draft-ietf-ldapbis-bcp64-03.txt   draft-ietf-ldapbis-bcp64-04.txt 
INTERNET-DRAFT Kurt D. Zeilenga INTERNET-DRAFT Kurt D. Zeilenga
Intended Category: BCP OpenLDAP Foundation Intended Category: BCP OpenLDAP Foundation
Expires in six months 4 June 2004 Expires in six months 24 October 2004
Obsoletes: RFC 3383 Obsoletes: RFC 3383
IANA Considerations for LDAP IANA Considerations for LDAP
<draft-ietf-ldapbis-bcp64-03.txt> <draft-ietf-ldapbis-bcp64-04.txt>
Status of Memo Status of Memo
This document is intended to be, after appropriate review and This document is intended to be, after appropriate review and
revision, submitted to the RFC Editor as a Best Current Practice revision, submitted to the RFC Editor as a Best Current Practice
document. This document is intended to replace RFC 3383. document. This document is intended to replace RFC 3383.
Distribution of this memo is unlimited. Technical discussion of this Distribution of this memo is unlimited. Technical discussion of this
document will take place on the IETF LDAP Revision Working Group document will take place on the IETF LDAP Revision Working Group
(LDAPBIS) mailing list <ietf-ldapbis@openldap.org>. Please send (LDAPBIS) mailing list <ietf-ldapbis@openldap.org>. Please send
editorial comments directly to the document editor editorial comments directly to the document editor
<Kurt@OpenLDAP.org>. <Kurt@OpenLDAP.org>.
By submitting this Internet-Draft, I accept the provisions of Section By submitting this Internet-Draft, I accept the provisions of Section
4 of RFC 3667. By submitting this Internet-Draft, I certify that any 4 of RFC 3667. By submitting this Internet-Draft, I certify that any
applicable patent or other IPR claims of which I am aware have been applicable patent or other IPR claims of which I am aware have been
disclosed, and any of which I become aware will be disclosed, in disclosed, or will be disclosed, and any of which I become aware will
accordance with RFC 3668. be disclosed, in accordance with RFC 3668.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that other Task Force (IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-Drafts. groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. The list of <http://www.ietf.org/ietf/1id-abstracts.txt>. The list of
Internet-Draft Shadow Directories can be accessed at Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. <http://www.ietf.org/shadow.html>.
Copyright (C) The Internet Society (2004). All Rights Reserved. Copyright (C) The Internet Society (2004). All Rights Reserved.
Please see the Full Copyright section near the end of this document Please see the Full Copyright section near the end of this document
for more information. for more information.
Abstract Abstract
This document provides procedures for registering extensible elements This document provides procedures for registering extensible elements
of Lightweight Directory Access Protocol (LDAP). The document also of Lightweight Directory Access Protocol (LDAP). The document also
skipping to change at page 3, line 19 skipping to change at page 3, line 19
document are to be interpreted as described in BCP 14 [RFC2119]. In document are to be interpreted as described in BCP 14 [RFC2119]. In
this case, "the specification" as used by BCP 14 refers to the this case, "the specification" as used by BCP 14 refers to the
processing of protocols being submitted to the IETF standards processing of protocols being submitted to the IETF standards
process. process.
2.3. Common ABNF Productions 2.3. Common ABNF Productions
A number of syntaxes in this document are described using ABNF A number of syntaxes in this document are described using ABNF
[RFC2234]. These syntaxes rely on the following common productions: [RFC2234]. These syntaxes rely on the following common productions:
ALPHA = %x41-5A / %x61-7A ; A-Z / a-z ALPHA = %x41-5A / %x61-7A ; "A"-"Z" / "a"-"z"
LDIGIT = %x31-39 ; "1"-"9"
LDIGIT = %x31-39 ; 1-9 DIGIT = %x30 / LDIGIT ; "0"-"9"
DIGIT = %x30 / LDIGIT ; 0-9
HYPHEN = %x2D ; "-" HYPHEN = %x2D ; "-"
DOT = %x2E ; "." DOT = %x2E ; "."
number = DIGIT / ( LDIGIT 1*DIGIT ) number = DIGIT / ( LDIGIT 1*DIGIT )
keychar = ALPHA / DIGIT / HYPHEN keychar = ALPHA / DIGIT / HYPHEN
leadkeychar = ALPHA leadkeychar = ALPHA
keystring = leadkeychar *keychar keystring = leadkeychar *keychar
A keyword is a case-insensitive string of UTF-8 [UTF-8] encoded A keyword is a case-insensitive string of UTF-8 [RFC3629] encoded
Unicode [Unicode] restricted to the <keystring> production. Unicode [Unicode] restricted to the <keystring> production.
