X.500 Product and Public Domain Implementation Survey NAME: xwp ABSTRACT: Xwp - white pages directory browser for the X-window system The xwp program is a simple browser for the QUIPU/X.500 directory. It uses OSF/Motif and the X-window system to provide a convenient user interface. The user interface consists of five different top-level windows: the main window, the search window, and three option windows. The main window appears when the program is executed and all others are reached through its menus. The main window contains Current Location, Current Descendents, Descendent Filter, Current Information, and Directory Status subwindows. The contents of these subwindows show informa- tion about the current location of the browser in the direc- tory tree. The search window contains Search Area, Search Filter, and Search Results subwindows. The mouse pointer may be used in the main window to change the current location of the browser in the directory tree. We can descend deeper into the tree by clicking the mouse when it points to a member of the Current Descendents list. Doing this "moves" the browser to this new (one level deeper) location in the directory tree. This causes the main window to be updated as follows: (1) the selected des- cendent becomes the new Current Location, (2) its descen- dents are listed in Current Descendents, and (3) its con- tents are displayed in Current Information. Any problems and messages from the directory are displayed in the Direc- tory Status portion of the main window. To move the browser up the directory tree (i.e. towards the root), click the mouse pointer on one of the components of the Current Loca- tion. In this way it is possible to move the browser to any location above its current position (i.e. to any ancestor) in one mouse click. Doing this causes the main window to be updated as discussed above. Due to directory-imposed lim- its, it may not always be possible to display all the des- cendents of the current position. In such cases (and oth- ers) it may be useful to impose a filter on the descendents to be listed. To do this, position the mouse pointer in the Descendent Filter box and use the keyboard to type in the desired filter expression. Typing in this box causes the Current Descendents list to be updated using the new filter. Xwp was developed at the University of Wisconsin - Madison Computer Sciences Department. It is used in conjunction with the ECI mail user agent project. Xwp was written by Robert Lazarus, III. COMPLETENESS: n/a INTEROPERABILITY: Xwp currently operates with ISODE version 6.0 BUGS: Xwp should be upgraded to the latest version of ISODE/Quipu. CAVEATS and GENERAL LIMITATIONS: n/a INTERNETWORKING ENVIRONMENT: Xwp will operate in any environment where Motif, ISODE and Quipu operate. HARDWARE PLATFORMS: Xwp has been run on IBM PC/RT, soon to run on DecStation 3100. SOFTWARE PLATFORMS: Berkeley 4.3 and Ultrix 3.1 AVAILABILITY: Openly available in May, 1991. Contact hagens@cs.wisc.edu for more information. NAME: Directory 500(tm) ABSTRACT: Full implementation of the X.500 recommendations. Includes DUA, DSA & various utilities. Writen in ANSI-C / C, and runs on the Unix system. COMPLETENESS: All DAP and DSP operations implemented. Strong authentication not yet implemented. Schema contains all of X.520, X.521, Quipu & NYSERNet definitions. INTEROPERABILITY: Interworks with Quipu, Nist, Retix, ICL, Nixdorf. BUGS: None CAVEATS and GENERAL LIMITATIONS: None. INTERNETWORKING ENVIRONMENT: RFC 1006 with TCP/IP TP0 with X.25 HARDWARE PLATFORMS: Runs on Sun-3, Sun-4 SOFTWARE PLATFORMS: For SunOS 4.X with Sunlink X.25 6.0 AVAILABILITY: commercially available from: OSIware Inc. Tel: +1-604-436-2922 4370 Dominion Street, Suite 200 Fax: +1-604-436-3192 Burnaby, B.C., Canada V5G 4L7 NAME: Xdi -- X Window Directory Interface. ABSTRACT: Xdi is a Directory User Agent (DUA) for the X Window System. In addition to providing a user-friendly interface, it supports Directory interactions of different levels of complexity. Users can select different window screens to browse, search and modify the Directory. It is simple to use for novice users but is also useful for more advanced users to formulate complex queries. Xdi also supports "user-friendly naming" so that users are not required to know X.500 naming format. Xdi is built on top of ISODE and needs to compile with ISODE libraries. COMPLETENESS: The Xdi interface does not support accesses to Delete and Add DAP operations as in the 88 Directory Standard. Read, Search, and most Modify operations are fully supported. There are no facilities to modify the RDNs of entries. INTEROPERABILITY: Xdi is built with the ISODE software (release 6.8) and is modified from the Dish and Pod DUA implementations (included in the ISODE distribution). Xdi is interoperable with ISODE/Quipu DSAs and standard X.500 DSAs. BUGS: Send bug reports to: sywuu@thumper.bellcore.com CAVEATS and GENERAL LIMITATIONS: None known. INTERNETWORKING ENVIRONMENT: Same as ISODE. ISODE supports TCP/IP, TP0, and X.25. HARDWARE PLATFORMS: This software has been tested on SUN4. It is expected that the software is portable to SUN3 and other UNIX machines. SOFTWARE PLATFORMS: Xdi is expected to run on ISODE (currently release 6.8) in UNIX environment. The 'xdi' directory has been designed to fit directly into the ISODE source tree. Xdi requires X11R4, the associated X toolkit and Athena widget libraries. Also see the operating environments of ISODE. AVAILABILITY: The Xdi software will be openly available via anonymous FTP from thumper.bellcore.com, in file pub/xdi.tar.Z. Source code and executables can be freely distributed for non-commercial use. A non-disclosure statement will be included in the software distribution. The software is expected to be available by June, 1991. To obtain information regarding a copy send email to Sze-Ying Wuu at sywuu@thumper.bellcore.com. As Xdi is built on top of the ISODE software package, also consult the "Notice, Disclaimer, and Conditions of Use" included in the ISODE software. NAME: QUIPU ABSTRACT: QUIPU is part of the ISODE which is an openly available implementation of the upper layers of OSI. QUIPU provides a X.500 Directory System Agent (DSA) and a set of Directory User Agents (DUA) aimed at different terminal types and modes of interaction QUIPU was first publicly demonstrated at ESPRIT in November 1988. QUIPU is being used extensively in the European PARADISE project, the Internet White Pages Project and the Australian pilot. A QUIPU DSA is being used at the ROOT node of the Pilot DIT and is being used as most country level DSAs. QUIPU provides its own solutions to area not specified by the 1988 standards such as replication and access control. COMPLETENESS: QUIPU is aligned to the 1988 ISO IS and the NIST OIW Directory Implementors Guide Version 1, with the following exceptions: Strong authentication is not implemented. QUIPU does not enforce the bounds constraints on attributes, filters or APDU size. T.61 string formatting characters are not rejected. If a DN is supplied with no password in an unprotected simple bind, QUIPU does not always check to see if the DN exists. If the DSA connected to can say authoritatively the DN does not exist, the association is rejected. However, if a chain operation is required to check the DN, the bind IS allowed. When comparing attributes of UTCtime syntax, if the seconds field is omitted, QUIPU does not perform the match correctly (i.e., the seconds field in the attribute values should be ignored, but are not). QUIPU always supplies the optional Chaining argument ``originator'' even if the CommonArgument ``requestor'' is used. QUIPU always supplies the optional Chaining argument ``target'' even if the base object in the DAP arguments is the same. The object class ``without an assigned object identifier'' is not recognised unless the ``alias'' object class is also