140 likes | 263 Views
AFSG/PG. WGN04-WP30-Annex. Overview Directory Survey. danny.van-roosbroek@eurocontrol.int robert.willmott@makra.demon.co.uk. New Orleans - 15/16 Nov 2004. Introduction. AMHS expects support of X.500 Directory DAP Doc 9705 specifies ATN Specific Dir Information
E N D
AFSG/PG WGN04-WP30-Annex Overview Directory Survey danny.van-roosbroek@eurocontrol.int robert.willmott@makra.demon.co.uk New Orleans - 15/16 Nov 2004
Introduction • AMHS expects support of X.500 Directory DAP • Doc 9705 specifies ATN Specific Dir Information • EUR-AMHS and SPACE originally mandated Directory • Some ATSPs interest in RFC’s LDAP - for cost effectiveness • Do products support ATN Specific information over DAP? - over LDAP? over WEB? • So - A limited survey to discover the reality ….. 32553.1546
Rationale & Problem Statement • X.500 DAP is regarded as ‘expensive’ • LDAP/WEB are regarded as ‘cost effective’ - free • But ATN Directory specifies special ATN information • Do DAP/LDAP/WEB products support ATN information? • Will costs increase for ATN Information support? 32553.1547
ATN Directory User Types Users Gateways Servers X.500 Directory XML-HTTP<>DAP Administrator WEB Gate X.520/ 521 ATN General Users LDAP<>DAP LDAP Gate X.509 X.402 AMHS User DAP DAP AMHS UA or MTA ‘Online’ Group 1and 2 Systems (Based on Directory Product Survey) LDAP Server LDAP LDAP User Group 3 Systems 32553.1558
DIT Structure DIT Object Classes Entries Attribute Types Attributes Attribute Syntaxes Values Schema Principles Schema Definitions DIT Elements rules for uses belongs to rules for belongs to uses rules for belongs to uses rules for 32553.1548
Schema Definition - 1 • Object Class • Lists Attribute Types in an Entry • Defined by name + Object Identifier + List • No software to implement in DUAs/DSAs • Attribute Type • Names an Attribute Type • Defined by Name + Object Identifier + Attribute Syntax • No software to implement in DUAs/DSAs No problems - only user configuration required 32553.1555
Schema Definition - 2 • Attribute Syntax (e.g. Integer, string …) • Describes the encoding of an Attribute Value on the communications line • Defined by Object Identifier + Name + ASN.1 specification of value • Suppliers must write software Specifying new Attribute Syntaxes costs money 32553.1556
ATN Schema Additions • ATN adds several new Object Classes - no problem • ATN adds several new Attribute Types using existing (Standard Syntaxes) - no problem • ATN adds two new attributes with new syntaxes • Global-Domain-Identifier - now resolved! • MTCU-Characteristics - a complex syntax - needs review! 32553.1557
Research - How? • Suppliers questionnaire: • What schema elements are available as standard for DAP, LDAP (and WEB) access? • Do tools exist for configuration of new schema elements? • What schema elements need new software? 32553.1550
The Surveyed Suppliers • ISODE - NEXOR - Data Connections - HP - ATOS-Origin • SUN - Critical Path (ICL) - Bull - CDC - Computer Associates - Fujitsu - IBM - ISOCOR - Maxware - Microsoft - NCR - Siemens - Sun - Syntegra - Tandem - Unisys …... • COMSOFT - Thales - Avitech - Copperchase - Boldon James - Global Weather 32553.1551
Results - Analysis • One supplier supports the ATN Extensions in DAP • No suppliers support ATN Extensions in LDAP • ATN extensions inevitably incur extra cost • ICAO could consider re-defining the ‘expensive’ attributes • WEB (HTTP) needs no new syntax definition (but requires a WEB site gateway 32553.1552
Recommendations - 1 • User Communities should avoid defining Attribute Types using complex, non-standard syntaxes • ICAO WGN should re-define the MTCU-Characteristics Attribute Type (the Global Domain Attribute has now been re-defined) • ICAO WGN should consider whether LDAP is required • ICAO must specify the ATN-specific schema elements in Backus Naur Form if LDAP is to be used • XML should be avoided • No further specification is required for HTTP access 32553.1553
Recommendations - 2 Possible Architecture WEB Browser Access WEB GATE General Users LDAP Access ATN-Directory DIB LDAP GATE AMHS Users Direct DAP Access DAP Access MTA & UA Processes + Dir Administrators (Based on Directory Product Survey) 32553.1554