[Top] [All Lists]

RE: Border directories

2000-05-12 03:07:56

LDAP stands for LIGHTWEIGHT Directory Access protocol and is by its very
nature efficient with an extremely low footprint, for example we have
available an LDAP COM Automation server that can be used to tie an LDAP
directory to a web server and has a footprint of < 1 MB. This aside if you
had to code HTTP requests into an SMIME client that could do all of the
functions that an LDAP SMIME client can do then I suspect you would find the
HTTP code growing and growing.

Stuart Ross 
-----Original Message-----
From: pgut001(_at_)cs(_dot_)aucKland(_dot_)ac(_dot_)nz 
Sent: Friday, May 12, 2000 8:23 AM
To: ietf-smime(_at_)imc(_dot_)org; pbaker(_at_)verisign(_dot_)com; 
Subject: RE: Border directories

"Walter Williams" <walter(_dot_)williams(_at_)genuity(_dot_)com> writes:

And LDAP is already built into the client to do exactly what you are asking

some one to write code to do.  Yes it can be done.  Yes it will be done.  
But most are doing this through LDAP for very good reasons.  Keep in mind 
that many email clients do not do HTTP, so then you would have a flow path 
of: to create s/mime email, don't create a new email in client, open
browse to proper link, run query, have email aware http application you
to now write create your email.  This application should idealy call your 
default email package, but how will it tell Outlook as an example about the

certificate it just found?  I can't see that as a natural flow of work.  
Yes, if you are using an web based email service such as hotmail.  No if
are using a corporate solution.

Just because it's possible to push a pea up a mountain with your nose
mean that that's the best way to get it there.  Certainly if you go with
amazing inverted world view in which 10 lines of code added to an existing 
TCP/IP-aware app is more work than integrating a multimegabyte LDAP client
library with its enormously complex programming interface and config 
requirements, then LDAP is simpler and easier than HTTP.  In my world
doing it via HTTP from the email client would be the easier option (although

it's certainly possible to invent arbitrarily awkward scenarios for HTTP if 
your goal is to make LDAP look good in comparison).


<Prev in Thread] Current Thread [Next in Thread>