3. IANA Considerations for LDAP 3. IANA Considerations for LDAP
This section details each kind of protocol value which can be This section details each kind of protocol value which can be
registered and provides IANA guidelines on how to assign new values. registered and provides IANA guidelines on how to assign new values.
IANA may reject obviously bogus registrations described. IANA may reject obviously bogus registrations described.
3.1. Object Identifiers 3.1. Object Identifiers
skipping to change at page 5, line 8 skipping to change at page 4, line 46
of additional Root DSE attributes holding values identifying protocol of additional Root DSE attributes holding values identifying protocol
mechanisms MAY extend this registry for their values. mechanisms MAY extend this registry for their values.
OIDs associated with discoverable protocol mechanisms SHOULD be OIDs associated with discoverable protocol mechanisms SHOULD be
registered. These are be considered on a First Come First Served registered. These are be considered on a First Come First Served
with Specification Required basis. with Specification Required basis.
OIDs associated with Standard Track mechanisms MUST be registered and OIDs associated with Standard Track mechanisms MUST be registered and
require Standards Action. require Standards Action.
3.3. Object Identifier Descriptors 3.3 LDAP Syntaxes
This registry provides a listing of LDAP syntaxes [Models]. Each
LDAP syntax is identified by an object identifier (OID). This
registry is provided to allow implementors and others to locate the
technical specification describing a particular LDAP Syntax.
OIDs used to identify LDAP syntaxes SHOULD be registered. These are
be considered on a First Come First Served with Specification
Required basis.
OIDs associated with Standard Track LDAP syntaxes MUST be registered
and require Standards Action.
Note: unlike object classes, attribute types and various other kinds
of schema elements, descriptors are not used in LDAP to identify LDAP
syntaxes.
3.4. Object Identifier Descriptors
LDAP allows short descriptive names (or descriptors) to be used LDAP allows short descriptive names (or descriptors) to be used
instead of a numeric Object Identifier to identify protocol instead of a numeric Object Identifier to identify select protocol
extensions [Protocol], schema elements [Models], LDAP URL [LDAPURL] extensions [Protocol], schema elements [Models], LDAP URL [LDAPURL]
extensions, and other objects. extensions, and other objects.
Descriptors SHOULD be registered unless in private-use name space Descriptors SHOULD be registered unless in private-use name space
(e.g., they begin with "x-"). Descriptors defined in RFCs MUST be (e.g., they begin with "x-"). Descriptors defined in RFCs MUST be
registered. registered.
While the protocol allows the same descriptor to refer to different While the protocol allows the same descriptor to refer to different
object identifiers in certain cases and the registry supports object identifiers in certain cases and the registry supports
multiple registrations of the same descriptor (each indicating a multiple registrations of the same descriptor (each indicating a
skipping to change at page 6, line 13 skipping to change at page 6, line 21
Descriptors beginning with "e-" are reserved for experiments and will Descriptors beginning with "e-" are reserved for experiments and will
be registered on a First Come First Served basis. be registered on a First Come First Served basis.
All other descriptors require Expert Review to be registered. All other descriptors require Expert Review to be registered.
The registrant need not "own" the OID being named. The registrant need not "own" the OID being named.
The OID name space is managed by The ISO/IEC Joint Technical The OID name space is managed by The ISO/IEC Joint Technical
Committee 1 - Subcommittee 6. Committee 1 - Subcommittee 6.
3.4. AttributeDescription Options 3.5. AttributeDescription Options
An AttributeDescription [Models] can contain zero or more options An AttributeDescription [Models] can contain zero or more options
specifying additional semantics. An option SHALL be restricted to a specifying additional semantics. An option SHALL be restricted to a
string UTF-8 encoded Unicode characters limited by the following string UTF-8 encoded Unicode characters limited by the following
ABNF: ABNF:
option = keystring option = keystring
Options are case-insensitive. Options are case-insensitive.
skipping to change at page 6, line 42 skipping to change at page 7, line 5
Options beginning with "x-" are for Private Use and cannot be Options beginning with "x-" are for Private Use and cannot be
registered. registered.
