Editor's Note: Minutes received after the cut-off for inclusion in the Proceedings. Minutes of the OSI Directory Services Working Group (OSIDS) 1. Introduction The technical presentations were moved to the second half of the meeting. The Minutes of the Boston meeting were accepted as written. 2. Review of Action Items o Chris Weider - update on documents OSI-DS 14, 16, 17, 19, and 20. Chris asked that these documents be removed from consideration as Internet-Drafts. Chris has been pursuing this work under a different directory system and suggested that the present method of storing information, for instance, the NIC profiles information under ``o=Internet@ou=NIC Profiles'', is not clean. o Erik Huizer - progress Naming Guidelines document et. al. as RFCs. Done. o Sri Sataluri - various people to apply DUA and DSA metrics and send results. So far, three DUA metric evaluations have been submitted -- Xlookup, Dish, DE. Erik reported that the DSA metrics could not be applied to the Siemens DSA as it was installed only in the middle of November 1992. A discussion of the problems of interworking QUIPU and the other DSAs followed. Panos complained that the QUIPU Replication and Navigation mechanisms are non-standard and hence other DSAs are having trouble interoperating with the QUIPU infrastructure. Sylvain reported that the Bull DSA is known to interoperate with QUIPU. Eric and Steve reported that the latest release of the Siemens DSA will implement some of the OSI-DS RFCs, for instance, Encoding of Network Addresses. o Thomas Johannsen, Mark Knopper and Glenn Mansfield - combine their work on the IP use of the directory. In progress: o Steve Hardcastle-Kille - rewrite note on DSA naming without using QUIPU language. Not done. o Steve Hardcastle-Kille - drop OSI-DS work item. Done. o Steve Hardcastle-Kille - revise charter. Not done. o Steve Hardcastle-Kille and Erik Huizer - discuss schema management with IANA. This discussion was held and IANA was comfortable about handling administrative functions. We may need a Schema working group for handling the technical issues. o Tim Howes - write document concerning representation of OID tables in the directory. Not done. o Paul Barker - write DSA and DUA metrics documents as internet drafts. Done. 3. Liaison Reports o WG-NAP (Erik Huizer) The RARE Network Applications Services (NAP) Working Group met in Pica, Italy and identified urgent issues. The NAP Working Group resolved to work closely with the OSI-DS Working Group and will discuss the OSI-DS Internet-Drafts in future meetings. The NAP Working Group will conduct their technical discussions on the OSI-DS mailing list and the documents produced will be posted on the mailing list. They cataloged the urgent issues into three groups: - Data Management Issues. They plan to define the procedures to manage data in DSAs by large organizations and will identify tools to do the same. - Privacy and Legal issues. They will address this problem at the national level and attempt to project it to the international level. - They propose to define requirements for management of directory services -- performance, accounting, configuration, fault management, OSI management] and links to other network and system management issues. o ISO/CCITT (Ella Gardner). Ella reported on the 1992 X.500 standard, final editing meeting held at Orlando, Florida, USA between 19th and 30th October. Nine countries were represented and over 700 ballot comments were discussed. Final editor's drafts are now being polished and will be cast in stone. The text should be available by the end of 1992 which however has to be approved by both ISO and CCITT. It is hoped that ISO approval will be easy to obtain. CCITT approved a version of the document last year. During the spring 1993 meeting if CCITT approves the changes endorsed by ISO then a joint standard will be published. On the other hand if CCITT refers the document to Study Group 7 for additional balloting, the CCITT approval will be delayed. If such a referral takes place, ISO may publish its own text thus opening up the possibility of different ISO and CCITT standards. Ella Gardner said that currently lots of users are being represented at the standards meetings and urged more implementors to participate. Also new standards work on Systems Management has been approved and International and Generic Upper Layers Security are under consideration. The next international meeting will be held in Yokohoma, Japan. o NIST OIW X.500 SIG (Ella Gardner and John) A lot of work on ISPs was done, and the goal is to publish