Integrated Directory Services Arlene Getchell Working Group Lawrence Livermore National Laboratory INTERNET-DRAFT Srinivas Sataluri AT&T Bell Laboratories February 1994 A Revised Catalog of Available X.500 Implementations Filename: draft-ietf-ids-catalog-01.txt Status of this Memo The goal of this document is to provide information regarding the availability and capability of implementations of X.500. This memo is a follow-up to the RFC 1292 - A Catalog of Available X.500 Implementations - edited by Ruth Lang and Russ Wright. This document is an Internet Draft. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. Internet Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material or to cite them other than as a "working draft" or "work in progress." Please check the I-D abstract listing contained in each Internet Draft directory to learn the current status of this or any other Internet Draft. This Internet Draft expires March 15th, 1994. Distribution of this memo is unlimited. Comments and critiques of this document, and new or updated descriptions of X.500 implementations are welcome. Send them to the Integrated Directory Services (IDS) Working Group (ids@merit.edu) or to the editors. Abstract This document is the result of a survey that gathered new or updated descriptions of currently available implementations of X.500, including commercial products and openly available offerings. This document is a revision of RFC 1292. We contacted each contributor in RFC 1292 and requested an update and published the survey template in several mailing lists and obtained new product descriptions. IETF IDS Working Group [Page 1] INTERNET-DRAFT February 1994 This document contains detailed description of twenty six (26) X.500 implementations - DSAs, DUAs, and DUA interfaces. 1. Introduction This document catalogs currently available implementations of X.500, including commercial products and openly available offerings. For the purposes of this survey, we classify X.500 products as, DSA A DSA is an OSI application process that provides the Directory functionality, DUA A DUA is an OSI application process that represents a user in accessing the Directory and uses the DAP to communicate with a DSA, and DUA Interface A DUA Interface is an application process that represents a user in accessing the Directory using either DAP but supporting only a subset of the DAP functionality or a protocol different from DAP to communicate with a DSA or DUA. Section 2 of this document contains a listing of implementations cross referenced by keyword. This list should aid in identifying implementations that meet your criteria. To compile this catalog, the IDS Working Group solicited input from the X.500 community by surveying several Internet mailing lists, including: iso@nic.ddn.mil, isode@nic.ddn.mil, osi-ds@cs.ucl.ac.uk, and ids@merit.edu. We also contacted many people by telephone and sent the template to several individuals and mailed a floppy disk containing the survey template to a person who did not have Internet access. Readers are encouraged to submit comments regarding both the form and content of this memo. New submissions are welcome. Please direct input to the parties as described in the Status of this Memo section. IDS will produce new versions of this document when a sufficient number of changes have been received. This will be determined by the IDS chairpersons. 1.1 Purpose The growth of existing X.500 pilot activities (e.g., White Pages Pilot Project) and the advent of new pilots (e.g., AARNet Directory Services Project, NIST/GSA Pilot Project) and service providers IETF IDS Working Group [Page 2] INTERNET-DRAFT February 1994 (e.g., PSI, InterNIC Directory and Database Services) demonstrate that X.500 is a viable directory service technology for building a Distributed Internet Directory. This document hopes to provide an easily accessible source of information on X.500 implementations and facilitate the continued growth of X.500. 1.2 Scope This document contains descriptions of both free and commercial X.500 implementations. It does not provide instructions on how to install, run, or manage these implementations. The descriptions and indices are provided to make the readers aware of available options and thus enable more informed choices. 1.3 Disclaimer Implementation descriptions were written by implementors and vendors, and not by the editors. We worked with the description authors to ensure uniformity and readability, but can not guarantee the accuracy or completeness of the descriptions, or the stability of the implementations. 1.4 Overview Section 1 contains introductory information. Section 2 contains a list of keywords, their definitions, and a cross reference of the X.500 implementations by these keywords. Section 3 contains the X.500 implementation descriptions. Section 4 has a list of references. Section 6 lists the editors' addresses. 1.5 Acknowledgments The creation of this catalog would not have been possible without the efforts of the description authors and the members of the IDS Working Group. Our special thanks to the editors of RFC 1292, Ruth Lang and Russ Wright who helped us get started and made key suggestions that enabled us to learn from their experience. We also acknowledge and appreciate the efforts of Ken Rossen in obtaining six descriptions. 2. Keywords Keywords are abbreviated attributes of the X.500 implementations. The list of keywords defined below was derived from the IETF IDS Working Group [Page 3] INTERNET-DRAFT February 1994 implementation descriptions themselves. Implementations were indexed by a keyword either as a result of: (1) explicit, not implied, reference to a particular capability in the implementation description text, or (2) input from the implementation description author(s). 2.1 Keyword Definitions This section contains keyword definitions. They have been organized and grouped by functional category. The definitions are ordered first alphabetically by keyword category, and second alphabetically by implementation name within keyword category. 2.1.1 Availability Available via FTP Implementation is available using FTP. Commercially Available This implementation can be purchased. Free Available at no charge, although other restrictions may apply. Limited Availability Need to contact provider for terms and conditions of distribution. Source Source code is available, potentially at an additional cost. 2.1.2 Compatibility with Proposed Internet Standards RFC-1202 Implementation supports RFC 1202: Rose, M. T., Directory Assistance Service. February 1991. RFC-1249 Implementation supports RFC 1249: Howes, T., M. Smith, and B. Beecher, DIXIE Protocol Specification, University of Michigan, August 1991. RFC-1274 Implementation supports RFC 1274: Barker, P., and S. Kille, The IETF IDS Working Group [Page 4] INTERNET-DRAFT February 1994 COSINE and Internet X.500 Schema, University College, London, England, November 1991. RFC-1275 Implementation supports RFC 1275: Kille, S., Replication Requirements to provide an Internet Directory using X.500, University College, London, England, November 1991. RFC-1276 Implementation supports RFC 1276: Kille, S., Replication and Distributed Operations extensions to provide an Internet Directory using X.500, University College, London, England, November 1991. RFC-1277 Implementation supports RFC 1277: Kille, S., Encoding Network Addresses to support operation over non-OSI lower layers, University College, London, England, November 1991. RFC-1278 Implementation supports RFC 1278: Kille, S., A string encoding of Presentation Address, University College, London, England, November 1991. RFC-1279 Implementation supports RFC 1279: Kille, S., X.500 and Domains, University College, London, England, November 1991. RFC-1484 Implementation supports RFC 1484: Hardcastle-Kille, S., Using the OSI Directory to achieve User Friendly Naming, ISODE Consortium, July 1993. RFC-1485 Implementation supports RFC 1485: Hardcastle-Kille, S., A String Representation of Distinguished Names, ISODE Consortium, July 1993. RFC-1487 Implementation supports RFC 1487: Yeong, W., T. Howes, and S. Kille, X.500 Lightweight Directory Access Protocol, July 1993. 2.1.3 Implementation Type API Implementation comes with an application programmer's interface IETF IDS Working Group [Page 5] INTERNET-DRAFT February 1994 (i.e., a set of libraries and include files). DSA Only Implementation consists of a DSA only. No DUA is included. DSA/DUA Both a DSA and DUA are included in this implementation. DUA Interface Implementation is a DUA-like program that uses either DAP, but supporting only a subset of the DAP functionality, or uses a protocol different from DAP to communicate with a DSA or DUA. DUA Only Implementation consists of a DUA only. No DSA is included. LDAP DUA interface program uses the Lightweight Directory Access Protocol (LDAP). 2.1.4 Internetworking Environment CLNS Implementation operates over the OSI ConnectionLess Network Service (CLNS). OSI Transport Implementation operates over one or more OSI transport protocols. RFC-1006 Implementation operates over RFC-1006 with TCP/IP transport service. X.25 Implementation operates over OSI X.25. 2.1.5 Pilot Connectivity DUA Connectivity The DUA can be connected to the pilot, and information on any pilot entry looked up. The DUA is able to display standard attributes and object classes and those defined in the COSINE and Internet Schema. IETF IDS Working Group [Page 6] INTERNET-DRAFT February 1994 DSA Connectivity The DSA is connected to the DIT, and information in this DSA is accessible from any pilot DUA. 2.1.6 Miscellaneous Included in ISODE DUAs that are part of ISODE. Limited Functionality Survey states that the implementation has some shortcomings or intended lack of functionality, e.g., omissions were part of the design to provide an easy-to-use user interface. Motif Implementation provides a Motif-style X Window user interface. Needs ISODE ISODE is required to compile and/or use this implementation. OpenLook Implementation provides an OpenLook-style X Window user interface. X Window System Implementation uses the X Window System to provide its user interface. 2.1.7 Operating Environment 386 Implementation runs on a 386-based platform. Bull Implementation runs on a Bull platform. CDC Implementation runs on a CDC MIPS platform. DEC ULTRIX Implementation runs under DEC ULTRIX. DEC Vax OpenVMS Implementation runs on a DEC VAX platform running OpenVMS. IETF IDS Working Group [Page 7] INTERNET-DRAFT February 1994 HP Implementation runs on an HP platform. IBM PC Implementation runs on a PC. IBM RISC Implementation runs on IBM's RISC UNIX workstation. ICL Implementation runs on an ICL platform. Macintosh Implementation runs on a Macintosh. Multiple Vendor Platforms Implementation runs on more than one hardware platform. Sequent Implementation runs on a Sequent platform. SNI Implementation runs on a Siemens Nixdorf platform. Solbourne Implementation runs on a Solbourne platform. Sun Implementation runs on a Sun platform. Tandem Implementation runs on a Tandem platform. UNIX Implementation runs on a generic UNIX platform. Wang Implementation runs on a Wang RISC platform. 2.2 Implementations Indexed by Keyword This section contains an index of implementations by keyword. You can use this list to identify particular implementations that meet your chosen criteria. The index is organized as follows: keywords appear in alphabetical order; implementations characterized by that keyword are listed alphabetically as well. Note that a "*" is used to indicate that the IETF IDS Working Group [Page 8] INTERNET-DRAFT February 1994 particular implementation, or feature of the implementation, may not be available at this time. For formatting purposes, we have used the following abbreviations for implementation names: BULL S.A. (Bull X500-DS and X500-DUA), DEC X.500 DSA (DEC X.500 Directory Server), DEC X.500 Admin (DEC X.500 Administration Facility), HP X.500 DD (HP X.500 Distributed Directory), LDAP (University of Michigan LDAP Implementation), OSI Access & Dir (OSI Access and Directory), and Traxis (Traxis Enterprise Directory). IETF IDS Working Group [Page 9] INTERNET-DRAFT February 1994 386 CLNS PathWay Messaging Bull S.A. PC-DUA DEC X.500 DSA UCOM X.500 DEC X.500 Admin DIR.X API HP X.500 DD HP X.500 DUA Bull S.A. OSI Access & Dir Custos PathWay Messaging DEC X.500 DSA Traxis DEC X.500 Admin UCOM X.500 DIR.X Wang OPEN/services HP X.500 DD XT-DUA HP X.500 DUA XT-QUIPU LDAP OSI Access & Dir Commercially Available QUIPU Traxis Bull S.A. UCOM X.500 DEC X.500 DSA DEC X.500 Admin Available via FTP DIR.X Directory 500 Custos HP X.500 DD DE HP X.500 DUA DOS-DE OSI Access & Dir LDAP PathWay Messaging ldap-whois++ PC-DUA maX.500 Traxis Xdi UCOM X.500 Wang OPEN/services Bull XT-DUA XT-QUIPU Bull S.A. UCOM X.500 DEC ULTRIX XT-DUA XT-QUIPU DEC X.500 DSA DEC X.500 Admin CDC LDAP ldap-whois++ OSI Access & Dir UCOM X.500 DEC VAX OpenVMS DEC X.500 DSA DEC X.500 Admin IETF IDS Working Group [Page 10] INTERNET-DRAFT February 1994 DSA Connectivity DUA Interface DIR.X DE OSI Access & Dir DOS-DE PathWay Messaging LDAP QUIPU ldap-whois++ UCOM X.500 maX.500 XT-QUIPU OSI Access & Dir Pathway Messaging DSA Only PC-DUA QuickMailDUA DEC X.500 DSA Wang OPEN/services XT-QUIPU DUA Only DSA/DUA DEC X.500 Admin Bull S.A. HP X.500 DUA Custos MXLU DIR.X PC-Pages Directory 500 Xdi HP X.500 DD XLU OSI