Options beginning with "e-" are reserved for experiments and will be Options beginning with "e-" are reserved for experiments and will be
registered on a First Come First Served basis. registered on a First Come First Served basis.
All other options require Standards Action or Expert Review with All other options require Standards Action or Expert Review with
Specification Required to be registered. Specification Required to be registered.
3.5. LDAP Message Types 3.6. LDAP Message Types
Each protocol message is encapsulated in an LDAPMessage envelope Each protocol message is encapsulated in an LDAPMessage envelope
[Protocol]. The protocolOp CHOICE indicates the type of message [Protocol]. The protocolOp CHOICE indicates the type of message
encapsulated. Each message type consists of an ASN.1 identifier in encapsulated. Each message type consists of an ASN.1 identifier in
the form of a keyword and a non-negative choice number. The choice the form of a keyword and a non-negative choice number. The choice
number is combined with the class (APPLICATION) and data type number is combined with the class (APPLICATION) and data type
(CONSTRUCTED or PRIMITIVE) to construct the BER tag in the message's (CONSTRUCTED or PRIMITIVE) to construct the BER tag in the message's
encoding. The choice numbers for existing protocol messages are encoding. The choice numbers for existing protocol messages are
implicit in the protocol's ASN.1 defined in [Protocol]. implicit in the protocol's ASN.1 defined in [Protocol].
New values will be registered upon Standards Action. New values will be registered upon Standards Action.
Note: LDAP provides extensible messages which reduces, but does not Note: LDAP provides extensible messages which reduces, but does not
eliminate, the need to add new message types. eliminate, the need to add new message types.
3.6. LDAP Result Codes
LDAP result messages carry an resultCode enumerated value to indicate
the outcome of the operation [Protocol]. Each result code consists
of a ASN.1 identifier in the form of a keyword and a non-negative
integer.
New resultCodes integers in the range 0-1023 require Standards Action
to be registered. New resultCode integers in the range 1024-4095
require Expert Review with Specification Required. New resultCode
integers in the range 4096-16383 will be registered on a First Come
First Served basis. Keywords associated with integers in the range
0-4095 SHALL NOT start with "e-" or "x-". Keywords associated with
integers in the range 4096-16383 SHALL start with "e-". Values
greater than or equal to 16384 and keywords starting with "x-" are
for Private Use and cannot be registered.
3.7. LDAP Authentication Method 3.7. LDAP Authentication Method
The LDAP Bind operation supports multiple authentication methods The LDAP Bind operation supports multiple authentication methods
[Protocol]. Each authentication choice consists of an ASN.1 [Protocol]. Each authentication choice consists of an ASN.1
identifier in the form of a keyword and a non-negative integer. identifier in the form of a keyword and a non-negative integer.
The registrant SHALL classify the authentication method usage using The registrant SHALL classify the authentication method usage using
one of the following terms: one of the following terms:
COMMON - method is appropriate for common use on the COMMON - method is appropriate for common use on the
Internet, Internet,
LIMITED USE - method is appropriate for limited use, LIMITED USE - method is appropriate for limited use,
OBSOLETE - method has been deprecated or otherwise found to be OBSOLETE - method has been deprecated or otherwise found to
inappropriate for any use. be inappropriate for any use.
Methods without publicly available specifications SHALL NOT be Methods without publicly available specifications SHALL NOT be
classified as COMMON. New registrations of class OBSOLETE cannot be classified as COMMON. New registrations of class OBSOLETE cannot be
registered. registered.
New authentication method integers in the range 0-1023 require New authentication method integers in the range 0-1023 require
Standards Action to be registered. New authentication method Standards Action to be registered. New authentication method
integers in the range 1024-4095 require Expert Review with integers in the range 1024-4095 require Expert Review with
Specification Required. New authentication method integers in the Specification Required. New authentication method integers in the
range 4096-16383 will be registered on a First Come First Served range 4096-16383 will be registered on a First Come First Served
basis. Keywords associated with integers in the range 0-4095 SHALL basis. Keywords associated with integers in the range 0-4095 SHALL
NOT start with "e-" or "x-". Keywords associated with integers in NOT start with "e-" or "x-". Keywords associated with integers in
the range 4096-16383 SHALL start with "e-". Values greater than or the range 4096-16383 SHALL start with "e-". Values greater than or
equal to 16384 and keywords starting with "x-" are for Private Use equal to 16384 and keywords starting with "x-" are for Private Use
and cannot be registered. and cannot be registered.
