4. Key Advantages

LDAP has four key advantages over DAP. First, it runs directly over TCP (or other reliable transport, in theory), eliminating much of the connection set-up and packet-handling overhead of the OSI session and presentation layers required by DAP. In addition, the near universal availability of TCP/IP implementations means that LDAP can run on most systems "out of the box."

Second, LDAP simplifies the X.500 functional model in two ways. It leaves out the read and list operations, emulating them via the search operation. It also leaves out some of the more esoteric and less-often-used service controls and security features of full X.500 (e.g., the ability to sign operations). This simplifies LDAP implementations.

Third, though X.500 and LDAP both describe and encode protocol elements using ASN.1 and BER [12], LDAP uses string encodings for distinguished names and data elements. X.500 uses a complex and highly-structured encoding even for simple data elements; LDAP data elements are string types. This encoding is a big win for distinguished names, which have considerable structure leading to encoding/decoding complexity and size. LDAP relegates the knowledge of a value's syntax to the application program rather than lower-level protocol routines.

Finally, LDAP frees clients from the burden of chasing referrals. The LDAP server is responsible for chasing down any referrals returned by X.500, returning either results or errors to the client. Clients assume a single connection model in which X.500 appears as a single logical directory.


[Contents] [Previous] [Next]