CURRENT_MEETING_REPORT_ Reported by Paul Barker/University College London Minutes of the OSI Directory Services Working Group (OSIDS) Special thanks to Sri Sataluri, Mark Prior and Ken Rossen for their contributions to these minutes. DSA Performance Study (Roland Hedberg) DSA performance statistics are being circulated by Leggenhager regularly. But this study is based on study of the logs. Reachability o level-0 DSAs - Percentage of success vs. number of attempts. The more seldome a DSA is accessed the greater the probability of reaching it. o level-0 DSAs - Level-1 DSAs: some DSAs can never be reached. This is where the real data is. o Some 50% are working very badly while the other 50% are working very well. o EDB-updates of root cn=Giant [September 1993] - It takes some time for all DSAs to get updated (more than two days). Some people carry out updates every 10 minutes. Some do it on a daily basis. So if one update fails/connection is missed , it takes 48 hours for the update to go through. o EDB updates of c=CH from cn =chinchilla [August 1993] - All updates are done by 10 hours. Much better scene. - Update speed and time between information changes. When some things happen, a lot of things follow. * NL has about 100 updates/month [max]. A slave DSA did one update in two months during which 90 changes occurred. o Question and Answer: Erik: What are the reasons? Wrong implementation? Negligence? Bad configuration? Roland: Peoples' ignorance. In some cases the nature of the information is important. Thus, one has to be careful. Steve: Are there any messages for implementors? service providers? Roland: Reachability cannot be helped. A reasonable time should be set for slave updates (at least for country DSAs). Sri: A particular DSAs unreachability does not imply the unreachability of the related DIT---for c=US there is a master and two slaves. Would like to share the tools used in this study. Roland: Will post the tools to the list. CLDAP (Steve Kille) This is a connectionless protocol for retrieving names (something more similar to DNS) from the directory. It is an important element for deploying the directory and it is generally agreed that it should be moved speedily to a Proposed Standard. Erik Huizer stated that a similar proposal has been discussed by Christian, similar in functionality, but it has not been put on paper. Steve Kille indicated the group will proceed as if there is no other document. If Christian's document appears, and if it becomes necessary, the group will review the present CLDAP document in that light. Both CLDAP and Christian's proposal are LDAP-compatible. If one needs authentication, Steve said LDAP will be used. A period of two to three weeks will be allowed for electronic discussion. After that, if there are no comments/changes and if there is no review requirement in the light of the document which Christian may issue, then the document will be submitted for consideration as a Proposed Standard. The above resolution was approved by a show of hands. Networks in the Directory (Glenn Mansfield) o OSI-DS 37/38 present status - Two Internet-Drafts have been in circulation since July 9, 1993: * draft-ietf-osids-chart-network-dir-00.txt Explains the necessity of network maps and its possible uses. * draft-ietf-osids-ipinfo-x500-dir-00.txt Contains the schemas for representing IP-networks in the Directory. Steve said that these Internet-Drafts will be recommended for consideration as Experimental RFCs. - So far, there have been no negative response/comments on mailing list or via personal mail (and few positive ;-) - Experiments/implementations are being carried out at several sites. - Waiting on working group action. o Deployment strategy for Directory in the Internet - document highlights * issues * bootstrapping * DIT structure * relationship to existing Directory * deployment stages - Status of deployment * Network Information * WHOIS * DNS The deployment document was circulated in Amsterdam and only minor changes were necessary. Steve said that it needs to be made into an OSI-DS document. o Network Information Applications based on this include: - Network maps for configuration management. - Connection trees (useful in intelligent polling/fault management). All from the directory. - Softpages Clients make use of X.500 in several stages: * get list of file-servers [Static-list/archie] * get path to file servers [Static/traceroute] * get attributes for computing cost of paths [Static/ping] * search for file that is being sought [archie-server] (Presently, if the information is unavailable from X.500, alternate sources/methods are used.) o JPNIC whois DB is in Progress. - WHOIS-DB ! X.500 mapping done * translation is difficult - +Names do not match ... +Characters [ Kanji ] do not match +Multi-lingual attributes * translation is in progress can be seen under @c=JP@o=Japan Network Information Center@l=Registered Organizations - ``register'' schema is necessary o DNS in the directory There are problems with the present schema. Improvements and changes are being made and the group hopes to circulate a draft by the end of November and to commence deployment by the end of December. - Improvements/Changes * DomainSOA object contains the SOA related detail * Object for each resource record type * Object DNSMailBox for the mailbox info is a subclass of top (unlike in RFC 1279) o Application Support - NTP * Configuration of the NTP tree * Query the directory to find out possible peers - WWFS * Configuration of the file system * Good choice from the users point of view - Other maps Glenn indicated that the group was in the process of preparing a document on this. o Operational issues - Real life applications are starting - Reliability of DSAs has to be improved - In case of problems due to other domains ... * Complain privately to the responsible person for the domain. * Complain publicly to the responsible person for the domain. * Complain to the parent domain authorities. * Ask the parent authorities to excommunicate the domain. (Quote from RFC 1033) Steve stressed the importance of having an operations guide. Glenn said it is being worked on and presently it is an image of the DNS Administrator's Guide. A first draft will be posted the to the list for discussion. Liaisons o ISO/IEC/ITU-T (Ken Rossen) (ITU-T is the successor organization to CCITT) The ISO/IEC Directory group has not met since the previous report to the IETF. Work on Management of the Directory is receiving the most attention, and an interim meeting of the Directory group is expected for February 1994 in Geneva in order to focus on progressing this work. The ITU last-call ballot on the ITU-T X.500 1993 extensions, which is the last hurdle to be cleared by the new edition of the standard, is drawing to a close. This vote is expected to be uneventful, and to allow publication of the 1993 [ISO/IEC 9594 j The ITU-T X.500 Series of Recommendations] before the end of the year. Output documents from the last ISO/IEC/ITU Directory group meeting are available from the OIW DS SIG archive (see below). Ken Rossen or Hoyt Kesterson can supply further information, if needed. o OIW DS SIG (Ken Rossen) The DS SIG has been devoting most of its effort to contributions to the ISO work on Directory Management and collaborative work with the X.400 API Association (XAPIA) on Directory Synchronization. In Directory Management, the SIG has been soliciting and reviewing MIBs and management models from a variety of sources (including relevant IETF drafts) and, at its December meeting, will consider generating a working paper for input to the next ISO/IEC/ITU meeting. Of particular interest to the SIG has been a management requirements document and GDMO-defined MIB for the Directory written up in a paper from the University of Missouri, Kansas City by a team led by Dr. Adrian Tang. The synchronization work arose in the XAPIA as an endeavor to address the problem of keeping LAN E-Mail directory information current across heterogeneous technologies, and in the DS SIG as an effort also to provide for interworking and eventual migration to X.500. The SIG has proposed that lightweight versions of Directory protocols (DISP, DAP, or a combination) be used to model the X.500/proprietary directory interaction, and vendors have also supplied several now-proprietary schemes as alternatives. This group will meet in November in Mountain View, and jointly in conjunction with the next DS SIG meeting in Gaithersburg in December. The DS SIG mailing list is accessible by sending mail to dssig-request@nist.gov, and the archive of working documents including notes on all of the above is on nemo.ncsl.nist.gov:~pub/oiw/dssig. For more information, contact