rfc4519.txt

samba最新软件

   The 'dc' attribute type definition and the 'dcObject' object class
   definition in this document supersede the specification in RFC 2247
   by S. Kille, M. Wahl, A. Grimstad, R. Huber, and S. Sataluri.

   The 'uid' attribute type definition in this document supersedes the
   specification of the 'userid' in RFC 1274 by P. Barker and S. Kille
   and of the uid in RFC 2798 by M. Smith.

   The 'uidObject' object class definition in this document supersedes
   the specification of the 'uidObject' in RFC 2377 by A. Grimstad, R.
   Huber, S. Sataluri, and M. Wahl.

   This document is based upon input of the IETF LDAPBIS working group.
   The author wishes to thank S. Legg and K. Zeilenga for their
   significant contribution to this update.  The author would also like
   to thank Kathy Dally, who edited early versions of this document.

7.  References

7.1.  Normative References

   [E.123]    Notation for national and international telephone numbers,
              ITU-T Recommendation E.123, 1988

   [E.164]    The international public telecommunication numbering plan,
              ITU-T Recommendation E.164, 1997

   [F.1]      Operational Provisions For The International Public
              Telegram Service Transmission System, CCITT Recommendation
              F.1, 1992

   [F.31]     Telegram Retransmission System, CCITT Recommendation F.31,
              1988

   [ISO3166]  ISO 3166, "Codes for the representation of names of
              countries".

   [RFC1034]  Mockapetris, P., "Domain names - concepts and facilities",
              STD 13, RFC 1034, November 1987.

   [RFC1123]  Braden, R., "Requirements for Internet Hosts - Application
              and Support", STD 3, RFC 1123, October 1989.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2181]  Elz, R. and R. Bush, "Clarifications to the DNS
              Specification", RFC 2181, July 1997.



Sciberras                   Standards Track                    [Page 29]

RFC 4519           LDAP: Schema for User Applications          June 2006


   [RFC3490]  Faltstrom, P., Hoffman, P., and A. Costello,
              "Internationalizing Domain Names in Applications (IDNA)",
              RFC 3490, March 2003.

   [RFC4013]  Zeilenga, K., "SASLprep: Stringprep Profile for User Names
              and Passwords", RFC 4013, February 2005.

   [RFC4234]  Crocker, D. and P. Overell, "Augmented BNF for Syntax
              Specifications: ABNF", RFC 4234, October 2005.

   [RFC4510]  Zeilenga, K., Ed., "Lightweight Directory Access Protocol
              (LDAP): Technical Specification Road Map", RFC 4510, June
              2006.

   [RFC4512]  Zeilenga, K., "Lightweight Directory Access Protocol
              (LDAP): Directory Information Models", RFC 4512, June
              2006.

   [RFC4517]  Legg, S., Ed., "Lightweight Directory Access Protocol
              (LDAP): Syntaxes and Matching Rules", RFC 4517, June 2006.

   [X.121]    International numbering plan for public data networks,
              ITU-T Recommendation X.121, 1996

   [X.509]    The Directory:  Authentication Framework, ITU-T
              Recommendation X.509, 1993

   [X.520]    The Directory: Selected Attribute Types, ITU-T
              Recommendation X.520, 1993

   [X.521]    The Directory: Selected Object Classes.  ITU-T
              Recommendation X.521, 1993

7.2.  Informative References

   [RFC1274]  Barker, P. and S. Kille, "The COSINE and Internet X.500
              Schema", RFC 1274, November 1991.

   [RFC2247]  Kille, S., Wahl, M., Grimstad, A., Huber, R., and S.
              Sataluri, "Using Domains in LDAP/X.500 Distinguished
              Names", RFC 2247, January 1998.

   [RFC2377]  Grimstad, A., Huber, R., Sataluri, S., and M. Wahl,
              "Naming Plan for Internet Directory-Enabled Applications",
              RFC 2377, September 1998.

   [RFC2798]  Smith, M., "Definition of the inetOrgPerson LDAP Object
              Class", RFC 2798, April 2000.



Sciberras                   Standards Track                    [Page 30]

RFC 4519           LDAP: Schema for User Applications          June 2006


   [RFC4513]  Harrison R., Ed., "Lightweight Directory Access Protocol
              (LDAP): Authentication Methods and Security Mechanisms",
              RFC 4513, June 2006.

   [RFC4523]  Zeilenga, K., "Lightweight Directory Access Protocol
              (LDAP) Schema Definitions for X.509 Certificates", RFC
              4523, June 2006.

   [RFC4524]  Zeilenga, E., Ed., "COSINE LDAP/X.500 Schema", RFC 4524,
              June 2006.

