Integrated Directory Services Chris Apple Working Group AT&T INTERNET-DRAFT Ken Rossen SHL Systemhouse 21 January 1996 X.500 Implementations Catalog-96 Filename: draft-ietf-ids-x500-imps-00.txt Status of this Memo This document is an Internet Draft. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. Internet Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material or to cite them other than as a "working draft" or "work in progress." Please check the I-D abstract listing contained in each Internet Draft directory to learn the current status of this or any other Internet Draft. This Internet Draft expires July 21, 1996. Abstract This document is a draft of a revision to RFC 1632: A Revised Catalog of Available X.500 Implementations and is based on the results of data collection via a WWW home page that enabled implementors to submit new or updated descriptions of currently available implementations of X.500, including commercial products and openly available offerings. RFC 1632 is a revision of RFC 1292. We contacted each contributor to RFC 1632 to request an update and published the URL of the WWW home page survey template in several mailing lists to encourage the submission of new product descriptions. This document contains detailed description of TBD X.500 implementations - DSAs, DUAs, and DUA interfaces. Apple, Rossen [Page 1] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 1. Introduction This document catalogs currently available implementations of X.500, including commercial products and openly available offerings. For the purposes of this survey, we classify X.500 products as, DSA A DSA is an OSI application process that provides the Directory functionality, DUA A DUA is an OSI application process that represents a user in accessing the Directory and uses the DAP to communicate with a DSA, and DUA Interface A DUA Interface is an application process that represents a user in accessing the Directory using either DAP but supporting only a subset of the DAP functionality or a protocol different from DAP to communicate with a DSA or DUA. Section 2 of this document contains a listing of implementations cross referenced by keyword. This list should aid in identifying implementations that meet your criteria. To compile this catalog, the IDS Working Group solicited input from the X.500 community by publishing a URL for a set of on-line description forms deployed on the WWW as a home page on an InterNIC server. This URL (http://www.internic.net/projects/x500catalog/catalogtop.html) was advertised on the following directory-related mailing lists: iso@nic.ddn.mil, isode@nic.ddn.mil, osi-ds@cs.ucl.ac.uk, ids@merit.edu, ietf-asid@umich.edu, mhs-ds@mercury.udev.cdc.com, nadf-l@ema.org, and dssig@nist.gov. Readers are encouraged to submit comments regarding both the forms and content of this memo. New submissions are welcome. Please direct input to the Integrated Directory Services (IDS) Working Group (ietf-ids@umich.edu) or to the authors. IDS will produce new versions of this document when a significant number of substantive comments have been received or when significant updates and/or modifications to X.500-related standards documents have been Apple, Rossen [Page 2] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 ratified. This will be determined by the IDS chairpersons. 1.1 Purpose The Internet has experienced a steady growth in X.500 piloting activities. This document hopes to provide an easily accessible source of information on X.500 implementations for those who wish to consider X.500 technology for deploying a Directory service. 1.2 Scope This document contains descriptions of both free and commercial X.500 implementations. It does not provide instructions on how to install, run, or manage these implementations. The descriptions and indices are provided to make the readers aware of available options and thus enable more informed choices. 1.3 Disclaimer Implementation descriptions were written by implementors and vendors, and not by the editors. We worked with the description authors to ensure uniformity and readability, but cannot guarantee the accuracy or completeness of the descriptions, nor the stability of the implementations. 1.4 Overview Section 1 contains introductory information. Section 2 contains a list of keywords, their definitions, a cross reference of the X.500 implementations by these keywords and a table containing implementor name, implementor abreviation, and the page of this document on which the description begins for a particular implementor. Section 3 contains the X.500 implementation descriptions. Section 4 has a list of references. Section 6 lists the editors' addresses. 1.5 Acknowledgments The creation of this catalog would not have been possible without the efforts of the description authors and the members of the IDS Working Group. Our special thanks to the editors of RFC 1632, Linda Apple, Rossen [Page 3] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Millington and Sri Sataluri who graciously contributed the nroff source file used to structure their version of the catalog. 2. Keywords Keywords are abbreviated attributes of the X.500 implementations. The list of keywords defined below was derived from the implementation descriptions themselves. Implementations were indexed by a keyword either as a result of: (1) explicit, not implied, reference to a particular capability in the implementation description text, or (2) input from the implementation description author(s). 2.1 Keyword Definitions This section contains keyword definitions. They have been organized and grouped by functional category. The definitions are ordered first alphabetically by keyword category, and second alphabetically by implementation name within keyword category. 2.1.1 Availability Available via FTP Implementation is available using FTP. Commercially Available This implementation can be purchased. Free Available at no charge, although other restrictions may apply. Limited Availability Need to contact provider for terms and conditions of distribution. 2.1.4 Conformance with Directory International Standard/Recommendation PICS-AVAIL Completed PICS per X.581/X.582 DAP Apple, Rossen [Page 4] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Support for the DAP protocol DSP Support for the DSP protocol DISP Support for the DISP protocol DOP Support for the DOP protocol BAC Support for Basic Access Control SAC Support for Simplified Access Control 2.1.3 Conformance with Proposed Internet Standards These RFCs specify standards track protocols for the Internet community. Implementations which conform to these evolving proposed standards have a higher probability of interoperating with other implementations deployed on the Internet. RFC-1274 Implementation supports RFC 1274: Barker, P., and S. Kille, The COSINE and Internet X.500 Schema, University College, London, England, November 1991. RFC-1276 Implementation supports RFC 1276: Kille, S., Replication and Distributed Operations extensions to provide an Internet Directory using X.500, University College, London, England, November 1991. RFC-1277 Implementation supports RFC 1277: Kille, S., Encoding Network Addresses to support operation over non-OSI lower layers, Apple, Rossen [Page 5] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 University College, London, England, November 1991. RFC-1567 Implementation supports RFC 1567: Mansfield, G., and Kille, S., X.500 Directory Monitoring MIB, AIC Systems Laboratory, ISODE Consortium, January 1994. RFC-1778 Implementation supports RFC 1778: Howes, T., Kille, S., Yeong, W., and Robbins, The String Representation of Standard Attribute Syntaxes, March 1995. RFC-1777 Implementation supports RFC 1777: Yeong, W., Howes, T., and Kille, S., Lightweight Directory Access Protocol, March 1995. RFC-1779 Implementation supports RFC 1779: Kille, S., A String Representation of Distinguished Names, March 1995. RFC-1798 Implementation supports RFC 1798: Young, A., Connection-less Lightweight Directory Access Protocol, June 1995. 2.1.4 Consistence with Informational and Experimental Internet RFCs These RFCs provide information to the Internet community and are not Internet standards. Compliance with these RFCs is not necessary for interoperability but may enhance functionality. RFC-1202 Implementation supports RFC 1202: Rose, M. T., Directory Assistance Service. February 1991. RFC-1249 Implementation supports RFC 1249: Howes, T., M. Smith, and B. Beecher, DIXIE Protocol Specification, University of Michigan, August 1991. Apple, Rossen [Page 6] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 RFC-1275 Implementation supports RFC 1275: Kille, S., Replication Requirements to provide an Internet Directory using X.500, University College, London, England, November 1991. RFC-1278 Implementation supports RFC 1278: Kille, S., A string encoding of Presentation Address, University College, London, England, November 1991. RFC-1279 Implementation supports RFC 1279: Kille, S., X.500 and Domains, University College, London, England, November 1991. RFC-1558 Implementation supports RFC 1558: Howes, T., A String Representation of LDAP Search Filters, December 1993. RFC-1562 Implementation supports RFC 1562: Michaelson, G. and Prior, M., Naming Guidelines for the AARNet X.500 Directory Service, December 1993. RFC-1608 Implementation supports RFC 1608: Johannsen, T., Mansfield, G., Kosters, M., and Sataluri, S., Representing IP Information in the X.500 Directory, March 1994. RFC-1609 Implementation supports RFC 1609: Mansfield, G., Johannsen, T., and Knopper, M., Charting Networks in the X.500 Directory, March 1994. RFC-1617 Implementation supports RFC 1617: Barker, P., Kille, S., and Lenggenhager, T., Naming and Structuring Guidelines for X.500 Directory Pilots, May 1994. Apple, Rossen [Page 7] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 RFC-1781 Implementation supports RFC 1781: Kille, S., Using OSI Directory to Achieve User Friendly Naming, March 1995. RFC-1801 Implementation supports RFC 1801: Kille, S., MHS Use of the X.500 Directory to support MHS Routing, June 1995. RFC-1803 Implementation supports RFC 1803: Wright, R., Getchell, Howes, T., Sataluri, S., Yee, P., and Yeong, W., Recommendations for an X.500 Production Directory Service, June 1995. RFC-1804 Implementation supports RFC 1804: Mansfield, G., Rajeev, P., Raghavan, S., and Howes, T., Schema Publishing in X.500 Directory, June 1995. 