📄 rfc4517.txt
字号:
[ minute [ second / leap-second ] ] [ fraction ] g-time-zone century = 2(%x30-39) ; "00" to "99" year = 2(%x30-39) ; "00" to "99" month = ( %x30 %x31-39 ) ; "01" (January) to "09" / ( %x31 %x30-32 ) ; "10" to "12" day = ( %x30 %x31-39 ) ; "01" to "09" / ( %x31-32 %x30-39 ) ; "10" to "29" / ( %x33 %x30-31 ) ; "30" to "31" hour = ( %x30-31 %x30-39 ) / ( %x32 %x30-33 ) ; "00" to "23" minute = %x30-35 %x30-39 ; "00" to "59" second = ( %x30-35 %x30-39 ) ; "00" to "59" leap-second = ( %x36 %x30 ) ; "60" fraction = ( DOT / COMMA ) 1*(%x30-39) g-time-zone = %x5A ; "Z" / g-differential g-differential = ( MINUS / PLUS ) hour [ minute ] MINUS = %x2D ; minus sign ("-") The <DOT>, <COMMA>, and <PLUS> rules are defined in [RFC4512]. The above ABNF allows character strings that do not represent valid dates (in the Gregorian calendar) and/or valid times (e.g., February 31, 1994). Such character strings SHOULD be considered invalid for this syntax. The time value represents coordinated universal time (equivalent to Greenwich Mean Time) if the "Z" form of <g-time-zone> is used; otherwise, the value represents a local time in the time zone indicated by <g-differential>. In the latter case, coordinatedLegg Standards Track [Page 13]
RFC 4517 LDAP: Syntaxes and Matching Rules June 2006 universal time can be calculated by subtracting the differential from the local time. The "Z" form of <g-time-zone> SHOULD be used in preference to <g-differential>. If <minute> is omitted, then <fraction> represents a fraction of an hour; otherwise, if <second> and <leap-second> are omitted, then <fraction> represents a fraction of a minute; otherwise, <fraction> represents a fraction of a second. Examples: 199412161032Z 199412160532-0500 Both example values represent the same coordinated universal time: 10:32 AM, December 16, 1994. The LDAP definition for the Generalized Time syntax is: ( 1.3.6.1.4.1.1466.115.121.1.24 DESC 'Generalized Time' ) This syntax corresponds to the GeneralizedTime ASN.1 type from [ASN.1], with the constraint that local time without a differential SHALL NOT be used.3.3.14. Guide A value of the Guide syntax suggests criteria, which consist of combinations of attribute types and filter operators, to be used in constructing filters to search for entries of particular object classes. The Guide syntax is obsolete and should not be used for defining new attribute types. The LDAP-specific encoding of a value of this syntax is defined by the following ABNF: Guide = [ object-class SHARP ] criteria The <object-class> and <criteria> rules are defined in Section 3.3.10. The <SHARP> rule is defined in [RFC4512]. The LDAP definition for the Guide syntax is: ( 1.3.6.1.4.1.1466.115.121.1.25 DESC 'Guide' ) The Guide syntax corresponds to the Guide ASN.1 type from [X.520].Legg Standards Track [Page 14]
RFC 4517 LDAP: Syntaxes and Matching Rules June 20063.3.15. IA5 String A value of the IA5 String syntax is a string of zero, one, or more characters from International Alphabet 5 (IA5) [T.50], the international version of the ASCII character set. The LDAP-specific encoding of a value of this syntax is the unconverted string of characters, which conforms to the <IA5String> rule in Section 3.2. The LDAP definition for the IA5 String syntax is: ( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' ) This syntax corresponds to the IA5String ASN.1 type from [ASN.1].3.3.16. Integer A value of the Integer syntax is a whole number of unlimited magnitude. The LDAP-specific encoding of a value of this syntax is the optionally signed decimal digit character string representation of the number (for example, the number 1321 is represented by the character string "1321"). The encoding is defined by the following ABNF: Integer = ( HYPHEN LDIGIT *DIGIT ) / number The <HYPHEN>, <LDIGIT>, <DIGIT>, and <number> rules are defined in [RFC4512]. The LDAP definition for the Integer syntax is: ( 1.3.6.1.4.1.1466.115.121.1.27 DESC 'INTEGER' ) This syntax corresponds to the INTEGER ASN.1 type from [ASN.1].3.3.17. JPEG A value of the JPEG syntax is an image in the JPEG File Interchange Format (JFIF), as described in [JPEG]. The LDAP-specific encoding of a value of this syntax is the sequence of octets of the JFIF encoding of the image. The LDAP definition for the JPEG syntax is: ( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG' ) The JPEG syntax corresponds to the following ASN.1 type:Legg Standards Track [Page 15]
