SearchBrowse

page 3  (14 pages)
to previous section2
4to next section
DETACH
NO HIGHLIGHTING
EXPAND TEXT

POSTSCRIPT
ABSTRACT

RFC 1279 X.500 and Domains November 1991

3 The basic model

X.500 has as much relation to the DNS as DNS has to ARP. Paul Mockapetris

This is, essentially, the position adopted here. The basic model is that organisational X.500 is providing a layer of naming at the level above domain names. These structured names can be considered to form a naming layer above domain names. There are the following key differences:

ffl Organisational X.500 tends to use longer and more descriptive values

ffl The organisational X.500 DIT is slightly shallower than the DNS tree

ffl X.500 has a richer information framework than DNS

These differences suggest that the following should NOT be done:

ffl Represent X.500 information in the DNS

ffl Have an algorithmic mapping between the two hierarchies

This note proposes to represent DNS information in the DIT, and to provide for a loose coupling between the two trees. This note does not propose an equivalencing of X.500 and Domains.

The proposed model is illustrated in Figure 1. Both an organisational and domain structure is represented in the DIT, by use of appropriate object classes and attribute types. A weak linkage is provided between the two parts of the tree by use of special attributes. Here, the linkage is 1:1, but it may be more complex for some parts of the organisational DIT or domain namespace. The linkage is achieved by use of special attributes, as described in Section 11.

4 Representing Domains in X.500

Domains are at the level below X.500 names of the form illustrated in the previous section. However, it is also possible to use X.500 in other ways. In particular, there are benefits from representing Domains in X.500. Note that this is very different to equivalencing, as no attempt is made to represent X.500 information within the domain scheme. There are the following potential advantages:

ffl Domain Services (DNS and NRS) could be replaced with an OSI service (some may not view this as an advantage). This is particularly attractive for OSI services, where use of a non-OSI directory may be inappropriate.

Hardcastle-Kille Page 2

to previous section2 4to next section