2.1.5 Consistence with other relevant standards and profiles ADI12 Implementation support ISO/IEC pdISP 10615-2... ADI21 Implementation supports ISO/IEC ISP 10615-4 ADI22 Implementation support ISO/IEC ISP 10615-3 ADI31 Implementation supports ISO/IEC pdISP 10615-? ADI32 Implementation supports ISO/IEC pdISP 10615-? FDI11 Apple, Rossen [Page 8] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Implementation supports ISO/IEC pdISP 10615-? FDI3 Implementation supports ISO/IEC pdISP 10615-? XDS Implementation supports the XDS API defined in IEEE 1224.2 2.1.6 Support for popular schema elements NADF Implementation supports the directory schema defined in NADF SD-4. Other Popular Schemas Implementation supports other popular schema elements. 2.1.7 Miscellaneous Functionality DYN-OBJ Implementation allows the object class of an entry to be changed dynamically (not allowed in X.500[1988], allowed in 1993) ALIAS-CONSISTENCY Implementation incorporates facilities for maintenance of alias integrity in the face of modification or deletion of the aliased object. 2.1.8 Implementation Type API Implementation comes with an application programmer's interface (i.e., a set of libraries and include files). DSA Only Apple, Rossen [Page 9] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Implementation consists of a DSA only. No DUA is included. DSA/DUA Both a DSA and DUA are included in this implementation. DUA Interface Implementation is a DUA-like program that uses either DAP, but supporting only a subset of the DAP functionality, or uses a protocol different from DAP to communicate with a DSA or DUA. DUA Only Implementation consists of a DUA only. No DSA is included. LDAP DUA interface program uses the Lightweight Directory Access Protocol (LDAP). 2.1.9 Internetworking Environment CLNS Implementation operates over the OSI ConnectionLess Network Service (CLNS). OSI Transport Implementation operates over one or more OSI transport protocols. RFC-1006 Implementation operates over RFC-1006 with TCP/IP transport service. RFC-1006 is an Internet Standard. X.25 Implementation operates over OSI X.25. Apple, Rossen [Page 10] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 2.1.10 Pilot Connectivity DUA Connectivity The DUA can be connected to the pilot, and information on any pilot entry looked up. The DUA is able to display standard attributes and object classes and those defined in the COSINE and Internet Schema. DSA Connectivity The DSA is connected to the DIT, and information in this DSA is accessible from any pilot DUA. 2.1.11 Miscellaneous Included in ISODE DUAs that are part of ISODE. Limited Functionality Survey states that the implementation has some shortcomings or intended lack of functionality, e.g., omissions were part of the design to provide an easy-to-use user interface. Motif Implementation provides a Motif-style X Window user interface. Needs ISODE ISODE is required to compile and/or use this implementation. OpenView Implementation provides an OpenView-style X Window user interface. X Window System Implementation uses the X Window System to provide its user interface. Apple, Rossen [Page 11] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Language Support Implementation supports single or multiple languages. Documentation Language Support Documentation for implementation is available in single or multiple languages. Number of Implementations Implementor gave an estimate of the number of instantiations of their implementation are deployed in live directory services. Existing Database Support Implementation includes support for a non-X.500 DIT repository, synchronization with non-X.500 DBMS, or non-X.500 DBMS to X.500 DIT repository format conversion tools. 2.1.12 Operating Environment MS Windows Implementation runs under Microsoft Windows. MS Windows NT Implementation runs under Microsoft Windows NT. MS Windows95 Implementation runs under Microsoft Windows95. 386 Implementation runs on a 386-based platform. 486 Implementation runs on a 486-based platform. Pentium Implementation runs on a Pentium-based platform. Apple, Rossen [Page 12] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Bull Implementation runs on a Bull platform. CDC Implementation runs on a CDC MIPS platform. DEC ULTRIX Implementation runs under DEC ULTRIX. DEC UNIX Implementation runs under DEC UNIX. DEC OpenVMS AXP Implementation runs on a DEC AXP platform running OpenVMS. DEC OpenVMS VAX Implementation runs on a DEC VAX platform running OpenVMS. HP Implementation runs on an HP platform. IBM PC Implementation runs on a PC. IBM RISC Implementation runs on IBM's RISC UNIX workstation. ICL Implementation runs on an ICL platform. Macintosh Implementation runs on a Macintosh. Multiple Vendor Platforms Apple, Rossen [Page 13] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Implementation runs on more than one hardware platform. Sequent Implementation runs on a Sequent platform. SNI Implementation runs on a Siemens Nixdorf platform. Solbourne Implementation runs on a Solbourne platform. Sun Implementation runs on a Sun platform. Tandem Implementation runs on a Tandem platform. UNIX Implementation runs on a generic UNIX platform. Wang Implementation runs on a Wang RISC platform. 2.2 Implementations Indexed by Keyword This section contains an index of implementations by keyword. You can use this list to identify particular implementations that meet your chosen criteria. Table 2-1 shows the implementations about which information can be found in this document as well as the abreviation used to represent this implementation and the page number on which each implementation description begins. Apple, Rossen [Page 14] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Implementation Name |Abbreviation | Page ======================================|================|====== A-Window-To-Directory |AWTD | 37 --------------------------------------|----------------|------ Cycle (tm) LiveData (tm) |Cycle | 39 --------------------------------------|----------------|------ Global Directory Server |GDS | 41 --------------------------------------|----------------|------ ISODE Rel. 3.0 X.500(1993) Directory |ISODE.r3 | 47 --------------------------------------|----------------|------ ISOPLEX DS (tm) DSA |ISOPLEX | 50 --------------------------------------|----------------|------ LDAP Implementation |LDAP | 54 --------------------------------------|----------------|------ maX.500 Macintosh DUA Interface |maX.500 | 58 --------------------------------------|----------------|------ Messageware DSA |MDSA | 61 --------------------------------------|----------------|------ Messageware PC-DUA |MDUA | 64 --------------------------------------|----------------|------ OSIAM x.500-88 |OSIAM | 67 --------------------------------------|----------------|------ PMDF-x500 |PMDF | 71 --------------------------------------|----------------|------ waX.500 :: Windows Access to X.500 |waX.500 | 75 --------------------------------------|----------------|------ X500-DS |X500-DS | 77 --------------------------------------|----------------|------ X500-DUA |X500-DUA | 77 Table 2-1: Table of Implementation Identifiers The index is organized as follows: keywords appear in alphabetical order; implementations characterized by that keyword are listed alphabetically as well. Note that a "*" is used to indicate that the particular implementation, or feature of the implementation, may not be available at this time. For formatting purposes, we have used the abbreviations for implementation names as defined above in Table 2-1. Apple, Rossen [Page 15] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Available via FTP LDAP maX.500 MDSA waX.500 Commercially Available AWTD Cycle GDS ISODE.r3 MDSA OSIAM PMDF X500-DS X500-DUA Free ISODE.r3 LDAP maX.500 waX.500 Comments on Freeness ISODE.r3 LDAP maX.500 Limited Availability ISODE.r3 MDSA PMDF PICS-AVAIL Apple, Rossen [Page 16] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Cycle ISODE.r3 MDSA OSIAM DAP AWTD Cycle GDS ISODE.r3 MDSA OSIAM PMDF X500-DS X500-DUA DSP AWTD GDS ISODE.r3 MDSA OSIAM PMDF X500-DS DISP GDS ISODE.r3 MDSA DOP BAC Apple, Rossen [Page 17] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 GDS ISODE.r3 MDSA PMDF SAC GDS ISODE.r3 MDSA PMDF RFC-1274 GDS ISODE.r3 LDAP maX.500 MDSA OSIAM PMDF waX.500 RFC-1276 GDS MDSA PMDF RFC-1277 AWTD GDS ISODE.r3 MDSA OSIAM PMDF X500-DS X500-DUA Apple, Rossen [Page 18] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 RFC-1567 GDS ISODE.r3 RFC-1778 GDS ISODE.r3 LDAP maX.500 MDSA OSIAM PMDF waX.500 RFC-1777 GDS ISODE.r3 LDAP maX.500 MDSA OSIAM PMDF waX.500 RFC-1779 GDS ISODE.r3 LDAP maX.500 MDSA OSIAM PMDF waX.500 RFC-1798 LDAP PMDF Apple, Rossen [Page 19] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 RFC-1202 GDS MDSA PMDF RFC-1249 GDS RFC-1275 GDS ISODE.r3 PMDF RFC-1278 GDS ISODE.r3 LDAP MDSA PMDF RFC-1279 GDS ISODE.r3 MDSA PMDF RFC-1558 GDS ISODE.r3 LDAP maX.500 MDSA PMDF Apple, Rossen [Page 20] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 RFC-1562 GDS ISODE.r3 MDSA PMDF RFC-1608 MDSA PMDF RFC-1609 MDSA RFC-1617 GDS ISODE.r3 MDSA PMDF RFC-1781 GDS ISODE.r3 LDAP maX.500 MDSA PMDF RFC-1801 GDS ISODE.r3 MDSA PMDF RFC-1803 Apple, Rossen [Page 21] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 GDS ISODE.r3 MDSA PMDF RFC-1804 MDSA ADI12 AWTD GDS OSIAM X500-DS X500-DUA ADI21 AWTD GDS OSIAM X500-DS X500-DUA ADI22 AWTD GDS OSIAM X500-DS X500-DUA ADI31 AWTD GDS OSIAM X500-DS X500-DUA