NOSes /

UDDI to LDAP and vice versa

By Dave Kearns
Network World Directories Newsletter, 06/10/02

At the end of last month, I talked about the Microsoft/IBM technology proposal for the Universal Description, Discovery and Integration technology. I mentioned that UDDI isn't going away and so we would have to accommodate it. Turns out that some people have been busy doing just that.

That newsletter (www.nwfusion.com/newsletters/dir/2002/01366086.html) was about an Internet Engineering Task Force (IETF) Internet-Draft entitled "LDAP [Lightweight Directory Application Protocol] Schema for UDDI". The Internet-Draft was written by two guys from Novell and you can view the document at www.rfc-editor.org/internet-drafts/draft-bergeson-uddi-ldap-schema-00.txt

The same week the newsletter appeared in your inbox, Novell announced that the specification has been refined and updated and was being resubmitted to the IETF (see the revision at search.ietf.org/internet-drafts/draft-bergeson-uddi-ldap-schema-01.txt). In covering that story, my Network World colleague Deni Connor also revealed plans by Sun and Computer Associates to release products later this year that UDDI to their respective directory products (CA's Entrust and Sun's Sun ONE - formerly iPlanet).

All of that is about UDDI-enabling an LDAP-based data repository. But you could go in the opposite direction, as BEA has.

BEA WebLogic 7.0 includes an LDAP-enabled UDDI server, developed by directory services pioneer OctetString in conjunction with a start-up called Acumen. In effect, it performs in a similar fashion to the proposals from Novell, Sun and CA - it just started at the opposite end. OctetString took the WebLogic UDDI datastore and added an LDAP front-end, so it responds to LDAP and UDDI calls. As OctetString CTO Clayton Donley puts it, " BEA exposes both the LDAP and UDDI interfaces with a local datastore. "

So Novell, Sun and CA are taking an x.500 style directory and adding a UDDI front-end. OctetString has taken an UDDI repository and added an LDAP front-end. Either method will get the job done - but which will give the better performance?

Sun, CA and OctetString (as well as others, presumably) have said they'll take a close look at Novell's offering to the IETF. They'll want to be sure that there's nothing remotely proprietary in the proposal and they'll want to be sure that there won't need to be unnecessary changes in their directory systems' schema. But I have a feeling that they'll all see the benefit of using an x.500, LDAP-enabled directory system as the repository for UDDI information.

As Winston Bumpus, chair of the Open Group Directory Interoperability Forum (and Novell employee) puts it: "If you look at the function of an UDDI registry, companies are going to write to it a few times and then read it a lot - which is exactly what directories are optimized to do. In addition, directories inherently support authentication mechanisms, adding security to the registry, and are extremely fast and scalable. " In other words, we've already got the wheel - don't try to reinvent it!