Network Working Group A. Getchell Request for Comments: 1632 Lawrence Livermore National Laboratory FYI: 11 S. Sataluri Obsoletes: 1292 AT&T Bell Laboratories Category: Informational Editors May 1994 A Revised Catalog of Available X.500 Implementations Status of this Memo This memo provides information for the Internet community. This memo does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Abstract This document is the result of a survey that gathered new or updated descriptions of currently available implementations of X.500, including commercial products and openly available offerings. This document is a revision of RFC 1292. We contacted each contributor in RFC 1292 and requested an update and published the survey template in several mailing lists and obtained new product descriptions. This document contains detailed description of twenty six (26) X.500 implementations - DSAs, DUAs, and DUA interfaces. 1. Introduction This document catalogs currently available implementations of X.500, including commercial products and openly available offerings. For the purposes of this survey, we classify X.500 products as, DSA A DSA is an OSI application process that provides the Directory functionality, DUA A DUA is an OSI application process that represents a user in accessing the Directory and uses the DAP to communicate with a DSA, and DUA Interface A DUA Interface is an application process that represents a user in accessing the Directory using either DAP but supporting only a subset of the DAP functionality or a protocol different from DAP to communicate with a DSA or DUA. IDS Working Group [Page 1] RFC 1632 X.500 Catalog May 1994 Section 2 of this document contains a listing of implementations cross referenced by keyword. This list should aid in identifying implementations that meet your criteria. To compile this catalog, the IDS Working Group solicited input from the X.500 community by surveying several Internet mailing lists, including: iso@nic.ddn.mil, isode@nic.ddn.mil, osi-ds@cs.ucl.ac.uk, and ietf-ids@umich.edu. We also contacted many people by telephone and sent the template to several individuals and mailed a floppy disk containing the survey template to a person who did not have Internet access. Readers are encouraged to submit comments regarding both the form and content of this memo. New submissions are welcome. Please direct input to the Integrated Directory Services (IDS) Working Group (ietf-ids@umich.edu) or to the editors. IDS will produce new ver- sions of this document when a sufficient number of changes have been received. This will be determined by the IDS chairpersons. 1.1 Purpose The Internet has experienced a steady growth in X.500 piloting activities. This document hopes to provide an easily accessible source of information on X.500 implementations for those who wish to consider X.500 technology for deploying a Directory service. 1.2 Scope This document contains descriptions of both free and commercial X.500 implementations. It does not provide instructions on how to install, run, or manage these implementations. The descriptions and indices are provided to make the readers aware of available options and thus enable more informed choices. 1.3 Disclaimer Implementation descriptions were written by implementors and vendors, and not by the editors. We worked with the description authors to ensure uniformity and readability, but can not guarantee the accuracy or completeness of the descriptions, or the stability of the implementations. 1.4 Overview Section 1 contains introductory information. Section 2 contains a list of keywords, their definitions, and a cross reference of the X.500 implementations by these keywords. IDS Working Group [Page 2] RFC 1632 X.500 Catalog May 1994 Section 3 contains the X.500 implementation descriptions. Section 4 has a list of references. Section 6 lists the editors' addresses. 1.5 Acknowledgments The creation of this catalog would not have been possible without the efforts of the description authors and the members of the IDS Working Group. Our special thanks to the editors of RFC 1292, Ruth Lang and Russ Wright who helped us get started and made key suggestions that enabled us to learn from their experience. We also acknowledge and appreciate the efforts of Ken Rossen in obtaining six descriptions. 2. Keywords Keywords are abbreviated attributes of the X.500 implementations. The list of keywords defined below was derived from the implementation descriptions themselves. Implementations were indexed by a keyword either as a result of: (1) explicit, not implied, reference to a particular capability in the implementation description text, or (2) input from the implementation description author(s). 2.1 Keyword Definitions This section contains keyword definitions. They have been organized and grouped by functional category. The definitions are ordered first alphabetically by keyword category, and second alphabetically by implementation name within keyword category. 