Apple, Rossen [Page 22] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 ADI32 GDS OSIAM FDI11 AWTD GDS OSIAM X500-DS X500-DUA FDI3 AWTD GDS OSIAM X500-DS X500-DUA XDS AWTD ISODE.r3 MDSA OSIAM X500-DS X500-DUA NADF GDS ISODE.r3 LDAP maX.500 MDSA OSIAM PMDF X500-DS X500-DUA Apple, Rossen [Page 23] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Other Popular Schemas ISODE.r3 maX.500 PMDF DYN-OBJ AWTD GDS ISODE.r3 LDAP MDSA PMDF X500-DS X500-DUA ALIAS-CONSISTENCY AWTD GDS X500-DS X500-DUA API AWTD GDS Cycle ISODE.r3 LDAP MDSA OSIAM PMDF X500-DS X500-DUA DSA Only MDSA Apple, Rossen [Page 24] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 DSA/DUA AWTD Cycle GDS ISODE.r3 LDAP MDSA OSIAM PMDF X500-DS X500-DUA DUA Interface Cycle GDS LDAP maX.500 OSIAM PMDF DUA Only AWTD maX.500 MDSA waX.500 X500-DUA LDAP GDS ISODE.r3 LDAP maX.500 waX.500 OSI CLNS Apple, Rossen [Page 25] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 AWTD Cycle GDS ISODE.r3 MDSA OSIAM PMDF X500-DS X500-DUA OSI CONS AWTD GDS ISODE.r3 MDSA OSIAM PMDF X500-DS X500-DUA OSI Transport AWTD Cycle GDS ISODE.r3 MDSA OSIAM PMDF X500-DS X500-DUA RFC-1006 Apple, Rossen [Page 26] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 AWTD Cycle GDS ISODE.r3 LDAP MDSA OSIAM PMDF X500-DS X500-DUA X.25 AWTD GDS ISODE.r3 MDSA OSIAM PMDF X500-DS X500-DUA DUA Connectivity AWTD GDS ISODE.r3 LDAP maX.500 MDSA OSIAM PMDF X500-DUA DSA Connectivity GDS ISODE.r3 MDSA OSIAM PMDF Apple, Rossen [Page 27] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Included in ISODE PMDF Limited Functionality Cycle Motif ISODE.r3 MDSA PMDF Needs ISODE OpenView MDSA X Window System GDS ISODE.r3 MDSA PMDF Language Support AWTD Cycle GDS LDAP MDSA OSIAM PMDF X500-DS X500-DUA Apple, Rossen [Page 28] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Documentation Language Support AWTD Cycle GDS LDAP maX.500 MDSA OSIAM waX.500 X500-DS X500-DUA Number of Implementations Cycle GDS LDAP waX.500 Existing Database Support Cycle GDS ISODE.r3 LDAP MDSA OSIAM MS Windows Cycle LDAP MDSA OSIAM waX.500 MS Windows NT Apple, Rossen [Page 29] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Cycle GDS LDAP MDSA OSIAM waX.500 MS Windows95 Cycle LDAP MDSA waX.500 x386 Cycle GDS ISODE.r3 LDAP MDSA OSIAM waX.500 x486 Cycle GDS ISODE.r3 LDAP MDSA OSIAM waX.500 Pentium-class Apple, Rossen [Page 30] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Cycle GDS ISODE.r3 LDAP MDSA OSIAM waX.500 Bull AWTD OSIAM X500-DS X500-DUA DEC ULTRIX ISODE.r3 LDAP MDSA DEC UNIX ISODE.r3 LDAP MDSA PMDF DEC OpenVMS AXP PMDF DEC OpenVMS VAX LDAP PMDF HP Apple, Rossen [Page 31] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 GDS ISODE.r3 LDAP MDSA OSIAM IBM PC Cycle ISODE.r3 LDAP MDSA OSIAM IBM RISC GDS ISODE.r3 LDAP MDSA OSIAM ICL MDSA Macintosh LDAP maX.500 Multiple Vendor Platforms Cycle GDS ISODE.r3 LDAP MDSA OSIAM PMDF Apple, Rossen [Page 32] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 Sequent SNI ISODE.r3 Solbourne LDAP Sun GDS ISODE.r3 LDAP MDSA OSIAM Tandem UNIX AWTD ISODE.r3 LDAP MDSA OSIAM X500-DS X500-DUA Wang OSF-DCE AWTD Apple, Rossen [Page 33] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 3. Implementation Descriptions In the following pages you will find descriptions of X.500 implemen- tations listed in alphabetical order. In the case of name colli- sions, the name of the responsible organization, in square brackets, has been used to distinguish the implementations. Note that throughout this section, the page header reflects the name of the implementation, not the date of the document. The descriptions fol- low a common format, as described below: NAME The name of the X.500 implementation and the name of the responsible organization. Implementations with a registered trademark indicate this by appending "(tm)", e.g., GeeWhiz(tm). KEYWORDS A list of the keywords defined in Section 2 that have been used to cross reference this implementation. ABSTRACT A brief description of the application. This section may optionally contain a list of the pilot projects in which the application is being used. COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) A statement of compliance with respect to the 1988 CCITT Recommenda- tions X.500-X.521 [CCITT-88], specifically Section 9 of X.519, or the 1988 NIST OIW Stable Implementation Agreements [NIST-88]. COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) A statement of compliance with respect to the 1993 ITU-T Recommenda- tions X.500-X.521 [ITU-T-93], specifically Section 9 of X.519, or the 1994 NIST OIW Stable Implementation Agreements [NIST-94]. CONFORMANCE WITH PROPOSED INTERNET STANDARDS A statement of compliance with respect to the several proposed Inter- net Standards. CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs Apple, Rossen [Page 34] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 A statement of compliance with respect to the several informational and experimental Internet RFCs. INTEROPERABILITY A list of other DUAs and DSAs with which this implementation can interoperate. PILOT CONNECTIVITY Describes the level of connectivity it can offer to the pilot direc- tory service operational on the Internet in North America, and to pilots co-ordinated by the PARADISE project in Europe. Levels of connectivity are: Not Tested, None, DUA Connectivity, and DSA Connec- tivity. BUGS A warning on known problems and/or instructions on how to report bugs. CAVEATS AND GENERAL LIMITATIONS A warning about possible side effects or shortcomings, e.g., a feature that works on one platform but not another. INTERNETWORKING ENVIRONMENT A list of environments in which this implementation can be used, e.g., RFC-1006 with TCP/IP, TP0 or TP4 with X.25. HARDWARE PLATFORMS A list of hardware platforms on which this application runs, any additional boards or processors required, and any special suggested or required configuration options. SOFTWARE PLATFORMS A list of operating systems, window systems, databases, or unbundled software packages required to run this application. AVAILABILITY A statement regarding the availability of the software (free or com- mercially available), a description of how to obtain the software, Apple, Rossen [Page 35] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 and (optionally) a statement regarding distribution conditions and restrictions. DATE LAST UPDATED or CHECKED The month and year within which this implementation description was last modified. Apple, Rossen [Page 36] INTERNET-DRAFT A-Window-To-Directory 21 January 1996 NAME A-Window-To-Directory (AWTD) ABSTRACT A-Window-To-Directory is a simple-to-use DUA interface available on PC that provides access to the X.500 Directory Services. The available operations are: bind (authenticated or anonymous), read, list, compare, modify, modifyRDN, search, add, remove and unbind. It is designed to be used with the Bull X500-DUA product and for that reason is able to handle any of the defined schema. The new acronyms, objects and attributes are automatically loaded without any customisation. The interface of the application may be personalized in several ways, through Local Preferences stored on the PC and through User Settings stored on the UNIX machine that runs the Bull X500-DUA product. COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) A-Window-To-Directory offers all the services described in the 88 CCITT X.500 standard. COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) No CONFORMANCE WITH PROPOSED INTERNET STANDARDS No CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs No INTEROPERABILITY Is designed to interoperate with Bull X500-DUA and X500-DS products PILOT CONNECTIVITY [No information provided. -- Ed.] Apple, Rossen [Page 37] INTERNET-DRAFT A-Window-To-Directory 21 January 1996 BUGS Bull S.A. provides complete software maintenance with the products. CAVEATS AND GENERAL LIMITATIONS [No information provided. -- Ed.] INTERNETWORKING ENVIRONMENT Proprietary protocol to access the Bull X500-DUA through TCP/IP sockets. The product may be used on LAN (Ethernet) or WAN (X.25). HARDWARE PLATFORMS 386SX/DX, 486SX/DX PC Ethernet board/connection 4 MBytes RAM 3 Mbytes on disk SOFTWARE PLATFORMS MS-DOS 5.0 Microsoft Windows 3.1 Microsoft TCP/IP stack installed, version 1.0 AVAILABILITY The product is commercially available since February 1995. DATE LAST UPDATED or CHECKED November 1995 ADDITIONAL INFORMATION and/or COMMENTS [No information provided. -- Ed.] Apple, Rossen [Page 38] INTERNET-DRAFT Cycle (tm) LiveData (tm) 21 January 1996 NAME Cycle (tm) LiveData (tm) (Cycle) Cycle Software,Inc. ABSTRACT A component of the Cycle Virtual Data Highway. Network software product used to break down barriers between isolated systems. Available separatly as Cycle LiveNet (DUA) and Cycle LiveNet Directory (DUA & DSA) COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) Cycle LiveData is compliant with the 1988 NIST OIW Stable Agreements to the extent that implementations based on the more recent stable agreements are compliant. COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) Cycle LiveData is compliant with the 1993 NIST OIW Stable Agreements. CONFORMANCE WITH PROPOSED INTERNET STANDARDS Unknown CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs Unknown INTEROPERABILITY Not tested PILOT CONNECTIVITY Not tested BUGS No known bugs Apple, Rossen [Page 39] INTERNET-DRAFT Cycle (tm) LiveData (tm) 21 January 1996 CAVEATS AND GENERAL LIMITATIONS Current release supports objects of the Application Entity Object Class only. This limitation is being relaxed in the next release. INTERNETWORKING ENVIRONMENT RFC-1006 with TCP/IP,TP4, RFC-1070with IP,IPX, and NetBEUI. HARDWARE PLATFORMS Runs on Microsoft Windows hardware platforms. SOFTWARE PLATFORMS Windows 95, Windows NT, Windows for Workgroups AVAILABILITY Commercially Available. Contact: Cycle Software,Inc. 1212 Hancock St. Quincy, MA 02169 Voice- 617-770-9594 Fax- 617-770-9903 E-mail