side note:
how that relates to CMDB/IPAM?
IPAM: IP address management (IPAM) is a methodology implemented in computer software for planning and managing the assignment and use of IP addresses and closely related resources of a computer network.
side note:
how that relates to CMDB/IPAM?
CMDB: A Configuration Management Database (CMDB) is an ITIL database used by an organization to store information about hardware and software assets (commonly referred to as Configuration Items [CI]). This database acts as a data warehouse for the organization and also stores information regarding the relationships among its assets.
Implementation of original x.500 was somewhat difficult... but we all know LDAP.
The Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory services over an Internet Protocol (IP) network.
Or Microsoft Active Directory...
Systems that are based on the X.500, such as the LDAP, the DCE Directory, Novell's NDS, and Microsoft's Active Directory, each define its own string representation. For example, in the LDAP, a DN's RDNs are arranged right to left, separated by the comma character (","). Here's an example of a name that starts with "c=us" at the top and leads to "cn=Rosanna Lee" at the leaf.
cn=Rosanna Lee, ou=People, o=Sun, c=us
Here's an example of the same name using the string representation of the DCE Directory and Microsoft's Active Directory.
/c=us/o=Sun/ou=People/cn=Rosanna Lee
The client may request the following operations (among others):
An LDAP URL is a string that can be used to encapsulate the address and port of a directory server, the DN of an entry within that server, or the criteria for performing a search within that server.
ldap://ds.example.com:389/dc=example,dc=com
example:
Like: LDAP injecton, not encrypted data, problems with replicaction, etc.
That's actually not quite true, DNS was here before x.509. But they have much in common. DNS is oldest DS still in use.
Yellow Pages, Unix, mostly Solaris thing.
Still used in big companies...
Yes, Secure Socket Layer.
But how?
Well... X.509 was originally designed to be the secure access method for updating X.500. Then we had browsers and X.509v3.
X.509 was initially issued on July 3, 1988 and was begun in association with the X.500 standard.
It assumes a strict hierarchical system of certificate authorities (CAs) for issuing the certificates. The IETF's Public-Key Infrastructure (X.509), or PKIX, working group has adapted the standard to the more flexible organization of the Internet.
An organization's trusted root certificates can be distributed to all employees so that they can use the company PKI system. Browsers such as Internet Explorer, Firefox, Opera, Safari and Chrome come with a predetermined set of root certificates pre-installed, so SSL certificates from major certificate authorities will work instantly; in effect the browsers' developers determine which CAs are trusted third parties for the browsers' users. For example, Firefox provides a CSV and/or HTML file containing a list of Included CAs. IE uses certs from Windows Certificate Store which is more like Directory Service.
Certificates Store in Windows.
Certificates in Firefox Browser.
Transport Layer Security (TLS), and its now-deprecated predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. Several versions of the protocols find widespread use in applications such as web browsing, email, instant messaging, and voice over IP (VoIP).