Access & Dir XT-DUA PathWay Messaging QUIPU Free Traxis UCOM X.500 Custos Wang OPEN/services DE DOS-DE DUA Connectivity LDAP ldap-whois++ DIR.X maX.500 LDAP MXLU maX.500 QUIPU MXLU Xdi OSI Access & Dir XLU PathWay Messaging PC-DUA HP PC-Pages QUIPU DIR.X UCOM X.500 HP X.500 DD Xdi HP X.500 DUA XLU LDAP XT-DUA *Traxis Wang OPEN/services XT-DUA XT-QUIPU IETF IDS Working Group [Page 11] INTERNET-DRAFT February 1994 IBM PC Limited Functionality DOS-DE Custos LDAP Wang OPEN/services OSI Access & Dir Xdi PathWay Messaging PC-DUA Macintosh PC-Pages Traxis LDAP Wang OPEN/services maX.500 PathWay Messaging IBM RISC *Traxis DIR.X Motif LDAP *Traxis DEC X.500 Admin UCOM X.500 MXLU Wang OPEN/services UCOM X.500 XT-DUA XT-DUA XT-QUIPU Multiple Vendor Platforms ICL Custos *XT-DUA DE XT-QUIPU DOS-DE LDAP Included In ISODE MXLU PathWay Messaging DE PC-Pages QUIPU LDAP UCOM X.500 Xdi DE XLU DOS-DE XT-DUA LDAP XT-QUIPU ldap-whois++ maX.500 Needs ISODE OSI Access & Dir *Pathway Messaging Custos PC-DUA DE *PC-Pages MXLU QuickMailDUA Limited Availability Xdi XLU PC-Pages QuickMailDUA IETF IDS Working Group [Page 12] INTERNET-DRAFT February 1994 OpenLook RFC-1249 UCOM X.500 OSI Access & Dir XT-DUA RFC-1274 OSI Transport DE Bull S.A. DEC X.500 DSA Custos DEC X.500 Admin DEC X.500 DSA DOS-DE DEC X.500 Admin LDAP DIR.X maX.500 HP X.500 DD OSI Access & Dir HP X.500 DUA QuickMailDUA PathWay Messaging QUIPU PC-Pages Traxis QUIPU UCOM X.500 Traxis Xdi Wang OPEN/services XT-DUA XT-DUA XT-QUIPU XT-QUIPU RFC-1275 RFC-1006 OSI Access & Dir Bull S.A. QUIPU Custos DEC X.500 DSA RFC-1276 DEC X.500 Admin DIR.X OSI Access & Dir Directory 500 QUIPU LDAP XT-QUIPU OSI Access & Dir PathWay Messaging RFC-1277 PC-Pages QUIPU DEC X.500 DSA Traxis DEC X.500 Admin UCOM X.500 DIR.X Wang OPEN/services OSI Access & Dir XT-DUA PathWay Messaging XT-QUIPU QUIPU UCOM X.500 RFC-1202 XT-DUA XT-QUIPU OSI Access & Dir PathWay Messaging IETF IDS Working Group [Page 13] INTERNET-DRAFT February 1994 RFC-1278 Sequent DEC X.500 DSA DEC X.500 Admin UCOM X.500 OSI Access & Dir PathWay Messaging SNI QUIPU UCOM X.500 DIR.X XT-DUA XT-QUIPU Solbourne RFC-1279 XT-DUA XT-QUIPU OSI Access & Dir QUIPU Source UCOM X.500 XT-QUIPU DE LDAP RFC-1484 MXLU QUIPU DE Xdi DOS-DE XLU *LDAP *maX.500 Sun QUIPU Xdi Custos XT-DUA Directory 500 XT-QUIPU LDAP ldap-whois++ RFC-1485 OSI Access & Dir PathWay Messaging LDAP QuickMailDUA maX.500 QUIPU QUIPU Traxis XT-QUIPU UCOM X.500 Xdi RFC-1487 XT-DUA XT-QUIPU DE DOS-DE Tandem LDAP ldap-whois++ UCOM X.500 maX.500 PC-DUA QUIPU IETF IDS Working Group [Page 14] INTERNET-DRAFT February 1994 UNIX Custos DE ldap-whois++ MXLU QUIPU UCOM X.500 Xdi XLU Wang Wang OPEN/services X Window System MXLU OSI Access & Dir Xdi XLU XT-DUA X.25 Bull S.A. DEC X.500 DSA DEC X.500 Admin DIR.X Directory 500 HP X.500 DD HP X.500 DUA OSI Access & Dir PathWay Messaging QUIPU Traxis UCOM X.500 Wang OPEN/services XT-DUA XT-QUIPU IETF IDS Working Group [Page 15] INTERNET-DRAFT February 1994 3. Implementation Descriptions In the following pages you will find descriptions of X.500 implementations listed in alphabetical order. In the case of name collisions, the name of the responsible organization, in square brackets, has been used to distinguish the implementations. Note that throughout this section, the page header reflects the name of the implementation, not the date of the document. The descriptions follow a common format, as described below: NAME The name of the X.500 implementation and the name of the responsible organization. Implementations with a registered trademark indicate this by appending "(tm)", e.g., GeeWhiz(tm). KEYWORDS A list of the keywords defined in Section 2 that have been used to cross reference this implementation. ABSTRACT A brief description of the application. This section may optionally contain a list of the pilot projects in which the application is being used. COMPLIANCE (applicable only for DSAs and DUAs) A statement of compliance with respect to the 1988 CCITT Recommendations X.500-X.521 [CCITT-88], specifically Section 9 of X.519, or the 1988 NIST OIW Stable Implementation Agreements [NIST-88]. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS A statement of compliance with respect to the several proposed Internet Standards. INTEROPERABILITY A list of other DUAs and DSAs with which this implementation can interoperate. PILOT CONNECTIVITY Describes the level of connectivity it can offer to the pilot directory service operational on the Internet in North America, and to pilots co-ordinated by the PARADISE project in Europe. Levels of connectivity are: Not Tested, None, DUA Connectivity, and DSA Connectivity. BUGS A warning on known problems and/or instructions on how to report bugs. IETF IDS Working Group [Page 16] INTERNET-DRAFT February 1994 CAVEATS AND GENERAL LIMITATIONS A warning about possible side effects or shortcomings, e.g., a feature that works on one platform but not another. INTERNETWORKING ENVIRONMENT A list of environments in which this implementation can be used, e.g., RFC-1006 with TCP/IP, TP0 or TP4 with X.25. HARDWARE PLATFORMS A list of hardware platforms on which this application runs, any additional boards or processors required, and any special suggested or required configuration options. SOFTWARE PLATFORMS A list of operating systems, window systems, databases, or unbundled software packages required to run this application. AVAILABILITY A statement regarding the availability of the software (free or commercially available), a description of how to obtain the software, and (optionally) a statement regarding distribution conditions and restrictions. DATE LAST UPDATED or CHECKED The month and year within which this implementation description was last modified. IETF IDS Working Group [Page 17] INTERNET-DRAFT Bull S.A. NAME X500-DS X500-DUA Bull S.A. KEYWORDS API, Bull, CLNS, Commercially Available, DSA/DUA, OSI Transport, RFC-1006, X.25 ABSTRACT X500-DS and X500-DUA are integral part of the large Bull OSI offer. Although based on the DCE/GDS (Distributed Computing Environment/Global Directory Service) of OSF, those two products may be installed and used without DCE environment. X500-DS is designed to implement both the DUA and the DSA functions, whilst X500-DUA only provides the DUA functions. The X500-DUA package contains: The standards APIs XOM (X/Open OSI- Abstract-Data Manipulation API) and XDS (X/Open Directory Service API) for the development of portable applications, A core DUA to translate all user's requests (bind, read, list, compare, modify, modifyRDN, search, add, remove, unbind ...) into the DAP protocol used for communication with distant DSAs, The OSI standard protocols (ASN.1, ROSE, ACSE, Presentation and Session) for communication with the distant DSAs. The interface with the low layers of the stack being XTI. RFC-1006 is supported under XTI or the Session, A DUA Cache to improve performances when accessing remote DSAs, A management application for configuration of the product, controlling the operations and managing logs and traces, A user application for the manipulations of the database entries. The X500-DS package contains: All components of the X500-DUA, A core DSA to process all requests received from distant DUAs through DAP protocol or from distant DSAs through DSP protocol. It supports the referral, chained and multi-casting modes of operation, access control lists, simple authentication, management of knowledge information (for distribution, shadows and copies of sub-trees), A management application for managing the schema information (creation, deletion and modification of object classes and of attribute types, management of the rules of the DIT), A C-ISAM database. IETF IDS Working Group [Page 18] INTERNET-DRAFT Bull S.A. COMPLIANCE (applicable only for DSAs and DUAs) Compliant with EWOS and OIW Agreements Strong authentication in X.509 is not yet implemented. (Password scheme is currently used.) Consists of both DUA and DSA implementation according to the 88 CCITT X.500 and ISO 9594 standard. The X/Open standard XDS and XOM interface libraries are also provided. When the product is installed with the DCE environment, XDS and XOM interfaces are also used to access DCE/CDS (Local Cell Directory Service) transparently. A GDA (Global Directory Agent) serves then as the gateway between the DCE CDS and GDS. It is planned to support full 1992 extensions in the products for 1995. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS [No information provided--Ed.] INTEROPERABILITY This implementation of DAP and DSP can interoperate with other X.500 implementations from other Cebit demo participants including IBM, HP, ICL, Siemens-Nixdorf, etc. It also interoperates with ISODE QUIPU. PILOT CONNECTIVITY [No information provided--Ed.] BUGS [No information provided--Ed.] CAVEATS AND GENERAL LIMITATIONS [No information provided--Ed.] INTERNETWORKING ENVIRONMENT OSI TP4 with CLNP (WAN - LAN) OSI TP0, 2 & 4 with X.25 (WAN) RFC-1006 with TCP/IP Either BSD sockets or XTI can be used to access the transports Through XTI, both OSI and TCP/IP protocols are possible on the same machine, thus permitting to build a Directory Service distributed on OSI and TCP/IP networks. IETF IDS Working Group [Page 19] INTERNET-DRAFT Bull S.A. HARDWARE PLATFORMS DPX/2, DPX/20 SOFTWARE PLATFORMS Unix BOS2, Unix BOSX, AIX AVAILABILITY 4 Q 93 Please contact: Daniel Monges Tel: + (33) 76 39 75 00 ext. 7449 Fax: + (33) 76 39 78 56 e-mail: D.Monges@frec.bull.fr DATE LAST UPDATE or CHECKED November 25th, 1993 IETF IDS Working Group [Page 20] INTERNET-DRAFT Control Data Systems Inc. NAME OSI Access and Directory Control Data Systems Incorporated. KEYWORDS API, CLNS, CDC, Commercially Available, DSA Connectivity, DSA/DUA, DUA Connectivity, DUA Interface, IBM PC, LDAP, RFC-1006, RFC-1202, RFC-1249, RFC-1274, RFC-1275, RFC-1276, RFC-1277, RFC-1278, RFC-1279, Sun, X Window System, X.25 ABSTRACT OSI Access and Directory includes several DUAs and a QUIPU based DSA (originally based on version 6.6) with enhancements. The DUA/DSA enhancements include: Directory API based on the X.400 API. Support for X.400 objects including those to support MHS use of Directory to support MHS Routing. Integration with Control Data's MailHub (X.400 MHS) products. X Windows, curses and command line based DUA interfaces on UNIX. These interfaces support the full set of Directory operations. Windows 3.x interface on PCs. A DUA daemon that provides Directory access for applications. LDAP 2.0 and 3.0 support. Directory synchronization tools for synchronizing most PC/Mac/Dec mail directories with X.500. Enhanced photo attribute support. ACL enhancements. Hash indexing for fast string search. DIXIE, DAD and PH.X500 support. SNMP based monitoring and management of DSAs. Control Data Systems offers complete integration services to design, plan, install, configure, tailor and maintain X.500 services. These services may include the preparation of customer unique DUAs and tools for X.500 integration, synchronization, operational control and management. OSI Access and Directory is in production use at several government, commercial and academic sites. Some sites are supporting Directories in excess of 120,000 entries. COMPLIANCE (applicable only for DSAs and DUAs) OSI Access and Directory complies with the 1988 CCITT Recommendations X.500-X.521 [CCITT-88] and the 1988 NIST OIW Stable Implementation Agreements [NIST-88]. OSI Access and Directory only supports simple authentication or no authentication. OSI Access and Directory complies with all static and dynamic requirements of X.519. OSI Access and Directory can act as a first-level DSA. OSI Access and Directory will support some 1993 X.500 extensions in IETF IDS Working Group [Page 21] INTERNET-DRAFT Control Data Systems Inc. 1994 with full support in 1995/1996. