[Ietf-not43] extensibility

Peter Gietz Peter.Gietz at daasi.de
Thu Jul 31 19:07:02 EDT 2003 

Richard,

some comments to your comments:

Richard Shockey wrote:

[...]
>>> One way or another implementing these protocols will cost money and 
>>> my analysis concludes that IRIS will be simpler and less expensive.
>>
>>
>> Is this really so? What makes you think so that a complete new 
>> implementation will be cheaper than using existing technology and do 
>> some tweaks to make it CRISP compliant?
> 
> 
> Well as Andrew pointed out correctly, it seems obvious that a truly 
> stunning number of , dare I say it, "e-business" practices are moving to 
> a XML based architecture transported on FOO. The classic being SOAP may 
> of us have lots of experience with SOAP.... that PROVREG is going to 
> such a design that many TLD's will be contractually obligated ( Layer 9 
> again) to implement means that I have to build a service platform to 
> support it ..If I can reuse that platform to implement CRISP, that is 
> economically a "good thing"

Well I can see a point here. It made me think of an LDAP based 
implementation of it with an XML-interface. This would be possible, but 
would only make a proof that LDAP could have been used for provreg as 
well. It is far too late for such work now.

> 
> 
>> Alone the fact that Eric could perl a FIRS client in one week prooves 
>> ho cheap it can be to deploy FIRS. I know it is a long way from proof 
>> of concept to production service, but what makes you think this path 
>> is shorter with XML?
> 
> 
> I have no doubt it would be simple to implement FIRS ..is just that I 
> dont want to .. that means 2 platforms I have to support and the 
> registration data from PROVREG has to be converted...that is more work. 
> When I have to propose capital budgets for platforms that do this and 
> that the question is always raised ..." Well cant we reuse this box and 
> development time for that?"
> 
BTW: CRISP and Provreg do differ in many respects. I am not too sure 
that much reuse is possible.

> 
>> Are there existing XML data base technologiers that are as performant, 
>> scalable and secure as are LDAP implementations?
> 
> 
> Yep... look at the APACHE SOAP stuff.. the bindings and transport are 
> easily adaptable. We in the IETF are generally opposed to the use of HTTP/S
> transport for everything under the sun which is why BEEP was developed. 
> In fact the IESG has a directive specifically prohibiting the further 
> use of HTTP as a transport layer in IETF application protocols. If the 
> IETF weren't so opposed to SOAP on religious grounds we'd probably be 
> using that. And if I had to choose I'd prefer SOAP but I'm realistic 
> enough to know that is not going to happen.

I think there are more than religious grounds to dislike SOAP, the major 
being that tunneling everything through port 80 just makes firewalls 
useless. Anyway IMO SOAP is a good thing (an old concept called RPC 
transformed into the new XML world), the usecases of it (Web Services) 
is just no IETF realm.

BEEP is nice as well, but I haven't seen that really hit the market yet.

Anyway, SOAP will not be it in IETF and the XML DB implementation in 
Apache Xindice is not comparable in its features with LDAP 
implementation. If you, e.g., look at XML:DB XUpdate, the protocol for 
making changes into the database you will find nothing about 
authentication, authorization, access control, etc. and neither do you 
find that in the Apache implementation. As to performance, I myself 
haven't made any XMLDB tests. I am aware of some XMLDB/LDAPDB 
performance testings done in the frame Grid computing by the globus 
toolkit team. That showed how slow XML databases are these days, which 
nevertheless didn't prevent them going the Web Services path (OGSA). The 
motivation might be: If the whole market is going this way, there will 
be fast implementations some day.

Anyway, there are good arguments for XML just as there are for LDAP. For 
the present, I would say that the latter can fulfill its promisses now, 
while most of needed features in XML are rather vapor ware than existing 
in implementations.

Cheers,

Peter

> 
>  >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> Richard Shockey, Senior Manager, Strategic Technology Initiatives
> NeuStar Inc.
> 46000 Center Oak Plaza  -   Sterling, VA  20166
> Voice +1 571.434.5651 Cell : +1 703.593.2683,  Fax: +1 815.333.1237
> <mailto:richard(at)shockey.us> or <mailto:richard.shockey(at)neustar.biz>
>  <http://www.neustar.biz> ; <http://www.enum.org>
> <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
> 

-- 
_______________________________________________________________________

Peter Gietz (CEO)
DAASI International GmbH                phone: +49 7071 2970336
Wilhelmstr. 106                         Fax:   +49 7071 295114
D-72074 Tübingen                        email: peter.gietz at daasi.de
Germany                                 Web:   www.daasi.de

Directory Applications for Advanced Security and Information Management
_______________________________________________________________________

More information about the Ietf-not43 mailing list