2.1.1 Availability Available via FTP Implementation is available using FTP. Commercially Available This implementation can be purchased. Free Available at no charge, although other restrictions may apply. Limited Availability Need to contact provider for terms and conditions of distribution. IDS Working Group [Page 3] RFC 1632 X.500 Catalog May 1994 Source Source code is available, potentially at an additional cost. 2.1.2 Conformance with Proposed Internet Standards These RFCs specify standards track protocols for the Internet community. Implementations which conform to these evolving proposed standards have a higher probability of interoperating with other implementations deployed on the Internet. RFC-1274 Implementation supports RFC 1274: Barker, P., and S. Kille, The COSINE and Internet X.500 Schema, University College, London, England, November 1991. RFC-1276 Implementation supports RFC 1276: Kille, S., Replication and Distributed Operations extensions to provide an Internet Directory using X.500, University College, London, England, November 1991. RFC-1277 Implementation supports RFC 1277: Kille, S., Encoding Network Addresses to support operation over non-OSI lower layers, University College, London, England, November 1991. RFC-1485 Implementation supports RFC 1485: Kille, S., A String Representation of Distinguished Names, ISODE Consortium, July 1993. RFC-1487 Implementation supports RFC 1487: Yeong, W., T. Howes, and S. Kille, X.500 Lightweight Directory Access Protocol, July 1993. 2.1.3 Consistence with Informational and Experimental Internet RFCs These RFCs provide information to the Internet community and are not Internet standards. Compliance with these RFCs is not necessary for interoperability but may enhance functionality. RFC-1202 Implementation supports RFC 1202: Rose, M. T., Directory IDS Working Group [Page 4] RFC 1632 X.500 Catalog May 1994 Assistance Service. February 1991. RFC-1249 Implementation supports RFC 1249: Howes, T., M. Smith, and B. Beecher, DIXIE Protocol Specification, University of Michigan, August 1991. RFC-1275 Implementation supports RFC 1275: Kille, S., Replication Requirements to provide an Internet Directory using X.500, University College, London, England, November 1991. RFC-1278 Implementation supports RFC 1278: Kille, S., A string encoding of Presentation Address, University College, London, England, November 1991. RFC-1279 Implementation supports RFC 1279: Kille, S., X.500 and Domains, University College, London, England, November 1991. RFC-1484 Implementation supports RFC 1484: Kille, S., Using the OSI Directory to achieve User Friendly Naming, ISODE Consortium, July 1993. 2.1.4 Implementation Type API Implementation comes with an application programmer's interface (i.e., a set of libraries and include files). DSA Only Implementation consists of a DSA only. No DUA is included. DSA/DUA Both a DSA and DUA are included in this implementation. DUA Interface Implementation is a DUA-like program that uses either DAP, but supporting only a subset of the DAP functionality, or uses a protocol different from DAP to communicate with a DSA or DUA. DUA Only Implementation consists of a DUA only. No DSA is included. IDS Working Group [Page 5] RFC 1632 X.500 Catalog May 1994 LDAP DUA interface program uses the Lightweight Directory Access Protocol (LDAP). 2.1.5 Internetworking Environment CLNS Implementation operates over the OSI ConnectionLess Network Service (CLNS). OSI Transport Implementation operates over one or more OSI transport protocols. RFC-1006 Implementation operates over RFC-1006 with TCP/IP transport service. RFC-1006 is an Internet Standard. X.25 Implementation operates over OSI X.25. 2.1.6 Pilot Connectivity DUA Connectivity The DUA can be connected to the pilot, and information on any pilot entry looked up. The DUA is able to display standard attributes and object classes and those defined in the COSINE and Internet Schema. DSA Connectivity The DSA is connected to the DIT, and information in this DSA is accessible from any pilot DUA. 2.1.7 Miscellaneous Included in ISODE DUAs that are part of ISODE. Limited Functionality Survey states that the implementation has some shortcomings or intended lack of functionality, e.g., omissions were part of the design to provide an easy-to-use user interface. IDS Working Group [Page 6] RFC 1632 X.500 Catalog May 1994 Motif Implementation provides a Motif-style X Window user interface. Needs ISODE ISODE is required to compile and/or use this implementation. OpenLook Implementation provides an OpenLook-style X Window user interface. X Window System Implementation uses the X Window System to provide its user interface. 2.1.8 Operating Environment 386 Implementation runs on a 386-based platform. Bull Implementation runs on a Bull platform. CDC Implementation runs on a CDC MIPS platform. DEC ULTRIX Implementation runs under DEC ULTRIX. DEC Vax OpenVMS Implementation runs on a DEC VAX platform running OpenVMS. HP Implementation runs on an HP platform. IBM PC Implementation runs on a PC. IBM RISC Implementation runs on IBM's RISC UNIX workstation. ICL Implementation runs on an ICL platform. Macintosh Implementation runs on a Macintosh. IDS Working Group [Page 7] RFC 1632 X.500 Catalog May 1994 Multiple Vendor Platforms Implementation runs on more than one hardware platform. Sequent Implementation runs on a Sequent platform. SNI Implementation runs on a Siemens Nixdorf platform. Solbourne Implementation runs on a Solbourne platform. Sun Implementation runs on a Sun platform. Tandem Implementation runs on a Tandem platform. UNIX Implementation runs on a generic UNIX platform. Wang Implementation runs on a Wang RISC platform. 