rfc2256.txt

著名的RFC文档,其中有一些文档是已经翻译成中文的的.

      SINGLE-VALUE )

5.30. presentationAddress

   This attribute contains an OSI presentation address.

    ( 2.5.4.29 NAME 'presentationAddress'
      EQUALITY presentationAddressMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
      SINGLE-VALUE )








Wahl                        Standards Track                     [Page 7]

RFC 2256                     LDAPv3 Schema                 December 1997


5.31. supportedApplicationContext

   This attribute contains the identifiers of OSI application contexts.

    ( 2.5.4.30 NAME 'supportedApplicationContext'
      EQUALITY objectIdentifierMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )

5.32. member

    ( 2.5.4.31 NAME 'member' SUP distinguishedName )

5.33. owner

    ( 2.5.4.32 NAME 'owner' SUP distinguishedName )

5.34. roleOccupant

    ( 2.5.4.33 NAME 'roleOccupant' SUP distinguishedName )

5.35. seeAlso

    ( 2.5.4.34 NAME 'seeAlso' SUP distinguishedName )

5.36. userPassword

    ( 2.5.4.35 NAME 'userPassword' EQUALITY octetStringMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )

   Passwords are stored using an Octet String syntax and are not
   encrypted.  Transfer of cleartext passwords are strongly discouraged
   where the underlying transport service cannot guarantee
   confidentiality and may result in disclosure of the password to
   unauthorized parties.

5.37. userCertificate

   This attribute is to be stored and requested in the binary form, as
   'userCertificate;binary'.

    ( 2.5.4.36 NAME 'userCertificate'
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )

5.38. cACertificate

   This attribute is to be stored and requested in the binary form, as
   'cACertificate;binary'.




Wahl                        Standards Track                     [Page 8]

RFC 2256                     LDAPv3 Schema                 December 1997


    ( 2.5.4.37 NAME 'cACertificate'
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )

5.39. authorityRevocationList

   This attribute is to be stored and requested in the binary form, as
   'authorityRevocationList;binary'.

    ( 2.5.4.38 NAME 'authorityRevocationList'
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )

5.40. certificateRevocationList

   This attribute is to be stored and requested in the binary form, as
   'certificateRevocationList;binary'.

    ( 2.5.4.39 NAME 'certificateRevocationList'
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )

5.41. crossCertificatePair

   This attribute is to be stored and requested in the binary form, as
   'crossCertificatePair;binary'.

    ( 2.5.4.40 NAME 'crossCertificatePair'
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )

5.42. name

   The name attribute type is the attribute supertype from which string
   attribute types typically used for naming may be formed.  It is
   unlikely that values of this type itself will occur in an entry. LDAP
   server implementations which do not support attribute subtyping need
   not recognize this attribute in requests.   Client implementations
   MUST NOT assume that LDAP servers are capable of performing attribute
   subtyping.

    ( 2.5.4.41 NAME 'name' EQUALITY caseIgnoreMatch
      SUBSTR caseIgnoreSubstringsMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )

5.43. givenName

   The givenName attribute is used to hold the part of a person's name
   which is not their surname nor middle name.

    ( 2.5.4.42 NAME 'givenName' SUP name )




Wahl                        Standards Track                     [Page 9]

RFC 2256                     LDAPv3 Schema                 December 1997


5.44. initials

   The initials attribute contains the initials of some or all of an
   individuals names, but not the surname(s).

    ( 2.5.4.43 NAME 'initials' SUP name )

5.45. generationQualifier

   The generationQualifier attribute contains the part of the name which
   typically is the suffix, as in "IIIrd".

    ( 2.5.4.44 NAME 'generationQualifier' SUP name )

5.46. x500UniqueIdentifier

   The x500UniqueIdentifier attribute is used to distinguish between
   objects when a distinguished name has been reused.  This is a
   different attribute type from both the "uid" and "uniqueIdentifier"
   types.

    ( 2.5.4.45 NAME 'x500UniqueIdentifier' EQUALITY bitStringMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )

5.47. dnQualifier

   The dnQualifier attribute type specifies disambiguating information
   to add to the relative distinguished name of an entry.  It is
   intended for use when merging data from multiple sources in order to
   prevent conflicts between entries which would otherwise have the same
   name. It is recommended that the value of the dnQualifier attribute
   be the same for all entries from a particular source.

    ( 2.5.4.46 NAME 'dnQualifier' EQUALITY caseIgnoreMatch
      ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )

5.48. enhancedSearchGuide

   This attribute is for use by X.500 clients in constructing search
   filters.

    ( 2.5.4.47 NAME 'enhancedSearchGuide'
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )







Wahl                        Standards Track                    [Page 10]

RFC 2256                     LDAPv3 Schema                 December 1997


5.49. protocolInformation

   This attribute is used in conjunction with the presentationAddress
   attribute, to provide additional information to the OSI network
   service.