something by January in the areas in which there are editors. The ISP on strong authentication is being edited by NIST. These ISPs will reference the 1988 version of the standard. The issue of APDU size was discussed in the SIG, and a limit may be placed upon how large an APDU can become. The SIG also discussed the protocol information attribute which allows specification of the lower layers of services, and this attribute is now in the 1992 IS version. The SIG agreed on schema related issues but decided not to specify anything for DUAs except that they shouldn't die! The OIW is also discussing interoperability problems between 88 DUAs and 92 DSAs. o DISI (Chris Weider) Chris Weider reported that the last meeting of DISI discussed working on five documents: - Pilot Projects Catalog has been assigned to April Marine of SRI and Tim Howes of University of Michigan. - Advanced Usages Catalog has been assigned to Chris Weider of Merit and Russ Wright of Lawrence Berkeley Labs. - Revision of RFC 1292 has been assigned to Arlene Getchell of Lawrence Berkeley Labs., and Sri Sataluri of AT\verb+&+T Bell Labs. - A Schema document for restaurants was considered inappropriate to the Charter of the DISI Group and was referred to the OSI-DS Group. - A Manual for installing X.500 QUIPU systems was considered unnecessary as reasonable documentation is already available. o AARN (Mark Prior - read by S.Kille) - AARN upgraded two of their main servers to DS5000/125's with 32MB of memory. The DSA ``cn=Bush Dog'' is housed on one of them and ``cn=Anaconda'' will migrate to the other one eventually. - The Australian Networkshop will be held at Queensland University in December and AARN will run a demonstration directory, together with a few presentations on the X.500 Directory. Andrew Waugh will present a half day tutorial on setting up a Directory. - AARN plans to provide a proxy DSA for SME's not able to run their own DSA thus utilizing the additional capacity. - Unisys interoperability testing (RSN) will start after a copy of the appropriate database package used by the system is procured. The rest of the equipment is in place. o FOX (Tom Tignor) No formal report. DARPA funding for the FOX project has expired, and a new proposal is still under consideration by the NSF. o PSI WPP (Wengyik Yeong) No report. o Paradise No report. o NADF (Marshall Rose) The NADF formalized some agreements that relate to their ongoing pilot. The service providers need to exchange information that will allow their directories to work together, but don't want to release any proprietary information, so a Knowledge And Naming (KAN) set of information was developed. A protocol called CAN (based on 1992 DRP) was developed to exchange this KAN information. It is hoped that by the January 1993 NADF meeting, 4 or 5 service providers will be participating in the pilot. The standing documents of the NADF will be available on-line on the Internet by the end of 1992. In response to Erik's question, Marshall stated that Eurescom has a project to establish a European Directory Forum (EDF). A bootstrap meeting will probably be held in March 1993. Action Items: The Area Director Eric Huizer should write a note to the FOX, PSI White Pages and Paradise personnel and request regular reports to the OSIDS Working Group. 5. Progression of Documents to RFC Standard o String Representation of Distinguished Names as a Proposed Standard. The IESG had couple of comments. Also, Steve Kent suggested three items that need to change. The Group agreed that the ``Alternative Approach'' section will have to be dropped. Action Item: Steve will make the necessary changes. o User Friendly Naming as an Informational RFC. The UFN document could have been published as an Informational RFC, but was delayed to be co-published with the String Representation of Distinguished Names document, which had to go through the IESG. o Naming Guidelines as an Informational RFC. o Lightweight Directory Access Protocol. Action Item: Eric will progress this document shortly. o The String Representation of Standard Attribute Syntaxes Action Item: Eric will progress this document shortly. 6. Progression Schema Working Group . RFC 1274 has now been published for some time and a number of known problems and changes exist. A small working group within OSIDS was to be established to handle this work, but no one has had the resources to pursue this as of yet. The discussion with IANA reflected that IANA would be happy to handle the administrative process, but the associated technical issues are beyond them. There seem to be two possibilities for maintaining a schema document, the NREN NIC can manage it or if funded, the FOX project can manage it. Action Item: Look for volunteers to form the Schema Working Group. 