cycle@livedata.com. DATE LAST UPDATED or CHECKED 1/96 ADDITIONAL INFORMATION and/or COMMENTS [No information provided. -- Ed.] Apple, Rossen [Page 40] INTERNET-DRAFT Global Directory Server 21 January 1996 NAME Global Directory Server Control Data Systems, Inc. ABSTRACT Control Data's X.500 implementation, called the Global Directory Server, is compliant with the 1993 ITU-T Recommendations X.500-X.521, except for DOP, schema publication, and non-specific subordinate references. Features include: * 1993 administrative framework - 1993 operational attributes - 1993 reference structure - 1993 distributed operations - 1993 incremental and full replication including: + Supplier or consumer initiated + Periodic (by update interval) or onchange replication + Complete subtree specification to select replicated area + Reference replication - 1993 basic access control including: + Prescriptive, entry and subentry ACI supported + Item first and user first specification + All user classes supported including users by subtree specification + Access control by entry, attribute and attribute value Apple, Rossen [Page 41] INTERNET-DRAFT Global Directory Server 21 January 1996 + All priority levels supported * 1993 collective attributes * 1993 hierarchical attributes * 1993 operational extensions * Full interoperability with "quipu" implementations including: - quipu replication for designated portions of DIT - quipu reference model for designated portions of DIT - enhanced quipu access controls (ACLs) - quipu operational attributes for designated portions of DIT * Can "automatically" migrate quipu DIT to 1993 DIT: - Migration process is dynamic, can occur while DSA is operating - Process preserves quipu attributes if desired Also: * Directory API based on the X.400 API * Support for X.400 objects including those to support MHS use of directory to support MHS routing * Integration with Control Data's Mail*Hub standards-based E- mail and directory integration products * DUA interfaces that support the full set of directory operations * A DUA daemon that provides directory access for applications * Directory synchronization tools for synchronizing PC/Mac/DEC/IBM mail directories and other sources of information, such as human resources databases, with X.500 Apple, Rossen [Page 42] INTERNET-DRAFT Global Directory Server 21 January 1996 * Hash indexing for fast string search * dixie, dad, finger, whois, and ph.x500 support * SNMP based monitoring and management of DSAs * Support for DAP, LDAP, DSP, and DISP * Can be browsed via standard World Wide Web browsers Control Data Systems offers complete integration services to design, plan, install, configure, tailor and maintain X.500 services. These services may include the preparation of customer unique DUAs and tools for X.500 integration, synchronization, operational control and management. COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) The Global Directory Server complies with the 1988 CCITT Recommendations X.500-X.521 [CCITT-88] and the 1988 NIST OIW Stable Implementation Agreements [NIST-88]. It also complies with all static and dynamic requirements of X.519. The Global Directory Server also provides: * Full interoperability with "quipu" implementations including: - quipu replication for designated portions of DIT - quipu reference model for designated portions of DIT - enhanced quipu access controls (ACLs) - quipu operational attributes for designated portions of DIT * Can "automatically" migrate quipu DIT to 1993 DIT: - Migration process is dynamic, can occur while DSA is operating - Process preserves quipu attributes if desired Apple, Rossen [Page 43] INTERNET-DRAFT Global Directory Server 21 January 1996 COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) The Global Directory Server complies with the 1993 ITU-T Recommendations X.500-X.521, except for DOP, schema publication, and non-specific subordinate references. It also complies with the 1994 NIST OIW Stable Implementation Agreements. And it complies with all static and dynamic requirements of X.519. Compliance features: * 1993 administrative framework * 1993 operational attributes * 1993 reference structure * 1993 distributed operations * 1993 incremental and full replication including: - Supplier or consumer initiated - Periodic (by update interval) or onchange replication - Complete subtree specification to select replicated area - Reference replication * 1993 basic access control including: - Prescriptive, entry and subentry ACI supported - Item first and user first specification - All user classes supported including users by subtree specification - Access control by entry, attribute and attribute value - All priority levels supported * 1993 collective attributes * 1993 hierarchical attributes * 1993 operational extensions Apple, Rossen [Page 44] INTERNET-DRAFT Global Directory Server 21 January 1996 CONFORMANCE WITH PROPOSED INTERNET STANDARDS Global Directory Server is compliant with the following RFCs: RFC 1274, RFC 1276, RFC 1277, RFC 1567, RFC 1778, RFC 1777, RFC 1779 CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs Global Directory Server is compliant with the following RFCs: RFC 1202, RFC 1249, RFC 1275, RFC 1278, RFC 1279, RFC 1558, RFC 1562, RFC 1617, RFC 1781, RFC 1801, RFC 1802, RFC 1803, RFC 1836, RFC 1837, RFC 1838 INTEROPERABILITY Control Data X.500 has successfully interoperated with other X.500 implementations including those from HP, DEC, ESL, ISODE Consortium, Telstra, ICL, Marben (HP), Nexor, Unisys, and Siemens. PILOT CONNECTIVITY Not tested. BUGS Control Data provides complete software maintenance services with products. CAVEATS AND GENERAL LIMITATIONS None. INTERNETWORKING ENVIRONMENT RFC 1006 with TCP/IP, TP4 with CLNS, TP0 with X.25. HARDWARE PLATFORMS Global Directory Server runs on SUN SPARC, HP 9000, IBM RS/6000, and Intel platforms. Other platforms are pending. SOFTWARE PLATFORMS Distributed and supported for SUN Solaris 2.x, HP-UX 9.x and 10.x, and IBM AIX 4.x. Apple, Rossen [Page 45] INTERNET-DRAFT Global Directory Server 21 January 1996 AVAILABILITY Commercially available from: Control Data Systems Inc. Electronic Commerce Solutions, ARH290 4201 Lexington Avenue North Arden Hills, MN 55126-6198 U.S.A. 1-800-257-OPEN (U.S. and Canada) 1-612-482-6736 (worldwide) FAX: 1-612-482-2000 (worldwide) EMAIL: info@cdc.com or s=info p=cdc a=attmail c=us DATE LAST UPDATED or CHECKED December 1995 ADDITIONAL INFORMATION and/or COMMENTS This entry should REPLACE the entry for OSI ACCESS & DIRECTORY that is currently in your catalog. Please contact me, Sue.Tracy@cdc.com, if there are any questions on the content of this form before publication. Apple, Rossen [Page 46] INTERNET-DRAFT ISODE Consortium Release 3.0 X.500(1993) 21 January 1996 NAME ISODE Consortium Release 3.0 X.500(1993) Directory ISODE Consortium Ltd. ABSTRACT This implementation is a source release of an X.500(1993) Directory System Agent (DSA). It has been designed an implemented as an X.500 1993 DSA not as a 1988 DSA with '93 extensions. Emphasis has been placed on providing support for a flexible information model, access control, X.509 security features, and standard replication. The 1993 DSA offers a strong technical foundation on which to build an information and messaging infrastructure that relies on robust and scalable directory services. The implementation of this DSA incorporates the experience gained through the development, support, and maintenance of the earlier QUIPU, as well as operational experience and standards support. COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) The DSA is aligned to the 1988 ISO IS and the NIST OIW Directory Implementors Guide Version 1. X.500(1993) features such as replication, access control, as well as X.509 certification are also available. Interoperability testing with other DSAs has been performed. COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) Please contact the ISODE Consortium if you wish to obtain our protocol information conformance statements. PICS may also be available from member organizations for their binary products. CONFORMANCE WITH PROPOSED INTERNET STANDARDS [RFC 1781],[RFC 1779],[RFC 1778],[RFC 1777], [RFC 1274], [RFC 1277]. CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs [RFC 1838], [RFC 1837], [RFC 1836],[RFC 1801], [RFC 1275], [RFC 1278], [RFC 1279]. Apple, Rossen [Page 47] INTERNET-DRAFT ISODE Consortium Release 3.0 X.500(1993) 21 January 1996 INTEROPERABILITY Interoperability with several other DSAs has been demonstrated in pilot operation and at Eurosinet in October 1995. At Eurosinet, X.500 interoperability testing used the X.500 DAP (Directory Access) and DSP (Directory System) protocols. Successful testing was done between the ISODE Consortium X.500(1993) DSA and DSAs from four other vendors including Siemens-Nixdorf and Bull. The ISODE Consortium was the only vendor to bring an X.500(93) compliant DSA to the workshop for the scheduled X.500(93) testing. PILOT CONNECTIVITY Connectivity to the global research pilots (PARADISE etc.) has been demonstrated. It is expected that this system will be used extensively in a wide range of pilot activities. DUA Connectivity, and DSA Connectivity. BUGS Bugs should be reported to the ISODE Consortium via email. CAVEATS AND GENERAL LIMITATIONS None INTERNETWORKING ENVIRONMENT The IC R3.0 release is application level code, and assumes vendor provided lower layers. It provides the following modules with support for a range of APIs to handle associated lower layers: * RFC 1006 (vendor supplied TCP/IP using sockets or TLI) * Transport service (vendor supplied transport, which may be any class and use any network service. TLI, XTI and various vendor-specific APIs). * TP0 (Vendor supplied X.25 or CONS using NTI and various vendor specific APIs). Apple, Rossen [Page 48] INTERNET-DRAFT ISODE Consortium Release 3.0 X.500(1993) 21 January 1996 HARDWARE PLATFORMS Reference platform is SUN