Ken Rossen. o NADF (Tim Howes) Tim reported that the NADF has now created a ``user organization'' membership category. Thus NADF will now be comprised of both providers and users of directory services. The pilot is on-going. The next meeting of the NADF is in Reston, Virginia, the week of November 8, 1993. o AARNet (Mark Prior) - AARNet Engineering Working Group (AEWG): AARNet has formed an AARNet Engineering Working Group to provide advice to AARNet on operational issues. The existing working groups, including the the OSI Directory Services Working Group, will be motherhooded into this new structure. The AEWG will be officially announced in a couple of weeks at the Australian Networkshop (November 30 - December 3). - New ISODE Binary kits: The AARNet DS working group has produced two updates to their binary kit releases, one for DEC MIPS and the other Sun SPARC. These kits are based on ISODE 8.0. Another release is expected soon that incorporates LDAP 3.0. These kits are available on archie.au. - Shadowing reorganization: In Australia we try to shadow all country level EDB files in order to improve local performance (all other DSA's have Bush Dog as a prefered DSA). This has worked OK but reliability problems are occurring due to Quipu going into a coma while fetching a new EDB file. This is especially impacting Anaconda the Australian master. We hope to reorganize our DSAs so that only Bush Dog does the remote fetches, thus allowing Anaconda to be available for local update. It is hoped that other countries will make the EDB file available for anonymous FTP and that way we could do some non X.500 based shadowing. This wouldn't be a problem if there was an incremental EDB update facility. - Public access to the directory from archie.au: A public access point to the directory is run on archie.au (userid=de) and last month there were just over 4000 accesses to this facility and nearly 10,000 queries made to the directory. Mark sends his thanks to the IETF for multicasting this meeting and thus permitting him to participate. Further, he expresses his appreciation to all speakers who used the microphone. o PARADISE (Roland Hedberg) PARADISE has not met since the Amsterdam IETF. The next meeting is scheduled for November 1993 in London, England. The PARADISE project will officially end in April 1994. The future of the project is as yet unknown and will be the subject of discussion at the next meeting. PARADISE is on the verge of releasing the Bulkloading tools. Paul Barker has just sent out a Request For Comments on possible additions to the DE client. o NREN-NIS (Sri Sataluri) The InterNIC Directory and Database Services is running a level-0 DSA named ``Pied Tamarin'' for c=US. This DSA slaves almost all data mastered by cn=Alpaca and permits slave updates. So far, twenty-eight organizations are using the InterNIC facilities to list their organizations. The Gopher to X.500 gateway is the most heavily used DUA interface. We also use the ISODE Quipu 8.0 DE as a public-access DUA and have not yet upgraded to later versions. We are waiting for a response from the RARE Operational Unit granting permission for us to use the software. Schema Working Group Members include Sri Sataluri, Tim Howes, Ken Rossen, and Russ Wright. The goals of this group are to: o Identify a repository and appropriate useful formats for publicizing and distributing schema elements (object classes and attributes) to the Internet community. o Facilitate broad-based experimentation with new applications of X.500 by publicizing experimental schema elements. o Maintain a stable production schema for the Internet, including definitions both for common core of elements and application-specific subschemas. A draft document was sent out to the osi-ds mailing list on November 4, 1993. To receive a copy please send mail to sri@internic.net. A revised form of this document (Procedures and Guidelines) will be released as an Internet-Draft in the first week of December and should eventually become an Informational RFC. Please send comments ASAP to schema@ds.internic.net and/or osi-ds@cs.ucl.ac.uk. In addition to the procedures document, the schema group will publish a standards-track RFC that will document the ``core Internet Schema'' (successor to RFC 1274) and an Informational RFC documenting the current Internet Schema will be issued on a