present. Non Specific Subordinate References are never followed by a QUIPU DSA, but they are passed on correctly to the client if generated. INTEROPERABILITY: QUIPU has interworked with a number of other implementations, and has no know problems in such interworking. BUGS: Problems should be reported to quipu-support@cs.ucl.ac.uk. CAVEATS and GENERAL LIMITATIONS: None. INTERNETWORKING ENVIRONMENT: QUIPU users TP0 over X.25 or TCP (using RFC-1006) or TP4 over SunLink OSI. The DSA knows about the problems of unconnected networks and makes chain/refer choices based on the network connectivity. Using this an X.25 only DSA can access data from an Internet only DSA by ching operations through a DSA connected to both networks. HARDWARE & SOFTWARE PLATFORMS: The ISODE and QUIPU runs on native Berkeley (4.2, 4.3) and AT&T (SVR2, SVR3) systems, in addition to various other UNIX-like operating systems. No kernel modifications are required. AVAILABILITY: The ISODE is not proprietary, but it is not in the public domain. This was necessary to include a "hold harmless" clause in the release. The upshot of all this is that anyone can get a copy of the release and do anything they want with it, but no one takes any responsibility whatsoever for any (mis)use. DISTRIBUTION SITES: 1. FTP If you can FTP to the Internet, then use anonymous FTP to uu.psi.com [136.161.128.3] to retrieve the file isode-6.tar.Z in BINARY mode from the isode/ directory. This file is the tar image after being run through the compress program and is approximately 4.5MB in size. 2. NIFTP If you run NIFTP over the public X.25 or over JANET, and are registered in the NRS at Salford, you can use NIFTP with username "guest" and your own name as password, to access UK.AC.UCL.CS to retrieve the file isode-6.tar. This is a 14MB tar image. The file isode-6.tar.Z is the tar image after being run through the compress program (4.5MB). 3. NORTH AMERICA For mailings in NORTH AMERICA, send a check for 375 US Dollars to: University of Pennsylvania Department of Computer and Information Science Moore School Attn: David J. Farber (ISODE Distribution) 200 South 33rd Street Philadelphia, PA 19104-6314 US +1 215 898 8560 Specify either (a) 1600bpi 1/2-inch tape, or (b) Sun 1/4-inch cartridge tape. The tape will be written in tar format and returned with a documentation set. Do not send tapes or envelopes. Documentation only is the same price. 4. EUROPE (tape and documentation) For mailings in EUROPE, send a cheque or bankers draft and a purchase order for 200 Pounds Sterling to: Department of Computer Science Attn: Natalie May/Dawn Bailey University College London Gower Street London, WC1E 6BT UK For information only: Telephone: +44 71 380 7214 Fax: +44 71 387 1397 Telex: 28722 Internet: natalie@cs.ucl.ac.uk, dawn@cs.ucl.ac.uk Specify either (a) 1600bpi 1/2-inch tape, or (b) Sun 1/4-inch cartridge tape. The tape will be written in tar format and returned with a documentation set. Do not send tapes or envelopes. Documentation only is the same price. 6. EUROPE (tape only) Tapes without hardcopy documentation can be obtained via the European UNIX User Group (EUUG). The ISODE 6.0 distribution is called EUUGD14. EUUG Distributions c/o Frank Kuiper Centrum voor Wiskunde en Informatica Kruislaan 413 1098 SJ Amsterdam The Netherlands For information only: Telephone: +31 20 5924121 (or: +31 20 5929333) Telex: 12571 mactr nl Telefax: +31 20 5924199 Internet: euug-tapes@cwi.nl Specify one of: - 1600bpi 1/2-inch tape: 130 Dutch Guilders - 800bpi 1/2-inch tape: 130 Dutch Guilders - Sun 1/4-inch cartridge tape (QIC-24 format): 190 Dutch Guilders - 1/4-inch cartridge tape (QIC-11 format): 190 Dutch Guilders If you require DHL this is possible and will be billed through. Note that if you are not a member of EUUG, then there is an additional handling fee of 300 Dutch Guilders (please enclose a copy of your membership or contribution payment form when ordering). Do not send money, cheques, tapes or envelopes, you will be invoiced. 7. PACIFIC RIM For mailings in the Pacific Rim, send a cheque for 250 dollars Australian to: CSIRO DIT Attn: Andrew Waugh (ISODE DISTRIBUTION) 55 Barry St Carlton, 3053 Australia For information only: Telephone: +61 3 347 8644 Fax: +61 3 347 8987 Internet: ajw@ditmela.oz.au Please specify the media you desire: (a) 1/2-inch tape at 1600bpi, 3200bpi, or 6250bpi; or (b) Sun 1/4-inch cartridge tape in either QIC-11 or QIC-24 format. The tape will be written in tar format and returned with a documentation set. Do not send tapes or envelopes. Documentation only is the same price. 8. FTAM on the JANET or PSS The sources are available by FTAM at the UCL over X.25 using JANET (00000511160013) or PSS (23421920030013) with TSEL "259" (ASCII encoding). Use the "anon" user-identity and retrieve the file isode-6.tar. This is a 14MB tar image. The file isode-6.tar.Z is the tar image after being run through the compress program (4.5MB). 9. FTAM on the Internet The sources are available by FTAM over the Internet at host osi.nyser.net [192.33.4.20] (TCP port 102 selects the OSI transport service) with TSEL 259 (numeric encoding). Use the "anon" user-identity, supply any password, and retrieve the file isode-6.tar.Z from the pub/isode/ directory. This file is the tar image after being run through the compress program and is approximately 4.5MB in size. For distributions via FTAM, the file service is provided by the FTAM implementation in ISODE 5.0 or later (IS FTAM). For distributions via either FTAM or FTP, there is an additional file available for retrieval, called isode-ps.tar.Z which is a compressed tar image (7MB) containing the entire documentation set in PostScript format. NAME: MDUA ABSTRACT: MDUA (Motif DUA) provides a Motif-compliant X-Windows user interface to the X.50O directory. Features include: Ability to browse for specified object classes. The display is fully customisable to allow hiding of administrative attributes. Selected viewing of specific types allow the directory to be used for specific tasks. Multiple concurrent display windows. History mechanism. Distinguished name dereferenceing of DN attributes. User Friendly Naming support. Quick access to commonly accessed parts of the DIT. Accelerators for expert users. Interactive help facility The QUIPU libdsap library is used to access the DAP protocol. COMPLETENESS: MDUA provides access to the read, list, search and modify X.500 DAP protocol. INTEROPERABILITY: As for the QUIPU. BUGS: Problems should be reported to x500@xtel.co.uk INTERNETWORKING ENVIRONMENT: As for the QUIPU. HARDWARE & SOFTWARE PLATFORMS: As for the QUIPU. AVAILABILITY: MDUA is commercial software. It is available from The Directory Project, X-Tel Services Ltd, University Park, Nottingham, NG7 2RD Telephone: +44 602 412648 Fax: +44 602 790278 E-Mail: x500@xtel.co.uk NAME: X.500 DUA process ABSTRACT: The DUA process runs on 3Com's dual-stack OSI/TCP terminal server, scheduled to be released in mid-June 1991. It provides Presentation Address resolution for names, on behalf of the VTP application: when the user attempts an outgoing connection ("VTP " or "connect "), gets mapped to its Presentation Address. The DUA process supports the AddEntry, RemoveEntry, and Search operations. Via a menu-driven command, the system administrator can configure any of these operations, then send the request to the DSA. He would use the AddEntry operation to enter a resource name and its corresponding physical address in the DIB, the DeleteEntry operation to remove the name and its physical address, and the Search operation (with "filter" as an option) for a display of all registered names or, given a name, a display of the name's physical address. Regarding unbinding from a DSA, the system administrator could use an UnbindDSA command or set a timer which, once expired, would automatically perform the unbinding. The binding to a DSA, on the other hand, is transparent, provided the system administrator has set a DSA address. The binding is triggered by either an outgoing connection attempt or an operation request sent to the DSA. The schema supported by the DUA consists of the following sequence of object classes: Country, Organization, OrganizationalUnit (up to 3 levels of OrganizationalUnits are allowed), ApplicationProcess, and ApplicationEntity. Their respective attributes are CountryName, OrganizationName, OrganizationUnitName, CommonName, and PresentationAddress. The CommonName of the ApplicationEntity is always "vt" for VTP and is transparent to the system administrator. COMPLETENESS: Compliance with the ISO/IEC 9594 standards. Handling referrals not yet implemented. Schema supported: Country, Organization, OrganizationalUnit, ApplicationProcess, and ApplicationEntity. Authentication not supported. INTEROPERABILITY: Interoperability with the ISODE QUIPU Directory Service and any DSA which strictly meets the ISO/IEC 9495 standards. BUGS: CAVEATS and GENERAL LIMITATIONS: Deleting an entry will fail if the DUA is interacting with a 6.0 based version of QUIPU. This is a bug in QUIPU, and version 7.0 release will have it fixed. Adding a CountryName is disallowed if the DUA is bound to QUIPU. This decision was made because to add a country in QUIPU, one needs to bind as the manager of the DSA holding the root EDB file, and such information may not always be available to the system administrator. Also, our binding is done transparently. INTERNETWORKING ENVIRONMENT: OSI environments with the complete OSI stack, supporting CLNS and TP4. HARDWARE PLATFORMS: 3Com's OSI/TCP CS/2000 and CS/2100. SOFTWARE PLATFORMS: The "SW/2000-OT Vers 1.0" software runs on 3Com's OSI/TCP CS/2000 and CS/2100, both stand-alone systems. AVAILABILITY: The dual-stack OSI/TCP terminal server and its "SW/2000-OT Vers 1.0" software is available from: 3Com Corporation 5400 Bayfront Plaza Santa Clara, CA 95054 Information: Cyndi Jung (408) 764-5173 cmj@3Com.COM NAME: xds (version 1.0) ABSTRACT: Xds is a DUA designed for users who have little or no knowledge of X.500. Its intended to be used, for example, by a receptionist who has to answer such queries as 'Could I have the telephone number of Andrew who works in Research?'. The display is customised for the particular organization and the results of the search are presented in the format of a business card. It is possible to customise the displayed information. COMPLETENESS: Xds does not provide user access to all the services provided by X.500. Instead, Xds uses X.500 services to provide the specific functions for which it is designed to provide. INTEROPERABILITY: Only tested against the Quipu (ISODE) DSA. BUGS: No known bugs, but we would be interested in any found. Contact Andrew Waugh (ajw@mel.dit.csiro.au) CAVEATS and GENERAL LIMITATIONS: The user can only bind as the anonymous user. INTERNETWORKING ENVIRONMENT: Uses the Quipu (ISODE 6.8) libraries. HARDWARE PLATFORMS: Xds runs on Sun SPARCstations. We have not tested Xds on other hardware platforms, but it should run on other hardware which supports ISODE-6.8 and X-Windows. SOFTWARE PLATFORMS: Xds requires ISODE-6.8 and X-11 Version 4 with the Athena Widgets. AVAILABILITY: The Xds software will be distributed free to any non-commercial site provided i) they do not pass the code on to any other site (rather they should ask the other site to contact us directly). ii) they do not make money out of from the use or sale of the software. iii) they inform us of any problems or possible improvements that they would like to see made. Commercial sites should contact us. For further information contact: Andrew Waugh CSIRO Division of Information Technology 55 Barry St Carlton VIC 3053 AUSTRALIA Phone +61 3 347 8644 Fax +61 3 347 8987 Email ajw@mel.dit.csiro.au NAME: xdua (version 1.0) ABSTRACT: The xdua is a DUA designed to be used by DSA managers who have sufficient X.500 knowledge to manipulate the Directory Information Tree (DIT). It's typical use is to maintain the information stored on a DSA. The xdua has a Macintosh style interface. This simplifies browsing the DIT heirarchy. A user can traverse the DIT levels by using a standard mouse. The xdua supports the X.500 operations of add, modify, delete, search and show. COMPLETENESS: Uses the Quipu (ISODE) dsap interface to provide the X.500 operations. INTEROPERABILITY: Only tested against the Quipu (ISODE) DSA. BUGS: No known bugs, but we would be interested in any found. Contact Brian May (Brian.May@mel.dit.csiro.au) CAVEATS and GENERAL LIMITATIONS: The executable code is large as it uses the X11R4 and DiSh libraries. The xdua is not yet stable as it is in the testing phase. HARDWARE PLATFORMS: The xdua runs on Sun SPARCstations and probably on other hardware which supports ISODE-6.8 and X-Windows. SOFTWARE PLATFORMS: The xdua requires ISODE-6.8 and X-11 Version 4 with the Athena Widgets and the Xt toolkit. AVAILABILITY: We will distribute it free to any non-commercial site provided i) they do not pass the code on to any other site (rather they should ask the other site to contact us directly). ii) they do not make money out of from the use or sale of the software. iii) they inform us of any problems or possible improvements that they would like to see made. Commercial sites should contact us directly. For further information contact: Brian May CSIRO Division of Information Technology 55 Barry St Carlton VIC 3053 AUSTRALIA Phone +61 3 347 8644 Fax +61 3 347 8987 Email Brian.May@mel.dit.csiro.au NAME : UCOM.X 500 (tm) It includes DSA, DUA for end users on TTY like terminals, an AP which gives acess to directory via DAP. DUAs for graphical devices wil be available in September ABSTRACT : UCOM.X is a commercial product which offers the services and protocols defined in the X.500 recommendations of the CCITT. It is based on PIZARRO, the research prototype developped at INRIA (French research Labs) by Christian Huitema's team. UCOM.X 500 is being used by La Poste (French Post) to manage distri- buted applications. It is also involved to control document transfer within a large French Hospital. Distributed applications are built above UCOM.X 500 APIs. UCOM.X 500 is evaluated by SITA (Airlines company network) to built up a private personal directory service. UCOM.X 500 is used by French research centers involved in the PARADISE projects (a COSINE project). COMPLETENESS: UCOM.X is fully conformant to CCITT 88 recommendations. It also offers ACL and caching services. INTEROPERABILTY: UCOM.X 500 design provides interoperability with other conformant implemantations of X.500. Interoperability tests are under way within the PARADISE project (e.g. QUIPU). BUGS UCOM.X 500 is a commercial product. As such, it is supported and bugs are fixed when detected. Bugs reports can be sent to our support team via electronic mail. CAVEATS AND GENERAL LIMITATIONS DIT structure is stored in main memory. It means that the order o magnitude of the number of supported objects is 10 000. In 1992, 100 00 objects will be supported. INTERNETWORKING ENVIRONMENT UCOM.X 500 works under TCP/IP (RFC 1006) and under X.25 (TP 0). HARDWARE PLATFORMS UCOM.X 500 works on : . Sun 3, Sun 4 . RS 6000 (IBM) . P 9000 (Philips) . DEC machines . DPX 2000 (Bull) . HP 9000 300 . IN 6000 (Siemens machines) . PC 386 It can be ported to any UNIX machines. DUA will be available on P DOS with MS-Windows 3 by the end of the year. It will be available on Macintosh next spring. SOFTWARE PLATFORMS UCOM.X 500 is portable on any UNIX like operating systems It has been ported under : - AIX, - UNIX V.3 - SUN O.S. 4 - Ultrix - HP UX - BOS (Bull Operating System) - SPIX AVAILABILITY UCOM.X is commercially available. COMPANY CONTACTS . Dominique Fayet E3.X Tour Anjou 33 Quai de Dion Bouton 92 814 Puteaux CEDEX FRANCE Tel: (+33) 1 40 90 08 15 Fax: (+33) 1 47 74 58 87 . Philippe Brun: phb@sync.fr NAME: POD (POpup Directory) DUA DUA ABSTRACT: POD is an X.500 DUA interface for the X windowing system. POD is a first attempt at a multi-window directory tool. It offers a simplified interfaces to the basic X.500 operations of read, search, list and modify entry. Pod does not provide any sophisticated access to the DSA. Operations are performed synchronously. The Directory is thus presented as is, i.e. a hierarchical tree of information, with the user required to `navigate' the DIT in order to locate required information. COMPLETENESS: 88 standard: strong authentication not implemented INTEROPERABILITY: Believed to be compliant, though untested. BUGS: Bugs to x500@brunel.ac.uk INTERNETWORKING ENVIRONMENT: TP0 over TCP/IP (as ISODE) HARDWARE PLATFORMS: Most UNIX machines SOFTWARE PLATFORMS: Requires: UNIX MIT X libraries (release 11 version 4) ISODE/QUIPU libraries (version 6.7 upwards) AVAILABILITY: Openly available as part of the ISODE release. Sources are freely available for commercial or non-commercial use. Contacts Andrew.Findlay@brunel.ac.uk +44 1 895 74000 x 2512 Damanjit.Mahl@brunel.ac.uk +44 1 895 74000 x 2946 or both with x500@brunel.ac.uk Postal Address Andrew Findlay Computer Centre Brunel University Cleveland Road, Uxbridge, Middlesex UB8 3PH United Kingdom NAME: SD (Screen Directory) DUA ABSTRACT: SD is an X.500 DUA interface for character mapped screens. SD is an early attempt to provide quick, easy and user friendly access to the Directory. The following directory operations are supported: read, search and list. SD does not provide any sophisticated access to the DSA. Operations are performed synchronously. The Directory is thus presented as is, i.e. a hierarchical tree of information, with the user required to `navigate' the DIT in order to locate required information. COMPLETENESS: 88 standard: strong authentication not implemented INTEROPERABILITY: Believed to be compliant, though untested. BUGS: Bugs to x500@brunel.ac.uk INTERNETWORKING ENVIRONMENT: TP0 over TCP/IP (as ISODE) HARDWARE PLATFORMS: Most UNIX machines SOFTWARE PLATFORMS: Requires: UNIX BSD curses library ISODE/QUIPU libraries (version 6.7 upwards) AVAILABILITY: Openly available as part of the ISODE release. Sources are freely available for commercial or non-commercial use. Contacts Andrew.Findlay@brunel.ac.uk +44 1 895 74000 x 2512 Damanjit.Mahl@brunel.ac.uk +44 1 895 74000 x 2946 or both with x500@brunel.ac.uk Postal Address Andrew Findlay Computer Centre Brunel University Cleveland Road, Uxbridge, Middlesex UB8 3PH United Kingdom NAME: VTT X.500, this is not a registered trademark Processes: dsacvops, duacvops, duauser, x509dua, x509duacvops, tcpiop (=interface to TCP/IP),sunx25iop (=interface to X.25 for SUN 3) ABSTRACT: VTT X.500 contains a full distributed DSA and a subroutine call to dua ( call_dua(parameters)). This subroutine is linked to user's process. There are two ways for dua to communicate with our DSA called dsacvops: a fast communication through shared memory for dua and dsa in the same computer and a complete OSI-stack for communicating in DAP-protocol with remote dsa's which can be any implementation of X.500 dsa, not necessarily dsacvops. DSA communicates with other dsas through a full OSI-stack with protocol DSP or with a shorter stack when both dsas are dsacvops-processes. dsacvops containsa special purpose database DIB. VTT X500 contains caching of read and search results, access controls (as in Annex F of X.501), object classes and attribute types as in X.520 and X.521 and simple authentication with unprotected passwords in bind. The network level can be X.25 or TCP/IP. There are test duas, duacvops, duauser, with a simple user interface. Certificates for strong authentication are included to x509dua and x509duacvops. VTT X500 is realized with program development tools CVOPS and CASN, the code is in C-language and uses UNIX System V. The code is fairly easy to port to other operating systems. VTT X500 was made for Smail e-mail product of Nokia Data Systems. COMPLETENESS: Complete DAP and DSP of 1988 X.500 Recommendations are implemented. There are the following omissions: multicasting is not implemented, strong authentication of calls to dsa (optional signing of DAP and DSP-calls, strong authentication in bind, security error, security parameters in common arguments), T61 alternative in CASE IGNORE and CASE EXACT STRING, Criteria-syntax, TeletexTerminalIdentifier syntax. INTEROPERABILITY: Interoperability with ISODE QUIPU 6.0 has been tested, no formal test suite was used. BUGS: No known bugs at the moment. CAVEATS and GENERAL LIMITATIONS: Object identifiers for object classes and attribute types can currently have only the form {2 5 6 x} or {2 5 4 x}, x<256. Changing the directory schema requires code writing. INTERWORKING ENVIRONMENT: RFC 1006 with TCP/IP, TP0 with X.25, TP4 with X.25 available by agreement. HARDWARE PLATFORMS: Sun-3, Sun 386, Apollo, a version of dua for IBM PC will be forthcoming 1991. SOFTWARE PLATFORMS: Unix System V. AVAILABILITY: Commercially available. CONTACT: Asko Vilavaara Telecommunications Laboratory Technical Research Centre of Finland Otakaati 7 B, 02150 Espoo, FINLAND Telephone:+358 0 456 5641 FAX: +358 0 455 0115 E-mail: Asko.Vilavaara@tel.vtt.fi Henryka Jormakka Telecommunications Laboratory Technical Research Centre of Finland Otakaati 7 B, 02150 Espoo, FINLAND Telephone:+ 358 0 456 5662 FAX: +358 0 455 0115 E-mail: Henryka.Jormakka@tel.vtt.fi - ---------------------------------------------------------- ATTACHEMENT (VTT X.500 prochure) PRODUCT DESCRIPTION X.500 DIRECTORY SOFTWARE This X.500 directory software from VTT may be used as a basis for various needs of directories in organizations; such as personnel, computer applications, distributed bulletin boards and distribution lists. X.500 software is planned to be used in OSI environments, and as a migration solution it may use TCP/IP protocols for communication. Now implemented on Unix this X.500 software could be adapted to other environments due to the use of the CVOPS -tool in the engineering and implementation of OSI communication protocols. Scope of implementation - - Conformance to X.500 standards - - DSA and DUA implemented - - DAP and DSP protocols implemented - - complete readASE (read, compare, abandon), modifyASE (addEntry, modifyEntry, modifyRDN, removeEntry) and searchASE (search, list), bind and unbind - - ROSE, ACSE, presentation, session, transport class 0, connections to TCP/IP and X.25 - - DSA can act as a first level or as a subordinate DSA - - DSA supports all object classes and attribute types as defined in X.520 and X.521 except for those defined in X.509 - - DUA supports many of the classes and types defined in X.520 and X.521 - - Abandon distributed, full support of Filter etc. - - Access Controls Scheme - - Simple authentication with unprotected passwords in DAP and in DSP - - Cache Scheme for read and search results Operator Calls - - Logging of bind times for accounting purposes - - Modify Access Rights, Add, Modify, Remove references, Change object class, Copy entry, Save and Load index files Service User Interfaces - - simple user interface available, language English - - programming interface as a remote operation call, to be used e.g. by 1988 version of MHS - - a small DUA (about 0.2 MBytes) which communicates through shared memory with the DSA in the same computer - - a full DUA which communicates with an arbitrary DSA through the whole OSI -stack Performance and maintenance features - - 20 simultaneous connections to a DS - - short list and search times in local DIB - - possible to use wild cards in search argument - - local DIB implemented as a data base which requires minimum 0 bytes and about 1 Mbytes / 5000 entries, it can handle about 400 000 entries without great delays - - possible to define own object classes (requires source code), no limit for attribute sizes imposed by the data base solution - - implementation by the CVOPS -tool offers many tracing and configuration possibilities Forthcoming properties - - transport class 4 available by agreement - - complete support of X.509 and X.520, X.521 for DUA - - support of national languages Operating system: Unix System V Programming language C Memory requirements DSA code size 2.7 MBytes , DUA code size 2.2 MBytes both require about 5 MBytes in run time, shared memory needed External interfaces X.25-interface available from VTT for SUN 3, TCP/IP -interface available from VTT for SUN386, SUN 3, Apollo) other interfaces can be developed Documentation - - Technical description of VTT's implementation of X.500 - - Documents for the CVOPS -tool For more information about X.500 Henryka Jormakka tel. + 358 0 4561 E-mail: Henryka.Jormakka@tel.vtt.fi Asko Vilavaara tel. + 358 0 456 5641 E-mail: Asko.Vilavaara@tel.vtt.f CVOPS CVOPS (C-language Virtual Operating System) is a combined environment for design, validation and implementation of communications system software. The main implementations are Teletex, X.25, MAP, X.500. The CVOPS-tool for protocol development is used by several organizations today and is supported and developed by Information Networks group at VTT. VTT Telecommunications Laboratory VTT aims to develop key technologies for the use of industry with nearly 3000 research workers in Finland. Telecommunications Laboratory at VTT is concentrating on: Information Networks, Data Transfer Systems Development, Signal Processing, Antennas and Microwave Technology as well as Testing and Quality Assurance. VTT Technical Research Centre of Finland Telecommunications Laboratory P.O Box 34, SF-02151 Espoo, FINLAND Tel:+358 0 4561, Fax: +358 0 4550115, Telex:123704 vttte sf NAME: Alliance OSI(tm) X.500 (includes XDS (API), DUA, DSA and DIB all as seperate components) ABSTRACT: Touch's X.500 products have been designed for complete portability to any operating system or hardware environment. The protocols include DAP and DSP of the OSI X.500 specification along with the required XDS, DUA, DSA and DIB components. In addition to X.500, Touch supplies other OSI protocol layers including: ROSE, ACSE, Presentation, Session and any of the OSI lower layers (Transport, Network along with RFC1006). Touch also supplies other application layer protocols such as X.400, FTAM, CMIP (and general network management), etc. The Alliance OSI X.500 is compliant with the CCITT X.500 1988 Recommendations. The ROSE/ACSE/Presentation/Session stack can be optionally provided by Touch. The DUA may represent a single user, or may represent a group of users. It may be attached to a given DSA within the same system but is also capable of invoking operations in Touch's or any other vendor's compliant DSA on a remote system. The binding operation requires the user to give a distinguished name and password in order for the Directory to identify the user. Once an association is established the user may invoke the following operations: READ, COMPARE, ABANDON, LIST, SEARCH, ADD_ENTRY, REMOVE_ENTRY, MODIFY_ENTRY, MODIFY_RDN Due to the fact that access to the physical disk is in most cases a blocking operation (synchronous) Touch has separated the database processing (I/O process) from the DSA protocol entity. This separation allows the DSA entity to continue processing during the frequent database accesses from the DSA. The DSA supports all the Directory operations as specified in the CCITT X.500 specification. Chaining, Referral and Multicasting are provided and supported in the Alliance OSI DSA. The DSA supports all the service control options included in the operation command arguments. Filtering conditions are supported via the FILTER in the SEARCH operation. The Alliance OSI X.500 product supports all the NIST defined mandatory X.500 and X.400 object classes and attributes. Alliance OSI X.500 supports all the mandatory Directory attribute types (and their associated abstract syntaxes) in the NIST Directory implementation profile. Touch has extended the Directory and allows users to define private attributes. This means that a user can utilize the Alliance OSI Directory for a general purpose, user defined database activity. Touch provides a full set of administration and Directory management facilities. Numerous OEMs are using the Alliance OSI X.500 product in product development as well as in pilot networks. Touch is in the process of integrating the X.500 product with the Worldtalk 400 product. Worldtalk 400 is Touch's end user X.400 message switch, providing gateways between proprietarty mail systems (SMTP, Microsoft Mail, MHS, cc:mail, etc.) and X.400. X.500 is a key component for a messaging network. COMPLETENESS: Strong Authentication is not supported however Simple Authentication is supported INTEROPERABILITY: No interoperability testing has been completed as of yet. BUGS: N/A CAVEATS and GENERAL LIMITATIONS: Currently the Alliance OSI X.500 DIB has only been validated within a UNIX File System. The protocol components are portable as is the interface between the DSA and the DIB. INTERNETWORKING ENVIRONMENT: Alliance OSI X.500 can be utlized over TCP/IP and/or OSI Transport on LANs and WANs. Currently X.500 has only be verfied over OSI, however other Alliance OSI application layers have been configured over a RFC1006 which is available as part of the Alliance OSI product line. HARDWARE PLATFORMS: Alliance OSI has been ported to numerous platforms ranging from IBM Mainframes MVS to Apple Macintosh. For UNIX environments Touch has portations for 386 AT/Bus, SUN-3 and 4, Mips, and HP. SOFTWARE PLATFORMS: As stated above, the Alliance OSI product have been ported to numerous systems. In the UNIX environment the X.500 product exists on SUN OS 4.0 and greater, Mips RISC OS, Interactive 386 and HP-UX. AVAILABILITY: Alliance OSI is commercially available from: Touch Communications Inc. 250 E. Hacienda Ave Campbell, CA 95008 Sales and Information: (408) 374-2500 FAX: (408) 374-1680 NAME: Custos (NIST X.500 Prototype Directory Implementation) ABSTRACT: The implementation consists of a set DUA library routines, a terminal interface, and a DSA. The implementation was developed in C on Sun 3 workstations under the UNIX operating system. All underlying services are provided by the ISODE development package. The development package is also used for encoding and decoding ASN.1 data as well as for other data manipulation services. Using the ISODE package the implementation can be run over both TCP/IP and OSI protocols. The DSA provides full support for both DAP and DSP protocols, conformant with ISO 9594 / CCITT X.500 standards. The DIB is maintained using a locally developed relational database system. The interface to the database system consists of a set of sql-like C functions. These are designed to allow straightforward replacement of the local database system with a more powerful commercial system. To achieve better performance several options are supported that permit loading of selected portions of the database in core. When these options are selected data can be retrieved more quickly from in core tables; all modifications to the DIB are directly reflected in the in core tables and the database. COMPLETENESS: To date the Read, Compare, List, Add Entry, and Remove Entry operations have been implemented and are supported over both DAP and DSP; aliasing and replication are also supported. The current working version does not support Search, the modify operations, or Abandon. Also authentication, access control, and schema checking are not currently supported. With the exception of the modify operations and Abandon all these items are under current development. INTEROPERABILITY: Have successfully interoperated with Quipu and OSIWARE over the DAP. No DSP interoperability testing has been done. BUGS: Some testing in the near term future will be done to try to identify these, but presently it's not possible to give an accurate list of bugs. CAVEATS and GENERAL LIMITATIONS: No limitations on file sizes, etc. The only side effects to creating large files should be in the area of performance. Specifically, optimization requires loading parts of the DIB in core so greater memory requirements will be necessary for achieving better performanace with a large database. Any platform the implementation can be ported to (generally any platform ISODE can be ported to) should support all features. INTERNETWORKING ENVIRONMENT: RFC 1006; TP4/CLNP (SunLinkOSI) over 802 and X.25 (SunLink X.25). HARDWARE PLATFORMS: It's only been run on Sun-3, but there are no known reasons why it shouldn't run on any hardware running the ISODE software. SOFTWARE PLATFORMS: It requires UNIX and the ISODE software package. It's been developed and tested with ISODE version 6.0 and Sun OS version 4.03 AVAILABILITY: While under continuing development, availability of the implementation is limited to organizations making appropriate arrangements with NIST. The implementation will be publicly available through NTIS when development is completed. NAME: MDUA ABSTRACT: MDUA (Motif DUA) provides a Motif-compliant X-Windows user interface to the X.50O directory. Features include: Ability to browse for specified object classes. The display is fully customisable to allow hiding of administrative attributes. Selected viewing of specific types allow the directory to be used for specific tasks. Multiple concurrent display windows. History mechanism. Distinguished name dereferenceing of DN attributes. User Friendly Naming support. Quick access to commonly accessed parts of the DIT. Accelerators for expert users. Interactive help facility The QUIPU libdsap library is used to access the DAP protocol. COMPLETENESS: MDUA provides access to the read, list, search and modify X.500 DAP protocol. INTEROPERABILITY: As for the QUIPU. BUGS: Problems should be reported to x500@xtel.co.uk INTERNETWORKING ENVIRONMENT: As for the QUIPU. HARDWARE & SOFTWARE PLATFORMS: As for the QUIPU. AVAILABILITY: MDUA is commercial software. It is available from The Directory Project, X-Tel Services Ltd, University Park, Nottingham, NG7 2RD Telephone: +44 602 412648 Fax: +44 602 790278 E-Mail: x500@xtel.co.uk NAME: Cray OSI Version 2.0 (Release Q1 '92) ABSTRACT: The product is packaged with the Cray OSI product. It includes a DSA and DUA capable of OSI or TCP/IP connections. The implementation is based on the ISODE quipu product. The software has been operated in conjunction with the White Pages Pilot Project (WPP). COMPLETENESS: Compliance with CCITT88 plus access control extensions. Strong authentication not yet implemented. INTEROPERABILITY: Interoperates with ISODE Quipu based implementations. BUGS: CAVEATS and GENERAL LIMITATIONS: (see ISODE Quipu limitations) INTERNETWORKING ENVIRONMENT: TCP/IP TP4 HARDWARE PLATFORMS: Runs on UNICOS based Cray machines with OS level 7.0 or greater. SOFTWARE PLATFORMS: Supported for CRAY UNICOS 7.0 or greater AVAILABILITY: Commercially available via Cray Research Inc. Sales representatives. NAME: DIXIE (protocol and server) ABSTRACT: The DIXIE protocol is used to give X.500 access to platforms that have only TCP/IP access. The DIXIE server is an intermediate protocol server that communicates with Internet clients on one side using a text-based UDP/TCP protocol and an X.500 DSA on the other side using DAP. A subset of the X.500 DAP is exported to the clients through the DIXIE protocol. The DIXIE protocol and server are being used by the following products/ projects: UD, a simple command line white pages DUA for Unix machines (distributed with the DIXIE server) maX.500, a white pages DUA for the Macintosh Network monitoring of DSAs by our Network Operations Center Lookup and display of caller identification based on telephone caller ID (using ISDN). COMPLETENESS: The DIXIE protocol does not support access to all X.500 features and operations. The operations supported are Read, Search, Modify, and Bind. The Search operation supports one-level and subtree searches based on equality, approximate equality, initial substrings, final substrings, initial or final substrings, and attribute existence. With the exception of the initial or final substrings, only single component filters are supported. INTEROPERABILITY: The current implementation of the DIXIE server works with the QUIPU DSA and DAP library. BUGS: There are no known outstanding bugs. But reports should be sent to x500@itd.umich.edu. CAVEATS and GENERAL LIMITATIONS: None, aside from those mentioned above under completeness. INTERNETWORKING ENVIRONMENT: DIXIE clients use UDP (TCP once a Bind operation takes place) to communicate with the DIXIE server. The DIXIE server uses RFC 1006 with TCP/IP to communicate with the DSA, though other transport mechanisms for DSA communication should be possible. HARDWARE PLATFORMS: The DIXIE server is known to run on Sun 3 and Sun 4 platforms. SOFTWARE PLATFORMS: The DIXIE server is known to run under SunOS 3.5 and SunOS 4.1.1. AVAILABILITY: This software is openly available. It may be obtained by anonymous FTP from terminator.cc.umich.edu in the directory ~ftp/x500. Documentation on the dixie protocol is provided along with the source code, which includes source for the DIXIE server and the UD client. This software was developed at the University of Michigan by Bryan Beecher, Tim Howes, and Mark Smith of the ITD Research Systems Unix Group. It is subject to the following copyright. Copyright (c) 1991 Regents of the University of Michigan. All rights reserved. Redistribution and use in source and binary forms are permitted provided that this notice is preserved and that due credit is given to the University of Michigan at Ann Arbor. The name of the University may not be used to endorse or promote products derived from this software without specific prior written permission. This software is provided ``as is'' without express or implied warranty. NAME: maX.500 ABSTRACT: maX.500 is a Macintosh X.500 directory application useful for displaying and modifying white pages information about people. It is currently in beta release within U-M staff and a few other places that have heard of it. Features include the ability to display and modify the following attributes: title, description, commonName, uid, mail, postalAddress, homePostalAddress, telephoNenumber, facsimileTelephoneNumber, homePhone. Photos can also be displayed. The software also provides access to the finger protocol. Various preferences are user-tailorable, including caching. COMPLETENESS: maX.500 uses the DIXIE protocol to acces X.500 and thus is subject to the same completeness restrictions as DIXIE. INTEROPERABILITY: Works with the DIXIE server, which works with the QUIPU DSA and DAP library. BUGS: No outstanding bugs are known. But reports should be sent to x500@itd.umich.edu. CAVEATS and GENERAL LIMITATIONS: maX.500 is heavily oriented to white pages information and thus general access to the DIXIE protocol is not provided. INTERNETWORKING ENVIRONMENT: maX.500 uses the DIXIE protocol and thus UDP (TCP once a Bind operation takes place) to communicate with the DIXIE server. The Macintosh needs to have MacTCP installed. HARDWARE PLATFORMS: Mac Plus or newer machine with one megabyte or more of memory. SOFTWARE PLATFORMS: Apple System Software 6.0 or above (including System 7), with MacTCP installed. AVAILABILITY: This software is openly available. It may be obtained by anonymous FTP from terminator.cc.umich.edu in the directory ~ftp/x500. This software was developed at the University of Michigan by Mark Smith of the ITD Research Systems Unix Group and is subject to the following copyright. Copyright (c) 1991 Regents of the University of Michigan. All rights reserved. Redistribution and use in source and binary