2.2 Implementations Indexed by Keyword This section contains an index of implementations by keyword. You can use this list to identify particular implementations that meet your chosen criteria. The index is organized as follows: keywords appear in alphabetical order; implementations characterized by that keyword are listed alphabetically as well. Note that a "*" is used to indicate that the particular implementation, or feature of the implementation, may not be available at this time. For formatting purposes, we have used the following abbreviations for implementation names: BULL S.A. (Bull X500-DS and X500-DUA), DEC X.500 DSA (DEC X.500 Directory Server), DEC X.500 Admin (DEC X.500 Administration Facility), HP X.500 DD (HP X.500 Distributed Directory), LDAP (University of Michigan LDAP Implementation), OSI Access & Dir (OSI Access and Directory), and Traxis (Traxis Enterprise Directory). IDS Working Group [Page 8] RFC 1632 X.500 Catalog May 1994 386 CLNS PathWay Messaging Bull S.A. PC-DUA DEC X.500 DSA UCOM X.500 DEC X.500 Admin DIR.X API HP X.500 DD HP X.500 DUA Bull S.A. OSI Access & Dir Custos PathWay Messaging DEC X.500 DSA Traxis DEC X.500 Admin UCOM X.500 DIR.X Wang OPEN/services HP X.500 DD XT-DUA HP X.500 DUA XT-QUIPU LDAP OSI Access & Dir Commercially Available QUIPU Traxis Bull S.A. UCOM X.500 DEC X.500 DSA DEC X.500 Admin Available via FTP DIR.X Directory 500 Custos HP X.500 DD DE HP X.500 DUA DOS-DE OSI Access & Dir LDAP PathWay Messaging ldap-whois++ PC-DUA maX.500 Traxis Xdi UCOM X.500 Wang OPEN/services Bull XT-DUA XT-QUIPU Bull S.A. UCOM X.500 DEC ULTRIX XT-DUA XT-QUIPU DEC X.500 DSA DEC X.500 Admin CDC LDAP ldap-whois++ OSI Access & Dir UCOM X.500 DEC VAX OpenVMS DEC X.500 DSA DEC X.500 Admin IDS Working Group [Page 9] RFC 1632 X.500 Catalog May 1994 DSA Connectivity DUA Interface DIR.X DE OSI Access & Dir DOS-DE PathWay Messaging LDAP QUIPU ldap-whois++ UCOM X.500 maX.500 XT-QUIPU OSI Access & Dir Pathway Messaging DSA Only PC-DUA QuickMailDUA DEC X.500 DSA Wang OPEN/services XT-QUIPU DUA Only DSA/DUA DEC X.500 Admin Bull S.A. HP X.500 DUA Custos MXLU DIR.X PC-Pages Directory 500 Xdi HP X.500 DD XLU OSI Access & Dir XT-DUA PathWay Messaging QUIPU Free Traxis UCOM X.500 Custos Wang OPEN/services DE DOS-DE DUA Connectivity LDAP ldap-whois++ DIR.X maX.500 LDAP MXLU maX.500 QUIPU MXLU Xdi OSI Access & Dir XLU PathWay Messaging PC-DUA HP PC-Pages QUIPU DIR.X UCOM X.500 HP X.500 DD Xdi HP X.500 DUA XLU LDAP XT-DUA *Traxis Wang OPEN/services XT-DUA XT-QUIPU IDS Working Group [Page 10] RFC 1632 X.500 Catalog May 1994 IBM PC Limited Functionality DOS-DE Custos LDAP Wang OPEN/services OSI Access & Dir Xdi PathWay Messaging PC-DUA Macintosh PC-Pages Traxis LDAP Wang OPEN/services maX.500 PathWay Messaging IBM RISC *Traxis DIR.X Motif LDAP *Traxis DEC X.500 Admin UCOM X.500 MXLU Wang OPEN/services UCOM X.500 XT-DUA XT-DUA XT-QUIPU Multiple Vendor Platforms ICL Custos *XT-DUA DE XT-QUIPU DOS-DE LDAP Included In ISODE MXLU PathWay Messaging DE PC-Pages QUIPU LDAP UCOM X.500 Xdi DE XLU DOS-DE XT-DUA LDAP XT-QUIPU ldap-whois++ maX.500 Needs ISODE OSI Access & Dir *Pathway Messaging Custos PC-DUA DE *PC-Pages MXLU QuickMailDUA Limited Availability Xdi XLU PC-Pages QuickMailDUA IDS Working Group [Page 11] RFC 1632 X.500 Catalog May 1994 OpenLook RFC-1249 UCOM X.500 OSI Access & Dir XT-DUA RFC-1274 OSI Transport DE Bull S.A. DEC X.500 DSA Custos DEC X.500 Admin DEC X.500 DSA DOS-DE DEC X.500 Admin LDAP DIR.X maX.500 HP X.500 DD OSI Access & Dir HP X.500 DUA QuickMailDUA PathWay Messaging QUIPU PC-Pages Traxis QUIPU UCOM X.500 Traxis Xdi Wang OPEN/services XT-DUA XT-DUA XT-QUIPU XT-QUIPU RFC-1275 RFC-1006 OSI Access & Dir Bull S.A. QUIPU Custos DEC X.500 DSA RFC-1276 DEC X.500 Admin DIR.X OSI Access & Dir Directory 500 QUIPU LDAP XT-QUIPU OSI Access & Dir PathWay Messaging RFC-1277 PC-Pages QUIPU DEC X.500 DSA Traxis DEC X.500 Admin UCOM X.500 DIR.X Wang OPEN/services OSI Access & Dir XT-DUA PathWay Messaging XT-QUIPU QUIPU UCOM X.500 RFC-1202 XT-DUA XT-QUIPU OSI Access & Dir PathWay Messaging IDS Working Group [Page 12] RFC 1632 X.500 Catalog May 1994 RFC-1278 Sequent DEC X.500 DSA DEC X.500 Admin UCOM X.500 OSI Access & Dir PathWay Messaging SNI QUIPU UCOM X.500 DIR.X XT-DUA XT-QUIPU Solbourne RFC-1279 XT-DUA XT-QUIPU OSI Access & Dir QUIPU Source UCOM X.500 XT-QUIPU DE LDAP RFC-1484 MXLU QUIPU DE Xdi DOS-DE XLU *LDAP *maX.500 Sun QUIPU Xdi Custos XT-DUA Directory 500 XT-QUIPU LDAP ldap-whois++ RFC-1485 OSI Access & Dir PathWay Messaging LDAP QuickMailDUA maX.500 QUIPU QUIPU Traxis XT-QUIPU UCOM X.500 Xdi RFC-1487 XT-DUA XT-QUIPU DE DOS-DE Tandem LDAP ldap-whois++ UCOM X.500 maX.500 PC-DUA QUIPU IDS Working Group [Page 13] RFC 1632 X.500 Catalog May 1994 UNIX Custos DE ldap-whois++ MXLU QUIPU UCOM X.500 Xdi XLU Wang Wang OPEN/services X Window System MXLU OSI Access & Dir Xdi XLU XT-DUA X.25 Bull S.A. DEC X.500 DSA DEC X.500 Admin DIR.X Directory 500 HP X.500 DD HP X.500 DUA OSI Access & Dir PathWay Messaging QUIPU Traxis UCOM X.500 Wang OPEN/services XT-DUA XT-QUIPU IDS Working Group [Page 14] RFC 1632 X.500 Catalog May 1994 3. Implementation Descriptions In the following pages you will find descriptions of X.500 implementations listed in alphabetical order. In the case of name collisions, the name of the responsible organization, in square brackets, has been used to distinguish the implementations. Note that throughout this section, the page header reflects the name of the implementation, not the date of the document. The descriptions follow a common format, as described below: NAME The name of the X.500 implementation and the name of the responsible organization. Implementations with a registered trademark indicate this by appending "(tm)", e.g., GeeWhiz(tm). KEYWORDS A list of the keywords defined in Section 2 that have been used to cross reference this implementation. ABSTRACT A brief description of the application. This section may optionally contain a list of the pilot projects in which the application is being used. COMPLIANCE (applicable only for DSAs and DUAs) A statement of compliance with respect to the 1988 CCITT Recommendations X.500-X.521 [CCITT-88], specifically Section 9 of X.519, or the 1988 NIST OIW Stable Implementation Agreements [NIST-88]. CONFORMANCE WITH PROPOSED INTERNET STANDARDS A statement of compliance with respect to the several proposed Internet Standards. CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs A statement of compliance with respect to the several informational and experimental Internet RFCs. INTEROPERABILITY A list of other DUAs and DSAs with which this implementation can interoperate. PILOT CONNECTIVITY Describes the level of connectivity it can offer to the pilot directory service operational on the Internet in North America, and to pilots co-ordinated by the PARADISE project in Europe. Levels of connectivity are: Not Tested, None, DUA Connectivity, and DSA Connectivity. IDS Working Group [Page 15] RFC 1632 X.500 Catalog May 1994 BUGS A warning on known problems and/or instructions on how to report bugs. CAVEATS AND GENERAL LIMITATIONS A warning about possible side effects or shortcomings, e.g., a feature that works on one platform but not another. INTERNETWORKING ENVIRONMENT A list of environments in which this implementation can be used, e.g., RFC-1006 with TCP/IP, TP0 or TP4 with X.25. HARDWARE PLATFORMS A list of hardware platforms on which this application runs, any additional boards or processors required, and any special suggested or required configuration options. SOFTWARE PLATFORMS A list of operating systems, window systems, databases, or unbundled software packages required to run this application. AVAILABILITY A statement regarding the availability of the software (free or commercially available), a description of how to obtain the software, and (optionally) a statement regarding distribution conditions and restrictions. DATE LAST UPDATED or CHECKED The month and year within which this implementation description was last modified. IDS Working Group [Page 16] RFC 1632 X.500 Catalog Bull S.A. NAME X500-DS X500-DUA Bull S.A. KEYWORDS API, Bull, CLNS, Commercially Available, DSA/DUA, OSI Transport, RFC-1006, X.25 ABSTRACT X500-DS and X500-DUA are integral part of the large Bull OSI offer. Although based on the DCE/GDS (Distributed Computing Environment/Global Directory Service) of OSF, these two products may be installed and used without DCE environment. X500-DS is designed to implement both the DUA and the DSA functions, whilst X500-DUA only provides the DUA functions. The X500-DUA package contains: - The standards APIs XOM (X/Open OSI-Abstract-Data Manipulation API) and XDS (X/Open Directory Service API) for the development of portable applications, - A core DUA to translate all user's requests (bind, read, list, compare, modify, modifyRDN, search, add, remove, unbind ...) into the DAP protocol used for communication with distant DSAs, - The OSI standard protocols (ASN.1, ROSE, ACSE, Presentation and Session) for communication with the distant DSAs. The interface with the low layers of the stack being XTI. RFC-1006 is supported under XTI or the Session, - A DUA Cache to improve performances when accessing remote DSAs, - A management application for configuration of the product, controlling the operations and managing logs and traces, - A user application for the manipulations of the database entries. The X500-DS package contains: - All components of the X500-DUA, - A core DSA to process all requests received from distant DUAs through DAP protocol or from distant DSAs through DSP protocol. It supports the referral, chained and multi-casting modes of operation, access control lists, simple authentication, management of knowledge information (for distribution, shadows and copies of sub-trees), IDS Working Group [Page 17] RFC 1632 X.500 Catalog Bull S.A. - A management application for managing the schema information (creation, deletion and modification of object classes and of attribute types, management of the rules of the DIT), - A C-ISAM database. COMPLIANCE (applicable only for DSAs and DUAs) Compliant with EWOS and OIW Agreements Strong authentication in X.509 is not yet implemented. (Password scheme is currently used.) Consists of both DUA and DSA implementation according to the 88 CCITT X.500 and ISO 9594 standard. The X/Open standard XDS and XOM interface libraries are also provided. When the product is installed with the DCE environment, XDS and XOM interfaces are also used to access DCE/CDS (Local Cell Directory Service) transparently. A GDA (Global Directory Agent) serves then as the gateway between the DCE CDS and GDS. It is planned to support full 1992 extensions in the products for 1995. CONFORMANCE WITH PROPOSED INTERNET STANDARDS [No information provided--Ed.] CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs [No information provided--Ed.] INTEROPERABILITY This implementation of DAP and DSP can