   [X.500]    ITU-T Recommendations X.500 (1993) | ISO/IEC 9594-1:1994,
              Information Technology - Open Systems Interconnection -
              The Directory: Overview of concepts, models and services.





































Sciberras                   Standards Track                    [Page 31]

RFC 4519           LDAP: Schema for User Applications          June 2006


Appendix A.  Changes Made Since RFC 2256

   This appendix lists the changes that have been made from RFC 2256 to
   RFC 4519.

   This appendix is not a normative part of this specification, which
   has been provided for informational purposes only.

      1.  Replaced the document title.

      2.  Removed the IESG Note.

      3.  Dependencies on RFC 1274 have been eliminated.

      4.  Added a Security Considerations section and an IANA
          Considerations section.

      5.  Deleted the conformance requirement for subschema object
          classes in favor of a statement in [RFC4517].

      6.  Added explanation to attribute types and to each object class.

      7.  Removed Section 4, Syntaxes, and Section 6, Matching Rules,
          (moved to [RFC4517]).

      8.  Removed the certificate-related attribute types:
          authorityRevocationList, cACertificate,
          certificateRevocationList, crossCertificatePair,
          deltaRevocationList, supportedAlgorithms, and userCertificate.

          Removed the certificate-related Object Classes:
          certificationAuthority, certificationAuthority-V2,
          cRLDistributionPoint, strongAuthenticationUser, and
          userSecurityInformation

          LDAP PKI is now discussed in [RFC4523].

      9.  Removed the dmdName, knowledgeInformation,
          presentationAddress, protocolInformation, and
          supportedApplicationContext attribute types and the dmd,
          applicationEntity, and dSA object classes.

      10. Deleted the aliasedObjectName and objectClass attribute type
          definitions.  Deleted the alias and top object class
          definitions.  They are included in [RFC4512].






Sciberras                   Standards Track                    [Page 32]

RFC 4519           LDAP: Schema for User Applications          June 2006


      11. Added the 'dc' attribute type from RFC 2247, making the
          distinction between 'stored' and 'query' values when preparing
          IDN strings.

      12. Numerous editorial changes.

      13. Removed upper bound after the SYNTAX oid in all attribute
          definitions where it appeared.

      14. Added text about Unicode, SASLprep [RFC4013], and UTF-8 for
          userPassword.

      15. Included definitions, comments and references for 'dcObject'
          and 'uidObject'.

      16. Replaced PKI schema references to use RFC 4523.

      17. Spelt out and referenced ABNF on first usage.

      18. Removed Section 2.4 (Source).  Replaced the source table with
          explicit references for each definition.

      19. All references to an attribute type or object class are
          enclosed in single quotes.

      20. The layout of attribute type definitions has been changed to
          provide consistency throughout the document:
          > Section Heading
          > Description of Attribute type
          > Multivalued description
          > Source Information
          > Definition
          > Example
          > Additional Comments

          Adding this consistent output included the addition of
          examples to some definitions.

      21. References to alternate names for attributes types are
          provided with a reference to where they were originally
          specified.

      22. Clarification of the description of 'distinguishedName' and
          'name', in regards to these attribute types being supertypes.

      23. Spelt out ISDN on first usage.





Sciberras                   Standards Track                    [Page 33]

RFC 4519           LDAP: Schema for User Applications          June 2006


      24. Inserted a reference to [RFC4517] for the
          'teletexTerminalIdentifier' definition's SYNTAX OID.

      25. Additional names were added to the IANA Considerations.  Names
          include 'commonName', 'dcObject', 'domainComponent', 'GN',
          'localityName', 'organizationName', 'organizationUnitName',
          'surname', 'uidObject' and 'userid'.

      26. Renamed all instances of supercede to supersede.

      27. Moved [F.1], [F.31] and [RFC4013] from informative to
          normative references.

      28. Changed the 'c' definition to be consistent with X.500.

Author's Address

   Andrew Sciberras
   eB2Bcom
   Suite 3, Woodhouse Corporate Centre,
   935 Station Street,
   Box Hill North, Victoria 3129
   AUSTRALIA

   Phone: +61 3 9896 7833
   EMail: andrew.sciberras@eb2bcom.com

























Sciberras                   Standards Track                    [Page 34]

RFC 4519           LDAP: Schema for User Applications          June 2006


Full Copyright Statement

   Copyright (C) The Internet Society (2006).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.

Acknowledgement

   Funding for the RFC Editor function is provided by the IETF
   Administrative Support Activity (IASA).







Sciberras                   Standards Track                    [Page 35]