Note: LDAP supports Simple Authentication and Security Layers [SASL] Note: LDAP supports Simple Authentication and Security Layers [SASL]
as an authentication choice. SASL is an extensible as an authentication choice. SASL is an extensible
authentication framework. authentication framework.
3.8. Directory Systems Names 3.8. LDAP Result Codes
LDAP result messages carry an resultCode enumerated value to indicate
the outcome of the operation [Protocol]. Each result code consists
of a ASN.1 identifier in the form of a keyword and a non-negative
integer.
New resultCodes integers in the range 0-1023 require Standards Action
to be registered. New resultCode integers in the range 1024-4095
require Expert Review with Specification Required. New resultCode
integers in the range 4096-16383 will be registered on a First Come
First Served basis. Keywords associated with integers in the range
0-4095 SHALL NOT start with "e-" or "x-". Keywords associated with
integers in the range 4096-16383 SHALL start with "e-". Values
greater than or equal to 16384 and keywords starting with "x-" are
for Private Use and cannot be registered.
3.9. LDAP Search Scope
LDAP SearchRequest messages carry a scope enumerated value to
indicate the extend of search within the DIT [Protocol] Each search
value consists of a ASN.1 identifier in the form of a keyword and a
non-negative integer.
New scope integers in the range 0-1023 require Standards Action to be
registered. New scope integers in the range 1024-4095 require Expert
Review with Specification Required. New scope integers in the range
4096-16383 will be registered on a First Come First Served basis.
Keywords associated with integers in the range 0-4095 SHALL NOT start
with "e-" or "x-". Keywords associated with integers in the range
4096-16383 SHALL start with "e-". Values greater than or equal to
16384 and keywords starting with "x-" are for Private Use and cannot
be registered.
3.10. LDAP Filter Choice
LDAP filters are used in making assertions against an object
represented in the directory [Protocol]. The Filter CHOICE indicates
a type of assertion. Each Filter CHOICE consists of an ASN.1
identifier in the form of a keyword and a non-negative choice number.
The choice number is combined with the class (APPLICATION) and data
type (CONSTRUCTED or PRIMITIVE) to construct the BER tag in the
message's encoding.
New values will be registered upon Standards Action.
Note: LDAP provides the extensibleMatching choice which reduces, but
does not eliminate, the need to add new filter choices.
3.11. LDAP ModifyRequest Operation Type
The LDAP ModifyRequest carries a sequence of modification operations
[Protocol]. Each kind (e.g., add, delete, replace) of operation is
consists of a ASN.1 identifier in the form of a keyword and a
non-negative integer.
New operation integers in the range 0-1023 require Standards Action
to be registered. New operation integers in the range 1024-4095
require Expert Review with Specification Required. New integer
integers in the range 4096-16383 will be registered on a First Come
First Served basis. Keywords associated with integers in the range
0-4095 SHALL NOT start with "e-" or "x-". Keywords associated with
integers in the range 4096-16383 SHALL start with "e-". Values
greater than or equal to 16384 and keywords starting with "x-" are
for Private Use and cannot be registered.
3.12. LDAP authzId Prefixes
Authorization Identities in LDAP are strings conforming to the
<authzId> production [AuthMeth]. This production is extensible.
Each new specific authorization form is identified by a prefix string
conforming to the following ABNF:
prefix = keystring COLON
COLON = %x3A ; COLON (":" U+003A)
Prefixes are case-insensitive.
While the protocol places no maximum length restriction upon option
strings, they should be short. Options longer than 12 characters may
be viewed as too long to register.
Options beginning with "x-" are for Private Use and cannot be
registered.
Options beginning with "e-" are reserved for experiments and will be
registered on a First Come First Served basis.
All other options require Standards Action or Expert Review with
Specification Required to be registered.
3.13. Directory Systems Names
The IANA-maintained "Directory Systems Names" registry [IANADSN] of The IANA-maintained "Directory Systems Names" registry [IANADSN] of
valid keywords for well known attributes was used in the LDAPv2 valid keywords for well known attributes was used in the LDAPv2
string representation of a distinguished name [RFC1779]. LDAPv2 is string representation of a distinguished name [RFC1779]. LDAPv2 is
now Historic [RFC3494]. now Historic [RFC3494].