RFC 4517 LDAP: Syntaxes and Matching Rules June 2006 JPEG ::= OCTET STRING (CONSTRAINED BY { -- contents octets are an image in the -- -- JPEG File Interchange Format -- })3.3.18. LDAP Syntax Description A value of the LDAP Syntax Description syntax is the description of an LDAP syntax. The LDAP-specific encoding of a value of this syntax is defined by the <SyntaxDescription> rule in [RFC4512]. The LDAP definition for the LDAP Syntax Description syntax is: ( 1.3.6.1.4.1.1466.115.121.1.54 DESC 'LDAP Syntax Description' ) The above LDAP definition for the LDAP Syntax Description syntax is itself a legal value of the LDAP Syntax Description syntax. The ASN.1 type corresponding to the LDAP Syntax Description syntax is defined as follows, assuming EXPLICIT TAGS: LDAPSyntaxDescription ::= SEQUENCE { identifier OBJECT IDENTIFIER, description DirectoryString { ub-schema } OPTIONAL } The DirectoryString parameterized ASN.1 type is defined in [X.520]. The value of ub-schema (an integer) is implementation defined. A non-normative definition appears in [X.520].3.3.19. Matching Rule Description A value of the Matching Rule Description syntax is the definition of a matching rule. The LDAP-specific encoding of a value of this syntax is defined by the <MatchingRuleDescription> rule in [RFC4512]. Example: ( 2.5.13.2 NAME 'caseIgnoreMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) Note: A line break has been added for readability; it is not part of the syntax. The LDAP definition for the Matching Rule Description syntax is: ( 1.3.6.1.4.1.1466.115.121.1.30 DESC 'Matching Rule Description' ) This syntax corresponds to the MatchingRuleDescription ASN.1 type from [X.501].Legg Standards Track [Page 16]
RFC 4517 LDAP: Syntaxes and Matching Rules June 20063.3.20. Matching Rule Use Description A value of the Matching Rule Use Description syntax indicates the attribute types to which a matching rule may be applied in an extensibleMatch search filter [RFC4511]. The LDAP-specific encoding of a value of this syntax is defined by the <MatchingRuleUseDescription> rule in [RFC4512]. Example: ( 2.5.13.16 APPLIES ( givenName $ surname ) ) The LDAP definition for the Matching Rule Use Description syntax is: ( 1.3.6.1.4.1.1466.115.121.1.31 DESC 'Matching Rule Use Description' ) This syntax corresponds to the MatchingRuleUseDescription ASN.1 type from [X.501].3.3.21. Name and Optional UID A value of the Name and Optional UID syntax is the distinguished name [RFC4512] of an entity optionally accompanied by a unique identifier that serves to differentiate the entity from others with an identical distinguished name. The LDAP-specific encoding of a value of this syntax is defined by the following ABNF: NameAndOptionalUID = distinguishedName [ SHARP BitString ] The <BitString> rule is defined in Section 3.3.2. The <distinguishedName> rule is defined in [RFC4514]. The <SHARP> rule is defined in [RFC4512]. Note that although the '#' character may occur in the string representation of a distinguished name, no additional escaping of this character is performed when a <distinguishedName> is encoded in a <NameAndOptionalUID>. Example: 1.3.6.1.4.1.1466.0=#04024869,O=Test,C=GB#'0101'B The LDAP definition for the Name and Optional UID syntax is: ( 1.3.6.1.4.1.1466.115.121.1.34 DESC 'Name And Optional UID' )Legg Standards Track [Page 17]
RFC 4517 LDAP: Syntaxes and Matching Rules June 2006 This syntax corresponds to the NameAndOptionalUID ASN.1 type from [X.520].3.3.22. Name Form Description A value of the Name Form Description syntax is the definition of a name form, which regulates how entries may be named. The LDAP- specific encoding of a value of this syntax is defined by the <NameFormDescription> rule in [RFC4512]. Example: ( 2.5.15.3 NAME 'orgNameForm' OC organization MUST o ) The LDAP definition for the Name Form Description syntax is: ( 1.3.6.1.4.1.1466.115.121.1.35 DESC 'Name Form Description' ) This syntax corresponds to the NameFormDescription ASN.1 type from [X.501].3.3.23. Numeric String A value of the Numeric String syntax is a sequence of one or more numerals and spaces. The LDAP-specific encoding of a value of this syntax is the unconverted string of characters, which conforms to the following ABNF: NumericString = 1*(DIGIT / SPACE) The <DIGIT> and <SPACE> rules are defined in [RFC4512]. Example: 15 079 672 281 The LDAP definition for the Numeric String syntax is: ( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric String' ) This syntax corresponds to the NumericString ASN.1 type from [ASN.1].3.3.24. Object Class Description A value of the Object Class Description syntax is the definition of an object class. The LDAP-specific encoding of a value of this syntax is defined by the <ObjectClassDescription> rule in [RFC4512].Legg Standards Track [Page 18]
RFC 4517 LDAP: Syntaxes and Matching Rules June 2006 Example: ( 2.5.6.2 NAME 'country' SUP top STRUCTURAL MUST c MAY ( searchGuide $ description ) ) Note: A line break has been added for readability; it is not part of the syntax. The LDAP definition for the Object Class Description syntax is: ( 1.3.6.1.4.1.1466.115.121.1.37 DESC 'Object Class Description' ) This syntax corresponds to the ObjectClassDescription ASN.1 type from [X.501].3.3.25. Octet String A value of the Octet String syntax is a sequence of zero, one, or more arbitrary octets. The LDAP-specific encoding of a value of this syntax is the unconverted sequence of octets, which conforms to the following ABNF: OctetString = *OCTET The <OCTET> rule is defined in [RFC4512]. Values of this syntax are⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -