[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SPKI Starting Point?

At 10.01 96-04-23, PALAMBER.US.ORACLE.COM wrote:
>Positive recommendations for Whois++
> o Whois++ should be used as part of the SPKI
>   at a minimum it could provide a common distribution
>   approach
> o Whois++ could be directly used to distribute certificates
> o Whois++ has some interesting syntactic tricks
>   that are useful for ASCII representations of
>   large "tokens" (like keys) that should be considered
> o Globally unique record indictors
>Problems with Whois++
> o Flat data representation (no nesting, at least as
>   of Dec 95 when I last read the drafts)

This is true. Instead we said that we accept multiple attributes
which have the same name, and the attributes in one record have
a given order. I.e. by using the ordering together with multiple
attributes with the same name, some kind of nesting can occur, but I
rather call it "grouping".

> o Multiple identically named fields create implementation complexity
> o Flexible templates (free form addition of fields) are
>   difficult to support.

Well, if you think about this when doing the implementation, you
can handle it :-) My second Whois++ server (Digger 1.0) used
Oracle as backend only followed by support for other SQL
databases aswell.

What you have to think about is that you can not store a Whois++
record in one record in a relational database which have a fixed
record format. This is the whole idea with Whois++. Different
records on the same server can have different attributes
and even different order among the attributes. This is what
makes Whois++ so much more useful that other protocols that
forces you to use one specific schema. Hard to implement, well,
maybe, but it is sure doable.

Digger 2.0.0 from Bunyip have been loaded with some 96000 records
and can handle case sensitive, insensitive and soundex matches on
any token in the data and it gave subsecond responsetime (even though
it uses TCP/IP due to some interprocess communication tricks) on
a SPARC-10. The first public beta of 2.0.0 should be available

> o distribution of certificates could and should be also
>   supported for e-mail and http type transports

Yes, definitely. I think that whatever protocol that is chosen,
more than one interface have to be implemented.

>In general, the syntax introduced by whois++ is less important than  the
>requirements for the structure of the information.  Spki design issues, in no
>particular order, include:

I agree completely!