six-month update cycle. The schema group will announce the availability of the ``Internet Schema'' and will start accepting updates on December 1, 1993. Comments, suggestions, and submissions should be sent to schema@ds.internic.net. As and when the ``Internet Schema'' gets updated, an announcement will be sent out using a mailing-list schema-announce@ds.internic.net. To join this list, please send a message to schema-announce-request@ds.internic.net. RFC 1384 Update - X.500 Naming Guidelines (Steve Kille) The members agreed to progress this document as an Informational RFC. Comments should be directed to the authors and/or to the list ASAP. Charter Discussion Erik Huizer, an Applications Area co-Director, presented a short summary of the previous day's meeting. Here are the salient points: o The OSI-DS Working Group in its present form cannot continue and should be disbanded and a set of small focussed working groups be set up. o WHOIS++ and X.500 address similar issues and hence common problems need to be identified and worked on. Resources are too scarce for duplication of effort. A strategy (proposed by Steve Kille and accepted by everyone) is to identify a set of working groups that will work on the open issues of the OSIDS Working Group and prepare charters for these new groups. The charters, and the need for more or fewer groups, should be discussed in the osi-ds mailing lists. By the Seattle IETF, the new working groups should be constituted and the OSIDS Working Group should be disbanded. There was strong support for continuing to maintain the osi-ds mailing-list. A list of possible working groups and chairs was composed at the meeting: o Lightweight Protocols for Access and Synchronization (LDAP, CLDAP, SOS, SOLO, etc.) -- Tim Howes o Data Structure and Schema Management (will use a design team approach for schema issues; deal with naming issues) -- Sri Sataluri o Index Services and Distributed Search (Index DSAs, Centroids, etc.) -- Simon Spero o Use of Directory for Network Management -- Glenn Mansfield o URN --> URL Resolution The following suggestions were made: o There is a need for the Data Structure and Schema group. Similar efforts in other groups should also be folded in. o Access and synchronization issues should be split. o Do not fragment the work into too many things. o There is widespread desire for creating a group to discuss operational issues. This motion was seconded later by Linda Millington, Mark Prior, and Arlene Getchell. o Operations issues must be dealt with in the operations area. There are plans to create an IOTF (Internet Operations Task Force) since, in several projects, the technical work is more or less finished and operations issues are becoming vital. Until the IOTF is formed the IDS Working Group will be used to get the operations work done. o In the IIIR Working Group meeting the issue of forming a working group to discuss Quality Assurance Issues for X.500, Gopher, WAIS, WHOIS++, etc. was discussed. There will be a BOF at the Seattle IETF. A mailing-list (quality@sunsite.unc.edu) is being formed to discuss the quality issues. To join, send a note to (listserv@sunsite.unc.edu) with the following body: subscribe quality Attendees Claudio Allocchio Claudio.Allocchio@elettra.trieste.it Glen Cairns cairns@mprgate.mpr.ca Richard desJardins desjardi@eos.nasa.gov Urs Eppenberger eppenberger@switch.ch Qin Fang qin_fang@unc.edu Jill Foster Jill.Foster@newcastle.ac.uk Vincent Gebes vgebes@sys.attjens.co.jp Arlene Getchell getchell@es.net Mei-Jean Goh goh@mpr.ca Chris Gorsuch chrisg@lobby.ti.com Roland Hedberg Roland.Hedberg@rc.tudelft.nl Tim Howes tim@umich.edu Richard Huber rvh@ds.internic.net Erik Huizer Erik.Huizer@SURFnet.nl Barbara Jennings bjjenni@sandia.gov Steve Kille S.Kille@isode.com Kanchei Loa loa@sps.mot.com Glenn Mansfield glenn@aic.co.jp Wayne McDilda wayne@dir.texas.gov Lars-Gunnar Olsson Lars-Gunnar.Olsson@data.slu.se Rakesh Patel rapatel@pilot.njin.net Karen Petraska-Veum karen.veum@gsfc.nasa.gov Marshall T. Rose mrose@dbc.mtview.ca.us Kenneth Rossen kenr@shl.com Srinivas Sataluri sri@internic.net Rickard Schoultz schoultz@sunet.se Vincent Shekher vin@sps.mot.com Mark Smith mcs@umich.edu David Staudt dstaudt@nsf.gov Jackie Wilson Jackie.Wilson@msfc.nasa.gov Russ Wright wright@lbl.gov Peter Yee yee@atlas.arc.nasa.gov Weiping Zhao zhao@nacsis.ac.jp