interoperate with other X.500 implementations from other Cebit demo participants including IBM, HP, ICL, Siemens-Nixdorf, etc. It also interoperates with ISODE QUIPU. PILOT CONNECTIVITY [No information provided--Ed.] BUGS [No information provided--Ed.] IDS Working Group [Page 18] RFC 1632 X.500 Catalog Bull S.A. CAVEATS AND GENERAL LIMITATIONS [No information provided--Ed.] INTERNETWORKING ENVIRONMENT OSI TP4 with CLNP (WAN - LAN) OSI TP0, 2 & 4 with X.25 (WAN) RFC-1006 with TCP/IP Either BSD sockets or XTI can be used to access the transports Through XTI, both OSI and TCP/IP protocols are possible on the same machine, thus permitting to build a Directory Service distributed on OSI and TCP/IP networks. HARDWARE PLATFORMS DPX/2, DPX/20 SOFTWARE PLATFORMS Unix BOS2, Unix BOSX, AIX AVAILABILITY 4 Q 93 Please contact: Daniel Monges Tel: + (33) 76 39 75 00 ext. 7449 Fax: + (33) 76 39 78 56 e-mail: D.Monges@frec.bull.fr DATE LAST UPDATE or CHECKED November 25th, 1993 IDS Working Group [Page 19] RFC 1632 X.500 Catalog Control Data Systems Inc. NAME OSI Access and Directory Control Data Systems Incorporated. KEYWORDS API, CLNS, CDC, Commercially Available, DSA Connectivity, DSA/DUA, DUA Connectivity, DUA Interface, IBM PC, LDAP, RFC-1006, RFC-1202, RFC-1249, RFC-1274, RFC-1275, RFC-1276, RFC-1277, RFC-1278, RFC-1279, Sun, X Window System, X.25 ABSTRACT OSI Access and Directory includes several DUAs and a QUIPU based DSA (originally based on version 6.6) with enhancements. The DUA/DSA enhancements include: - Directory API based on the X.400 API. - Support for X.400 objects including those to support MHS use of Directory to support MHS Routing. - Integration with Control Data's MailHub (X.400 MHS) products. - X Windows, curses and command line based DUA interfaces on UNIX. These interfaces support the full set of Directory operations. - Windows 3.x interface on PCs. - A DUA daemon that provides Directory access for applications. - LDAP 2.0 and 3.0 support. - Directory synchronization tools for synchronizing most PC/Mac/Dec mail directories with X.500. - Enhanced photo attribute support. - ACL enhancements. - Hash indexing for fast string search. - DIXIE, DAD and PH.X500 support. - SNMP based monitoring and management of DSAs. Control Data Systems offers complete integration services to design, plan, install, configure, tailor and maintain X.500 services. These services may include the preparation of customer unique DUAs and tools for X.500 integration, synchronization, operational control and management. OSI Access and Directory is in production use at several government, commercial and academic sites. Some sites are supporting Directories in excess of 120,000 entries. IDS Working Group [Page 20] RFC 1632 X.500 Catalog Control Data Systems Inc. COMPLIANCE (applicable only for DSAs and DUAs) OSI Access and Directory complies with the 1988 CCITT Recommendations X.500-X.521 [CCITT-88] and the 1988 NIST OIW Stable Implementation Agreements [NIST-88]. OSI Access and Directory only supports simple authentication or no authentication. OSI Access and Directory complies with all static and dynamic requirements of X.519. OSI Access and Directory can act as a first-level DSA. OSI Access and Directory will support some 1993 X.500 extensions in 1994 with full support in 1995/1996. CONFORMANCE WITH PROPOSED INTERNET STANDARDS OSI Access and Directory is compliant with the following RFCs: [RFC 1274], [RFC 1276], and [RFC 1277]. CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs OSI Access and Directory is compliant with the following RFCs: [RFC 1202], [RFC 1249], [RFC 1275], [RFC 1278], and [RFC 1279]. OSI Access and Directory also supports the required objects, attributes and attribute syntaxes for MHS use of Directory to support MHS Routing. INTEROPERABILITY OSI Access and Directory was tested against HP, DEC, ISODE Consortium and Wollongong implementations at the COS Interoperability Test Lab in May 1993. The OSINET Interoperability Tests were used. Please refer OSINET for test results. OSI Access and Directory has also been informally tested at trade shows with implementations from UNISYS and Retix. PILOT CONNECTIVITY OSI Access and Directory is connected via DSAs and DUAs to the PSI White Pages Project. OSI Access and Directory provides the base routing tree for the MHS Use of Directory pilot (Longbud) on the Internet. BUGS Control Data Systems provides complete software maintenance services with products. IDS Working Group [Page 21] RFC 1632 X.500 Catalog Control Data Systems Inc. CAVEATS and GENERAL LIMITATIONS [No information provided--Ed.] INTERNETWORKING ENVIRONMENT RFC1006 with TCP/IP, TP4 with CNLS, TP0 with X.25. HARDWARE PLATFORMS OSI Access and Directory runs on all MIPS and SUN SPARC platforms. Windows based DUAs available with OSI Access and Directory run on Windows 3.x compatible IBM PCs. SOFTWARE PLATFORMS Distributed and supported for Sun OS version 4.1.x, Sun Solaris 2.x and Control Data EP/IX (Control Data's MIPS based OS). Other platforms are pending. TP4 connectivity on SUN OS requires SUN OSI. AVAILABILITY Commercially available from: Control Data Systems Inc. Network Solutions, ARH290 4201 Lexington Avenue North Arden Hills, MH 55126-6198 U.S.A. 1-800-257-OPEN (U.S. and Canada) 1-612-482-6736 (worldwide) FAX: 1-612-482-2000 (worldwide) EMAIL: info@cdc.com or s=info;p=cdc;a=attmail;c=us DATE LAST UPDATED or CHECKED November 