SPARC Solaris 2. The software has been ported to various other platforms by the IC and by member organizations. Contact the ISODE Consortium for a complete member product list. SOFTWARE PLATFORMS Reference OS is Solaris 2.3/2.4. It is also known to run on various other UNIX platforms. Contact the ISODE Consortium for a complete member product list. AVAILABILITY Available to members of the ISODE Consortium. Membership is open to any organisation. An earlier version of the source release is available under licence (zero cost) to universities and equivalent educational institutions. Contact: ISODE Consortium The Dome, The Square Richmond TW9 1DT UK Phone: +44-181-332-9091 Fax: +44-181-332-9019 Email: DATE LAST UPDATED or CHECKED January 1996 ADDITIONAL INFORMATION and/or COMMENTS More information may be obtained by contacting the ISODE Consortium, or by visiting our WWW site, http://www.isode.com/ Our X.400 address is s=ic-info; o=ISODE Consortium; p=ISODE; a=MAILNET; c=FI Apple, Rossen [Page 49] INTERNET-DRAFT ISOPLEX DS (tm) DSA 21 January 1996 NAME ISOPLEX DS (tm) DSA ISOCOR ABSTRACT ISOCOR's ISOPLEX DS Directory Services Product Family also includes: ISOPLEX DS Import/Export Utility for Windows ISOPLEX DS Navigator ISOPLEX DS Directory Access XDS/XOM APIs ISOGATE DS (tm) Oracle The ISOPLEX DS provides a 1988 X.500 conformant Directory System Agent (DSA), a Lightweight Directory Access Protocol (LDAP) daemon to service Directory requests via LDAP, a UNIX Directory shell user agent (DISH), a Motif Directory Administrator interface to configure the first level and subordinate DSAs, and supporting utilities to handle bulk loading of the Directory, maintain statistics, and provide logging information. In addition to supporting memory-based Directory Information Bases (DIBs), the ISOPLEX DS includes the optional configuration of delegate DSA processes for storing selected subtrees of the Directory Information Tree (DIT) in disk-based index and data files. The ISOPLEX DS includes a set of utilities integrating it with key technology. The most important of these tools is the World Wide Web to X.500 gateway, which supports Hyper-Text Markup Language (HTML)- based DUA bindings to the ISOPLEX DS DSA via the ISOPLEX DS LDAP daemon process. The ISOPLEX DS additionally provides Simple Network Management Protocol (SNMP) functionality that works in conjunction with an existing SNMP environment. The ISOPLEX DS functionality is specifically designed to monitor a DSA's DSP and DAP connections from a network managment system and uses the X.500 Directory monitoring Management Information Base (MIB), which is based on RFC 1567. COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) The ISOPLEX DS conforms to the 1988 CCITT Recommendations X.500-X.521 as detailed in the Protocol Implementation Conformance Statements X.581 (1988) and X.582 (1988). It conforms in part to Version 7 of Apple, Rossen [Page 50] INTERNET-DRAFT ISOPLEX DS (tm) DSA 21 January 1996 the NIST OIW Stable Implementation Agreements. COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) The ISOPLEX DS does not conform to the 1993 ITU-T Recommendations X.500-X.521. CONFORMANCE WITH PROPOSED INTERNET STANDARDS The ISOPLEX DS conforms with the following proposed Internet Standard RFCs: RFC-1274, RFC-1276, RFC-1277, RFC-1567, RFC-1777, RFC-1778, RFC-1779, and RFC-1798. CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs The ISOPLEX DS is consistent with the following informational and experimental RFCs: RFC-1275, RFC-1278, RFC-1279, RFC-1558, RFC-1617, RFC-1781, RFC-1801, RFC-1803, and RFC-1804. INTEROPERABILITY The ISOPLEX DS interoperates with the following systems: Control Data, Digital Equipment, Hewlett Packard, Marben, Nexor, The Wollongong Group, and Unisys. PILOT CONNECTIVITY The ISOPLEX DS provides DUA Connectivity and DSA Connectivity via the PARADISE project in Europe and via the Internet in North America. BUGS If problems arise with the ISOPLEX DS, the customer can report these to the relevant ISOCOR reseller or contact ISOCOR Technical Support directly. ISOCOR Technical Support staffs are available in two locations: one in the US at +1 (310) 581-8100 (phone), +1 (310) 581-8111 (fax), and helpdesk@isocor.com; the other in Ireland at +353 (1) 284-3802 (phone), +353 (1) 280-0365, and helpdesk.isocor.ie. CAVEATS AND GENERAL LIMITATIONS Not applicable. Apple, Rossen [Page 51] INTERNET-DRAFT ISOPLEX DS (tm) DSA 21 January 1996 INTERNETWORKING ENVIRONMENT Though the internetworking capability of the product depends on the specific hardware/software platform, the ISOPLEX DS in general supports the following environments: RFC-1006 with TCP/IP TP2 over X.25, CONS (ISO 8878), APS on Async TP4 over CLNS, PAD (X.29) Server HARDWARE PLATFORMS Hewlett Packard Intel 486/Pentium Sun Stratus SOFTWARE PLATFORMS Hewlett Packard HP-UX v9.x/v10.x, HP OSI Transport Services 9000 SCO v3.2.4, v3.2.5, SCO OpenDesktop, TCP/IP, IEEE 802.3, Eicon R3.1 for X.25 networking software and hardware Solaris v2.4, Sunlink OSI 8.0.2, Sunlink X.25 8.0.2 Stratus ftx v2.2, OSI Open Networking Platform (ONP), Stratus Window Manager 1.2 End User System, MIT X11R5 Graphics End User System, MIT X11R5 Graphics Fonts package, MIT X11R5 Graphics Openlook Software package Motif/X11R5 runtime support AVAILABILITY The ISOPLEX DS is commercially available either directly from ISOCOR or from a licensed ISOCOR reseller. DATE LAST UPDATED or CHECKED December 31, 1995. Apple, Rossen [Page 52] INTERNET-DRAFT ISOPLEX DS (tm) DSA 21 January 1996 ADDITIONAL INFORMATION and/or COMMENTS Not applicable. Apple, Rossen [Page 53] INTERNET-DRAFT LDAP 21 January 1996 NAME LDAP University of Michigan ABSTRACT UM-LDAP is an implementation of the Lightweight Directory Access Protocol. LDAP is a draft Internet standard directory service protocol that runs over TCP/IP. It can be used to provide a stand- alone directory service, or to provide lightweight access to the X.500 directory. LDAP is defined by RFC 1777 and RFC 1778. The UM-LDAP package includes the following components: - slapd - a stand-alone LDAP directory server - slurpd - a stand-alone LDAP replication server - ldapd - an LDAP-to-X.500 gateway server - centipede - an LDAP centroid generation and maintenance program - libldap - an LDAP client library - liblber - a lightweight BER/DER encoding/decoding library - ldif tools - data conversion tools for use with slapd - in.xfingerd - a finger-to-LDAP gateway server - go500 - a gopher-to-LDAP gateway server for searching - go500gw - a gopher-to-LDAP gateway server for searching and browsing - rcpt500 - an email-to-LDAP query responder - mail500 - an LDAP-capable mailer - fax500 - an LDAP-capable mailer that supports remote printing - LDAP tools - A collection of shell-based LDAP utility programs Apple, Rossen [Page 54] INTERNET-DRAFT LDAP 21 January 1996 In addition, there are some contributed components: - web500 - an HTTP-to-LDAP gateway - whois++d - a WHOIS++-to-LDAP gateway - saucer - a simple command-line oriented client program The latest information about LDAP can always be found on the LDAP Home Page at this URL: http://www.umich.edu/~rsug/ldap/ COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) The U-M LDAP distribution is a complete implementation of the LDAP protocol. The LDAP protocol does not support access to all X.500 features and operations. The operations supported are bind, search, compare, add, delete, modify, modify RDN, and abandon. Note that read and list operations can be emulated using the search operation. Size and time limits may be specified, as may alias dereferencing and searching, but all X.500 service controls are not supported. COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) Since the LDAP protocol itself has not yet been updated to support any 1993-specific X.500 features, this implementation does support any 1993 features yet either. CONFORMANCE WITH PROPOSED INTERNET STANDARDS Believed to be compliant with: RFC-1274: "The COSINE and Internet X.500 Schema" RFC-1777: "Lightweight Directory Access Protocol" RFC-1778: "The String Representation of Standard Attribute Syntaxes" RFC-1779: "A String Representation of Distinguished Names" RFC-1781: "Using the OSI Directory to Achieve User Friendly Naming" CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs Includes an implementation of the LDAP API, as defined in RFC-1823. Search filters used within UM-LDAP comply with RFC-1558: "A String Apple, Rossen [Page 55] INTERNET-DRAFT LDAP 21 January 1996 Representation of LDAP Search Filters." INTEROPERABILITY The current implementation of the X.500-backended LDAP server (ldapd) is known to work with ISODE-based DAP libraries and the QUIPU DSA. PILOT CONNECTIVITY DUA connectivity should be possible to all pilots. BUGS Bug reports should be sent to bug-ldap@umich.edu. CAVEATS AND GENERAL LIMITATIONS None, aside from those mentioned above under completeness. INTERNETWORKING ENVIRONMENT LDAP clients use TCP to communicate with the LDAP server. The LDAP server normally uses RFC 1006 with TCP/IP to communicate with the DSA, though any other transport mechanism for DSA communication supported by ISODE should be possible. HARDWARE PLATFORMS The complete UM-LDAP package has been ported to a wide variety of UNIX systems, including: Sun3 and SPARCs running SunOS 4.1.x or Solaris 2.x, DECStations running Ultrix 4.3, HP 9000 series running HP-UX 9.05, IBM RS6000 running AIX 3.2.5, PCs running SCO, FreeBSD, NetBSD, or LINUX, DEC Alphas ruuning OSF/1, and NeXTStatios running NeXTSTEP 3.2. The complete package has also been ported to VMS. In addition, the LDAP client libraries and some client programs have been ported to Apple Macintosh and PCs running MSDOS or Windows. SOFTWARE PLATFORMS The complete UM-LDAP package has been ported to a wide variety of UNIX systems, including: SunOS 4.1.x, Solaris 2.x, Ultrix 4.3, HP-UX 9.05, AIX 3.2.5, SCO, FreeBSD, NetBSD, LINUX, OSF/1, and NeXTSTEP 