Paradise Lost?

20 Aug

During the late 1980’s and early 1990’s I spent a great deal of my time, and European Research funding, working on the Paradise project. Was it worth the effort?

Paradise (or more formally Cosine Paradise, then NameFLOW Paradise) was a European led, but worldwide initiative, to pilot the use of X.500 technology to build a distributed directory service, as a follow on from “THe Obviously Required Nameserver” project – Thorn. Paradise was the largest distributed deployment of X.500, by 1996 extending to nearly 800 servers, representing 5250 organisations (according to the last published statistics I could find). The project was criticised for being too focused on one implementation (the open source Quipu), but was open to other X.500 DSAs, notably from Siemens and Inria.

The project was a research project, to establish if distributed directories (based on X.500) could be made to work – which it successfully achieved. However, despite this success, the project never really gained momentum outside of the academic community. Why?

X.500 used a full OSI stack, and despite running over TCP/IP (using RFC 1006) was too heavyweight for the Internet (I first wrote about this in 1993, “You cannot promote OSI applications over OSI Networks“). To overcome this, as part of the research undertaking, LDAP was developed as a lightweight access protocol – while overcoming the issues Paradise had, it was also the beginning of the end for Paradise.

As well as implementing LDAP as a protocol, Tim Howes implemented a standalone LDAP server, an approach used in many LDAP products we see today. This rapidly led to a model where a distributed directory service was not needed as LDAP clients connected directly to the appropriate server. To find the LDAP servers, the clients made use of DNS which had become a hugely successful distributed directory in its own right (when Paradise started, DNS was in its infancy).

The one feature the standalone LDAP model has not been able to replicate has been distributed search across servers – Paradise did this well – but with the advent of Google, this too became redundant.

So, was all the effort worth it? Yes – without it LDAP would not exist in the form it does today (I will let the reader determine if this is good or bad).

Finally, why “Paradise” – “Piloting a
Research Directory in an OSI Environment” – of course!

See Also

3 Responses to “Paradise Lost?”

  1. George Michaelson August 21, 2013 at 01:52 #

    Happy days.

    Like

  2. Erik August 21, 2013 at 08:04 #

    Brings back lots of memories. Thanks for writing this and pointing it out to me. On twitter my alias is Milkshake. that still stems from the Paradise project. You remember: Favorite drink? Mine was Choclate Milkshake. Which is why several Rare WG3 members started calling me Milkshake.

    Erik

    Like

  3. Andrew Findlay August 28, 2013 at 12:38 #

    Google does not make distributed search redundant – it forces the
    human user to do most of the work!

    When the PARADISE service was running, we built user agents at Brunel
    that could work from a relatively free-form description of a person or
    other entity and which would make an efficient search that had a good
    chance of finding the right answer first time. Having found the entry,
    well-defined structured contact data was returned. You cannot do that
    with a web search engine.
    One useful query format was Steve Kille’s User-Friendly Naming – RFC1781. Using that
    format, one valid search for me would be:

    findlay, skills 1st, england

    As Skills 1st is a very
    small company that would produce a single hit, but even when I worked
    at a mid-sized university the
    analogous search would only have produced a handful of false results
    alongside the correct one.

    There have been some attempts to add true distributed search to LDAP
    but although some approach the complexity of X.500 DSP, none has
    really been as successful. LDAP has succeeded in other areas though –
    it is the clear winner in organisation-scale directory access for all
    purposes, and it contributes to the vision of a truly open IT
    infrastructure by being available for all platforms and interoperating
    correctly between them.

    Like

Please join the discussion, we welcome your views...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s