    ( 2.5.4.48 NAME 'protocolInformation'
      EQUALITY protocolInformationMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )

5.50. distinguishedName

   This attribute type is not used as the name of the object itself, but
   it is instead a base type from which attributes with DN syntax
   inherit.

   It is unlikely that values of this type itself will occur in an
   entry.  LDAP server implementations which do not support attribute
   subtyping need not recognize this attribute in requests.   Client
   implementations MUST NOT assume that LDAP servers are capable of
   performing attribute subtyping.

    ( 2.5.4.49 NAME 'distinguishedName' EQUALITY distinguishedNameMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )

5.51. uniqueMember

    ( 2.5.4.50 NAME 'uniqueMember' EQUALITY uniqueMemberMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )

5.52. houseIdentifier

   This attribute is used to identify a building within a location.

    ( 2.5.4.51 NAME 'houseIdentifier' EQUALITY caseIgnoreMatch
      SUBSTR caseIgnoreSubstringsMatch
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )

5.53. supportedAlgorithms

   This attribute is to be stored and requested in the binary form, as
   'supportedAlgorithms;binary'.

    ( 2.5.4.52 NAME 'supportedAlgorithms'
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )






Wahl                        Standards Track                    [Page 11]

RFC 2256                     LDAPv3 Schema                 December 1997


5.54. deltaRevocationList

   This attribute is to be stored and requested in the binary form, as
   'deltaRevocationList;binary'.

    ( 2.5.4.53 NAME 'deltaRevocationList'
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )

5.55. dmdName

   The value of this attribute specifies a directory management domain
   (DMD), the administrative authority which operates the directory
   server.

    ( 2.5.4.54 NAME 'dmdName' SUP name )

6. Syntaxes

   Servers SHOULD recognize the syntaxes defined in this section.  Each
   syntax begins with a sample value of the ldapSyntaxes attribute which
   defines the OBJECT IDENTIFIER of the syntax.  The descriptions of
   syntax names are not carried in protocol, and are not guaranteed to
   be unique.

6.1. Delivery Method

   ( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'Delivery Method' )

   Values in this syntax are encoded according to the following BNF:

      delivery-value = pdm / ( pdm whsp "$" whsp delivery-value )

      pdm = "any" / "mhs" / "physical" / "telex" / "teletex" /
                "g3fax" / "g4fax" / "ia5" / "videotex" / "telephone"

   Example:

      telephone

6.2. Enhanced Guide

   ( 1.3.6.1.4.1.1466.115.121.1.21 DESC 'Enhanced Guide' )

   Values in this syntax are encoded according to the following BNF:

      EnhancedGuide = woid whsp "#" whsp criteria whsp "#" whsp subset

      subset = "baseobject" / "oneLevel" / "wholeSubtree"



Wahl                        Standards Track                    [Page 12]

RFC 2256                     LDAPv3 Schema                 December 1997


   The criteria production is defined in the Guide syntax below.  This
   syntax has been added subsequent to RFC 1778.

   Example:

      person#(sn)#oneLevel

6.3. Guide

   ( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' )

   Values in this syntax are encoded according to the following BNF:

      guide-value = [ object-class "#" ] criteria

      object-class = woid

      criteria = criteria-item / criteria-set / ( "!" criteria )

      criteria-set = ( [ "(" ] criteria "&" criteria-set [ ")" ] ) /
                     ( [ "(" ] criteria "|" criteria-set [ ")" ] )

      criteria-item = [ "(" ] attributetype "$" match-type [ ")" ]

      match-type = "EQ" / "SUBSTR" / "GE" / "LE" / "APPROX"

   This syntax should not be used for defining new attributes.

6.4. Octet String

   ( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' )

   Values in this syntax are encoded as octet strings.


   Example:

      secret

6.5. Teletex Terminal Identifier

   ( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'Teletex Terminal Identifier' )

   Values in this syntax are encoded according to the following BNF:

      teletex-id = ttx-term  0*("$" ttx-param)

      ttx-term   = printablestring



Wahl                        Standards Track                    [Page 13]

RFC 2256                     LDAPv3 Schema                 December 1997


      ttx-param  = ttx-key ":" ttx-value

      ttx-key    = "graphic" / "control" / "misc" / "page" / "private"

      ttx-value  = octetstring

   In the above, the first printablestring is the encoding of the first
   portion of the teletex terminal identifier to be encoded, and the
   subsequent 0 or more octetstrings are subsequent portions of the
   teletex terminal identifier.

6.6. Telex Number

   ( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'Telex Number' )

   Values in this syntax are encoded according to the following BNF: