Old "flashes"

A section of An LDAP Roadmap & FAQ: A tutorial aid to navigating various LDAP and X.500 resources on the Internet

Last updated: 6-Dec-2001

Note: This is the old list of "flashes" from the main LDAPRoadmap page. some of them may be interesting, some not, your mileage may vary, etc.

FLASHes:

[Noteworthy stuff for folks to be aware of. This list is nominally a push-down stack - most recent stuff on top. I timestamp 'em as I add 'em. Some stuff may be kinda stale. Your mileage may vary. ]

RECOMMENDED: Secrets and Lies: Digital Security in a Networked World, by Bruce Schneier. I just finished reading it. It is effectively a comprehensive survey of networked computer security, told as a story, with the story broken down into three main facets: Landscape, Technologies, and Strategies. In other words, he discusses the lay of the security landscape today, what tools we have to work with, and then discusses the possible strategies for dealing with it. Overall, he's echoing Dan Geer's mantra of Risk management is where the money is, but he's also filling-in the surrounding context in detail, and ultimately describing a practical framework with which to think about networked computer security in the context of getting on with our lives even though there is no such thing as perfect security. Bruce's own web pages for the book are here (they include the Table of Contents, the Preface, a couple of chapters, and other goodies) [6-Nov-2000]

Several folks over the last few months have pointed out that the link to Tim Howes' 1999 Data Communications (now apparently "NetworkMagazine.com") article "LDAP: Use as Directed" was broken. Now thanks to a msg sent to the openldap-software list (www.openldap.org) by Kurt Zeilenga, We have a current link again. [12-Oct-2000]

NSI's research folk are also working on an LDAP-based replacement (I'm assuming that it'll eventually be a replacement) for the (ancient) whois-based access to domain information. The new service is called "Referral LDAP Service". It's a pretty cool application of various LDAP features. [1-Oct-2000]

NSI is contributing to the IETF work on the Common Name Resolution Protocol. They have a demo/prototype implementation available at research.netsol.com. [1-Oct-2000]

We at Oblix completed & shipped NetPoint 4.0 last month (Sep-2000). It's a cool directory-based Identity Management + Web Access Management solution. Check it out. [1-Oct-2000]

I've updated the "Current State of the LDAP Protocol Standards" page. Note that it only lists those RFCs that comprise what is colloquially known as the LDAP "core" protocol.

Well, I've been informed by a couple of correspondents that we've been dethroned and are now only #2 at Google.com for "LDAP" sites (see the item two bullets down). Thanks for lettin' me know! [5-Jul-2000]

Another new directory services book has appeared...

Inplementing Directory Services

I picked up a copy for myself. Archie's done a very good job IMHO. The book is somewhat more broad than HSG (aka Howes-Smith-Good, aka the "LDAP Bible") in it's presentation. Both books do attempt to provide a "soup-to-nuts" coverage of directory services themselves, how they fit in an enterprise's network infrastructure, and deployment case histories. One can probably get by with one book or the other. But, with stuff as complex as directory services and their deployment, it's arguably worth it to have both books in order to have two different perspectives on whatever subtopic one's particularly interested in. Reed provides a pretty thorough terminology discussion (Appendix A) and a good overview and analysis of directory standards (in Appendix C) that are wothwhile to have. Additionally, the book contains a CD that itself contains several directory server implementations, various tools, and applications (most of which appear to be trial-ware (aka evaluation copies)). He has the CD available as a web site here: DirectoryService.com. Also, I must disclose that I'm personally pleased to see the Oblix Corporate Services Administration v3.5 included on the CD (!). [7-May-2000; minor editorial updates 5-Jul-2000]

Holy Searching Engine, Batman, we're #1!

Enter "ldap" as a search string

Google

There's a cool IT professionals' web site that now has a page of directory information links: Information Technology Professional's Resource Center. Disclosure: their directory page has a link to this one. [17-Apr-2000]

There's a fair amount of consternation in various quarters over whether the US Patent system is being abused by folks who're patenting business processes and/or various software algorithms (among other stuff, another example being those folks who want to "patent" the very genes that're in my (& your) DNA. Chutzpa (or whatever) doesn't begin to describe it IMHO) -- Amazon.com being the present poster-child example. Personally, I believe they (Amazon et al) are going too far. However, I'm otherwise a presently happy customer-and-affiliate, and so don't (presently) feel motivated to terminate my affiliation over this. I'm nosing around establishing affiliations with other parties (ZeroKnowledge being an example). I do encourage folks to read about Tim O'Reilly's efforts towards trying to facilitate mitigation of this alarming trend. An example of his work in this area is available here. Also, there's been a sporadic thread on the topic on Dave Farber's Interesting People mailing list (go here, and use your browser's [Find] tool to search for "patent"). [14-Mar-2000]

A talk reporting on the results of "a random [security] survey of ldap enabled sites" is available on toaster.sun4c.net/papers/ (which in itself is a nifty site imho). Some folks apparently went out on the 'Net and poked about and found other folks' ldap-based directory servers and probed them and found security postures generally lacking. Ineresting read. The applicable talk is the one entitled "blackhat briefings 07/08/1999" and is a powerpoint file. [2-Dec-1999]

Whoa -- I hadn't noticed how outre' that Zero Knowledge banner up there is until I poked at my page from a machine that didn't have InterMute running on it. If you're not using a tool such as InterMute or something similar (see also Junkbusters.com), you're seriously missing out (in terms of the level of "noise attenuation" provided) and putting out (in terms of the level of info about yourself and your system(s) you dribble across the web). Anyway, if the Zero Knowledge banner is too noisy for you, use your "stop animations" browser button, or better yet, use something like InterMute. [2-Dec-1999]

A good resource page for the topic of "directory services" as a whole. I also want to point out DMOZ.ORG -- The Open Directory Project-- cuz I think it's cool and a worthwhile effort. [28-Nov-1999]

Concerned about your privacy whilst surfing the Internet? I'm concerned about mine. I've been using InterMute for 1.5 yrs now. Another product to consider is ZeroKnowledge's Freedom (disclaimer: I'm honestly interested in this product, but haven't had the time to check it out in detail, tho I have been following discussions about it's workings on various cypherpunk & crypto discussion lists/groups. KingsMountainSystem's pages are sponsored in part by ZeroKnowledge Systems, so if you purchase something from them via the web, a portion of the proceeds go to help support this site. See my personal home page for more crypto/privacy links.) [28-Nov-1999]

Need an LDAP server for MacOS? Check out One-Click System's ClickMail Central Directory, built by Paul Collins (with whom I'm acquainted. We did a talk together in Jul-1999 at MacWorld in NYNY, using CU-SeeMe across the Internet.) [28-Nov-1999]

KLDAP -- A directory browser from the KDE Project; a quote from the KLDAP page: "kldap is a LDAP client for the KDE Project. It is similar to the Novell Administrator. You can browse the LDAP tree, search for Objects and modify their attributes". I haven't yet tried this, but definitely plan to [I now have a linux box available]. I haven't yet played with KDE, cuz I've been using Gnome, which RedHat 6.0 sets up as the default environment. I hope/plan to mess with KDE some over the next few months (I've got somewhat higher priority things to work on these days at my day job ;) [28-Nov-1999]

"Directory Services"-oriented newletter available from Network World's NWFusion. [28-Nov-1999]

Tim Howes & Marc Andressen have graduated from Netscape/AOL are off doing cool stuff on their own: www.loudcloud.com [28-Nov-1999]

I resigned my position at Stanford University, and joined Oblix in Aug 1999 as a staff scientist (mebbe I'll lobby for "geek-at-large" ;), reporting to Kumar Vora in Engineering and interfacing with BizDev & Marketing. I'm psyched!! KingsMountain.com will continue in terms of the LDAP Roadmap & FAQ and other non-consulting web site activity, but I'll refer consulting inquiries to Hal Wendel's Professional Services division (of Oblix) or other appropriate consulting firms. My assignments at Oblix will nominally involve product direction, architecture, design & prototyping, Business Development support, and standards body liaison & participation. [12-Jul-1999]

Oblix also has an LDAP information site: LDAPCentral.com

Directory Services Markup Language announced! Industry consortium looking to work on schema standardization (the core issue apparently) via creative use of technologies such as XML. [12-Jul-1999]

Electronic Commerce Markup Language launched. Also an industry consortium looking to standardize schema via XML. Applicable article from Wired...

Drag and Drop Credit Cards By Niall McKay from WiReD News, 11-Jun-1999