22nd, 1993 IDS Working Group [Page 22] RFC 1632 X.500 Catalog Custos NAME Custos National Institute of Standards and Technology KEYWORDS API, Available via FTP, DSA/DUA, Free, Limited Functionality, Multiple Vendor Platforms, Needs ISODE, OSI Transport, RFC-1006, Sun, UNIX ABSTRACT The implementation consists of a set DUA library routines, a terminal interface, and a DSA. The implementation was developed in C on Sun SPARCstations under SunOS 4.1.1. All underlying services are provided by the ISODE development package. The development package is also used for encoding and decoding ASN.1 data as well as for other data manipulation services. Using the ISODE package the implementation can be run over both TCP/IP and OSI protocols. The DSA provides full support for both DAP and DSP protocols, conformant with ISO 9594 / CCITT X.500 standards. The DIB is maintained using a locally developed relational database system. The interface to the database system consists of a set of sql-like C functions. These are designed to allow straightforward replacement of the local database system with a more powerful commercial system. To achieve better performance several options are supported that permit loading of selected portions of the database in core. When these options are selected data can be retrieved more quickly from in core tables; all modifications to the DIB are directly reflected in the in core tables and the database. COMPLIANCE (applicable only for DSAs and DUAs) Custos is fully compliant with the 1988 Standard with the following omissions: - Search request decomposition - Modify Entry operation - Modify RDN operation - Abandon operation - Strong Authentication - Schema checking IDS Working Group [Page 23] RFC 1632 X.500 Catalog Custos There are no present plans to extend Custos to include the 1992 X.500 extensions. CONFORMANCE WITH PROPOSED INTERNET STANDARDS [No information provided--Ed.] CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs [No information provided--Ed.] INTEROPERABILITY Have successfully interoperated with QUIPU and OSIWARE over the DAP. No DSP interoperability testing has been done. PILOT CONNECTIVITY Limited DUA and DSA connectivity to PSI White Pages Project. BUGS Bugs may be reported to the general discussion list, x500@osi.ncsl.nist.gov. CAVEATS and GENERAL LIMITATIONS No limitations on file sizes, etc. The only side effects to creating large files should be in the area of performance. Specifically, optimization requires loading parts of the DIB in core so greater memory requirements will be necessary for achieving better performance with a large database. Any platform the implementation can be ported to (generally any platform ISODE can be ported to) should support all features. INTERNETWORKING ENVIRONMENT RFC-1006; TP4/CLNP (SunLinkOSI) over 802 and X.25 (SunLink X.25). HARDWARE PLATFORMS It's only been run on Sun 3 and SPARC, but there are no known reasons why it shouldn't run on any hardware running the ISODE software. IDS Working Group [Page 24] RFC 1632 X.500 Catalog Custos SOFTWARE PLATFORMS It requires UNIX and the ISODE software package. It's been developed and tested with ISODE version 7.0 and Sun OS version 4.1.1. Uses a locally developed relational DBMS that should be easily replaceable with commercially available relational systems. AVAILABILITY Custos, the NIST implementation of X.500, the OSI Directory, is available for anonymous ftp from osi.ncsl.nist.gov (129.6.48.100) using the convention (user name = anonymous, password = ident). The software is available in two forms: a tar file and a compressed tar file. ./pub/directory/CustosRel_0.2.tar ./pub/directory/CustosRel_0.2.tar.Z Note: permissions on the directory ./pub/directory are set so that you will be able to "get" files whose names you can provide. However, you will not be able to "ls" the contents of the directory. DATE LAST UPDATED or CHECKED March 5th, 1993 IDS Working Group [Page 25] RFC 1632 X.500 Catalog DE NAME DE KEYWORDS Available via FTP, DUA Interface, Free, Included in ISODE, LDAP, Multiple Vendor Platforms, Needs ISODE, RFC-1274, RFC-1484, RFC-1487, Source, UNIX ABSTRACT DE (Directory Enquiries) is intended to be a simple-to-use DUA interface, suitable for the naive user, and suitable for running as a public access dua. it will work on any terminal. The user is presented with a series of (verbose) prompts asking for person's name; department; organization; country. There is extensive on-line help. The matching algorithms are such that near matches are presented to the user before less good matches. A lot of development has been done on the interface since it was first described in RFC1292. The most significant enhancement has been to add power searching - this allows a user to search for an entry even when they do not know the name of the organisation in which the person works - you still have to specify the country. DE now provides UFN style searching. It is now possible to search locality entries. DE now uses slightly different search algorithms depending on whether it is accessing part of the Directory mastered by a Quipu DSA - Quipu DSAs tend to use lots of replication and so encourage searching. An experimental feature is intended to give the user more feedback on the likely response time to a query - DE maintains a database of past information availability and DSA responsiveness. Translations exist into at least 