During the late 1980’s and early 1990’s I spent a great deal of my time, and European Research funding, working on the Paradise project. Was it worth the effort?
Paradise (or more formally Cosine Paradise, then NameFLOW Paradise) was a European led, but worldwide initiative, to pilot the use of X.500 technology to build a distributed directory service, as a follow on from “THe Obviously Required Nameserver” project – Thorn. Paradise was the largest distributed deployment of X.500, by 1996 extending to nearly 800 servers, representing 5250 organisations (according to the last published statistics I could find). The project was criticised for being too focused on one implementation (the open source Quipu), but was open to other X.500 DSAs, notably from Siemens and Inria.
The project was a research project, to establish if distributed directories (based on X.500) could be made to work – which it successfully achieved. However, despite this success, the project never really gained momentum outside of the academic community. Why?
X.500 used a full OSI stack, and despite running over TCP/IP (using RFC 1006) was too heavyweight for the Internet (I first wrote about this in 1993, “You cannot promote OSI applications over OSI Networks“). To overcome this, as part of the research undertaking, LDAP was developed as a lightweight access protocol – while overcoming the issues Paradise had, it was also the beginning of the end for Paradise.
As well as implementing LDAP as a protocol, Tim Howes implemented a standalone LDAP server, an approach used in many LDAP products we see today. This rapidly led to a model where a distributed directory service was not needed as LDAP clients connected directly to the appropriate server. To find the LDAP servers, the clients made use of DNS which had become a hugely successful distributed directory in its own right (when Paradise started, DNS was in its infancy).
The one feature the standalone LDAP model has not been able to replicate has been distributed search across servers – Paradise did this well – but with the advent of Google, this too became redundant.
So, was all the effort worth it? Yes – without it LDAP would not exist in the form it does today (I will let the reader determine if this is good or bad).
Finally, why “Paradise” – “Piloting a
Research Directory in an OSI Environment” – of course!
3 thoughts on “Paradise Lost?”
Brings back lots of memories. Thanks for writing this and pointing it out to me. On twitter my alias is Milkshake. that still stems from the Paradise project. You remember: Favorite drink? Mine was Choclate Milkshake. Which is why several Rare WG3 members started calling me Milkshake.
Google does not make distributed search redundant – it forces the
human user to do most of the work!
When the PARADISE service was running, we built user agents at Brunel
that could work from a relatively free-form description of a person or
other entity and which would make an efficient search that had a good
chance of finding the right answer first time. Having found the entry,
well-defined structured contact data was returned. You cannot do that
with a web search engine.
One useful query format was Steve Kille’s User-Friendly Naming – RFC1781. Using that
format, one valid search for me would be:
findlay, skills 1st, england
As Skills 1st is a very
small company that would produce a single hit, but even when I worked
at a mid-sized university the
analogous search would only have produced a handful of false results
alongside the correct one.
There have been some attempts to add true distributed search to LDAP
but although some approach the complexity of X.500 DSP, none has
really been as successful. LDAP has succeeded in other areas though –
it is the clear winner in organisation-scale directory access for all
purposes, and it contributes to the vision of a truly open IT
infrastructure by being available for all platforms and interoperating
correctly between them.
Comments are closed.