pem-dev
[Top] [All Lists]

Re: Simple X.500 interface (Was: Re: IPRA Functions)

1995-02-20 16:04:00
On Mon, 20 Feb 1995 Jueneman(_at_)gte(_dot_)com wrote:

The NADF has written specs in its standing document series that specify how
charging and settlements will be handled (technically) between DSAs. No prices
are established -- that's up to each directory service supplier. At the risk 
of
oversimplifying, the charging algorithms would allow for recovering the cost 
of
thecomputing and transport portion of the initial query, plus the computing 
and
transport costs for the results.

All of which are negligible for PEM's purposes.  Bandwidth is cheap.  Disk
space is cheaper.  Computer power is really cheap.  Charging for access
only makes sense where there is saleable and competitive information
involved (e.g. Dun and Bradstreet's information).  Certificates aren't
saleable.  They also aren't competitive.  They are necessary
infrastructure to make PEM work. 

This is starting to get back to my central problem with X.500.  It is too
complex for its intended PEM purpose.  X.500 is like a pocket knife with a
hundred different uses.  But I wouldn't want to chop up my potatoes with a
pocket knife.  I have another knife for that.  It may not be a good screw
driver, bottle opener, or toe clipper, but it is great at chopping up the
spuds.

Sometimes a standard can be too ambitious.  X.500 is ok for those things
it does well, but is PEM certificate distribution one of those things? 
I'm becoming less and less convinced as the months go by.  When you can
show me a working implementation for getting and distributing certificates
that doesn't require contortions with commercial-only implementations,
I'll start listening again Bob.  Until then, I'm going to explore
lightweight solutions to the certificate distribution problem that do not
rely upon the X.500 directory.  Good bye. 

Cheers,

Rhys.
-- 
Rhys Weatherley, Queensland University of Technology, Brisbane, Australia.
E-mail: rhys(_at_)fit(_dot_)qut(_dot_)edu(_dot_)au  "net.maturity is knowing 
when NOT to followup"


<Prev in Thread] Current Thread [Next in Thread>