Namespaces in LDAP-based Directory Services
R.L. "Bob" Morgan, University of Washington

Abstract:

Naming of objects in directory services (DS) has changed as the role of DS has evolved. The X.500 DS is designed to provide a single, end-user browsable, people-oriented hierarchical directory with locality-based (national/regional) administration. This design led to naming based on natural names of persons, localities, and organizations. The goals of the X.500 Directory have, with some exceptions, been superseded by other technologies or abandoned. LDAP-based directory services, while rooted in X.500, are designed instead to support institutional-scale system management and object-sharing. Requirements on object representation and naming for this purpose are quite different, focussing on stability, program access, and representation of complex relationships. This is perhaps a retreat from Internet-scale problems; support for large-scale consistency may emerge, Internet-style, from cooperating local arrangements. Naming of LDAP schema objects (classes and attributes) also has large-scale namespace issues.


TWIST 99

Irvine Research Unit in Software
Information and Computer Science
University of California, Irvine
Irvine, CA 92697-3425