forms are permitted provided that this notice is preserved and that due credit is given to the University of Michigan at Ann Arbor. The name of the University may not be used to endorse or promote products derived from this software without specific prior written permission. This software is provided ``as is'' without express or implied warranty. NAME: MacDish ABSTRACT: MacIntosh interface which connects to a TCP/IP port attached to dish running on UNIX or other dish-capable host. Uses a point-and-click interface to simplify dish access. Being used in the PSI WPPP. COMPLETENESS: No authentication, no modify/delete/add ability. INTEROPERABILITY: Interoperates with QUIPU/dish BUGS: Not complete yet, so there are some bugs (primarily formatting, window management). CAVEATS and GENERAL LIMITATIONS: Not a terribly capable interface. INTERNETWORKING ENVIRONMENT: Pure TCP/IP. Does not require OSI stack support. HARDWARE PLATFORMS: MacDish runs on MacIntosh computers SOFTWARE PLATFORMS: MacTCP and MacOS 6.0.x. AVAILABILITY: Not yet available. Contact is: Mylene Marquez MS 233-18 NASA Ames Research Center Moffett Field, CA 94035-1000 (415) 604-3836 NAME: Unisys Unix OSI Directory User Agent (OSI-DUA) ABSTRACT: OSI-DUA is a Unix C Program interface library. It allows OSI or user applications to access the services of an X.500 conformant Directory, by making calls to a library of C routines. Specific features provided by this program interface library are as follows: (i) Connection to any remote X.500 conformant DSA via an OSI stack, or connection to a co-resident Unisys OSI DSA via IPC mechanisms. (ii) All operations defined in the directoryAccessAC application context (Bind, UnBind, Read, Compare, Search, List, AddEntry, ModifyEntry, ModifyRDN, Abandon, DeleteEntry). (iii) Directory Bind security levels of none and simple unprotected. (iv) Execution of both blocking and non-blocking operations. (A non-blocking call to the library will return immediately, allowing for results to be obtained once the operation has completed) (v) Acceptance of multiple concurrent non-blocked operations on the one user session. (vi) The DUA utilizes the services of ROSE (X.219) and ACSE (X.217) as defined in clause 8 of X.519 COMPLETENESS: When communicating with a Remote DSA the DUA library is fully conformant with the Directory Access Protocol detailed in the X.500 Recommendations/IS-9594 standards. INTEROPERABILITY: Informal interoperability has been achieved against the ISODE QUIPU Directory implementation. Interoperability testing against other vendors is in progress. Formal interoperability testing is awaiting the soon to be completed OSInet X.500 interoperability test suite. BUGS: Full customer support is provided via your local Unisys Customer Services Organisation. CAVEATS: The present OSI-DUA does not provide for the automatic handling of referrals by the interface library. However interface routines are provided which allow referrals to be acted upon by the user application. The present OSI-DUA provides a proprietary C programming interface. An XOpen XDS conformant interface is currently under development. INTERNETWORKING ENVIRONMENT: OSI-DUA runs over all communications environments supported by APS and TNS (see Software platforms). Currently these support TP0, TP2, TP3 and TP4 over X.25 and TP4 over CLNP on 802.3 and X.25. Support for RFC1006 over TCP/IP is under development. HARDWARE PLATFORMS: The product is currently available on all Unisys Unix 6000 Series machines. SOFTWARE PLATFORMS: The product is distributed and supported for Unix System V.3 on the above mentioned platforms, and is soon to be released under Unix System V.4. It requires the Unisys Application Presentation Service OSI stack software (APS), and Unisys Transport Network Service software (TNS). These services are accessed via the ROSLI (ROSE) and APLI (ACSE) programming interfaces which are currently the subject of standardization efforts by XOpen and Unix International. AVAILABILITY Unisys Unix OSI Directory User Agent is commercially available. For further information contact your local Unisys marketing representative or Unisys Corporation Corporate Marketing Mail Drop B-130 Blue Bell PA 19424 USA NAME: Unisys Unix OSI Directory System Agent (OSI-DSA) ABSTRACT: OSI-DSA provides a Directory System agent for controlled access to the OSI Directory Information Base. It provides full support for the joint ISO/IEC IS-9594 International standard and CCITT X.500 Recommendations 1988 protocols necessary for implementing the Directory Information Base distributed across a number of DSA's. The product also includes an Administration User interface program, to allow a human administrator to construct and maintain the local Directory Information. Specific features provided by the Directory System Agent include: (i) Support of the directoryAccessAC and directorySystemAC application contexts (i.e. both Directory Access Protocol (DAP) and Directory System Protocol (DSP)) (ii) Bind Security levels of none and simple unprotected. (iii) Capability of acting as a first level DSA. (iv) Support for chaining and multi-casting where necessary in handling distributed operations. Also supports the return of referrals. (v) Support for all attribute types and syntaxes defined in X.520. Users are also able to define their own attributes and syntaxes. (vi) Support for all the object classes and attribute sets defined in X.521. Users are also able to define their own object classes and attribute sets. Support is also provided for a NAME-BINDING specification, for defining the Directory Information Tree (DIT) structure. (vii) An Access control mechanism based on the ISO Access control working papers to allow for controlled access and maintenance of Directory Entries and Attributes. (viii) Logging of errors and significant Directory events, as well as optional trace information. (ix) The OSI-DSA utilizes the services of ROSE (X.219) and ACSE (X.217) as defined in clause 8 of X.519 The Administration program provides the following functions: (i) An interface to each of the basic Directory Operations of Read, Compare, List, Search, Add, Modify, ModifyRDN. (ii) A Dump/Load utility to dump the information in the local DIB into an ASCII file and load it again into the DIB from such a file. (iii) Knowledge Reference maintenance facilities to Add, Delete Modify and Read all types of Knowledge References. (iv) Facilities to control the operation of local Directory processes. (v) Control over the level of logging and tracing. COMPLETENESS: The OSI-DSA provides all functionality defined in, and is fully conformant to, the joint ISO/IEC IS-9594 International standard and CCITT X.500 Recommendations 1988, and the NIST 1988 Stable agreements on Directory Services. The only exception is that no support is provided for strong authentication or digital signatures. INTEROPERABILITY: The product was demonstrated at "InterOP 90" in San Jose, October 1990 Informal interoperability has been achieved against the ISODE QUIPU Directory implementation. Interoperability testing against other vendors is in progress. Formal interoperability testing is awaiting the soon to be completed OSInet X.500 interoperability test suite. BUGS: Full customer support is provided via your local Unisys Customer Services Organisation. CAVEATS: Results returned via the OSI-DSA are presently limited to 32K, which is in line with the 1988 NIST agreements. The product currently does not provide any support for replication, although development work is in progress, based on the current ISO Draft proposal for Replication. INTERNETWORKING ENVIRONMENT: OSI-DSA runs over all communications environments supported by APS and TNS (see Software platforms). Currently these support TP0, TP2, TP3 and TP4 over X.25 and TP4 over CLNP on 802.3 and X.25. Support for RFC1006 over TCP/IP is under development. HARDWARE PLATFORMS: The product is available on all Unisys Unix 6000 Series machines. SOFTWARE PLATFORMS: The product is distributed and supported for Unix System V.3 on the above mentioned platforms, and is soon to be released under Unix System V.4. It requires the Unisys Application Presentation Service OSI stack software (APS), and Unisys Transport Network Service software (TNS). These services are accessed via the ROSLI (ROSE) and APLI (ACSE) programming interfaces which are currently the subject of standardization efforts by XOpen and Unix International. A runtime version of either the Informix relational database products is required for the Directory Information Base. A version which operates with the Oracle relational database product is under development. AVAILABILITY Unisys Unix OSI Directory System Agent is commercially available. For further information contact your local Unisys marketing representative or Unisys Corporation Corporate Marketing Mail Drop B-130 Blue Bell PA 19424 USA NAME: DS-520 ABSTRACT: DS-520 X.500 Distributed Directory Services for UNIX System V is an integral part of the Retix OSI Networking Products family. Designed for systems vendors, public carriers, and other OEMs, DS-520 is a complete high-performance implementation of X.500 in source code form, including a DUA, DSA, and DSA Manager (DSAM). The DUA is available separately as DS-521 to meet the needs, for example, of software vendors who plan to provide application packages with X.500 Directory interaction capabilities. COMPLETENESS: DS-520 is a complete implementation of the 1988 X.500 Recommendations with the exception of strong authentication. It is conformant to the NIST, EWOS, and UK GOSIP Directory profiles. DS-520 provides session through application layer protocols. The DUA incorporates the industry standard XDS API. Remote on-line magangement of the DSA is supported by means of CMIP. INTEROPERABILITY: BUGS: CAVEATS and GENERAL LIMITATIONS: INTERNETWORKING ENVIRONMENT: DS-520 components interface to either a transport stack, such as a Retix UNIX LAN or WAN transport product, or to an OSI presentation protocol stack. Interface to an OSI transport stack is via the UNIX TLI. Interface to an OSI presentation core stack supporting the UNIX ACSE/Presentation Library Interface (APLI) will be accomplished via a soon to be available optional adapter module. DS-520 may be run on top of a TCP stack by means of a facility implementing RFC1006 such as the Retix MP-120 product. HARDWARE PLATFORMS: DS-520 is compatible with any platform running the UNIX System V Release 3 or 4 operating system. DS-520 includes reference implementations for SCO UNIX Sys. V/386 version 3.2.2 and Interactive UNIX Sys.V/386 version 2.2. SOFTWARE PLATFORMS: See above. AVAILABILITY: DS-520 is commercially available from: Retix 2644 30th St. Santa Monica, CA 90405-3009 Sales and information: (213) 399-2200 FAX: (213) 458-2685 NAME: DCE/GDS (Distributed Computing Environment/Global Directory Service) consists of both DUA and DSA implementation according to the 88 CCITT X.500 and ISO 9594 standard. The X/Open standard XDS (version 1.0) and XOM (version 2.0) interface libraries are also provided. XDS and XOM interfaces are also used to access DCE/CDS (Local Cell Directory Service) transparently. A GDA (Global Directory Agent) serves as the gateway between the DCE CDS and GDS. ABSTRACT: DCE/GDS was based on the original Siemens DIR.X product. It supports full DUA and DSA functions for globally unique identifications and for location of objects in the network. It also provides functions to answer queries (both yellow-page and white-page) about objects and attribute information. The software implements full DAP and DSP protocols specified in X.519. An ASN.1 compiler and required ACSE, ROSE, presentation, session and RFC 1006 protocols implementations are also included. The product has been successfully participated in X.500 Cebit Interoperability tests at 1990 and 1991 Hanover Fairs. It also interoperates with the ISODE QUIPU X.500 implementaion. COMPLETENESS: Compliant with EWOS Agreements which is being harmonized with OIW Agreements. Strong authentication in X.509 is not yet implemented. (Password scheme is currently used.) INTEROPERABILITY: This implementation of DAP and DSP can interoperate with other X.500 implementations from other Cebit demo participants including IBM, HP, ICL, Bull, Nixdorf, etc. It also interoperates with ISODE QUIPU. BUGS: Problems and bug report email address: dce-defect@osf.org. CAVEATS and GENERAL LIMITATIONS: The software is highly portable without general limitations. INTERNETWORKING ENVIRONMENT: OSI TP4 with CLNP, OSI TP0, 2 & 4 with X.25, RFC 1006 with TCP/IP HARDWARE PLATFORMS: DCE/GDS runs on SNI's hardware platforms and is being ported to run on IBM RS6000, Digital DECstation, etc. SOFTWARE PLATFORMS: SINIX (UNIX System V Release 4) Currently being ported: OSF/1.1, AIX 3.1, Ultrix, etc. DCE/GDS can use either BSD sockets or XTI/TLI to access the transports. AVAILABILITY: The source code license of DCE/GDS is commercially available from: Open Software Foundation, Inc. 11 Cambridge Center Cambridge, MA 02142 Please contact: Jon Gossels Tel: 617-621-8763 Fax: 617-621-0631 e-mail: gossels@osf.org NAME: WIN/DS (tm) ABSTRACT: WIN/DS is Wollongong's implementation of the OSI Directory Service defined by the CCITT in its 1988 "blue-books" recommnedations for the X.500 suite of protocols. WIN/DS provides support for a Directory System Agent (DSA) to maintain the directory database, and handle requests; it can also act as a distributed DSA. WIN/DS provides support for all Directory Services operations, object classes and attributes. It also supports the management of the DIT (Directory Information Tree), including facilities to control the structure rules and ;heir enforcement. Facilities are also included for directory caching. WIN/DS also includes support for a Directory User Agent (DUA). Details about WIN/DS test sites and pilot projects are CONFIDENTIAL. COMPLETENESS: A thorough profile of WIN/DS is not yet available. Wollongong follows NIST OIW stable implementors' agreements closely. INTEROPERABILITY: Informal and minimal interoperability tests have been performed against early implementations of DG, IBM, Retix, Bull, Siemens and (perhaps) others. Results of QUIPU interoperability tests undertaken by the ISODE community carry over to WIN/DS. Wollongong plans to use NIST/OSInet test suites being developed under Eva Kuiper's leadership as they stabilize. BUGS: email address .............. support@twg.com beta site coordinators.......haleh@twg.com, suresh@twg.com product manager............. douglas@twg.com Significant known problems and/or limitations to be published in end user release 2.1 Product Release Notes (June 91.) CAVEATS and GENERAL LIMITATIONS: Significant known problems and/or limitations to be published in Product Release Notes upon version 2.1 Beta release (June 91.) INTERNETWORKING ENVIRONMENT: TCP/IP TP0 TP2 TP4 OSI TP[024] & TCP/ip dual stack gateway Ethernet X.25 Ethernet/X.25 gateway ES-IS HARDWARE PLATFORMS: end-user binary product - 386/i486 PC UNIX System V 3.2.2 (AT&T, Intel, INTERACTIVE, SCO) Apple Macintosh with Secure A/UX 2.0 (controlled release for Honeywell and USAF) (planned ..... Sparcstation, SunOS 4) (planned ..... UNIX SVR4) portable source code - UNIX SVR3, SVR4, BSD single- or mutli-processor 680x0, 880000, 386/i486 SOFTWARE PLATFORMS: see above X11.3 or OSF/Motif also supported, but not required AVAILABILITY: WIN/DS is commercially available from: The Wollongong Group, Inc. 1129 San Antonio Road Palo Alto CA 94303 Sales and Information: :415/962-7100 California 703/847-4500 Wash D.C. +32-2-718-0311 Belgium WIN/DS version 2.1 end user product orders being taken now for first customer shipment in August. Nominations for Beta test sites are still being taken. Contact Doug Ambort, 415/962-7248.