On Wed, 4 Oct 1995, Kenneth E. Rowe wrote:
Actually, the use of a DN instead of a URL is a much better approach.
Almost nothing in the real world uses Distinguished Names. Most DN schemes
are crap based on the futile idea of a universal X.500 dirctory. They are
useless until you map them to something real like URL's which introduces all
the problems of the storage, access to, and maintenance of such a mapping.
1) URL's are relative ... it depends on what the web server name
resolves to. >
URL's can be relative or absolute. Inability to express relative DN's
is merely further evidence of their inadequacy. If you are giving a
reference intrnal to a document or closely bound cluster of documents,
why in the world would you want an absolute reference? Any name, to
be of any use, must ultimately resolve at any particular time to some
real physical data storage location/machine.
2) the move over the next few years will be toward URN's. These are
independent of DNS resolvers. They provide location and replication
transparency (among other things).
Yeah, yeah. The mythical URN. Some people cliam they are suppsed to be
independent of DNS (hey, why use the only existing global operational name
system that already has replicaiton and redundancy, now has reasonable
security and secure dynamic update proposals that should shortly come out as
IETF Proposed Standards, etc.) As long as URN's are merely a concept, its
pretty trivial to list all the wonderful features they are going to have.
And if the first version of URN's doesn't have those features either, you
can always claim a later version will...
3) the more general of a URI capability that is supported, the less
constrained we are to the technology.
That sure sounds like a tautology.
Ken.
-------------------------------------------------------------
Kenneth E. Rowe (kerowe(_at_)ncsa(_dot_)uiuc(_dot_)edu)
Senior Security Engineer (217) 244-5270 (Office)
/ Security Coordinator (217) 244-0710 (NCSA IRST)
National Center for Supercomputing Applications
*** email ncsa-irst(_at_)ncsa(_dot_)uiuc(_dot_)edu for computer incident
response ***
Donald
=====================================================================
Donald E. Eastlake 3rd +1 508-287-4877(tel) dee(_at_)cybercash(_dot_)com
318 Acton Street +1 508-371-7148(fax)
dee(_at_)world(_dot_)std(_dot_)com
Carlisle, MA 01741 USA +1 703-620-4200(main office, Reston, VA)