The Benefits of LDAP/X.500
Directories. Information on people, computer resources, and access privileges
can be put in many types of data stores. Quite often, it's put in a data store
accessed through LDAP or X.500 protocols.
benefits of using LDAP- or X.500-accessible directories are:
open protocol access of LDAP, combined with common core schema, is useful in many
situations, particularly in support of products with LDAP support (PKI, email,
extensibility. It is easy and natural to extend an LDAP/X.500 core schema.
is hard to achieve with other approaches.
directory can be distributed (e.g., for U.S. eGov PKI).
good support for various real-world authorization and delegation models in a hierarchical
structure. So directories are suitable for representing identities, groups, and
policies. Applications can extend authentication mechanisms to include PKI, biometrics,
of the choice of an X.500 or non-X.500 back end, LDAP is the most common form
of access. X.500 DAP is sometimes required, particularly for high security where
signed operations are desirable (not available in LDAP) ... David
Ferris, With thanks to Isode's Steve Kille and Persistent Systems' Sameer