7. Strategy Document (Erik Huizer) Only very minor comments were received, so Erik wishes to publish this document as an Informational RFC. Steve was disturbed by the apparent lack of comments, but Erik believes more comments will arise when the document is published, especially by co-authors. Action Item: Erik should publish this document as an Informational RFC. 8. Portable DUAs (RFC 1373) This document came as a surprise to the Working Group members as it was not proposed or discussed either in OSIDS or DISI Working Groups before publication. Some comments were already sent to the author by Working Group members. Steve is concerned that this document is not beneficial to people's impressions of X.500. It gives a brief overview of several DUAs, and instructions for installing them. What is the purpose of this type of RFC? However, anyone has the right to publish an Informational RFC. Action Item: Eric to discuss with Jon Postel that in future such documents be referred to relevant working groups before publication. 9. Progress of Experiments o QOS (Erik Huizer) - No progress yet but progress is expected after the New Year. o JPEG (Russ Wright) - The concept of JPEG has been proven and all that remains to be done is the publication of the schema. This experiment is therefore successful and concluded. Action Item: Russ Wright to publish the schema for JPEG. o Character Sets (Erik Huizer) - RARE has formed a separate working group for character set issues and is currently writing a couple of papers, but nothing is ready yet. o DIT Counting (Steve Hardcastle-Kille) - Syntax handlers have been written for QUIPU, but no operational deployment has yet been seen. 10. DSA and DUA Metrics (OSI-DS33, OSI-DS34) The DSA document is waiting for input on various implementations, while the DUA document has been completed for three DUAs (Xlookup, Dish, DE). Action Items: Paul should publish OSI-DS 33 as an Informational RFC, while OSI-DS 34 should be held as an Internet-Draft until it has been applied to at least two DSAs. Sri should compile the current DUA metrics information into an Internet-Draft. 11. Restaurant Schema (OSI-DS35) This document was not formally presented but members gave several comments. It may be worth-while to refer to something like the Michelin Guide to determine if any useful information has been left out or can be represented in a better way. Also, are the new tourist objects at level 0 really necessary? There was concern about the legality of including comments (especially negative) about restaurants in the directory. Further discussion of the schema was differed. Action Item: Working Group members should forward any comments to the author of the paper. 12. Representing IP information in the DIT Mark Knopper gave an overview of the paper ``Charting IP Networks in the Directory''. The paper includes, o A framework for representing network infrastructure information in X.500, o An IP-specific network image, o Support for the Soft Pages Project and use of the Directory to support applications such as best-cost network path for document retrieval. The essential task is to build a network map within the directory. This means disseminating information about connectivity, properties of paths, points-of-contact for network elements, etc. The services that can be offered on top of this network map include configuration management, routing management, fault management, service management, optimization, name and address mapping, autonomous systems, and network administration. A companion document, ``Representing IP Networks in the X.500 Directory,'' defines objects that are specific to creating the network map referred to above. Mark stated four specific goals of this work: o Map from network number to network, host, owner, etc. o Support delegation of IP address blocks. o Support classless IP networks. o Support differing views of the network. A third document named ``Representing File Information in the Directory'' details how to represent the resources available on anonymous ftp servers. Action Items: The ``Charting...'' document should become an Informational RFC that is related to the Informational RFC ``Strategic Plan...''