[Ietf-not43] Is it just me or is there a desire here to avoid the chair's request..

Andrew Newton anewton at ecotroph.net
Tue Aug 19 13:00:51 EDT 2003 

Peter Gietz wrote:
>>
>> I know LDAP has authentication baked-in, but I don't really know how 
>> it applies to the FIRS universe.  This could be a win for the LDAP 
>> implementation.
> 
> 
> Yes you can even choose between a number of authentication mechanisms, 
> e.g. userpassword via an encrypted TLS session, MD5 chalenge response 
> (no password goes through the wire) via SASL, any other SASL mechanism.

As a point of comparison, IRIS uses BEEP which has SASL as well.

I'd also like to point out that if you have a custom data store on your 
LDAP server, all that built-in authorization stuff goes out the window.

This is a point that keeps getting glossed over by the LDAP crowd here. 
  Most of us already have our own databases and loading and replication 
procedures.  RIPE has this nifty software that does incredibly fast 
radix indexing specifically to solve their unique problems.  We have a 
couple of million dollars invested in custom global replication 
technology.  I know our competitors have also spent tons of money fine 
tuning their systems for their operations.

The point is, that for the people standing up these servers, LDAP is 
only a protocol.  The implementations are nice, but they don't help us.

> By now the XML database technology is not near as mature and well 
> established as LDAP. You don't even have a single standardized acces 
> protocol, but competing ones (Xquery, XMLquery, Xpath, XQL, ...). I 
> don't know of any native XML database implementation that has inbuilt 
> features like authentication, access control, replication. Most 
> implementations use an SQL backend to an XML frontend. The mapping of 
> the (hierarchical!) XML information model to the (non hierarchical) 
> relational model is not very intuitive.

As mentioned above, the question isn't about generic XML database 
technology vs. generic LDAP technology.  I suspect that I would end up 
making some of the same criticisms about generalized XML database 
implementation as I would about LDAP implementations.  And there are 
certainly a few of those wacky X* standards that are nothing but trouble.

To address Richard's point about economics:  one of the things that we 
must take into consideration is reuse of expertise of our technical 
staff.  Even if we don't reuse a single line of custom code, we still 
have to find people with expertise.  Most of us already have people very 
familiar with XML.  We know which XML parsers work for us and we know 
how to marshal it back and forth between our existing databases.

-andy

More information about the Ietf-not43 mailing list