3.2. It has also been ported to VMS. In addition, the LDAP client libraries and some clients have been ported to Macintosh (System 7), MSDOS (some TCP/IP stacks), and Microsoft Windows 3.1, 95, and NT. Apple, Rossen [Page 56] INTERNET-DRAFT LDAP 21 January 1996 AVAILABILITY This software is openly available for all to use. It may be obtained by anonymous FTP from terminator.rs.itd.umich.edu in the /ldap/ directory (URL: ftp://terminator.rs.itd.umich.edu/ldap/). The latest information about LDAP can always be found on the LDAP Home Page at this URL: http://www.umich.edu/~rsug/ldap/ Send e-mail to ldap-support@umich.edu for additional assistance. This software was developed at the University of Michigan by Tim Howes with help from Mark Smith, Bryan Beecher, Gordon Good, Steve Rothwell, Lance Sloan as well as many others around the Internet. It is subject to the following copyright: Copyright (c) 1992-1996 Regents of the University of Michigan. All rights reserved. Redistribution and use in source and binary forms are permitted provided that this notice is preserved and that due credit is given to the University of Michigan at Ann Arbor. The name of the University may not be used to endorse or promote products derived from this software without specific prior written permission. This software is provided ``as is'' without express or implied warranty. DATE LAST UPDATED or CHECKED December 1995 ADDITIONAL INFORMATION and/or COMMENTS [No Information Provided -- Ed.] Apple, Rossen [Page 57] INTERNET-DRAFT maX.500 21 January 1996 NAME maX.500 :: Macintosh DUA Interface University of Michigan ABSTRACT maX.500 is a Directory User Agent (client) for Apple Macintosh. It is widely used within Paradise and other Internet X.500 pilots. maX.500 supports searching, browsing, and modifying directory entries. Display of textual information, playing of audio, and viewing of both black-and-white (fax) and color (JPEG) images are supported. Communication with directory servers is via the Lightweight Directory Access Protocol (LDAP) over TCP/IP. maX.500 works both with standalone LDAP directory servers (such as slapd) and with X.500-backended LDAP servers (such as ldapd). maX.500 is a native Macintosh application, and has a friendly interface. It requires System Software version 6.0.5 or later and Apple's MacTCP or Open Transport TCP/IP networking. The current version of maX.500 is 2.0.2, although version 2.1 is in beta test. The latest information about maX.500 can always be found on the maX.500 Home Page at this URL: http://www.umich.edu/~rsug/ldap/max500/ COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) maX.500 works over LDAP, and is subject to LDAP's limitations. The bind, search, compare, add, delete, abandon, modify, and modifyrdn operations are all used by maX.500. Size and time limits may be specified, as may alias dereferencing control. COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) maX.500 currently uses LDAP as defined in RFC-1777, which does not support any 1993-specific X.500 features. CONFORMANCE WITH PROPOSED INTERNET STANDARDS Believed to be compliant with: Apple, Rossen [Page 58] INTERNET-DRAFT maX.500 21 January 1996 RFC-1274: "The COSINE and Internet X.500 Schema" RFC-1777: "Lightweight Directory Access Protocol" RFC-1778: "The String Representation of Standard Attribute Syntaxes" RFC-1779: "A String Representation of Distinguished Names" RFC-1781: "Using the OSI Directory to Achieve User Friendly Naming" CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs Search filters comply with RFC-1558: "A String Representation of LDAP Search Filters." Uses the LDAP API, as defined in RFC-1823. INTEROPERABILITY maX.500 is known to work with the U-M LDAP servers (ldapd and slapd). It has also been tested with other commerical LDAP servers, such as Control Data's server. maX.500 has been used with a wide variety of DSAs (always through an LDAP server). PILOT CONNECTIVITY DUA connectivity should be possible to all pilots. BUGS Bug reports should be sent to max500-bugs@umich.edu. CAVEATS AND GENERAL LIMITATIONS maX.500 does not support modification of "photo" (fax), "jpegPhoto", or "audio" attributes. Versions of maX.500 before 2.1 did not support a fully functional browse facility. INTERNETWORKING ENVIRONMENT maX.500 is an LDAP client, and as such is uses TCP to communicate with the LDAP server. Apple's MacTCP control panel or Open Transport TCP/IP networking is required. HARDWARE PLATFORMS maX.500 runs on Apple Macintosh Plus or later Macintosh computers, including PowerMacs. It requires 600K of free RAM. Apple, Rossen [Page 59] INTERNET-DRAFT maX.500 21 January 1996 SOFTWARE PLATFORMS maX.500 requires Apple System Software 6.0.5 or later (System 7 preferred) and MacTCP 1.1 or later (2.0.6 preferred). maX.500 2.1, which is currently in beta test, will run natively on the PowerMac and use the native Open Transport networking interface if it is installed. AVAILABILITY This software is openly available for all to use. It may be obtained by anonymous FTP from terminator.rs.itd.umich.edu in the /ldap/max500 directory (URL: ftp://terminator.rs.itd.umich.edu/ldap/max500). The latest information about maX.500 can always be found on the maX.500 Home Page at this URL: http://www.umich.edu/~rsug/ldap/max500/ Send e-mail to max500@umich.edu for additional assistance. This software was developed at the University of Michigan by Mark Smith with help from Tim Howes and many others around the Internet. It is subject to the following copyright: Copyright (c) 1995 Regents of the University of Michigan. All rights reserved. Redistribution and use in binary forms is permitted provided that this notice is preserved and that due credit is given to the University of Michigan at Ann Arbor. The name of the University may not be used to endorse or promote products derived from this software without specific prior written permission. This software is provided ``as is'' without express or implied warranty. DATE LAST UPDATED or CHECKED December 1995 ADDITIONAL INFORMATION and/or COMMENTS [No Information Provided -- Ed.] Apple, Rossen [Page 60] INTERNET-DRAFT Messageware DSA 21 January 1996 NAME Messageware DSA NEXOR ABSTRACT Messageware DSA is a high performance X.500(93) DSA. Characteristics of the DSA are: * DAP access * DISP for replication and shadowing information * DSP access * LDAP * Basic and Simple Access Control * Support for X.400, X.500, and RFC 1274 attributes and object classes * Approximate match based on Soundex. * Flexible schema management * Search and list access control * Knowledge management mapped onto DIT * Attribute inheritance * Remote management COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) Messageware DSA is an X.500 1993 compliant DSA XT-QUIPU is a X.500 1988 compliant DSA conforming to NIST SIA version 2. Apple, Rossen [Page 61] INTERNET-DRAFT Messageware DSA 21 January 1996 COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) Messageware DSA isn X.500 1993 compliant DSA implementing standard access control, replication and shadowing, X.509, for a full conformance statement see the NEXOR web site(http://www.nexor.com). CONFORMANCE WITH PROPOSED INTERNET STANDARDS The following are supported: String DN format [RFC 1485], RFC 1274, RFC 1276, and RFC 1277. CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs The following are supported: UFN [RFC 1484], RFC 1278, and RFC 1279. INTEROPERABILITY Messagware DSA has been extensively interoperability tested at Eurosinet workshops and at the EEMA X.500 demonstration. Other vendors DSAs/DUAs interoperated with include: ICL, Control Data, Unisys, Digital, Isocor, DCL, SNI, Boldon James It is also in operation with DSAs used in the PARADISE and other pilot projects. PILOT CONNECTIVITY Messageware DSA is fully connected to the PARADISE and PSI White Pages X.500 Pilots. BUGS No known bugs. Support is given via phone or email to "support@nexor.co.uk" CAVEATS AND GENERAL LIMITATIONS None. INTERNETWORKING ENVIRONMENT OSI TP4 wtih CLNP OSI TP0 with X.25 or CONS RFC 1006 with TCP/IP Apple, Rossen [Page 62] INTERNET-DRAFT Messageware DSA 21 January 1996 HARDWARE PLATFORMS Sun: SunOS Solaris X86 IBM RS/6000: AIX HP 9000 It is available on a number of other UNIX platforms SOFTWARE PLATFORMS SunOs 4.1.3 Solaris 2.4 AIX 3.2 DRS/NX 6000 HP-UX 9.01 Other software platfors are available. AVAILABILITY Messageware DSA is available from NEXOR and NEXOR partners. For more details contact: NEXOR PO Box 132 Nottingham NG7 2UU UK DN: c=GB@o=NEXOR Ltd Telephone: +44 115 952 0510 Fax: +44 115 952 0519 E-Mail: info@nexor.co.uk DATE LAST UPDATED or CHECKED Dec 95 ADDITIONAL INFORMATION and/or COMMENTS [No Information Provided--Ed.] Apple, Rossen [Page 63] INTERNET-DRAFT Messageware PC-DUA 21 January 1996 NAME MESSAGEWARE PC-DUA NEXOR ABSTRACT PC-DUA provides a MS Windows based user interface to the X.500 Directory. Features include: o Modify - allows users and administrators alike to add, change or delete directory entries o Searching - powerful searching tool so specific information can be quickly located. Also lists close matches o Highly flexible - can be customised to suit an organisations particular requirements o Directory Browser - to enable user to identify directory entries o History - allowing quick access to previously referenced parts of the DIT. o User Friendly Name (UFN) based searching o Hypertext-like navigation. o Friendly names for attribute labels. o Intelligent choice of entries to display when moving to a new location in the DIT. o On-line hypertext help. COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) Compliant with LDAP 3. COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) Compliant with 1993 versions of ITU X.500/ISO 9594 services and protocols Apple, Rossen [Page 64] INTERNET-DRAFT Messageware PC-DUA 21 January 1996 CONFORMANCE WITH PROPOSED INTERNET STANDARDS The following are supported: RFC 1006 RFC 1202 RFC 1274 RFC 1277 RFC 