Directory systems names are not known to be used in any other Directory systems names are not known to be used in any other
context. LDAPv3 uses Object Identifier Descriptors [Section 3.2] context. LDAPv3 uses Object Identifier Descriptors [Section 3.2]
(which have a different syntax than directory system names). (which have a different syntax than directory system names).
skipping to change at page 11, line 37 skipping to change at page 13, line 26
Road Map", draft-ietf-ldapbis-roadmap-xx.txt, a work in Road Map", draft-ietf-ldapbis-roadmap-xx.txt, a work in
progress. progress.
[Protocol] Sermersheim, J. (editor), "LDAP: The Protocol", [Protocol] Sermersheim, J. (editor), "LDAP: The Protocol",
draft-ietf-ldapbis-protocol-xx.txt, a work in progress. draft-ietf-ldapbis-protocol-xx.txt, a work in progress.
[Models] Zeilenga, K. (editor), "LDAP: Directory Information [Models] Zeilenga, K. (editor), "LDAP: Directory Information
Models", draft-ietf-ldapbis-models-xx.txt, a work in Models", draft-ietf-ldapbis-models-xx.txt, a work in
progress. progress.
[Syntaxes] Legg, S. (editor), "LDAP: Syntaxes and Matching Rules",
draft-ietf-ldapbis-syntaxes-xx.txt, a work in progress.
[LDAPURL] Smith, M. (editor), "LDAP: Uniform Resource Locator", [LDAPURL] Smith, M. (editor), "LDAP: Uniform Resource Locator",
draft-ietf-ldapbis-url-xx.txt, a work in progress. draft-ietf-ldapbis-url-xx.txt, a work in progress.
[Unicode] The Unicode Consortium, "The Unicode Standard, Version [Unicode] The Unicode Consortium, "The Unicode Standard, Version
3.2.0" is defined by "The Unicode Standard, Version 3.0" 3.2.0" is defined by "The Unicode Standard, Version 3.0"
(Reading, MA, Addison-Wesley, 2000. ISBN 0-201-61633-5), (Reading, MA, Addison-Wesley, 2000. ISBN 0-201-61633-5),
as amended by the "Unicode Standard Annex #27: Unicode as amended by the "Unicode Standard Annex #27: Unicode
3.1" (http://www.unicode.org/reports/tr27/) and by the 3.1" (http://www.unicode.org/reports/tr27/) and by the
"Unicode Standard Annex #28: Unicode 3.2" "Unicode Standard Annex #28: Unicode 3.2"
(http://www.unicode.org/reports/tr28/). (http://www.unicode.org/reports/tr28/).
skipping to change at page 12, line 10 skipping to change at page 13, line 50
[X.680] International Telecommunication Union - [X.680] International Telecommunication Union -
Telecommunication Standardization Sector, "Abstract Telecommunication Standardization Sector, "Abstract
Syntax Notation One (ASN.1) - Specification of Basic Syntax Notation One (ASN.1) - Specification of Basic
Notation", X.680(1997) (also ISO/IEC 8824-1:1998). Notation", X.680(1997) (also ISO/IEC 8824-1:1998).
9.2. Informative References 9.2. Informative References
[RFC1779] Kille, S., "A String Representation of Distinguished [RFC1779] Kille, S., "A String Representation of Distinguished
Names", RFC 1779, March 1995. Names", RFC 1779, March 1995.
[IANADSN] IANA, "Directory Systems Names",
http://www.iana.org/assignments/directory-system-names.
[RFC3494] Zeilenga, K., "Lightweight Directory Access Protocol [RFC3494] Zeilenga, K., "Lightweight Directory Access Protocol
version 2 (LDAPv2) to Historic Status", RFC 3494, March version 2 (LDAPv2) to Historic Status", RFC 3494, March
2003. 2003.
[SASL] Melnikov, A. (Editor), "Simple Authentication and [SASL] Melnikov, A. (Editor), "Simple Authentication and
Security Layer (SASL)", Security Layer (SASL)",
draft-ietf-sasl-rfc2222bis-xx.txt, a work in progress. draft-ietf-sasl-rfc2222bis-xx.txt, a work in progress.
[IANADSN] IANA, "Directory Systems Names",
http://www.iana.org/assignments/directory-system-names.
Appendix A. Registration Templates Appendix A. Registration Templates
This appendix provides registration templates for registering new This appendix provides registration templates for registering new
LDAP values. LDAP values. Note that more than one value may be requested by
extending the template by listing multiple values, or through use of
tables.