. The ``Representing IP...'' and the ``Representing File...'' documents should become Experimental RFCs. 13. Revision of Charter The OSIDS Charter needs revision, as much of the stated purpose has been fulfilled. It needs to be updated to express the current interests of the Group. To help revise the Charter, on Erik's suggestion, a survey of the interests of the members in the room was taken. Here is a list, without attribution, of items mentioned as important. o The Working Group should only discuss the use of X.500 for and on the Internet and related issues, such as representation of network information within X.500, light-weight protocols, etc. o There is still a real need for coordination of X.500 pilots, to serve as a forum for solving operational problems and propagating the solutions throughout all the pilot activities. o X.500 needs to achieve critical mass, and that the Group has defined many very useful capabilities within X.500, but people need to use them. o To achieve critical mass it is necessary to make X.500 easier to install and less resource-intensive. o Defining a MIB for managing the Directory is very important. o Operational certificate management using X.500 is important to organizations such as the Office of the Secretary of Defense and the U.S. Post Office. o Electronic directories should serve more purposes than just white pages. o Security is a critical issue to be resolved before operational deployment. The University of Michigan is using Kerberos with X.500. o Need to put more energy into pilots. o Interfacing DBMS with X.500. o The pilot in USA should become active again and must be managed pro-actively. For the service to be useful the data in the directory must be accurate and there needs to be a user agent on each desk-top computer. o Rutgers University successfully implemented DNS in X.500 and is using kerberos for authentication. o Gateway issues are important. Standard APIs for popular systems like X.500, WAIS, and Gopher need to be defined. o Clean up X.400 use of directory. Mechanism for registering attributes and object classes and hence schema management. o SurfNet's 1993 transition plans to operational X.500 have the following priorities: user agents for all possible platforms, concentration on white pages services, privacy of information, and data management. With regard to privacy, it was stated that Dutch privacy law restricts directory information to items such as facsimile telephone number, telephone number, postal address, and email address. Even voluntary publication of information by individual users is illegal. In fact, if someone puts inappropriate information into a supported attribute, then the provider is liable. This will probably lead to users not being able to modify their own entries. The Dutch law further prevents export of information to countries that do not have decent privacy laws. This may prohibit internetworking with Japan and the U.S., among other countries. In summary, Steve stated that at this juncture, investigation of some of the operational issues of X.500 is going to be critical to its acceptance. There is already work going on to deal with some of the concerns that were expressed (OSISEC, SECUDE, etc.). Steve feels that X.509 has many issues associated with it, and that a separate Working Group should be set up to deal with these issues. Action Item: Steve and Erik will draft the revised Charter and circulate the document for comments on the mailing list. This document will describe all the concerns that have been put forth, while noting that some of these may either deserve a new working group or are relevant to other existing working groups. 14. AOB Harald inquired about internationalization of the directory. It was determined that no action on this would be taken at this time. 15. Next Meeting The next OSIDS Working Group meeting will be held at the 26th IETF in Columbus, Ohio, USA. "Ed Albrigo" "Claudio Allocchio" "Harald Alvestrand" "Jules Aronson" "George Chang" "James Conklin" "John Dale" "Letha Dugas" <4371362@mcimail.com> "William Edison" <> "Daniel Fauvarque" "Catherine Foulston" "Ned Freed" "Peter Furniss" "Ella Gardner" "Tony Genovese" "Arlene Getchell" "Steve Hardcastle-Kille" "John Hawthorne" "Marco Hernandez" "Tim Howes" "Erik Huizer" "Barbara Jennings" "Kevin Jordan" "Marko Kaittola" "Mark Knopper" "Mark Kosters" "John Kunze" "Mary La Roche" "Sylvain Langlois" "Edward Levinson" "John Myers" "Chris Newman" "Rakesh Patel" "Karen Petraska-Veum" "Sheri Repucci" "Jim Romaguera" "Marshall Rose" "Alan Roszkiewicz" "Srinivas Sataluri" "Richard Schmalgemeier" "Mark Smith" "Larry Snodgrass" "Simon Spero" "Catherine Summers" "Fumio Teraoka" "Panos-Gavriil Tsigaridas" "Chris Weider" "Brien Wheeler" "Russ Wright" "Peter Yee" "Yung-Chao Yu"