1777 CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs [No information provided--Ed.] INTEROPERABILITY PC-DUA has interoperated with LDAP 2.0 and 3.0 distributions. Eurosinet Workshop: SNI, CDS, AT&T, ICL, Digital, ISOCOR, UNISYS and QUIPU. PILOT CONNECTIVITY Full DUA connectivity to the NADF, PARADISE and PSI White Pages X.500 Pilots. BUGS No known bugs. Support is given via phone or email to "support@nexor.co.uk" CAVEATS AND GENERAL LIMITATIONS None. INTERNETWORKING ENVIRONMENT WinSock based TCP/IP stacks HARDWARE PLATFORMS 386 PC or greater WITH 4MGBYTES RAM Apple, Rossen [Page 65] INTERNET-DRAFT Messageware PC-DUA 21 January 1996 SOFTWARE PLATFORMS MS WINDOWS 3.1 Windows NT Windows95 AVAILABILITY PC-DUA is commercial software. For more details contact: NEXOR PO Box 132 Nottingham NG7 2UU UK DN: c=GB@o=NEXOR Ltd Telephone: +44 (0) 115 952 0510 Fax: +44 (0) 115 952 0519 E-Mail: info@nexor.co.uk DATE LAST UPDATED or CHECKED Dec 95 ADDITIONAL INFORMATION and/or COMMENTS [No Information Provided--Ed.] Apple, Rossen [Page 66] INTERNET-DRAFT OSIAM X.500-88 21 January 1996 NAME OSIAM X.500-88 MARBEN ABSTRACT OSIAM X.500-88 is Marben's 1988 compliant directory product. It provides: * DUA, offering X/Open XOM and XDS APIs * Pocket DUA, providing Microsoft MAPI(tm) * DSA and C-ISAM based DIB * LDAP Server OSIAM DUA is a portable Directory User Agent implement, which implements DAP engine. It provides X/Open XOM and XDS APIs. It works on multiple lower layer stacks (OSI Transport or TCP/IP). An LDAP Server may be provided with the DUA. Pocket DUA is a light DUA implement which offers full DAP access, but light in terms of code size and memory occupation, and is mainly designed for PC environments. It provides MAPI(tm) interface, as an address book provider. It provides multiple network connectivities: X.25, RFC1006 over TCP/IP, and APS. OSIAM X.500 DSA provides full X.500 1988 functionality. Main features include: chaining/multicasting, extensible schema, proprietary access control list, comprehensive administration facilities. MARBEN is currently developing a new generation of directory product, providing X.500 1993 functionality. Main targets are: * high performance * robustness and administration facility with DIB on commercial RDBMS * replication Apple, Rossen [Page 67] INTERNET-DRAFT OSIAM X.500-88 21 January 1996 * access control * extended information models Please contact MARBEN for more information on '93 product. COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) OSIAM X.500-88 DUA and DSA implement CCITT X.500 (1988) an ISO 9594 standards. Compliant with EWOS and NIST OIW Stable Implementor's Agreement. COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) 1993 product is under development. Please contact MARBEN for more information on '93 product. CONFORMANCE WITH PROPOSED INTERNET STANDARDS Compliant with the following Internet Standards: * RFC1274: the COSINE and Internet X.500 Schema (partially supported) * RFC1277: encoding of network addresses * RFC1778, RFC1777, RFC1779: LDAP and related standards CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs None is supported at the present time. INTEROPERABILITY Have successfully interoperated, both on DAP and DSP, with QUIPU, E3X and other implementations involved in Paradise pilot project. PILOT CONNECTIVITY Connected to Paradise pilot project. Apple, Rossen [Page 68] INTERNET-DRAFT OSIAM X.500-88 21 January 1996 BUGS [No Information Provided--Ed.] CAVEATS AND GENERAL LIMITATIONS [No Information Provided--Ed.] INTERNETWORKING ENVIRONMENT RFC1006 with TCP/IP, TP0 with X.25, TP4 with CLNS HARDWARE PLATFORMS OSIAM X.500-88 is highly portable, and has been ported to a wide range of platforms, including: * HP9000 series * SUN SPARC Stations * SCO UNIX * Tandem * MARK III, etc. MARBEN Pocket DUA runs on PC/Windows and NT. SOFTWARE PLATFORMS See HAREWARE PLATFORMS. AVAILABILITY Commercially available from: Apple, Rossen [Page 69] INTERNET-DRAFT OSIAM X.500-88 21 January 1996 MARBEN 11 Rue Curie 92150 Suresnes, France Contact Person: Karim Jammal or Shaofeng Li Phone: (33 - 1) 41 38 10 00 Fax: (33 - 1) 41 38 10 01 X.400: C=FR;A=Atlas;P=Marben;O=Suresnes;OU1=MxMs;S=KJammal E-Mail:sli@wtk.suresnes.marben.fr Also available from: MARBEN Products Inc. 2105 Hamilton Avenue, Suite 320 San Jose, CA95125, USA Contact Person: Jean-Francois Chapuis Phone: (408) 879 4000 Fax: (408) 879 4001 E-Mail: jfchapuis@marben.com DATE LAST UPDATED or CHECKED October 1995 ADDITIONAL INFORMATION and/or COMMENTS [No Information Provided--Ed.] Apple, Rossen [Page 70] INTERNET-DRAFT PMDF-X500 21 January 1996 NAME PMDF-X500 from: Innosoft International, Inc. 1050 East Garvey Ave. South West Covina, California 91790 Phone: +1 818-919-3600 email: sales@innosoft.com ABSTRACT PMDF-X500 is Innosoft's implementation of the X.500 standards for Directory Services. PMDF-X500 is based upon the ISODE Consortium code-base. The core of PMDF-X500 is the Directory System Agent (DSA) server. This server provides directory information to Directory User Agents (DUA) using either OSI or TCP/IP networking protocols. Since PMDF-X500 is based on a widely used implementation, it interoperates particularly well with a whole host of X.500-based products from other sources. In order to facilitate initial loading of directory data as well as ongoing coordination with other directory services, PMDF-X500 includes tools to import from and export directory information to Entry Description File (EDF) files. EDF files are flat text files. PMDF-X500 provides directory coordination functions using EDF files for the following directories: * X.500 DSAs supporting LDAP access * cc:Mail * Digital's DDS * GroupWise * Microsoft Mail * PMDF generic databases COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) OSI directory services as specified in CCITT X.500 Recommendations and ISO 9594 use the Directory Access Protocol (DAP) and the Apple, Rossen [Page 71] INTERNET-DRAFT PMDF-X500 21 January 1996 Directory System Protocol (DSP). COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) PMDF-X500 does not yet support the 1993 changes to the X.500 standard. Support for the 1993 X.500 recommendations is planned for a future release of PMDF-X500. CONFORMANCE WITH PROPOSED INTERNET STANDARDS PMDF-X500 supports DAP and DSP accesses using Internet protocols as specified in RFC 1006. In addition, the Internet community has proposed two lightweight alternatives to DAP called Lightweight Directory Access Protocol (LDAP), which is specified in RFC1777, and Connectionless Lightweight Directory Access Protocol (CLDAP), which is specified in RFC1798. LDAP and CLDAP, which are currently specified to run over TCP/IP, are much simpler protocols than DAP and were designed to reduce the cost of entry associated with using X.500 protocols in client applications. PMDF-X500 includes both LDAP and CLDAP servers. The LDAP server accesses X.500 directory information using DAP to communicate with X.500 DSAs. PMDF-X500 provides an LDAP server which translates LDAP requests into DAP requests to communicate with X.500 DSAs. CLDAP defines a very low overhead method for accessing X.500 directory information. CLDAP is suitable for providing access to information that does not require access controls. CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs [No information provided. -- Ed.] INTEROPERABILITY PMDF-X500 interoperates with a large number of DUAs and DSAs. This is demonstated by the fact that PMDF-X500 is DSA used by several Internet White Pages Project participants. PMDF-X500 DSA interoperability includes at least all of the DSA that are used in the White Pages Project. PMDF-X500 is delivered with several DUAs and in addition is know to support the DUAs from Unisys and Digital Equipment Corporation as well as the publically available DUAs MaX500, Cello, Swix, and the NASA DUA. Apple, Rossen [Page 72] INTERNET-DRAFT PMDF-X500 21 January 1996 PILOT CONNECTIVITY PMDF-X500 is used by several sites that are participants of the Internet White Pages Project include the Innosoft DSA. BUGS [No information provided. -- Ed.] CAVEATS AND GENERAL LIMITATIONS [No information provided. -- Ed.] INTERNETWORKING ENVIRONMENT DAP and DSP are layered on top of the OSI protocol suite. PMDF-X500 supports this protocol suite over multiple network transports. For a pure OSI protocol stack, DECnet/OSI can be used to provide the lower layers of the stack. In addition, PMDF-X500 supports running OSI upper layer protocols over a TCP/IP transport in accordance with RFC1006. It is important to note that while RFC1006 specifies TCP/IP as a transport, all of the OSI upper layer protocols are always used with DAP and DSP. HARDWARE PLATFORMS Digital VAX systems Digital Alpha/AXP systems SOFTWARE PLATFORMS OpenVMS/VAX OpenVMS/AXP Digital UNIX AVAILABILITY PMDF-X500 is a commerical product that is part of the PMDF family of eMail Interconnect products. PMDF-X500 requires the presence of PMDF-MTA, Innosoft's SMTP/MIME mailer. PMDF-X500 and PMDF-MTA can be obtained from: Apple, Rossen [Page 73] INTERNET-DRAFT PMDF-X500 21 January 1996 Innosoft International, Inc. 1050 East Garvey Ave. South West Covina, California 91790 Phone: +1 818-919-3600 FAX: +1 818-919-3614 email: sales@innosoft.com DATE LAST UPDATED or CHECKED December 1995 ADDITIONAL INFORMATION and/or COMMENTS Apple, Rossen [Page 74] INTERNET-DRAFT waX.500 21 January 1996 NAME waX.500 University of Michigan ABSTRACT waX.500 :: Windows Access to X.500 waX.500 is a (currently 16-bit) DUA that run on Microsoft Windows (3.1, Win95, & WinNT). It uses libldap.dll which uses the winsock (v1.1) interface. It works on any vendors tcp/ip stack that I've seen so far (some configuration may be required). waX.500 was developed by the University of Michigan for use by its faculty, staff and students. UM's online directory is an X.500 directory containing 50,000+ entries. I keep the following Web page up to date with