A.1. LDAP Object Identifier Registration Template A.1. LDAP Object Identifier Registration Template
Subject: Request for LDAP OID Registration Subject: Request for LDAP OID Registration
Person & email address to contact for further information: Person & email address to contact for further information:
Specification: (I-D) Specification: (I-D)
Author/Change Controller: Author/Change Controller:
skipping to change at page 13, line 5 skipping to change at page 14, line 44
A.2. LDAP Protocol Mechanism Registration Template A.2. LDAP Protocol Mechanism Registration Template
Subject: Request for LDAP Protocol Mechanism Registration Subject: Request for LDAP Protocol Mechanism Registration
Object Identifier: Object Identifier:
Description: Description:
Person & email address to contact for further information: Person & email address to contact for further information:
Usage: (One of Control or Extension or Feature) Usage: (One of Control or Extension or Feature or other)
Specification: (I-D) Specification: (RFC, I-D, URI)
Author/Change Controller: Author/Change Controller:
Comments: Comments:
(Any comments that the requester deems relevant to the request) (Any comments that the requester deems relevant to the request)
A.3. LDAP Descriptor Registration Template A.3. LDAP Syntax Registration Template
Subject: Request for LDAP Syntax Registration
Object Identifier:
Description:
Person & email address to contact for further information:
Specification: (RFC, I-D, URI)
Author/Change Controller:
Comments:
(Any comments that the requester deems relevant to the request)
A.4. LDAP Descriptor Registration Template
Subject: Request for LDAP Descriptor Registration Subject: Request for LDAP Descriptor Registration
Descriptor (short name): Descriptor (short name):
Object Identifier: Object Identifier:
Person & email address to contact for further information: Person & email address to contact for further information:
Usage: (One of attribute type, URL extension, object class, Usage: (One of administrative role, attribute type, matching rule,
or other) name form, object class, URL extension, or other)
Specification: (RFC, I-D, URI) Specification: (RFC, I-D, URI)
Author/Change Controller: Author/Change Controller:
Comments: Comments:
(Any comments that the requester deems relevant to the request) (Any comments that the requester deems relevant to the request)
A.4. LDAP Attribute Description Option Registration Template A.5. LDAP Attribute Description Option Registration Template
Subject: Request for LDAP Attribute Description Option Registration Subject: Request for LDAP Attribute Description Option Registration
Option Name: Option Name:
Family of Options: (YES or NO) Family of Options: (YES or NO)
Person & email address to contact for further information: Person & email address to contact for further information:
Specification: (RFC, I-D, URI) Specification: (RFC, I-D, URI)
Author/Change Controller: Author/Change Controller:
Comments: Comments:
(Any comments that the requester deems relevant to the request) (Any comments that the requester deems relevant to the request)
A.5. LDAP Message Type Registration Template A.6. LDAP Message Type Registration Template
Subject: Request for LDAP Message Type Registration Subject: Request for LDAP Message Type Registration
LDAP Message Name: LDAP Message Name:
Person & email address to contact for further information: Person & email address to contact for further information:
Specification: (Approved I-D) Specification: (Approved I-D)
Comments: Comments:
(Any comments that the requester deems relevant to the request) (Any comments that the requester deems relevant to the request)
A.6. LDAP Result Code Registration Template A.7. LDAP Authentication Method Registration Template
Subject: Request for LDAP Authentication Method Registration
Authentication Method Name:
Person & email address to contact for further information:
Specification: (RFC, I-D, URI)
Intended Usage: (One of COMMON, LIMITED-USE, OBSOLETE)
Author/Change Controller:
Comments:
(Any comments that the requester deems relevant to the request)
A.8. LDAP Result Code Registration Template
Subject: Request for LDAP Result Code Registration Subject: Request for LDAP Result Code Registration
Result Code Name: Result Code Name:
Person & email address to contact for further information: Person & email address to contact for further information:
Specification: (RFC, I-D, URI) Specification: (RFC, I-D, URI)
Author/Change Controller: Author/Change Controller:
Comments: Comments:
(Any comments that the requester deems relevant to the request) (Any comments that the requester deems relevant to the request)
