On Mon, 20 Feb 1995 Jueneman(_at_)gte(_dot_)com wrote:
The NADF has written specs in its standing document series that specify how
charging and settlements will be handled (technically) between DSAs. No
prices
are established -- that's up to each directory service supplier. At the risk
of
oversimplifying, the charging algorithms would allow for recovering the cost
of
thecomputing and transport portion of the initial query, plus the computing
and
transport costs for the results.
All of which are negligible for PEM's purposes. Bandwidth is cheap. Disk
space is cheaper. Computer power is really cheap. Charging for access
only makes sense where there is saleable and competitive information
involved (e.g. Dun and Bradstreet's information). Certificates aren't
saleable. They also aren't competitive. They are necessary
infrastructure to make PEM work.
I'm sorry if I provided more information than you were interested in. You asked
about customer relationships, and I responded.
This is starting to get back to my central problem with X.500. It is too
complex for its intended PEM purpose. X.500 is like a pocket knife with a
hundred different uses. But I wouldn't want to chop up my potatoes with a
pocket knife. I have another knife for that. It may not be a good screw
driver, bottle opener, or toe clipper, but it is great at chopping up the
spuds.
You may be right, and if so X.500 will die an obscure death, just like X.400,
except perhaps for backbone connectivity purposes between proprietary systems.
However, when I look at one of the published, two inch thick White Pages books
containing over 100,000 Internet users and I don't see my name, I conclude that
so far the conventional systems aren't working too well, either.
Sometimes a standard can be too ambitious. X.500 is ok for those things
it does well, but is PEM certificate distribution one of those things?
I'm becoming less and less convinced as the months go by. When you can
show me a working implementation for getting and distributing certificates
that doesn't require contortions with commercial-only implementations,
I'll start listening again Bob. Until then, I'm going to explore
lightweight solutions to the certificate distribution problem that do not
rely upon the X.500 directory. Good bye.
I've generally believed in discussing solutions to these kinds of problems in
the open, in hopes of learning something myself and perhaps educating others at
the same time. I think that Peter William's suggestion fell in that category,
and I look forward to experimenting with such a solution in addition to other
LDAP solutions. In the meantime, I will be interested to see any suggestions
that you come up with. I'm not married to X.500 per se -- I'm only trying to
solve the certificate distribution problem in a reasonably generic way.
Bob
--------------------------------
Robert R. Jueneman
GTE Laboratories
40 Sylvan Road
Waltham, MA 02254
Internet: Jueneman(_at_)gte(_dot_)com
FAX: 1-617-466-2603
Voice: 1-617-466-2820