respect to latest release, etc.: http://www-personal.umich.edu/~rsug/ldap/wax500/ COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) [No information provided. -- Ed.] COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) [No information provided. -- Ed.] CONFORMANCE WITH PROPOSED INTERNET STANDARDS [No information provided. -- Ed.] CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs [No information provided. -- Ed.] INTEROPERABILITY [No information provided. -- Ed.] Apple, Rossen [Page 75] INTERNET-DRAFT waX.500 21 January 1996 PILOT CONNECTIVITY Can see and browse anything in the world as far as I know. BUGS report bugs to wax500.bugs@umich.edu CAVEATS AND GENERAL LIMITATIONS [No information provided. -- Ed.] INTERNETWORKING ENVIRONMENT Microsoft Windows (3.1, 95, & NT) Winsock (v1.1) tcp/ip (any vendor) HARDWARE PLATFORMS Any Windows machine with internet connectivity. Both ethernet and dialup PPP. SOFTWARE PLATFORMS Microsoft Windows (3.1, 95, & NT) Winsock (v1.1) tcp/ip (any vendor). AVAILABILITY http://www-personal.umich.edu/~rsug/ldap/wax500 ftp://terminator.rs.itd.umich.edu/ldap/wax500/wax... DATE LAST UPDATED or CHECKED 13 Dec 1995 ADDITIONAL INFORMATION and/or COMMENTS [No information provided. -- Ed.] Apple, Rossen [Page 76] INTERNET-DRAFT X.500-DS, X.500-DUA 21 January 1996 NAME X500-DS X500-DUA Bull S.A. ABSTRACT X500-DS and X500-DUA are integral part of the large Bull OSI offer. Although based on the DCE/GDS (Distributed Computing Environment/Global Directory Service) of OSF (Open Software Foundation), these two products may be installed and used without the DCE environment.Some enhancements have been added for the user and the management facilities. X500-DS is designed to implement both the DUA and the DSA functions, whilst X500-DUA only provides the DUA functions. The X500-DUA package contains: * The standards APIs XOM (X/Open OSI-Abstract-Data Manipulation API) and XDS (X/Open Directory Service API) for the development of portable applications. * A core DUA to translate all user's requests (bind, read, list, compare, modify, modifyRDN, search, add, remove, unbind ...) into the DAP protocol used for communication with distant DSAs. * The OSI standard high layers (ASN.1, ROSE, ACSE, Presentation and Session) for communication with the distant DSAs. The interface with the low layers of the stack being XTI. RFC- 1006 is supported under XTI or the OSI Session. * A DUA Cache to improve performances when accessing remote DSAs. * A powerful management application facilitating the configuration of the product and controlling the operations, logs and traces. * A user application for the manipulations of the database entries. Apple, Rossen [Page 77] INTERNET-DRAFT X.500-DS, X.500-DUA 21 January 1996 * A generic tool to load and unload ASCII and binary files in/from distributed DSAs. * A DUA Server that allows to use "A-Window-to-Directory" (refer to this product description) on a PC. The X500-DS package contains: * All components of the X500-DUA * A core DSA to process all requests received from distant DUAs through the DAP protocol or from distant DSAs through the DSP protocol. It supports the referral, chained and multi-casting modes of operation, access control lists, simple authentication, management of knowledge information (for distribution, shadows and copies of sub-trees). * A management application for managing the schema information (creation, deletion and modification of object classes and of attribute types, management of the rules of the DIT). * A C-ISAM database that is specially designed for high performances: e.g. 6 ms to read an entry on an Escala at the XOM/XDS interface. These two products are easely installed, configured and administered thanks to the System Management Interface Tool (SMIT) screens. COMPLIANCE with X.500-1988 (applicable only for DSAs and DUAs) Compliant with EWOS and OIW Agreements Consists of both DUA and DSA implementation according to the '88 CCITT X.500 and ISO 9594 standard. The X/Open standard XDS and XOM interface libraries are also provided. When the product is installed with the DCE environment, XDS and XOM interfaces are also used to access DCE/CDS (Local Cell Directory Service) transparently. A GDA (Global Directory Agent) serves then as the gateway between the DCE CDS and GDS. It is planned to support '93 extensions in the products for 1996. Apple, Rossen [Page 78] INTERNET-DRAFT X.500-DS, X.500-DUA 21 January 1996 COMPLIANCE with X.500-1993 (applicable only for DSAs and DUAs) The current available products (release 3.0) are '88 compliant. The next release will integrate the Strong Authentication Objects, Attributes and syntaxes (as defined in X.509). It will be compliant with '93 protocols (DAP, DSP, DISP and DOP) and support the Simplified Access Control Scheme and the Shadowing. CONFORMANCE WITH PROPOSED INTERNET STANDARDS RFC 1277 Next release will be conformant to RFC 1777. CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs [No information provided--Ed.] INTEROPERABILITY This implementation of DAP and DSP can interoperate with other X.500 implementations from other Cebit demo participants including IBM, HP, ICL, Siemens-Nixdorf, Olivetti, Marben, ... It also interoperates with ISODE QUIPU. PILOT CONNECTIVITY [No information provided--Ed.] BUGS Bull S.A. provides complete software maintenance with the products. CAVEATS AND GENERAL LIMITATIONS [No information provided--Ed.] INTERNETWORKING ENVIRONMENT - OSI TP4 with CLNP (WAN - LAN) - OSI TP0, 2 & 4 with X.25 (WAN) RFC-1006 Apple, Rossen [Page 79] INTERNET-DRAFT X.500-DS, X.500-DUA 21 January 1996 - Either BSD sockets or XTI can be used to access the transports (TCP-IP or OSI). - Through XTI, both OSI and TCP/IP protocols are possible on the same machine, thus permitting to build a Directory Service distributed on OSI and TCP/IP networks. HARDWARE PLATFORMS DPX/20, Escala UP and SMP SOFTWARE PLATFORMS AIX 3.2 and AIX 4.1 AVAILABILITY The products (release 3.0) are commercially available since February '95. For more information about these products and their evolutions, please contact: Daniel Monges Tel: + (33) 76 29 79 83 Fax: + (33) 76 29 77 70 e-mail: D.Monges@frec.bull.fr DATE LAST UPDATED or CHECKED November 1995 ADDITIONAL INFORMATION and/or COMMENTS During '96, new enhancements will be integrated in a new release. The most important of them are: * The support of the strong authentication objects, attributes and syntaxes (defined in X.509). * The support of the DCE authentication. * The conformance with the '93 protocols (DAP, DSP, DISP and DOP). Apple, Rossen [Page 80] INTERNET-DRAFT X.500-DS, X.500-DUA 21 January 1996 * The implementation of the Simplified Access Control Scheme and the * The support of the LDAP (RFC 1777). * A Web access to the DUA Apple, Rossen [Page 81] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 4. References [CCITT-88] CCITT, "Data Communications Networks Directory", Recommendations X.500-X.521, Volume VIII Fascicle VIII.8, IXth Plenary Assembly, Melbourne, November 1988. [ITU-T-93] ITU-T,"Information Technology - Open Systems Interconnection - The Directory", Recommendations X.500-X.525, Volume ???? - Fascicle ????.?, ??th Plenary Assembly, ?????????, May 1993. [NIST-88] National Institute of Standards and Technology, "Stable Implementation Agreements for Open Systems Interconnection Protocols", Version 2 Edition 1, NIST Special Publication 500-162, December 1988. [NIST-94] National Institute of Standards and Technology, "Stable Implementation Agreements for Open Systems Interconnection Protocols", Version ? Edition ?, NIST Special Publication ???-???, December 1994. [RFC 1202] Rose, M., "Directory Assistance Service", RFC 1202, Performance Systems International, Inc., February 1991. [RFC 1249] Howes, T., Smith, M., and B. Beecher, "DIXIE Protocol Specification", RFC 1249, University of Michigan, August 1991. [RFC 1274] Barker, P., and S. Kille, "The COSINE and Internet X.500 Schema", RFC 1274, University College, London, England, November 1991. [RFC 1275] Kille, S., "Replication Requirements to provide an Internet Directory using X.500," RFC 1275, University College, London, England, November 1991. [RFC 1276] Kille, S., "Replication and Distributed Operations extensions to provide an Internet Directory using X.500", RFC 1276, University College, London, England, November 1991. [RFC 1277] Kille, S., "Encoding Network Addresses to support operation over non-OSI lower layers", RFC 1277, University College, London, England, November 1991. [RFC 1278] Kille, S., "A string encoding of Presentation Address", RFC 1278, University College, London, England, November 1991. [RFC 1279] Kille, S., "X.500 and Domains", RFC 1279, University Apple, Rossen [Page 82] INTERNET-DRAFT X.500 Implementations Catalog-96 21 January 1996 College, London, England, November 1991. [RFC 1484] Kille, S., "Using the OSI Directory to achieve User Friendly Naming", RFC 1484, ISODE Consortium, July 1993. [RFC 1485] S. Kille, "A String Representation of Distinguished Names", RFC 1485, ISODE Consortium, July 1993. [RFC 1487] Yeong, W., Howes, T., and S. Kille, "X.500 Lightweight Directory Access Protocol", RFC 1487, Performance Systems International, University of Michigan, ISODE Consortium, July 1993. [RFC 1488] Howes, T., Kille, S., Yeong, W., and C. Robbins, "The X.500 String Representation of Standard Attribute Syntaxes", RFC 1488, University of Michigan, ISODE Consortium, Performance Systems International, NeXor Ltd., July 1993. 5. Security Considerations Security issues are not discussed in this memo. 6. Editors' Addresses Chris Apple Room 2F-131 AT&T Bell Laboratories 600 Mountain Ave. Murray Hill, NJ 07974 U.S.A. e-mail: capple@master.control.att.com Voice: (908) 582-2409 FAX: (908) 582-3296 Ken Rossen SHL Systemhouse, Inc. 10 Williamsville Road Hubbardston Center, MA 01452-1311 U.S.A. e-mail: kenr@shl.com Voice: (508) 928-5368 FAX: (508) 928-5399 Apple, Rossen [Page 83]