4 different languages. DE runs over ISODE DAP and University of Michigan LDAP. There is a version of DE, called DOS-DE, which has been ported to DOS, and this uses LDAP. DE was funded by the COSINE PARADISE project, and DE is used as the PARADISE public access dua. You can test the software by telnet to 128.86.8.56 and logging in as dua -- no password required. COMPLIANCE (applicable only for DSAs and DUAs) N/A IDS Working Group [Page 26] RFC 1632 X.500 Catalog DE CONFORMANCE WITH PROPOSED INTERNET STANDARDS [RFC 1274] and [RFC 1487] CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs [RFC 1484]. INTEROPERABILITY N/A PILOT CONNECTIVITY N/A (This is more a DUA rather than an interface question). The interface is widely used in the global pilot. BUGS Doesn't handle aliases well when power searching. Send bug reports to: p.barker@cs.ucl.ac.uk helpdesk@paradise.ulcc.ac.uk CAVEATS and GENERAL LIMITATIONS DE tries to cater well for the general case, at the expense of not dealing with the less typical. The main manifestation of this is that the current version does not handle searching under localities very well. It is not possible to display photographs or reproduce sound attributes. INTERNETWORKING ENVIRONMENT As for ISODE. HARDWARE PLATFORMS As for ISODE. SOFTWARE PLATFORMS As for ISODE. IDS Working Group [Page 27] RFC 1632 X.500 Catalog DE AVAILABILITY The software is openly available as part of ISODE-8.0. An enhanced version is available as part of the PARADISE project upgrade. Both these versions are available by FTP from , as src/isode-8.tar.Z and src/isode- paradise.tar.Z. The very latest code will be made available with the ISODE Consortium release of ISODE. It is hoped it will be freely available to all. Contact: helpdesk@paradise.ulcc.ac.uk p.barker@cs.ucl.ac.uk DATE LAST UPDATED or CHECKED March 12th, 1993 IDS Working Group [Page 28] RFC 1632 X.500 Catalog DEC DSA NAME DEC X.500 Directory Server Digital Equipment Corporation KEYWORDS API, CLNS, Commercially Available, DEC ULTRIX, DEC VAX OpenVMS, DSA Only, OSI Transport, RFC-1006, RFC-1274, RFC-1277, RFC-1278, X.25 ABSTRACT The DEC X.500 Directory Server product provides a high performance Directory System Agent implemented according to the 1993 edition of ISO/IEC 9594 and the CCITT X.500 series of Recommendations. Specific features provided include: (1) Integrated multi-protocol support allowing concurrent DAP and DSP access over OSI and TCP/IP (using RFC1006) protocols. (2) Indexed database supports high-performance searching and sophisticated matching including approximate match. (3) Based on the 1993 edition Extended Information Models. (4) Support for chaining and referrals in support of a distributed Directory Information Base. (5) Support for the 1993 edition Simplified Access Control scheme. (6) Configurable schema based on the 1993 edition (including attributes, object classes, structure rules, name forms). (7) Support for a simple Shadowing protocol to enhance read availability. (8) Remote management facilities to configure and control DSAs and log significant events. (9) Provides the X/OPEN XDS/XOM Application Program Interface so that customers can construct their own DUA applications. For Directory User Agent facilities see the associated entry for the DEC X.500 Administration Facility COMPLIANCE (applicable only for DSAs and DUAs) Conformance with respect to clause 9.2 of ISO/IEC 9594-5:1993: (1) Supports the directoryAccessAC (DAP) and directorySystemAC (DSP) application contexts. (2) The DSA is capable of acting as a first-level DSA. (3) Chaining is supported. IDS Working Group [Page 29] RFC 1632 X.500 Catalog DEC DSA (4) Bind security levels of simple (unprotected password) and none are supported. (5) All attribute types defined in ISO/IEC 9594-6:1993 are supported except for 1993 edition supertypes and collective attributes and EnhancedSearchGuide. Customers can define new attribute types. UNIVERSAL STRING is not supported for attributed based on DirectoryString. (6) All object classes defined in ISO/IEC 9594-7:1993 are supported. Customers can define new object classes. (7) The following operational attributes are supported: governingStructureRule createTimestamp modifyTimestamp myAccessPoint superiorKnowledge supplierKnowledge consumerKnowledge specificKnowledge dseType PrescriptiveACI (8) Dynamic modification of object class is permitted (9) A subset of Simplified Access Control is supported. (10) All name forms defined in ISO/IEC 9594-7:1993 are supported. Customers can defined new name forms and structure rules. The X.500 Directory Server is compatible with and interworks with 1988 edition DUAs and DSAs. It is implemented to conform to relevant NIST OIW and EWOS agreements and the X.500 Implementors Guide. For details contact Digital. CONFORMANCE WITH PROPOSED INTERNET STANDARDS Supports RFC 1006, RFC 1274, and RFC 1277. CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs RFC 1278. INTEROPERABILITY All interoperability test results will be available on request from Digital. Interoperability testing is being undertaken using the harmonized OSIone X.500 test suite to which both OSInet and EurOSInet have been key contributors. IDS Working Group [Page 30] RFC 1632 X.500 Catalog DEC DSA PILOT CONNECTIVITY Digital is actively involved in both public and private pilots of X.500. BUGS [No information provided--Ed.] CAVEATS and GENERAL LIMITATIONS [No information provided--Ed.] INTERNETWORKING ENVIRONMENT The DEC X.500 Directory Service V1.0 operates over: * RFC 1006 over TCP/IP on ULTRIX platforms. * OSI TP0, TP2 and TP4 over CLNS and CONS as appropriate on ULTRIX and OpenVMS platforms HARDWARE PLATFORMS The DEC X.500 Directory Service V1.0 runs on: * VAX processors supported by OpenVMS * RISC processors supported by ULTRIX SOFTWARE PLATFORMS The DEC X.500 Directory Service V1.0 runs on: * OpenVMS/VAX V5.5-2 or later running DECnet-VAX Extensions V5.4 * ULTRIX/RISC V4.2 or later running DECnet/OSI for ULTRIX, V5.1 or later. For availability on other hardware and software platforms please contact Digital. AVAILABILITY The DEC X.500 Directory Service is commercially available from Digital Equipment Corporation. For further information please contact your local Digital office, or: IDS Working Group [Page 31] RFC 1632 X.500 Catalog DEC DSA Gail Shlansky, Product Manager: Tel: +1 508 486 5138 email: gail.shlansky@lkg.mts.dec.com Digital Equipment Corporation Networks and Communications Engineering 550 King Street Littleton, MA. 01460-1289 USA DATE LAST UPDATED August 2nd, 1993 IDS Working Group [Page 32] RFC 1632 X.500 Catalog DEC X.500 Admin. Facility NAME DEC X.500 Administration Facility Digital Equipment Corporation KEYWORDS API, CLNS, Commercially Available, DEC ULTRIX, DEC VAX OpenVMS, DUA Only, Motif, OSI Transport, RFC-1006, RFC-1274, RFC-1277, RFC-1278, X.25 ABSTRACT The DEC X.500 Administration Facility product provides both command line and Motif interfaces to manage the information stored in the X.500 directory. Specific features provided include: (1) Multi-protocol support allowing DAP access over OSI and TCP/IP (using RFC1006) protocols. (2) Driven off the same configurable schema information as the DEC X.500 Directory Service. (3) Supports command line and OSF Motif interface styles. (4) Provides access to all X.500 services. Specific features of the OSF Motif interface include: (1) Supports two ways of accessing directory information, either by browsing the directory tree or by searching. (2) Easy-to-use search based on customer-extensible set of predefined filters. (3) Window layouts and text fully extensible, based on the schema, to support customer-defined object classes and attributes. (4) Easy-to-use forms based method for creating and modifying entries that simplifies use of the X.500 services. See also the entry for the DEC X.500 Directory Service. COMPLIANCE (applicable only for DSAs and DUAs) Conformance with respect to clause 9.1 of ISO/IEC 9594-5:1993: (1) Supports the all operations of the directoryAccessAC application context. IDS Working Group [Page 33] RFC 1632 X.500 Catalog DEC X.500 Admin. Facility (2) Bind security levels of none and simple (unprotected passwords). CONFORMANCE WITH PROPOSED INTERNET STANDARDS Supports RFC 1006, RFC 1274, and RFC 1277. CONSISTENCE WITH INFORMATIONAL AND EXPERIMENTAL RFCs RFC 1278. INTEROPERABILITY Interoperability test results will be available on request from Digital. Interoperability testing is being undertaken using the harmonized OSIone X.500 test suite to which both OSInet and EurOSInet have been key contributors. PILOT CONNECTIVITY Digital is actively involved in both public and private pilots of X.500. BUGS [No information provided--Ed.] CAVEATS and GENERAL LIMITATIONS [No information provided--Ed.] INTERNETWORKING ENVIRONMENT The DEC X.500 Administration Facility operates over: * RFC 1006 over TCP/IP on ULTRIX platforms. * OSI TP0, TP2 and TP4 over CLNS and CONS as appropriate on ULTRIX and OpenVMS platforms HARDWARE PLATFORMS The DEC X.500 Administration Facility V1.0 runs on: * VAX processors supported by OpenVMS * RISC processors supported by ULTRIX IDS Working Group [Page 34] RFC 1632 X.500 Catalog DEC X.500 Admin. Facility SOFTWARE PLATFORMS The DEC X.500 Administration Facility V1.0 runs on: * OpenVMS/VAX V5.5-2 or later running DECnet-VAX Extensions V5.4 * ULTRIX/RISC V4.2 or later running DECnet/OSI for ULTRIX, V5.1 or later. For availability on other hardware and software platforms please contact Digital. AVAILABILITY The DEC X.500 Administration Facility is commercially available from Digital Equipment Corporation. For further information please contact your local Digital office, or: Gail Shlansky, Product Manager: Tel: +1 508 486 5138 email: gail.shlansky@lkg.mts.dec.com Digital Equipment Corporation Networks and Communications Engineering 550 King Street Littleton, MA. 01460-1289 USA DATE LAST UPDATED August 2nd, 1993 IDS Working Group [Page 35] RFC 1632 X.500 Catalog DIR.X NAME DIR.X (tm) V3.0 Siemens Nixdorf Informationssysteme AG KEYWORDS API, CLNS, Commercially Available, DSA Connectivity, DSA/DUA, DUA Connectivity, HP, IBM RISC, OSI Transport, RFC-1006, RFC-1277, SNI, X.25 ABSTRACT DIR.X is the Siemens Nixdorf X.500 product on which the OSF DCE/GDS (Distributed Computing Environment/Global Directory Service) is based. It supports full DUA and DSA functionality for globally unique identification and location of objects in a network. It also provides functions to answer queries (both yellow-page and white- page) about objects and attribute information. The software implements full DAP and DSP protocols specified in X.519. The required ACSE, ROSE, Presentation, Session and RFC-1006 protocol implementations are also included. It also supports RFC-1277. Additional features include pr