[Docs] [txt|pdf|xml] [Tracker] [Email] [Nits]

Versions: 00 01

Network Working Group                                        M. Stroeder
Internet-Draft                                         December 16, 2012
Intended status: Informational
Expires: June 19, 2013


Lightweight Directory Access Protocol (LDAP): Structural Object Classes
                           for Named Objects
                     draft-stroeder-namedobject-00

Abstract

   This document defines structural object classes that can be used when
   no other structural object class seems suitable.  Especially the
   object classes will give the possibility to associate a common name
   and a free-from description with the object.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on June 19, 2013.

Copyright Notice

   Copyright (c) 2012 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.



Stroeder                  Expires June 19, 2013                 [Page 1]


Internet-Draft             LDAP Named Objects              December 2012


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 3
   2.  Object Class Definitions  . . . . . . . . . . . . . . . . . . . 3
     2.1.  'namedObject' . . . . . . . . . . . . . . . . . . . . . . . 3
     2.2.  'namedPolicy' . . . . . . . . . . . . . . . . . . . . . . . 4
   3.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . 4
   4.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 4
   5.  Security Considerations . . . . . . . . . . . . . . . . . . . . 4
   6.  References  . . . . . . . . . . . . . . . . . . . . . . . . . . 4
     6.1.  Normative References  . . . . . . . . . . . . . . . . . . . 4
     6.2.  Informative References  . . . . . . . . . . . . . . . . . . 5
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . . . 5






































Stroeder                  Expires June 19, 2013                 [Page 2]


Internet-Draft             LDAP Named Objects              December 2012


1.  Introduction

   Standards for LDAP directories often define additional schema
   elements, especially auxiliary object classes that are intended to
   hold various attributes needed by that standard.  When adding entries
   with such an auxiliary object class it is up to the directory
   operator to choose an appropriate structural object class required to
   add the entry.  Often the structural object classes used were defined
   for other purposes and thus seem too complex for this simple purpose.

   Inspired by unfinished [I-D.howard-namedobject] this document defines
   structural object classes, 'namedObject' and 'namedPolicy'.  Only
   attributes defined in [RFC4519] are used within these simple object
   classes.  Arbitrary auxiliary object classes may be thus associated
   with entries which have such a structural object class.

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

   This document is being discussed on the ldapext@ietf.org mailing
   list.


2.  Object Class Definitions

   The object classes definitions in this section are using the
   following attributes defined in [RFC4519]: 'cn', 'description' and
   'serialNumber'.

   The mandantory attribute 'cn' SHOULD be used to form the RDN of the
   entry if there are no other appropriate naming attributes available.
   If the optional attribute 'serialNumber' contains a value it MAY be
   used to form the RDN of the entry.  Other attributes allowed by
   auxiliary classes also MAY be used for naming purposes.

   LDAP clients displaying a list of entries of these object classes
   should use mandantory attribute 'cn' to display select lists, hyper-
   links etc.

2.1.  'namedObject'

   The 'namedObject' object class definition is the basis of an entry
   that represents an arbitrary named object.  The attribute 'cn' MUST
   be added to the entry.  The attributes 'serialNumber' and
   'description' MAY be added to the entry.

   ( 1.3.6.1.4.1.5427.1.389.6.20 NAME 'namedObject' SUP top STRUCTURAL



Stroeder                  Expires June 19, 2013                 [Page 3]


Internet-Draft             LDAP Named Objects              December 2012


   MUST cn MAY ( serialNumber $ description ) )

2.2.  'namedPolicy'

   The 'namedPolicy' object class definition is sub-classed from
   'namedObject'.  It SHOULD only be used for entries which represents
   an arbitrary policy.  A typical example would be to use it along with
   auxiliary object class 'pwdPolicy' defined in
   [I-D.behera-ldap-password-policy].

   ( 1.3.6.1.4.1.5427.1.389.6.21 NAME 'namedPolicy' SUP namedObject
   STRUCTURAL )


3.  Acknowledgements

   The 'namedObject' object class definition in this document supersedes
   the specification of the 'namedObject' in [I-D.howard-namedobject] by
   L. Howard.


4.  IANA Considerations

   The OID arc used for the object class defintions is: iso(1) org(3)
   dod(6) internet(1) private(4) enter-prise(1) stroeder.com(5427)
   objectClasses(6)


5.  Security Considerations

   The introduction of these object classes does not impact the security
   of the Internet or a particular LDAP directory service.

   Security considerations for LDAP in general are discussed in
   documents comprising the technical specification [RFC4510].


6.  References

6.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC4510]  Zeilenga, K., "Lightweight Directory Access Protocol
              (LDAP): Technical Specification Road Map", RFC 4510,
              June 2006.




Stroeder                  Expires June 19, 2013                 [Page 4]


Internet-Draft             LDAP Named Objects              December 2012


   [RFC4519]  Sciberras, A., "Lightweight Directory Access Protocol
              (LDAP): Schema for User Applications", RFC 4519,
              June 2006.

6.2.  Informative References

   [I-D.behera-ldap-password-policy]
              Sermersheim, J., Poitou, L., and H. Chu, "Password Policy
              for LDAP Directories",
              draft-behera-ldap-password-policy-10 (work in progress),
              August 2009.

   [I-D.howard-namedobject]
              Howard, L., "A Structural Object Class for Arbitrary
              Auxiliary Object Classes", draft-howard-namedobject-00
              (work in progress), June 2002.


Author's Address

   Michael Stroeder
   Karlsruhe
   Germany

   Email: michael@stroeder.com
   URI:   http://www.stroeder.com

























Stroeder                  Expires June 19, 2013                 [Page 5]


Html markup produced by rfcmarkup 1.129d, available from https://tools.ietf.org/tools/rfcmarkup/