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS OSI Access and Directory is compliant with the following RFCs: [RFC 1202], [RFC 1249], [RFC 1274], [RFC 1275], [RFC 1276], [RFC 1277], [RFC 1278], [RFC 1279]. OSI Access and Directory also supports the required objects, attributes and attribute syntaxes for MHS use of Directory to support MHS Routing. INTEROPERABILITY OSI Access and Directory was tested against HP, DEC, ISODE Consortium and Wollongong implementations at the COS Interoperability Test Lab in May 1993. The OSINET Interoperability Tests were used. Please refer OSINET for test results. OSI Access and Directory has also been informally tested at trade shows with implementations from UNISYS and Retix. PILOT CONNECTIVITY OSI Access and Directory is connected via DSAs and DUAs to the PSI White Pages Project. OSI Access and Directory provides the base routing tree for the MHS Use of Directory pilot (Longbud) on the Internet. BUGS Control Data Systems provides complete software maintenance services with products. CAVEATS and GENERAL LIMITATIONS [No information provided--Ed.] INTERNETWORKING ENVIRONMENT RFC1006 with TCP/IP, TP4 with CNLS, TP0 with X.25. HARDWARE PLATFORMS OSI Access and Directory runs on all MIPS and SUN SPARC platforms. Windows based DUAs available with OSI Access and Directory run on Windows 3.x compatible IBM PCs. IETF IDS Working Group [Page 22] INTERNET-DRAFT Control Data Systems Inc. SOFTWARE PLATFORMS Distributed and supported for Sun OS version 4.1.x, Sun Solaris 2.x and Control Data EP/IX (Control Data's MIPS based OS). Other platforms are pending. TP4 connectivity on SUN OS requires SUN OSI. AVAILABILITY Commercially available from: Control Data Systems Inc. Network Solutions, ARH290 4201 Lexington Avenue North Arden Hills, MH 55126-6198 U.S.A. 1-800-257-OPEN (U.S. and Canada) 1-612-482-6736 (worldwide) FAX: 1-612-482-2000 (worldwide) EMAIL: info@cdc.com or s=info;p=cdc;a=attmail;c=us DATE LAST UPDATED or CHECKED November 22nd, 1993 IETF IDS Working Group [Page 23] INTERNET-DRAFT Custos NAME Custos National Institute of Standards and Technology KEYWORDS API, Available via FTP, DSA/DUA, Free, Limited Functionality, Multiple Vendor Platforms, Needs ISODE, OSI Transport, RFC-1006, Sun, UNIX ABSTRACT The implementation consists of a set DUA library routines, a terminal interface, and a DSA. The implementation was developed in C on Sun SPARCstations under SunOS 4.1.1. All underlying services are provided by the ISODE development package. The development package is also used for encoding and decoding ASN.1 data as well as for other data manipulation services. Using the ISODE package the implementation can be run over both TCP/IP and OSI protocols. The DSA provides full support for both DAP and DSP protocols, conformant with ISO 9594 / CCITT X.500 standards. The DIB is maintained using a locally developed relational database system. The interface to the database system consists of a set of sql-like C functions. These are designed to allow straightforward replacement of the local database system with a more powerful commercial system. To achieve better performance several options are supported that permit loading of selected portions of the database in core. When these options are selected data can be retrieved more quickly from in core tables; all modifications to the DIB are directly reflected in the in core tables and the database. COMPLIANCE (applicable only for DSAs and DUAs) Custos is fully compliant with the 1988 Standard with the following omissions: Search request decomposition Modify Entry operation Modify RDN operation Abandon operation Strong Authentication Schema checking There are no present plans to extend Custos to include the 1992 X.500 extensions. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS [No information provided--Ed.] IETF IDS Working Group [Page 24] INTERNET-DRAFT Custos INTEROPERABILITY Have successfully interoperated with QUIPU and OSIWARE over the DAP. No DSP interoperability testing has been done. PILOT CONNECTIVITY Limited DUA and DSA connectivity to PSI White Pages Project. BUGS Bugs may be reported to the general discussion list, x500@osi.ncsl.nist.gov. CAVEATS and GENERAL LIMITATIONS No limitations on file sizes, etc. The only side effects to creating large files should be in the area of performance. Specifically, optimization requires loading parts of the DIB in core so greater memory requirements will be necessary for achieving better performance with a large database. Any platform the implementation can be ported to (generally any platform ISODE can be ported to) should support all features. INTERNETWORKING ENVIRONMENT RFC-1006; TP4/CLNP (SunLinkOSI) over 802 and X.25 (SunLink X.25). HARDWARE PLATFORMS It's only been run on Sun 3 and SPARC, but there are no known reasons why it shouldn't run on any hardware running the ISODE software. SOFTWARE PLATFORMS It requires UNIX and the ISODE software package. It's been developed and tested with ISODE version 7.0 and Sun OS version 4.1.1. Uses a locally developed relational DBMS that should be easily replaceable with commercially available relational systems. AVAILABILITY Custos, the NIST implementation of X.500, the OSI Directory, is available for anonymous ftp from osi.ncsl.nist.gov (129.6.48.100) using the convention (user name = anonymous, password = ident). The software is available in two forms: a tar file and a compressed tar file. IETF IDS Working Group [Page 25] INTERNET-DRAFT Custos ./pub/directory/CustosRel_0.2.tar ./pub/directory/CustosRel_0.2.tar.Z Note: permissions on the directory ./pub/directory are set so that you will be able to "get" files whose names you can provide. However, you will not be able to "ls" the contents of the directory. DATE LAST UPDATED or CHECKED March 5th, 1993 IETF IDS Working Group [Page 26] INTERNET-DRAFT DE NAME DE KEYWORDS Available via FTP, DUA Interface, Free, Included in ISODE, LDAP, Multiple Vendor Platforms, Needs ISODE, RFC-1274, RFC-1484, RFC-1487, Source, UNIX ABSTRACT DE (Directory Enquiries) is intended to be a simple-to-use DUA interface, suitable for the naive user, and suitable for running as a public access dua. it will work on any terminal. The user is presented with a series of (verbose) prompts asking for person's name; department; organization; country. There is extensive on-line help. The matching algorithms are such that near matches are presented to the user before less good matches. A lot of development has been done on the interface since it was first described in RFC1292. The most significant enhancement has been to add power searching - this allows a user to search for an entry even when they do not know the name of the organisation in which the person works - you still have to specify the country. DE now provides UFN style searching. It is now possible to search locality entries. DE now uses slightly different search algorithms depending on whether it is accessing part of the Directory mastered by a Quipu DSA - Quipu DSAs tend to use lots of replication and so encourage searching. An experimental feature is intended to give the user more feedback on the likely response time to a query - DE maintains a database of past information availability and DSA responsiveness. Translations exist into at least 4 different languages. DE runs over ISODE DAP and University of Michigan LDAP. There is a version of DE, called DOS-DE, which has been ported to DOS, and this uses LDAP. DE was funded by the COSINE PARADISE project, and DE is used as the PARADISE public access dua. You can test the software by telnet to 128.86.8.56 and logging in as dua -- no password required. COMPLIANCE (applicable only for DSAs and DUAs) n/a IETF IDS Working Group [Page 27] INTERNET-DRAFT DE COMPATIBILITY WITH PROPOSED INTERNET STANDARDS [RFC 1274], [RFC 1484], [RFC 1487] INTEROPERABILITY n/a PILOT CONNECTIVITY n/a (This is more a DUA rather than an interface question) The interface is widely used in the global pilot. BUGS Doesn't handle aliases well when power searching. Send bug reports to: p.barker@cs.ucl.ac.uk helpdesk@paradise.ulcc.ac.uk CAVEATS and GENERAL LIMITATIONS DE tries to cater well for the general case, at the expense of not dealing with the less typical. The main manifestation of this is that the current version does not handle searching under localities very well. It is not possible to display photographs or reproduce sound attributes. INTERNETWORKING ENVIRONMENT As for ISODE. HARDWARE PLATFORMS As for ISODE. SOFTWARE PLATFORMS As for ISODE. AVAILABILITY The software is openly available as part of ISODE-8.0. An enhanced version is available as part of the PARADISE project upgrade. IETF IDS Working Group [Page 28] INTERNET-DRAFT DE Both these versions are available by FTP from , as src/isode-8.tar.Z and src/isode- paradise.tar.Z. The very latest code will be made available with the ISODE Consortium release of ISODE. It is hoped it will be freely available to all. Contact: helpdesk@paradise.ulcc.ac.uk p.barker@cs.ucl.ac.uk DATE LAST UPDATED or CHECKED March 12th, 1993 IETF IDS Working Group [Page 29] INTERNET-DRAFT DEC DSA NAME DEC X.500 Directory Server Digital Equipment Corporation KEYWORDS API, CLNS, Commercially Available, DEC ULTRIX, DEC VAX OpenVMS, DSA Only, OSI Transport, RFC-1006, RFC-1274, RFC-1277, RFC-1278, X.25 ABSTRACT The DEC X.500 Directory Server product provides a high performance Directory System Agent implemented according to the 1993 edition of ISO/IEC 9594 and the CCITT X.500 series of Recommendations. Specific features provided include: (1) Integrated multi-protocol support allowing concurrent DAP and DSP access over OSI and TCP/IP (using RFC1006) protocols. (2) Indexed database supports high-performance searching and sophisticated matching including approximate match. (3) Based on the 1993 edition Extended Information Models. (4) Support for chaining and referrals in support of a distributed Directory Information Base. (5) Support for the 1993 edition Simplified Access Control scheme. (6) Configurable schema based on the 1993 edition (including attributes, object classes, structure rules, name forms). (7) Support for a simple Shadowing protocol to enhance read availability. (8) Remote management facilities to configure and control DSAs and log significant events. (9) Provides the X/OPEN XDS/XOM Application Program Interface so that customers can construct their own DUA applications. For Directory User Agent facilities see the associated entry for the DEC X.500 Administration Facility COMPLIANCE (applicable only for DSAs and DUAs) Conformance with respect to clause 9.2 of ISO/IEC 9594-5:1993: (1) Supports the directoryAccessAC (DAP) and directorySystemAC (DSP) application contexts. (2) The DSA is capable of acting as a first-level DSA. (3) Chaining is supported. IETF IDS Working Group [Page 30] INTERNET-DRAFT DEC DSA (4) Bind security levels of simple (unprotected password) and none are supported. (5) All attribute types defined in ISO/IEC 9594-6:1993 are supported except for 1993 edition supertypes and collective attributes and EnhancedSearchGuide. Customers can define new attribute types. UNIVERSAL STRING is not supported for attributed based on DirectoryString. (6) All object classes defined in ISO/IEC 9594-7:1993 are supported. Customers can define new object classes. (7) The following operational attributes are supported: governingStructureRule createTimestamp modifyTimestamp myAccessPoint superiorKnowledge supplierKnowledge consumerKnowledge specificKnowledge dseType PrescriptiveACI (8) Dynamic modification of object class is permitted (9) A subset of Simplified Access Control is supported. (10) All name forms defined in ISO/IEC 9594-7:1993 are supported. Customers can defined new name forms and structure rules. The X.500 Directory Server is compatible with and interworks with 1988 edition DUAs and DSAs. It is implemented to conform to relevant NIST OIW and EWOS agreements and the X.500 Implementors Guide. For details contact Digital. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS Supports RFC 1006, RFC 1274, RFC 1277 and RFC 1278 INTEROPERABILITY All interoperability test results will be available on request from Digital. Interoperability testing is being undertaken using the harmonized OSIone X.500 test suite to which both OSInet and EurOSInet have been key contributors. PILOT CONNECTIVITY Digital is actively involved in both public and private pilots of X.500. IETF IDS Working Group [Page 31] INTERNET-DRAFT DEC DSA BUGS [No information provided--Ed.] CAVEATS and GENERAL LIMITATIONS [No information provided--Ed.] INTERNETWORKING ENVIRONMENT The DEC X.500 Directory Service V1.0 operates over: * RFC 1006 over TCP/IP on ULTRIX platforms. * OSI TP0, TP2 and TP4 over CLNS and CONS as appropriate on ULTRIX and OpenVMS platforms HARDWARE PLATFORMS The DEC X.500 Directory Service V1.0 runs on: * VAX processors supported by OpenVMS * RISC processors supported by ULTRIX SOFTWARE PLATFORMS The DEC X.500 Directory Service V1.0 runs on: * OpenVMS/VAX V5.5-2 or later running DECnet-VAX Extensions V5.4 * ULTRIX/RISC V4.2 or later running DECnet/OSI for ULTRIX, V5.1 or later. For availability on other hardware and software platforms please contact Digital. AVAILABILITY The DEC X.500 Directory Service is commercially available from Digital Equipment Corporation. For further information please contact your local Digital office, or: Gail Shlansky, Product Manager: Tel: +1 508 486 5138 email: gail.shlansky@lkg.mts.dec.com Digital Equipment Corporation IETF IDS Working Group [Page 32] INTERNET-DRAFT DEC DSA Networks and Communications Engineering 550 King Street Littleton, MA. 01460-1289 USA DATE LAST UPDATED August 2nd, 1993 IETF IDS Working Group [Page 33] INTERNET-DRAFT DEC X.500 Administration Facility NAME DEC X.500 Administration Facility Digital Equipment Corporation KEYWORDS API, CLNS, Commercially Available, DEC ULTRIX, DEC VAX OpenVMS, DUA Only, Motif, OSI Transport, RFC-1006, RFC-1274, RFC-1277, RFC-1278, X.25 ABSTRACT The DEC X.500 Administration Facility product provides both command line and Motif interfaces to manage the information stored in the X.500 directory. Specific features provided include: (1) Multi-protocol support allowing DAP access over OSI and TCP/IP (using RFC1006) protocols. (2) Driven off the same configurable schema information as the DEC X.500 Directory Service. (3) Supports command line and OSF Motif interface styles. (4) Provides access to all X.500 services. Specific features of the OSF Motif interface include: (1) Supports two ways of accessing directory information, either by browsing the directory tree or by searching. (2) Easy-to-use search based on customer-extensible set of predefined filters. (3) Window layouts and text fully extensible, based on the schema, to support customer-defined object classes and attributes. (4) Easy-to-use forms based method for creating and modifying entries that simplifies use of the X.500 services. See also the entry for the DEC X.500 Directory Service. COMPLIANCE (applicable only for DSAs and DUAs) Conformance with respect to clause 9.1 of ISO/IEC 9594-5:1993: (1) Supports the all operations of the directoryAccessAC application context. IETF IDS Working Group [Page 34] INTERNET-DRAFT DEC X.500 Administration Facility (2) Bind security levels of none and simple (unprotected passwords). COMPATIBILITY WITH PROPOSED INTERNET STANDARDS Supports RFC 1006, RFC 1274, RFC 1277 and RFC 1278 INTEROPERABILITY Interoperability test results will be available on request from Digital. Interoperability testing is being undertaken using the harmonized OSIone X.500 test suite to which both OSInet and EurOSInet have been key contributors. PILOT CONNECTIVITY Digital is actively involved in both public and private pilots of X.500. BUGS [No information provided--Ed.] CAVEATS and GENERAL LIMITATIONS [No information provided--Ed.] INTERNETWORKING ENVIRONMENT The DEC X.500 Administration Facility operates over: * RFC 1006 over TCP/IP on ULTRIX platforms. * OSI TP0, TP2 and TP4 over CLNS and CONS as appropriate on ULTRIX and OpenVMS platforms HARDWARE PLATFORMS The DEC X.500 Administration Facility V1.0 runs on: * VAX processors supported by OpenVMS * RISC processors supported by ULTRIX SOFTWARE PLATFORMS The DEC X.500 Administration Facility V1.0 runs on: IETF IDS Working Group [Page 35] INTERNET-DRAFT DEC X.500 Administration Facility * OpenVMS/VAX V5.5-2 or later running DECnet-VAX Extensions V5.4 * ULTRIX/RISC V4.2 or later running DECnet/OSI for ULTRIX, V5.1 or later. For availability on other hardware and software platforms please contact Digital. AVAILABILITY The DEC X.500 Administration Facility is commercially available from Digital Equipment Corporation. For further information please contact your local Digital office, or: Gail Shlansky, Product Manager: Tel: +1 508 486 5138 email: gail.shlansky@lkg.mts.dec.com Digital Equipment Corporation Networks and Communications Engineering 550 King Street Littleton, MA. 01460-1289 USA DATE LAST UPDATED August 2nd, 1993 IETF IDS Working Group [Page 36] INTERNET-DRAFT DIR.X NAME DIR.X (tm) V3.0 Siemens Nixdorf Informationssysteme AG KEYWORDS API, CLNS, Commercially Available, DSA Connectivity, DSA/DUA, DUA Connectivity, HP, IBM RISC, OSI Transport, RFC-1006, RFC-1277, SNI, X.25 ABSTRACT DIR.X is the Siemens Nixdorf X.500 product on which the OSF DCE/GDS (Distributed Computing Environment/Global Directory Service) is based. It supports full DUA and DSA functionality for globally unique identification and location of objects in a network. It also provides functions to answer queries (both yellow-page and white- page) about objects and attribute information. The software implements full DAP and DSP protocols specified in X.519. The required ACSE, ROSE, Presentation, Session and RFC-1006 protocol implementations are also included. It also supports RFC-1277. Additional features include proprietary Replication and Access Control, Caching, Tree-handling utilities and (Remote) Administration. COMPLIANCE (applicable only for DSAs and DUAs) Consists of both DUA and DSA implementations according to the CCITT X.500 (1988) and ISO 9594 standard. The X/Open standard APIs for XDS and XOM are provided. The XDS interface can also be used to access the OSF DCE/CDS (DCE local Cell Directory Service) transparently. DIR.X has been successfully conformance tested. PICS and PCTRs are available for all tested protocols: DSA/DAP, DUA/DAP, Presentation, ACSE and Session embedded in X.500. Compliant with EWOS Agreements (which are being harmonized with OIW Agreements). Strong authentication according to X.509 and an XDS/XOM convenience library will be included in the next version (Q2 1994). Support for X.500 (1993) is planned for Q4 1994. IETF IDS Working Group [Page 37] INTERNET-DRAFT DIR.X INTEROPERABILITY This implementation of DAP and DSP has successfully interoperated with the X.500 implementations from ICL, UNISYS, E3X and ISODE. PILOT CONNECTIVITY Several DIR.X DSAs are connected to the European X.500 pilot network PARADISE. (DUA and DSA connectivity.) BUGS Problems and bug-report e-mail address: dirx-info@mch.sni.de CAVEATS AND GENERAL LIMITATIONS The software is highly portable and without any general limitations. INTERNETWORKING ENVIRONMENT OSI TP4 with CLNP OSI TP0, 2 & 4 with X.25 RFC-1006 with TCP/IP DIR.X can use either BSD sockets or XTI/TLI to access the Transport Service. HARDWARE PLATFORMS SNI's hardware platforms, IBM's RS/6000 and Hewlett Packard's HP9000 among others. SOFTWARE PLATFORMS SINIX (UNIX System V Release 4), OSF/1.1, AIX 3.1, HP-UX. A port to Windows-NT is planned for Q2 1994. AVAILABILITY DIR.X can be delivered as a binary product or as source to OEM customers. The DIR.X product is commercially available from: Siemens Nixdorf Informationssysteme SNI BU BA NM 12 D-81739 Munich Germany Please contact: Gianni Rabaioli IETF IDS Working Group [Page 38] INTERNET-DRAFT DIR.X Tel: +49 89 636 41095 Fax: +49 89 636 45860 e-mail: Giovanni.Rabaioli@mch.sni.de DATE LAST UPDATED or CHECKED November 26th, 1993 IETF IDS Working Group [Page 39] INTERNET-DRAFT Directory 500 NAME Directory 500 (tm) OSIware / Infonet Software Solutions KEYWORDS Commercially Available, DS/DUA, RFC-1006, Source, Sun, X.25 ABSTRACT Directory 500 (D500) is a comprehensive implementation of the CCITT X.500 recommendations. D500 is comprised of two major components which are responsible for manipulating the data in the OSI Directory. They are the Directory User Agent (DUA) and the Directory System Agent (DSA). The DUA is the interface between the OSI Directory and those users wishing access to the Directory's information. Users make their requests through the DUA. When forwarding user's requests to the OSI Directory, the protocol used is known as the Directory Access Protocol (DAP). The DSA will negotiate with other, remote DSAs to obtain requested information or to update remote DIBs. DSAs use the Directory System Protocol (DSP) to forward and answer these requests. The DSA supports chaining and referrals. COMPLIANCE (applicable only for DSAs and DUAs) All X.500 1988 operations are supported along with all Object Classes specified in X.521 and all Attribute Types specified in X.520. Implementation plans include upgrades to support the 1992 extensions to X.500 in 1994. Please check with OSIware / Infonet Software Solutions for availability dates. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS [No information provided--Ed.] INTEROPERABILITY Tested with QUIPU. Other interoperability information not available at this time. IETF IDS Working Group [Page 40] INTERNET-DRAFT Directory 500 PILOT CONNECTIVITY [No information provided--Ed.] BUGS None known at this time. CAVEATS and GENERAL LIMITATIONS None known at this time. INTERNETWORKING ENVIRONMENT RFC1006 with TCP/IP HARDWARE PLATFORMS Any Sun SPARC with 16 MB memory, 40 MB free disk Please enquire if interested in other platforms such as: SCO Unix, AIX SOFTWARE PLATFORMS Sun OS 4.1.x. Runs over TCP/IP, or X.25 (SunNet X.25 Version 7 required) AVAILABILITY Directory 500 is commercially as executable object code or as source code form from: OSIware / Infonet Software Solutions 4400 Dominion Street, Suite 210 Burnaby, BC V5G 4G3 CANADA Sales & Information: 604436-2922 Fax: 604/436-3192 DATE LAST UPDATED or CHECKED November 21st, 1993 IETF IDS Working Group [Page 41] INTERNET-DRAFT DOS-DE NAME DOS-DE University of Bath KEYWORDS Available via FTP, DUA Interface, Free, IBM PC, LDAP, Multiple Vendor Platforms, RFC-1274, RFC-1484, RFC-1487 ABSTRACT DOS-DE (DOS Directory Enquiries) is intended to be a simple-to-use DUA interface suitable for the naive user. It is an MS-DOS port of the standard UNIX DE implementation - see the entry on DE for full details. (All of the features DE are supported apart from the experimental `Quality of Service' code). The user is presented with a series of (verbose) prompts asking for person's name; department; organization; country. There is extensive on-line help. The matching algorithms are such that near matches are presented to the user before less good matches. `Power searching' is also available - this allows a user to search for an entry even when they do not know the name of the organisation in which the person works - you still have to specify the country. DOS-DE provides UFN style searching. It is also possible to search locality entries. DOS-DE uses slightly different search algorithms depending on whether it is accessing part of the Directory mastered by a Quipu DSA - Quipu DSAs tend to use lots of replication and so encourage searching. DOS-DE runs over the University of Michigan LDAP. DE was funded by the COSINE PARADISE project. DOS-DE was developed by Andy Powell at the University of Bath. COMPLIANCE (applicable only for DSAs and DUAs) n/a COMPATIBILITY WITH PROPOSED INTERNET STANDARDS [RFC 1274], [RFC 1484], [RFC 1487] INTEROPERABILITY n/a IETF IDS Working Group [Page 42] INTERNET-DRAFT DOS-DE PILOT CONNECTIVITY n/a BUGS Doesn't handle aliases well when power searching. Send bug reports to: A.Powell@bath.ac.uk CAVEATS and GENERAL LIMITATIONS DOS-DE tries to cater well for the general case, at the expense of not dealing with the less typical. The main manifestation of this is that the current version does not handle searching under localities very well. It is not possible to display photographs or reproduce sound attributes. INTERNETWORKING ENVIRONMENT University of Michigan LDAP. HARDWARE PLATFORMS IBM PC/AT/XT and compatibles. SOFTWARE PLATFORMS LDAP for MS-DOS running over the NCSA Telnet stack or SUN's PCNFS version 4.1 or Novell's LAN Workplace (LWP). AVAILABILITY The software is openly available by FTP from ftp.bath.ac.uk, as pub/x500/dosde.zip. The very latest code will be made available with the ISODE Consortium release of ISODE. It is hoped it will be freely available to all. Contact: A.Powell@bath.ac.uk IETF IDS Working Group [Page 43] INTERNET-DRAFT DOS-DE DATE LAST UPDATED or CHECKED March 18th, 1993 IETF IDS Working Group [Page 44] INTERNET-DRAFT HP X.500 Distributed Directory Products NAME HP X.500 Distributed Directory Products Hewlett Packard KEYWORDS API, CLNS, Commercially Available, DSA/DUA, DUA only, HP, OSI Transport, X.25 ABSTRACT HP X.500 Distributed Directory. Its main components are: DUA, and DUA Interface, DSA and DIB support, X.500 Address Lookup, X/Open Application Tool Kit API (XAT) for XDS/XOM Interface, X.500 High Level API (X5HLAPI) for XDS/XOM Interface. HP X.500 DUA. Its main components are: DUA, and DUA Interface, X.500 Address Look-up, X/Open Application Tool Kit API (XAT) for XDS/XOM Interface, X.500 High Level API (X5HLAPI) for XDS/XOM Interface. HP X.500 Distributed Directory is based on the 1988 CCITT X.500 standard. HP X.500 can be used for accessing names and electronic mail addresses for multi-vendor messaging backbone networks. HP X.500 can also be used for the development of networked applications requiring distributed directory functionality. HP OpenMail users can access the enterprise wide HP X.500 distributed directory directly from the HP OpenMail user interface, and select X.500 addresses for mailing. HP-UX Sendmail users can access electronic mail addresses from a X.500 server over a TCP/IP network. Users of non-HP e-mail systems can access data stored in the X.500 Directory using X.500 Address Look-up. X.500 Address Look-up has an easy to use interface, and phonetic search capability. HP X.500 Distributed Directory includes a complete multi-threaded DUA and DSA. The X.500 DIB is built on a database which has been optimized for X.500 performance. HP X.500 contains full support for DAP and DSP protocols. IETF IDS Working Group [Page 45] INTERNET-DRAFT HP X.500 Distributed Directory Products Data Shadowing and security access control of HP X.500 Distributed Directory allow higher performance, and easier management of its DIB database in a global environment. HP X.500 Distributed Directory has menu driven administration and user interface tools. The tools simplify directory configuration and data retrieval. It supports X/Open X.500 APIs (XDS and XOM), and high level APIs on top of XDS to allow developers to write their own X.500 based applications. HP X.500 Distributed Directory supports comprehensive tracing and logging facilities for quick diagnosis and resolution of problems. HP also provides a rich set of troubleshooting tools to check the interoperability of the network at various layers of the OSI stack. COMPLIANCE (applicable only for DSAs and DUAs) HP X.500 Distributed Directory complies with the following standards: CCITT X.501: The Directory - Models CCITT X.509: The Directory - Authentications Framework* CCITT X.511: The Directory - Abstract Service Definition CCITT X.518: The Directory - Procedures for Distributed Operations CCITT X.519: The Directory - Protocol Specifications CCITT X.520: The Directory - Selected Attribute Types CCITT X.521: The Directory - Selected Object Classes CCITT X.219: Remote Operations - Model, Notation and Service Definition CCITT X.229: Remote Operations - Protocol Specifications *x.509 describes simple and strong authentication. HP X.500 Distributed Directory supports simple authentication. Strong authentication is not supported in the current release due to limited market demand. HP X.500 Distributed Directory will comply with NIST and EWOS directory functional profiles. Based on factors such as market needs and NIST recommendations, HP will implement subsets of 1992 CCITT functionality in a phased approach. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS [No information provided--Ed.] IETF IDS Working Group [Page 46] INTERNET-DRAFT HP X.500 Distributed Directory Products INTEROPERABILITY HP has done some unofficial interoperability testing. HP would welcome suggestions on priorities for vendor interoperability testing. PILOT CONNECTIVITY [No information provided--Ed.] BUGS [No information provided--Ed.] LIMITATIONS HP X.500 Distributed Directory supports up to 30 DSA connections at one time. This limit could be increased in the future if needed. INTERNETWORKING ENVIRONMENT HP X.500 Distributed Directory resides on an OSI stack, and can be used in 802.3 LAN, or X.25 CLNS or CONS environment. HP is investigating implementing X.500 for the TCP/IP environment. HARDWARE PLATFORMs HP X.500 Distributed Directory is available on HP 9000 Series 800 family of high performance servers which are scalable platform. The HP X.500 Address Look-up facility is also available for the HP 9000 Series 300 and Series 700 for customers who have purchased the X.500 product. SOFTWARE PLATFORMS HP X.500 Distributed Directory requires the following software environment: HP-UX Operating System 8.0 or later OSI Transport Services/9000 for the Series 800 HP Lan Link or HP X.25 product Network Tracing and Logging ANSI C compiler (for the HP/XDS API) AVAILABILITY HP X.500 Distributed Directory is commercial available. The product can be ordered through HP Sales offices. The ordering numbers are: P/N J2152A HP X.500 Distributed Directory/9000 for the Series 800. IETF IDS Working Group [Page 47] INTERNET-DRAFT HP X.500 Distributed Directory Products Product contains DSA server and DUA client. P/N J2153A HP X.500 DUA/9000 for the Series 800. Product contains only DUA client. DATE LAST UPDATED or CHECKED August 16th, 1993. IETF IDS Working Group [Page 48] INTERNET-DRAFT University of Michigan LDAP Implementation NAME University of Michigan LDAP Implementation KEYWORDS API, Available via FTP, DEC ULTRIX, DUA Connectivity, DUA Interface, Free, HP, IBM PC, IBM RISC, LDAP, Macintosh, Multiple Vendor Platforms, RFC-1006, RFC-1274, RFC-1484, RFC-1485, RFC-1487, Source, Sun ABSTRACT LDAP is the Lightweight Directory Access Protocol. It gives X.500 access to platforms that have only TCP/IP access, using simplified BER encoding of many X.500 data elements. LDAP is currently a proposed Internet Standard. The LDAP server is an intermediate protocol server that communicates with Internet clients on one side using the simple TCP-based LDAP protocol and an X.500 DSA on the other side using the Directory Access Protocol (DAP). A subset of the X.500 DAP is exported to the clients through the LDAP protocol. The U-M LDAP distribution contains the following components: LDAP server LDAP client library, including both synchronous and asynchronous APIs Lightweight BER library, including an API that supports a printf/scanf-like interface Various LDAP client programs, including a finger daemon (xfingerd), gopher to X.500 gateway (go500gw), command-line DUA (ud), e-mail query server (rcpt500), and an X.500 mailer (mail500) COMPLIANCE (applicable only for DSAs and DUAs) The U-M LDAP distribution is a complete implementation of the LDAP protocol. The LDAP protocol does not support access to all X.500 features and operations. The operations supported are bind, search, compare, add, delete, modify, modify RDN, and abandon. Note that read and list operations can be emulated using the search operation. Size and time limits may be specified, as may alias dereferencing and searching, but all X.500 service controls are not supported. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS Compliant with [RFC 1485], [RFC 1487], [RFC 1274], and preliminary support is included for [RFC 1484]. IETF IDS Working Group [Page 49] INTERNET-DRAFT University of Michigan LDAP Implementation INTEROPERABILITY The current implementation of the LDAP server is known to work with the QUIPU DSA and DAP library. PILOT CONNECTIVITY DUA connectivity should be possible to all pilots, though only AARNET, PARADISE, and PSI White Pages Project have actually been tried. BUGS Bug reports should be sent to bug-ldap@umich.edu. CAVEATS and GENERAL LIMITATIONS None, aside from those mentioned above under completeness. INTERNETWORKING ENVIRONMENT LDAP clients use TCP to communicate with the LDAP server. The LDAP server normally uses RFC 1006 with TCP/IP to communicate with the DSA, though any other transport mechanism for DSA communication supported by ISODE should be possible. HARDWARE PLATFORMS The LDAP server is known to run on Sun 3 and Sun 4 platforms DEC's, HP's, and RS 6000's. The LDAP client libraries and some clients have been ported to the Macintosh and the PC. SOFTWARE PLATFORMS The LDAP server and clients are known to run under and SunOS 4.1.x, ULTRIX, HP-UX, and AIX. The LDAP client libraries also work under Macintosh System 6.0 or higher and MS-DOS 5.0. AVAILABILITY This software is openly available. It may be obtained by anonymous FTP from terminator.rs.itd.umich.edu in the x500 directory. Documentation on the LDAP and lightweight BER libraries is provided in the form of man pages distributed with the source code. More information can be obtained from ldap-support@umich.edu. This software was developed at the University of Michigan by Tim Howes with help from Mark Smith and Bryan Beecher, as well as many IETF IDS Working Group [Page 50] INTERNET-DRAFT University of Michigan LDAP Implementation others around the Internet. It is subject to the following copyright. Copyright (c) 1993 Regents of the University of Michigan. All rights reserved. Redistribution and use in source and binary forms are permitted provided that this notice is preserved and that due credit is given to the University of Michigan at Ann Arbor. The name of the University may not be used to endorse or promote products derived from this software without specific prior written permission. This software is provided ``as is'' without express or implied warranty. DATE LAST UPDATED OR CHECKED March 13th, 1993 IETF IDS Working Group [Page 51] INTERNET-DRAFT ldap-whois++ NAME ldap-whois++ KEYWORDS Available via FTP, DEC ULTRIX, DUA Interface, Free, LDAP, RFC-1487, Sun, UNIX ABSTRACT ldap-whois++ is a dua interface that implements the IETF WNILS draft whois++ proposal using the LDAP libraries developed by the University of Michigan. COMPLIANCE (applicable only for DSAs and DUAs) N/A COMPATIBILITY WITH PROPOSED INTERNET STANDARDS RFC 1487 IETF WNILS WG Whois++ Architecture Draft INTEROPERABILITY N/A PILOT CONNECTIVITY There are a number of servers running across the Internet. BUGS None reported. CAVEATS and GENERAL LIMITATIONS Based on an early draft of the Whois++ Architecture Document so there may be some inconsistencies with the latest draft. It is considered a "beta" release due to the volatility of the whois++ work. Once there is a whois++ RFC then a real release will be made. IETF IDS Working Group [Page 52] INTERNET-DRAFT ldap-whois++ INTERNETWORKING ENVIRONMENT N/A HARDWARE PLATFORMS DEC RISC, SUN RISC SOFTWARE PLATFORMS ULTRIX 4.3, SunOS 4.1.x AVAILABILITY Available via anonymous ftp from ftp.adelaide.edu.au as pub/whois/whois++beta.tar.Z. DATE LAST UPDATED or CHECKED August 3rd, 1993 IETF IDS Working Group [Page 53] INTERNET-DRAFT maX.500 NAME University of Michigan maX.500 Macintosh DUA Interface KEYWORDS Available via FTP, DUA Connectivity, DUA Interface, Free, LDAP, Macintosh, RFC-1274,RFC-1484, RFC-1485, RFC-1487 ABSTRACT maX.500 is a Directory User Agent for Apple Macintosh. It is currently at version 2.0, which uses the Lightweight Directory Access Protocol (LDAP) over TCP/IP to access The Directory. maX.500 can be used to search for, view, create, delete, and modify entries. It supports viewing of textual information, playing of audio, and viewing of black and white (fax) and color (JPEG) images. maX.500 is a native Macintosh application, and as such has a friendly interface. It requires System Software version 6.0.5 or later and Apple's MacTCP control panel. COMPLIANCE (applicable only for DSAs and DUAs) maX.500 works over LDAP, and is subject to LDAP's limitations. The X.500 bind, search, compare, add, delete, abandon, and modify operations are used by maX.500. Size and time limits may be specified, as may alias dereferencing and searching. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS Compliant with [RFC 1485], [RFC 1487], [RFC 1274], and preliminary support is included for [RFC 1484] (same as U-M LDAP) INTEROPERABILITY maX.500 2.0 is known to work with the U-M LDAP server. It has been used successfully with the QUIPU DSA and others. PILOT CONNECTIVITY DUA connectivity should be possible to all pilots, though only AARNET, PARADISE, and PSI White Pages Project have actually been tried. IETF IDS Working Group [Page 54] INTERNET-DRAFT maX.500 BUGS Bug reports should be sent to max500-bugs@umich.edu. CAVEATS and GENERAL LIMITATIONS maX.500 does not support modification of "photo" (fax), "jpegPhoto", or "audio" attributes. Modify RDN is also unsupported. INTERNETWORKING ENVIRONMENT maX.500 is an LDAP client, and as such is uses TCP to communicate with the LDAP server. Apple's MacTCP control panel is required on the Macintosh. HARDWARE PLATFORMS maX.500 runs on Apple Macintosh Plus or later computers. It requires 1MB of RAM. SOFTWARE PLATFORMS maX.500 requires Apple System Software 6.0.5 or later (System 7 preferred) and MacTCP 1.1 or later (1.1.1 preferred). AVAILABILITY This software is openly available. It may be obtained by anonymous FTP from terminator.rs.itd.umich.edu in the x500 directory. More information can be obtained from ldap-support@umich.edu. This software was developed at the University of Michigan by Mark Smith with help from Tim Howes and many others around the Internet. It is subject to the following copyright: Copyright (c) 1993 Regents of the University of Michigan. All rights reserved. Redistribution and use in binary forms is permitted provided that this notice is preserved and that due credit is given to the University of Michigan at Ann Arbor. The name of the University may not be used to endorse or promote products derived from this software without specific prior written permission. This software is provided ``as is'' without express or implied warranty. DATE LAST UPDATED OR CHECKED July 26th, 1993 IETF IDS Working Group [Page 55] INTERNET-DRAFT MXLU NAME MXLU Brunel University, UK KEYWORDS DUA Connectivity, DUA Only, Free, Motif, Multiple Vendor Platforms, Needs ISODE, Source, UNIX, X Window System ABSTRACT MXLU (Motif/X LookUp) is an X.500 DUA interface for the X Window System using Motif. Ported from the Athena widgets version, MXLU can be configured for many different styles of interaction. Example configurations are provided for single window and multiple window use. MXLU implements the `User-Friendly Naming' search strategy and also has a form-filling search mode. Asynchronous directory operations are used. Full user friendly add and modify functions are provided, with the ability to tailor the modify screen to present simple subsets of the available attributes. COMPLIANCE (applicable only for DSAs and DUAs) 88 Standard compliant: Strong authentication not yet implemented. No plans for support of the 1992 Standard. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS No plans at present. INTEROPERABILITY [No information provided--Ed.] PILOT CONNECTIVITY DUA Connectivity: The interface is in use in the UK Academic Directory Pilot. IETF IDS Working Group [Page 56] INTERNET-DRAFT MXLU BUGS Bugs should be reported to x500@brunel.ac.uk. CAVEATS and GENERAL LIMITATIONS [No information provided--Ed.] INTERNETWORKING ENVIRONMENT As ISODE. HARDWARE PLATFORMS Most UNIX machines. SOFTWARE PLATFORMS UNIX Motif 1.1 > ISODE/QUIPU (version 8.0 >) AVAILABILITY Sources are freely available for commercial or non-commercial use. Contacts. Postal Address: Andrew Findlay Computing and Media Systems Brunel University Cleveland Road Uxbridge, Middlesex UB8 3PH UK E-mail: x500@brunel.ac.uk. Fax: +44 895 32806 (Andrew Findlay) Telephone: +44 895 203066 (Andrew Findlay) DATE LAST UPDATED or CHECKED March 1st, 1993 IETF IDS Working Group [Page 57] INTERNET-DRAFT PathWay Messaging NAME PathWay Messaging KEYWORDS 386, CLNS, Commercially Available, DSA Connectivity, DSA/DUA, DUA Connectivity, DUA Interface, IBM PC, LDAP, Macintosh, Multiple Vendor Platforms, OSI Transport, RFC-1006, RFC-1202, RFC-1277, RFC-1278, Sun, X.25 ABSTRACT PathWay Messaging Services is a full X.400 MTA and X.400-Internet gateway that includes an integrated X.500 DSA/DUA. It supports full DUA and DSA functions as well as full DAP and DSP protocols specified in X.519. The DSA may be used exclusively for enterprise-wide messaging, or as a general purpose X.500 DSA. The product has successfully participated in OSInet X.500 I-Lab interoperability tests. PathWay Messenger is an email application for desktop class machines with a limited functionality DUA Light Weight Client that provides access (per RFC 1202, Directory Assistance Service - support for LDAP is planned) over TCP/IP to the X.500 DSA/DUA included with PathWay Messaging Services. COMPLIANCE (applicable only for DSAs and DUAs) PathWay Messaging Services is a complete implementation of the 1988 X.500 Recommendations with the exception of strong authentication as outlined in X.509. It is conformant to NIST, EWOS, and UK GOSIP Directory profiles. It provides network through application layer protocol support, with support for all attribute types, syntaxes, and object classes defined in X.520 and X.521. Support for 1992 extensions to X.500 is planned for future release as is support for X/Open Object Management (OM) and X/Open Directory Services (XDS) standards. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS PathWay Messaging Services' X.500 supports the following Internet Proposals: [RFC 1202], [RFC 1277], [RFC 1278]. IETF IDS Working Group [Page 58] INTERNET-DRAFT PathWay Messaging INTEROPERABILITY PathWay Messaging Services has undergone successful interoperability testing with Control Data, DEC, HP, and the ISODE Consortium using EurOSInet test suites. PILOT CONNECTIVITY Tested DUA and DSA connectivity with PARADISE and PSI White Pages Project. BUGS Send bug reports to: prod-eng@twg.com CAVEATS and GENERAL LIMITATIONS [No information provided--Ed.] INTERNETWORKING ENVIRONMENT RFC1006 with TCP/IP, TP4 with CNLS, TP0/2 or TP4 with X.25. HARDWARE PLATFORMS PathWay Messaging Services runs on all models of Sun SPARC and generic 386/486 systems. PathWay Messenger (email with lightweight DUA) also runs on Macintosh, and on IBM PC/AT and compatibles. SOFTWARE PLATFORMS PathWay Messaging Services supports SunOS 4.1.2, Solaris 1.0.1, and SunSoft INTERACTIVE UNIX. PathWay Messenger also supports SCO, MacOS and MS-Windows. AVAILABILITY PathWay Messaging is commercially available from: The Wollongong Group, Inc. 1129 San Antonio Road Palo Alto, CA 94303 USA Sales and Information: (415) 962 7100 FAX: (415) 969-5547 IETF IDS Working Group [Page 59] INTERNET-DRAFT PathWay Messaging DATE LAST UPDATED or CHECKED July 27th, 1993 IETF IDS Working Group [Page 60] INTERNET-DRAFT PC-DUA NAME PC-DUA NEXOR KEYWORDS 386, Commercially Available, DUA Connectivity, DUA Interface, IBM PC, LDAP, RFC-1487 ABSTRACT PC-DUA provides a MS Windows based user interface to the X.500 Directory. Features include: - Searching - Directory Browser - to enable user to identify directory entry - History - allowing quick access to previously referenced parts of the DIT. - User Friendly Name (UFN) based searching - Hypertext-like navigation. - Friendly names for attribute labels. - Intelligent choice of entries to display when moving to a new location in the DIT. - O-line hypertext help. COMPLIANCE (applicable only for DSAs and DUAs) Compliant with LDAP. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS The following are supported: RFC 1487 INTEROPERABILITY PC-DUA has interoperated with LDAP 2.0 and 3.0 beta distributions. PILOT CONNECTIVITY Full DUA connectivity to the PARADISE and PSI White Pages X.500 Pilots. IETF IDS Working Group [Page 61] INTERNET-DRAFT PC-DUA BUGS No known bugs. Support is given via phone or email to "support@nexor.co.uk" CAVEATS and GENERAL LIMITATIONS None. INTERNETWORKING ENVIRONMENT WinSock based TCP/IP stacks HARDWARE PLATFORMS 386 PC WITH 4MGBYTES RAM SOFTWARE PLATFORMS MS WINDOWS 3.1 AVAILABILITY PC-DUA is commercial software. For more details contact: NEXOR 8 Faraday Building Highfields Science Park Nottingham NG7 2QP UK DN: c=GB@o=NEXOR Ltd Telephone: +44 602 520500 Fax: +44 602 520519 E-Mail: sales@nexor.co.uk DATE LAST UPDATED or CHECKED August 6th, 1993 IETF IDS Working Group [Page 62] INTERNET-DRAFT PC-Pages NAME PC-Pages Brunel University, UK KEYWORDS DUA Connectivity, DUA Only, IBM PC, LDAP, Limited Availability, Multiple Vendor Platforms, OSI Transport, RFC-1006 ABSTRACT PC-Pages is a MS-DOS based X.500 DUA interface. It is currently only available for MS-Windows; a DOS character mode interface is being prepared. Features include: "Form" based searching. Supports the User Friendly Name (UFN) specification (RFC 1484). Tailorable entry display - display only those attributes required. Integrates with the WhiteMail X.400 user agent. Hooks are provided to allow integration with other user agents. Directory browsing. Support for JPEG photo attributes. Modify directory entries. Add directory entries. Delete directory entries. Rebind to a configured DSA. Some support for configuration of DAP service parameters. At present PC-Pages uses X.500 DAP. An LDAP version is planned. COMPLIANCE (applicable only for DSAs and DUAs) 88 Standard compliant: Strong authentication not yet implemented. No plans for support of the 1992 Standard. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS LDAP support is planned. INTEROPERABILITY Tested with Quipu 8.0. PILOT CONNECTIVITY DUA Connectivity: The interface is in use in the UK Academic Directory Pilot. IETF IDS Working Group [Page 63] INTERNET-DRAFT PC-Pages BUGS Bugs should be reported to x500@brunel.ac.uk. CAVEATS and GENERAL LIMITATIONS [No information provided--Ed.] INTERNETWORKING ENVIRONMENT RFC1006 with TCP/IP. TP4 with CONS. A NetBIOS gateway to the previously listed protocols. HARDWARE PLATFORMS PC-Pages for Windows requires an IBM PC compatible with 286 or higher, 2mb+ memory. SOFTWARE PLATFORMS Windows 3.0 or 3.1 running in Standard or Enhanced mode. WhiteStack 1.1, provided by the Edinburgh University Computing Service. AVAILABILITY Terms of availability are as yet undecided. Please send queries to: Postal: Andrew Findlay Computing and Media Services Brunel University Cleveland Road Uxbridge, Middlesex UB8 3PH UK E-mail: x500@brunel.ac.uk. Fax: +44 895 32806 (Andrew Findlay) Telephone: +44 895 203066 (Andrew Findlay) DATE LAST UPDATED or CHECKED February 22nd, 1993 IETF IDS Working Group [Page 64] INTERNET-DRAFT QuickMail NAME QuickMail/X.500 Interface (DUA Interface) NASA KEYWORDS DUA Interface, Limited Availability, Needs ISODE, RFC-1274, Sun ABSTRACT The NASA QuickMail/X.500 Interface program is a program which translates QuickMail name service requests into X.500 requests and returns the results from the DSA to the QuickMail user. This system allows QuickMail users the ability to find non-QuickMail users' or non-local QuickMail users' addresses, while retaining the normal QuickMail lookup interface. The program speaks QuickMail name service protocol on one side, and DAP on the other. COMPLIANCE (applicable only for DSAs and DUAs) [Same as dish] -- does not support strong authentication. No support for 1992 extensions needed. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS RFC 1274 supported to the extent that we use provided schema to store QuickMail addresses. INTEROPERABILITY Works with Quipu (ISODE 8.0, ICR1) PILOT CONNECTIVITY Connected to PSI WPPP, PARADISE. Other projects may use data if they are connected to either of these DSAs. BUGS No known bugs. Default QuickMail name service lookup time out of 10 seconds may be too fast for some DSAs to respond to. CAVEATS and GENERAL LIMITATIONS Requires the Columbia AppleTalk Package (CAP 6.0) to work. IETF IDS Working Group [Page 65] INTERNET-DRAFT QuickMail INTERNETWORKING ENVIRONMENT EtherTalk or IPTalk on the Macintosh side, any ISODE supported environment on the X.500 side. HARDWARE PLATFORMS Known to run on Sun 4/470 SOFTWARE PLATFORMS SunOS 4.1.1 and 4.1.3 can be used to host the package. Additionally may need SunLink OSI 7.0.1, Sunlink X.25 7.0. ISODE 8.0 or ISODE Consortium Release 1 needed to provide DAP support. AVAILABILITY Limited availability. For more details contact, Peter Yee MS 233-18 NASA Ames Research Center Moffett Field, CA 94035-1000 (415) 604-3812 (415) 604-6999 (FAX) yee@atlas.arc.nasa.gov DATE LAST UPDATED or CHECKED February 18th, 1993 IETF IDS Working Group [Page 66] INTERNET-DRAFT QUIPU (ISODE Consortium Release 1.0) NAME QUIPU (ISODE Consortium Release 1.0) ISODE Consortium KEYWORDS API, DSA Connectivity, DSA/DUA, DUA Connectivity, Free, Multiple Vendor Platforms, OSI Transport, RFC-1006, RFC-1274, RFC-1275, RFC- 1276, RFC-1277, RFC-1278, RFC-1279, RFC-1484, RFC-1485, RFC-1487, Source, Sun, UNIX, X.25 ABSTRACT This implementation is a source release derived from the earlier openly available version of QUIPU, and will be used as base technology for products by a number of vendors. The release comprises of a DSA, and a number of sample DUAs which may be used in conjunction with the DSA. COMPLIANCE (applicable only for DSAs and DUAs) The DSA is aligned to the 1988 ISO IS and the NIST OIW Directory Implementors Guide Version 1, with the following exceptions: Strong authentication is not implemented (but hooks are provided for use with two packages). QUIPU does not enforce the bounds constraints on attributes, filters or APDU size. T.61 string formatting characters are not rejected. If a DN is supplied with no password in an unprotected simple bind, QUIPU does not always check to see if the DN exists. If the DSA connected to can say authoritatively the DN does not exist, the association is rejected. However, if a chain operation is required to check the DN, the bind IS allowed. When comparing attributes of UTCtime syntax, if the seconds field is omitted, QUIPU does not perform the match correctly (i.e., the seconds field in the attribute values should be ignored, but are not). QUIPU always supplies the optional Chaining argument ``originator'' even if the CommonArgument ``requestor'' is used. QUIPU always supplies the optional Chaining argument ``target'' even if the base object in the DAP arguments is the same. The object class ``without an assigned object identifier'' is not recognised unless the ``alias'' object class is also present. Non Specific Subordinate References are never followed by a QUIPU DSA, but they are passed on correctly to the client if generated. Compliance with X.500(1993) standards is planned. DAP and replication (DISP) will be available in March 1994. Other 1993 features, with the exception of DOB, but including security features will be available. IETF IDS Working Group [Page 67] INTERNET-DRAFT QUIPU (ISODE Consortium Release 1.0) COMPATIBILITY WITH PROPOSED INTERNET STANDARDS [RFC 1485], [RFC 1484], [RFC 1487], [RFC 1274], [RFC 1275], [RFC 1276], [RFC 1277], [RFC 1278], [RFC 1279]. INTEROPERABILITY Interoperability with several other DSAs has been demonstrated in pilot operation and at the COS X.500 Interoperability Lab, enhancing interoperability results from the earler versions of QUIPU. PILOT CONNECTIVITY Connectivity to the global research pilot (PARADISE etc.) has been demonstrated. It is expected that this system will be used extensively in a wide range of pilot activities. DUA Connectivity, and DSA Connectivity. BUGS Bugs should be reported to CAVEATS and GENERAL LIMITATIONS None INTERNETWORKING ENVIRONMENT The IC R1.0 release is application level code, and assumes vendor provided lower layers. It provides the following modules with support for a range of APIs to handle associated lower layers: RFC 1006 (vendor supplied TCP/IP using sockets or TLI) Transport service (vendor supplied transport, which may be any class and use any network service. TLI, XTI and various vendor-specific APIs). TP0 (Vendor supplied X.25 or CONS using NTI and various vendor specific APIs). HARDWARE PLATFORMS Reference platform is SUN SPARC. SOFTWARE PLATFORMS Reference OS is SUNOS 4.1.3. It is also known to run on various other UNIX platforms. IETF IDS Working Group [Page 68] INTERNET-DRAFT QUIPU (ISODE Consortium Release 1.0) AVAILABILITY Available to members of the ISODE Consortium. Membership is open to any organisation. Also available under licence (zero cost) to all non-commercial research organisations. Contact: ISODE Consortium Headquarters PO Box 505 London SW11 1DX UK Phone: +44-71-223-4062 Fax: +44-71-223-3846 Email: DATE LAST UPDATED or CHECKED August 11th, 1993 IETF IDS Working Group [Page 69] INTERNET-DRAFT Traxis Enterprise Directory NAME Traxis Enterprise Directory Angeli Systems Corporation KEYWORDS API, CLNS, Commercially Available, DSA/DUA, HP, IBM PC, IBM RISC, Macintosh, OSI Transport, RFC-1006, RFC-1274, Sun, X.25 ABSTRACT The Traxis Enterprise Directory has multiple components in a three layer architecture. The individual components of the Traxis family are building blocks which can be assembled in a flexible, modular way to build complex systems. At the enterprise level, is a distributed directory stored and managed by Traxis Directory Engines (TDEs). At the workgroup level Traxis Directory Hubs (TDHs) provide the means to integrate and connect Traxis Directory Engines to the wide variety of real world applications and systems which prevail in network environments. The TDE and the TDH support the myriad of client applications, including messaging and business applications, which require services from the Traxis directory. At the desktop level, the Traxis Desktop Client (TDC) provides a common set of facilities which simplify and enable communications, object manipulation, and results management as required between the Traxis Directory Hub and applications. These capabilities, which include full access and management of the directory, are provided to applications through XDS++, the Traxis object oriented API. The Traxis Desktop Client also supports industry standard client software interfaces such as Microsoft MAPI, Apple OCE, CMC and VIM, through Compatibility Modules which map the standard API into XDS++. Through these APIs the Traxis Desktop Client supports applications of all kinds on PC, Macintosh, and UNIX systems. Angeli supplied Traxis applications include the Traxis Administrative Console management station, the Traxis Global Browser general directory tool, the Traxis Operator Assistance high-speed look-up, the Traxis Data Base Gateway, the Traxis Import Export Utility and more. The Traxis Directory Engine includes an X.500 DSA. The Traxis Directory Hub includes an X.500 DUA. IETF IDS Working Group [Page 70] INTERNET-DRAFT Traxis Enterprise Directory COMPLIANCE (applicable only for DSAs and DUAs) Traxis Directory Engine DSA is CCITT-1988 compliant with extended security and access control. Supports access control on User, Entry, and Attribute levels. DIB or subtree administrative manager supported. Supports simple authentication with encrypted password. NIST OIW Stable Implementation Agreements [NIST-88] compliant. Support for February 14, 1993 CCITT X.500 planned. X.509 in first half of 1994. Replication and Administrative/Information Model in second half of 1994. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS Traxis does not conform to the QUIPU RFC Internet Proposals cited except RFC1274 which documents COSINE interoperability. As noted elsewhere, Traxis is fully compatible with QUIPU operationally but does not use the cited RFCs in its internal operations. LDAP (RFC 1487) is planned for inclusion in a later release of Traxis if market demand requires it. INTEROPERABILITY Traxis has been extensively tested for interoperability with ISODE QUIPU Version 8. Traxis Directory Engine (DSA) will serve DISH or other QUIPU DUAs using DAP. Traxis Directory Hub interoperates with QUIPU DSA. All directory access functions and their chained equivalents are interoperable. PILOT CONNECTIVITY PARADISE DUA/DSA connectivity tested. BUGS Problems may be reported to support@angeli.com. CAVEATS and GENERAL LIMITATIONS None. INTERNETWORKING ENVIRONMENT Traxis Directory Hub to Traxis Directory Engine (or any DSA) communication via RFC1006 over TCP/IP, OSI TP4 with CLNS, and OSI TP0 with X.25. Traxis Desktop Client to Traxis Directory Hub via SPX/IPX IETF IDS Working Group [Page 71] INTERNET-DRAFT Traxis Enterprise Directory or TCP/IP. Other LAN protocols supported in 1994. HARDWARE PLATFORMS Traxis Directory Hub and Traxis Directory Engine: Sun and PC currently supported. IBM RS/6000, HP 9000, and others in 1994. Traxis Desktop Client and applications: PC currently supported; Macintosh in 1994. SOFTWARE PLATFORMS Traxis Directory Hub and Traxis Directory Engine: All Sun platforms with Sun OS 4.1.3 currently supported, Solaris 2.x in 1994. Industry standard PC platforms with SCO Open Desktop V3 currently supported. Other UNIX platforms in 1994. Windows NT in 1994. Traxis Desktop Client and applications: PC with Windows 3.1 currently supported. Macintosh Systems 6 and 7, UNIX Motif, DOS, X Windows, and others planned for 1994. AVAILABILITY The Traxis Enterprise Directory is commercially available from: Angeli Systems Corporation 1659 Eleventh Street Santa Monica, CA 90404 +1 310 392 3000 +1 310 392 4700 FAX info@angeli.com DATE LAST UPDATED or CHECKED November 23rd, 1993 IETF IDS Working Group [Page 72] INTERNET-DRAFT UCOM.X 500 NAME UCOM.X 500 (tm) - E3.X [DSA and DUA] KEYWORDS 386, API, Bull, CLNS, Commercially Available, DEC ULTRIX, DSA Connectivity, DSA/DUA, DUA Connectivity, IBM RISC, Motif, Multiple Vendor Platforms, OpenLook, RFC-1006, RFC-1274, RFC-1277, RFC-1278, RFC-1279, Sequent, Sun, Tandem, UNIX, X.25 ABSTRACT UCOM.X 500 includes a Directory System Agent (DSA), various directory access APIs and Directory User Agents (DUAs). UCOM.X 500 is a product based on PIZARRO, the research prototype developed at INRIA by Christian Huitema's team, and commercialized by TS-E3X, a member of the France Telecom group. Characteristics of the DSA are: The DAP and DSP protocols are provided conformant with X.500 (88). The DIB is maintained in ASN.1 encoded format in the Unix file system. Utilities are provided to load and dump the DIB from and to ASCII text files. The DIT structure is held in main memory. Frequently used attributes may be held in inverted tables in memory to speed up searches. Knowledge management: knowledge on managed domains is stored in UCOM.X specific attributes of the DSA entries. Schema: The X.500 (88), X.400 (88) and most of the Cosine & Internet Schema are supported. Object class and attribute definitions are enforced. Users may define their own. Simple authentication is provided; strong authentication and signed operations are being tested operationally through TS-E3X's participation in PASSWORD, a VALUE project with aim to pilot a European security infrastructure for network applications. Access control: private mechanisms are provided to allow access control lists to be specified for parts of the DIT, to control modifications, and to specify access restrictions on attributes. Management: a UCOM.X DSA object has been defined to allow operational parameters of the DSA to be managed via DAP. Administration utilities are provided to, e.g., generate usage statistics and periodically update the database from various data sources including a knowledge discovery tool. The product offers a C language API conformant to X/Open's X/DS specification, and a C++ API (for release 10/93). The DUAs include a graphical directory browser with powerful search functionality for OpenLook and Motif, and a full-screen curses-based IETF IDS Working Group [Page 73] INTERNET-DRAFT UCOM.X 500 interface with full DAP functionality. TS-E3X's strategy for UCOM.X500 is three-fold: Firstly, to use it as the directory service for Spheris, France Telecom's range of electronic mail products based on X.400 (88) (release mid '94). Secondly, to offer it to third parties developing specific applications using X.500: current applications include a distributed application to control document transfer in a large French hospital and distributed applications management in the French Post Office; planned uses include office applications for control of document circulation (workflow) and cooperative document editing. Thirdly, to offer it to telecomms operators such as France Telecom for application in network management. UCOM.X 500 is used extensively by French research centers involved in PARADISE. COMPLIANCE (applicable only for DSAs and DUAs) UCOM.X 500 conforms to X.500 (88) as specified in paragraph 9 of X.519. Development of the product based on X.500 (93) is planned for '94 with release of a product conformant to the principal extensions at the end of '94. Emphasis is being placed on the shadowing protocol, the schema and access control. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS The COSINE and Internet Schema (RFC 1274) is supported with minor exceptions. RFC 1279 (X.500 and Domains) is supported. The string representation of PSAPs and their internal encoding conforms to RFCs 1277 and 1278. The string representation of DNs will migrate to the Internet RFC 1485 definition. AFRO (algorithme francais de recherche optimise), the search / name resolution algorithm proposed by UCOM.X 500, differs from the UFN algorithm principally in that it attempts to optimize by performing read operations before resorting to searches in order to exploit the name error information. INTEROPERABILITY Through UCOM.X 500's use in the French PARADISE pilot, interoperability has been informally but extensively tested with Quipu and other implementations. IETF IDS Working Group [Page 74] INTERNET-DRAFT UCOM.X 500 Detailed interoperability tests with Quipu, Marben and Siemens/Bull DIR/X are being conducted by the PARADISE OIFP (Operational Interworking) team at INRIA Rocquencourt, France. The product is currently also undergoing formal tests for conformance to the CTS2 DSA/DAP and ACSE/Presentation/Session specifications at the French OSI conformance test centre. PILOT CONNECTIVITY DSA and DUA connectivity to the PARADISE pilot. BUGS UCOM.X 500 is a commercial product. As such, it is supported and bugs are fixed when detected. Bug reports can be sent to our support team via electronic mail. CAVEATS AND GENERAL LIMITATIONS The DIT structure and inverted attribute tables are stored in main memory. The recommended main memory size for a DSA is 1 kb per node, i.e., 10 Mb for a database of 10,000 objects. The current recommended maximum is a database size of the order of 100,000 objects. Of the selected attribute types defined in X.500 (88), the searchGuide attribute is not supported ; neither are the following attributes from the Cosine and Internet Schema (RFC 1274): OtherMailbox, MailPreferenceOption and the various quality attributes. The X/DS API supports the Basic Directory Contents (BDCP), the MHS Directory User (MDUP) and the Strong Authentication (SAP) packages with minor limitations. A proprietary mechanism for defining new classes and attributes is offered. Asynchronous operations and multiple concurrent sessions are not supported. Whilst referral may be handled automatically, continuation references are not. INTERNETWORKING ENVIRONMENT UCOM.X 500 includes a transport stack for TP0 with TCP/IP (RFC 1006) and X.25. The stack has been ported to SunNet OSI for TP4 with CLNP. HARDWARE PLATFORMS UCOM.X 500 can easily be ported to any UNIX machine. It currently runs on: Sun 3 and 4, IBM RS 6000, DEC ULTRIX (Vax and Mips), 386- IETF IDS Working Group [Page 75] INTERNET-DRAFT UCOM.X 500 based PCs, Bull DPX/2 and DPX/20, Sequent, Tandem and others. SOFTWARE PLATFORMS UCOM.X 500 is portable to any UNIX-like operating system. It has been ported to: UNIX SVR3 and SVR4, SUN OS 4, AIX, SCO Unix, Interactive Unix, ULTRIX, HP-UX, Dynix (Sequent), BOS (Bull) and others. Ports to the following are planned: OS/2 ('94), Windows 3 ('94). The product does not make use of an external DBMS for the information base. AVAILABILITY UCOM.X is commercially available. For further information contact: Pascal Duchamp, International Sales Address: TS-E3X, Le Capitole 44, avenue des Champs Pierreux, 99029 Nanterre Cedex, France Tel: (+33) 1-46-14-50-00 Fax: (+33) 1-46-14-58-16 Email: C=FR;A=atlas;P=e3x;O=e3x;OU1=paris;S=duchamp duchamp@paris.e3x.fr or: Laurence Puvilland, Marketing Email: C=fr;A=atlas;P=e3x;O=e3x;OU1=paris;S=puvilland puvilland@paris.e3x.fr or: Ascan Woermann, R&D Email: C=fr;A=atlas;P=e3x;O=e3x;S=Woermann woermann@e3x.fr DATE LAST UPDATED July, 1993 IETF IDS Working Group [Page 76] INTERNET-DRAFT Wang OPEN/services NAME Wang OPEN/services (tm) Wang Laboratories, Inc. KEYWORDS CLNS, Commercially Available, DSA/DUA, DUA Interface, HP, IBM PC, IBM RISC, Limited Functionality, OSI Transport, RFC-1006, Wang, X.25 ABSTRACT Wang's X.500 products are a part of our OPEN/services product whose main features include the following: X.500 directory - Contains information about organizations, individuals, and distribution lists. The directory is the primary vehicle by which users of OPEN/office, Wang's X.400 electronic mail product, address mail. Authentication Services - Verifies the login name and password of each user logging into OPEN/services. International support - Provides character translation tables so that users can display screens containing international characters and use international collating sequences. Object management - Greatly increases the integration between OPEN/services, OPEN/office and other Windows-based applications. Activity logging - Records the activities of OPEN/services. This information can be useful for monitoring the OPEN/services processes and for troubleshooting. Database management - Provides utilities that validate and reorganize the OPEN/services databases including the Directory Information Base (DIB). OPEN/services includes a DSA, a DUA, and a DUA interface all rolled into one product. (The DUA interface protocol is private.) Wang OPEN/services consists of two parts: software installed on a server and software installed on PC clients on a LAN. The client or end-user software enables users to log in and log out; change the login password; use the OPEN/services directory; and perform various actions, such as open and print, on files in the Wang OPEN/applications and in certain third-party applications including IETF IDS Working Group [Page 77] INTERNET-DRAFT Wang OPEN/services Microsoft Windows File Manager. The server consists of the DSA, the DUA, the Directory Information Base, the service administration programs such as login authentication, the database management utilities, and activity logging. COMPLIANCE (applicable only for DSAs and DUAs) Wang OPEN/services complies with the 1988 CCITT Recommendations X.500-X.521 [CCITT-88] with the following exceptions. Whole tree searches are not supported, nor does the product support chained adding, modifying, or deleting. Simple authentication is supported, but strong authentication is not. In the future, the 1992 extensions to the X.500 standard will be supported by Wang OPEN/services. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS None are supported at the present time. INTEROPERABILITY The interoperability of OPEN/services with other X.500 products is untested. PILOT CONNECTIVITY Pilot connectivity between OPEN/services and the AARNET project, NADF Pilot Project, NIST Pilot Project, PARADISE, and PSI White Pages Project has not been attempted. BUGS To report problems with Wang OPEN/services, contact your local Wang sales office, your Wang authorized reseller or call your regional support center. (In the USA, the number is 404-432-9001). CAVEATS and GENERAL LIMITATIONS None INTERNETWORKING ENVIRONMENT Wang OPEN/services currently runs in the following environments: RFC1006 with TCP/IP, TP4 with CNLS, TP0 with X.25 and SLIP. IETF IDS Working Group [Page 78] INTERNET-DRAFT Wang OPEN/services HARDWARE PLATFORMS Server Requirements Installing Wang OPEN/services Server requires the following hardware: a Wang RISC Series Server 220 or greater, or an IBM RISC System/6000(tm) with a minimum of 32 MB of memory, or a Hewlett- Packard 9000 Series 800 system with a minimum of 32 MB of memory. For each system a minimum of 20 MB of free disk space in a file system is required. Client Requirements Installing OPEN/services for Windows requires the following hardware: a 386/SX CPU or later, at least 4 MB of memory, a hard disk drive with at least 2.5 MB of disk space, and a VGA monitor. A pointing device is not required to run OPEN/services but is strongly recommended. Network Requirements OPEN/services has the following network requirements: 802.3 or 802.5 LAN, network interface cards (NICs) to support TCP/IP on client PCs, Ethernet or token ring adapters on the servers, and optionally X.25 cards on the servers. SOFTWARE PLATFORMS Server Requirements Installing Wang OPEN/services Server requires the following software: AIX Operating System, release 3.2.3 or later, with bundled support for the TCP/IP protocol suite, or HP-UX Operating System, Release 9.0 or later. Client Requirements OPEN/services for Windows requires the following software: Microsoft MS-DOS(tm) Operating System, Release 5.0 or later and Microsoft Windows 3.1 or later. AVAILABILITY Wang OPEN/services is commercially available from: Wang Laboratories, Inc. 1 Industrial Avenue Lowell, Massachusetts 01851 IETF IDS Working Group [Page 79] INTERNET-DRAFT Wang OPEN/services Phone: 508-967-6114 FAX: 508-967-1105 To obtain OPEN/services, contact your local Wang sales office, your Wang authorized reseller or call 1-800-NEW-WANG. DATE LAST UPDATED or CHECKED December 6th, 1993 IETF IDS Working Group [Page 80] INTERNET-DRAFT Xdi NAME Xdi - DUA Bellcore KEYWORDS Available via FTP, DUA Connectivity, DUA Only, Free, Limited Functionality, Multiple Vendor Platforms, Needs ISODE, RFC-1274, RFC-1484, Source, Sun, UNIX, X Window System ABSTRACT Xdi is a Directory User Agent (DUA) for the X Window System. In addition to providing a user-friendly interface, it supports Directory interactions of different levels of complexity. Users can select different window screens to browse, search and modify the Directory. There are two different search screens for name based search and attribute based search. It is simple to use for novice users but is also useful for more advanced users to formulate complex search filters. Xdi also supports "user-friendly naming" in many cases so that users are not required to know X.500 naming format. COMPLIANCE (applicable only for DSAs and DUAs) 88 standard compliant: Delete and Add operations, and strong authentication not implemented. There are no facilities to modify the RDNs of entries. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS RFC 1484 and RFC 1274 are supported. INTEROPERABILITY Believed to be interoperable with other DSAs. Only tested against ISODE/QUIPU DSAs. PILOT CONNECTIVITY DUA Connectivity BUGS Send bug reports to sywuu@thumper.bellcore.com IETF IDS Working Group [Page 81] INTERNET-DRAFT Xdi CAVEATS and GENERAL LIMITATIONS INTERNETWORKING ENVIRONMENT Same as ISODE. HARDWARE PLATFORMS This software has been tested on SUN4. It is expected that the software is portable to SUN3 and other UNIX machines. SOFTWARE PLATFORMS Xdi is expected to run on ISODE (release 7.0 upwards) in UNIX environment. The 'xdi' directory has been designed to fit directly into the ISODE source tree. Xdi requires X11R4, the associated Xt toolkit and Athena widget libraries. Also see the operating environments of ISODE. AVAILABILITY The Xdi software is available via anonymous FTP from thumper.bellcore.com in file pub/xdi.tar.Z. Source code and executables can be freely distributed or modified for non-commercial and non-profit use provided that all copyright notices, permission and nonwarranty notice included in the software distribution remain intact. For further information contact Sze-Ying Wuu at sywuu@thumper.bellcore.com. DATE LAST UPDATED or CHECKED March 18th, 1993 IETF IDS Working Group [Page 82] INTERNET-DRAFT XLU NAME XLU Brunel University, UK KEYWORDS DUA Connectivity, DUA Only, Free, Multiple Vendor Platforms, Needs ISODE, Source, UNIX, X Window System ABSTRACT XLU (X LookUp) is an X.500 DUA interface for the X Window System. XLU can be configured for many different styles of interaction. Example configurations are provided for single window and multiple window use. XLU implements the `User-Friendly Naming' search strategy and also has a form-filling search mode. Asynchronous directory operations are used. Full user friendly add and modify functions are provided, with the ability to tailor the modify screen to present simple subsets of the available attributes. COMPLIANCE (applicable only for DSAs and DUAs) 88 Standard compliant: Strong authentication not yet implemented. No plans for support of the 1992 Standard. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS No plans at present. INTEROPERABILITY [No information provided--Ed.] PILOT CONNECTIVITY DUA Connectivity: The interface is in use in the UK Academic Directory Pilot. IETF IDS Working Group [Page 83] INTERNET-DRAFT XLU BUGS Bugs should be reported to x500@brunel.ac.uk. CAVEATS and GENERAL LIMITATIONS [No information provided--Ed.] INTERNETWORKING ENVIRONMENT As ISODE. HARDWARE PLATFORMS Most UNIX machines. SOFTWARE PLATFORMS UNIX MIT X11R5 libraries ISODE/QUIPU (version 8.0 >) AVAILABILITY Sources are freely available for commercial or non-commercial use. Contacts. Postal Address: Andrew Findlay Computing and Media Systems Brunel University Cleveland Road Uxbridge, Middlesex UB8 3PH UK E-mail: x500@brunel.ac.uk. Fax: +44 895 32806 (Andrew Findlay) Telephone: +44 895 203066 (Andrew Findlay) DATE LAST UPDATED or CHECKED March 1st, 1993 IETF IDS Working Group [Page 84] INTERNET-DRAFT XT-DUA NAME XT-DUA NEXOR KEYWORDS Bull, CLNS, Commercially Available, DUA Connectivity, DUA Only, HP, IBM RISC, ICL, Motif, Multiple Vendor Platforms, OpenLook, OSI Transport, RFC-1006, RFC-1274, RFC-1277, RFC-1278, RFC-1484, Solbourne, Sun, X Window System, X.25 ABSTRACT XT-DUA provides a X-Windows based user interface to the X.500 Directory. Both Motif and OpenLook styles are supported. Browsing features include: - Passing of user address information to the XT-MUA X.400 user agent. - History - allowing quick access to previously referenced parts of the DIT. - Customizable entry display - allowing subsets of attributes be displayed when showing an entry. - User Friendly Name (UFN) based searching - Hypertext-like navigation. - Support for application entities e.g. startup of ftam session. - User defined name for attribute labels. - Support for photo and audio attributes. - Attribute value on scanline. - Intelligent choice of entries to display when moving to a new location in the DIT. Management features include: Creation of new entries. - Modification of existing entries (including RDN) - based on Quipu EDB format. - Deletion of entries. - Friendly editor of modifying Quipu ACLs. - Rebinding - authenticated and to named DSA. - Full configuration of DAP request parameters IETF IDS Working Group [Page 85] INTERNET-DRAFT XT-DUA COMPLIANCE (applicable only for DSAs and DUAs) Compliant with X.500(88), and NIST SIA version 2 except X.509 strong authentication not implemented (under development). NEXOR is committed to migrate XT-DUA to the 1992 standards. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS The following are supported: UFN [RFC 1484] RFC 1274 RFC 1277 RFC 1278 INTEROPERABILITY XT-DUA has interoperated with all DSAs used in the PARADISE pilot. PILOT CONNECTIVITY Full DUA connectivity to the PARADISE and PSI White Pages X.500 Pilots. BUGS No known bugs. Support is given via phone or email to "support@nexor.co.uk" CAVEATS and GENERAL LIMITATIONS None. INTERNETWORKING ENVIRONMENT OSI TP4 with CLNP OSI TP0 with X.25 or CONS RFC 1006 with TCP/IP HARDWARE PLATFORMS Sun Solbourne IBM RS/6000 Bull DPX 6000 HP Apollo 9000 IETF IDS Working Group [Page 86] INTERNET-DRAFT XT-DUA SOFTWARE PLATFORMS SunOs 4.1.x AIX 3.2 HP-UX 9.01 Windows 3.1 (over LDAP) Other ports planned include SCO Unix and ICL DRS6000. AVAILABILITY XT-DUA is commercial software. For more details contact: XT-DUA Sales NEXOR 8 Faraday Building Highfields Science Park Nottingham NG7 2QP UK DN: c=GB@o=NEXOR Ltd Telephone: +44 602 520500 Fax: +44 602 520519 E-Mail: sales@nexor.co.uk DATE LAST UPDATED or CHECKED August 2nd, 1993 IETF IDS Working Group [Page 87] INTERNET-DRAFT XT-QUIPU NAME XT-QUIPU NEXOR KEYWORDS Bull, CLNS, Commercially Available, DSA Connectivity, DSA Only, HP, IBM RISC, ICL, Multiple Vendor Platforms, OSI Transport, RFC-1006, RFC-1274, RFC-1276, RFC-1277, RFC-1278, RFC-1279, RFC-1484, RFC-1485, Solbourne, Sun, X.25 ABSTRACT XT-QUIPU is an X.500(88) DSA. Characteristics of the DSA are: - Full DAP access - Full DSP access - Support for X.400, X.500, and RFC 1274 attributes and object classes - Approximate match based on Soundex. - Flexible schema management - RFC 1276 Replication - Attribute level access control - Search and list access control - Knowledge management mapped onto DIT - Attribute inheritance - Caching - Remote management COMPLIANCE (applicable only for DSAs and DUAs) Compliant with X.500(88), and NIST SIA version 2 except X.509 strong authentication not implemented (under development). NEXOR is committed to migrate XT-QUIPU to the 1992 standards. COMPATIBILITY WITH PROPOSED INTERNET STANDARDS The following are supported: String DN format [RFC 1485] UFN [RFC 1484] RFC 1274 RFC 1276 RFC 1277 RFC 1278 IETF IDS Working Group [Page 88] INTERNET-DRAFT XT-QUIPU RFC 1279 INTEROPERABILITY XT-QUIPU interoperates will all DSAs used in the PARADISE pilot. PILOT CONNECTIVITY XT-QUIPU DSAs are fully connected to the PARADISE and PSI White Pages X.500 Pilots. BUGS No known bugs. Support is given via phone or email to "support@nexor.co.uk" CAVEATS and GENERAL LIMITATIONS None. INTERNETWORKING ENVIRONMENT OSI TP4 wtih CLNP OSI TP0 with X.25 or CONS RFC 1006 with TCP/IP HARDWARE PLATFORMS Sun Solbourne IBM RS/6000 Bull DPX 6000 ICL DRS/6000 HP Apollo 9000 SOFTWARE PLATFORMS SunOs 4.1.x AIX 3.2 DRS/NX 6000 HP-UX 9.01 Other ports planned include SCO Unix. AVAILABILITY XT-QUIPU is commercial software. For more details contact: IETF IDS Working Group [Page 89] INTERNET-DRAFT XT-QUIPU XT-QUIPU Sales NEXOR 8 Faraday Building Highfields Science Park Nottingham NG7 2QP UK DN: c=GB@o=NEXOR Ltd Telephone: +44 602 520500 Fax: +44 602 520519 E-Mail: sales@nexor.co.uk DATE LAST UPDATED or CHECKED August 2nd, 1993 IETF IDS Working Group [Page 90] INTERNET-DRAFT August 1993 4. References [CCITT-88] CCITT, "Data Communications Networks Directory," Recommendations X.500-X.521, Volume VIII - Fascicle VIII.8, IXth Plenary Assembly, Melbourne, November 1988. [NIST-88] National Institute of Standards and Technology, "Stable Implementation Agreements for Open Systems Interconnection Protocols," Version 2 Edition 1, NIST Special Publication 500-162, December 1988. [RFC 1202] Rose, M. T., "Directory Assistance Service." February 1991. [RFC 1249] Howes, T., M. Smith, and B. Beecher, "DIXIE Protocol Specification," University of Michigan, August 1991. [RFC 1274] Barker, P., and S. Kille, "The COSINE and Internet X.500 Schema," University College, London, England, November 1991. [RFC 1275] Kille, S., "Replication Requirements to provide an Internet Directory using X.500," University College, London, England, November 1991. [RFC 1276] Kille, S., "Replication and Distributed Operations extensions to provide an Internet Directory using X.500," University College, London, England, November 1991. [RFC 1277] Kille, S., "Encoding Network Addresses to support operation over non-OSI lower layers," University College, London, England, November 1991. [RFC 1278] Kille, S., "A string encoding of Presentation Address," University College, London, England, November 1991. [RFC 1279] Kille, S., "X.500 and Domains," University College, London, England, November 1991. [RFC 1484] Kille, S., "Using the OSI Directory to achieve User Friendly Naming." July 1993. [RFC 1485] S. Kille, "A String Representation of Distinguished Names." July 1993. [RFC 1487] Yeong, W., T. Howes, and S. Kille, "X.500 Lightweight IETF IDS Working Group [Page 91] INTERNET-DRAFT August 1993 Directory Access Protocol." July 1993. [RFC 1488] Howes, T., S. Kille, W. Yeong, and C. Robbins, "The X.500 String Representation of Standard Attribute Syntaxes." July 1993. 5. Security Considerations Security considerations are not discussed in this memo. 6. Editors' Addresses Arlene F. Getchell Lawrence Livermore National Laboratory National Energy Research Supercomputer Center P.O. Box 5509, L-561 Livermore, CA 94551 (510) 423-6349 getchell@es.net X.400: s=getchell;p=esnet;a= ;c=us; Srinivas R. Sataluri AT&T Bell Laboratories Room 1C-429, 101 Crawfords Corner Road P.O. Box 3030 Holmdel, NJ 07733-3030 (908) 949-7782 sri@qsun.att.com This Internet Draft expires March 15th, 1994. IETF IDS Working Group [Page 92]