp Judy Nasar jdnasar@magnus.acs.ohio-state.edu Geir Pedersen Geir.Pedersen@usit.uio.no Mark Prior mrp@itd.adelaide.edu.au Edward Reed eer@cinops.xerox.com Sheri Repucci smr@merit.edu Jim Romaguera romaguera@cosine-mhs.switch.ch Yzhak Ronen y.ronen@homxa.att.com Marshall Rose mrose@dbc.mtview.ca.us Srinivas Sataluri sri@qsun.att.com Mark Smith mcs@umich.edu Larry Snodgrass snodgrass@bitnic.educom.edu Catherine Summers cfs@cos.com Louisa Thomson louisa@whitney.hac.com Panos-Gavriil Tsigaridas Tsigaridas@fokus.berlin.gmd.dbp.de Alan Williamson scottw@nic.ddn.mil Russ Wright wright@lbl.gov 11