A.7. LDAP Authentication Method Registration Template A.8. LDAP Search Scope Registration Template
Subject: Request for LDAP Authentication Method Registration Subject: Request for LDAP Search Scope Registration
Authentication Method Name: Search Scope Name:
Filter Scope String:
Person & email address to contact for further information: Person & email address to contact for further information:
Specification: (RFC, I-D, URI) Specification: (RFC, I-D, URI)
Intended Usage: (One of COMMON, LIMITED-USE, OBSOLETE) Author/Change Controller:
Comments:
(Any comments that the requester deems relevant to the request)
A.9. LDAP Filter Choice Registration Template
Subject: Request for LDAP Filter Choice Registration
Filter Choice Name:
Person & email address to contact for further information:
Specification: (RFC, I-D, URI)
Author/Change Controller:
Comments:
(Any comments that the requester deems relevant to the request)
A.10. LDAP ModifyRequest Operation Registration Template
Subject: Request for LDAP ModifyRequest Operation Registration
ModifyRequest Operation Name:
Person & email address to contact for further information:
Specification: (RFC, I-D, URI)
Author/Change Controller: Author/Change Controller:
Comments: Comments:
(Any comments that the requester deems relevant to the request) (Any comments that the requester deems relevant to the request)
Appendix B. Changes since RFC 3383 Appendix B. Changes since RFC 3383
This informative appendix provides a summary of changes made since RFC This informative appendix provides a summary of changes made since RFC
skipping to change at page 15, line 24 skipping to change at page 18, line 41
- Object Identifier Descriptors practices were updated to require - Object Identifier Descriptors practices were updated to require
all descriptors defined in RFCs to be registered and all descriptors defined in RFCs to be registered and
recommending all other descriptors (excepting those in recommending all other descriptors (excepting those in
private-use name space) be registered. Additionally, all private-use name space) be registered. Additionally, all
requests for multiple registrations of the same descriptor are requests for multiple registrations of the same descriptor are
now subject to Expert Review. now subject to Expert Review.
- Protocol Mechanisms practices were updated to include values of - Protocol Mechanisms practices were updated to include values of
the 'supportedFeatures' attribute type. the 'supportedFeatures' attribute type.
- LDAP Syntax, Search Scope, Filter Choice, ModifyRequest
operation, and authzId prefixes registries were added.
[[Initial values provided in Appendix C. This Appendix is to be
removed by the RFC Editor before publication as an RFC.]]
- References to RFCs comprising the LDAP technical specifications - References to RFCs comprising the LDAP technical specifications
have been updated to latest revisions. have been updated to latest revisions.
- References to ISO 10646 have been replaced with [Unicode]. - References to ISO 10646 have been replaced with [Unicode].
- The "Assigned Values" appendix providing initial registry values - The "Assigned Values" appendix providing initial registry values
was removed. was removed.
- Numerous editorial changes were made. - Numerous editorial changes were made.
Appendix C. Initial Values for new registries
This appendix is to be removed by the RFC Editor before publication as
an RFC.
C.1. LDAP Syntaxes
See [Syntaxes].
C.2. LDAP Search Scopes
Name URLString Value Owner Reference
---------------- --------- ----- ----- -------------------
baseObject base 0 IESG [Protocol][LDAPURL]
singleLevel one 1 IESG [Protocol][LDAPURL]
wholeSubtree sub 2 IESG [Protocol][LDAPURL]
C.3. LDAP Filter Choices
Name Value Owner Reference
---------------- ----- ----- ---------
and 0 IESG [Protocol]
or 1 IESG [Protocol]
not 2 IESG [Protocol]
equalityMatch 3 IESG [Protocol]
substrings 4 IESG [Protocol]
greaterOrEqual 5 IESG [Protocol]
lessOrEqual 6 IESG [Protocol]
present 7 IESG [Protocol]
approxMatch 8 IESG [Protocol]
extensibleMatch 9 IESG [Protocol]
C.4. LDAP ModifyRequest Operations
Name Value Owner Reference
---------------- ----- ----- ---------
add 0 IESG [Protocol]
delete 1 IESG [Protocol]
replace 2 IESG [Protocol]
C.5. LDAP authzId prefixes
Name Prefix Owner Reference
---------------- ------ ----- ---------
dnAuthzId dn: IESG [AuthMeth]
uAuthzId u: IESG [AuthMeth]
Full Copyright Full Copyright
Copyright (C) The Internet Society (2004). This document is subject Copyright (C) The Internet Society (2004). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights. except as set forth therein, the authors retain all their rights.
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/