mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-01-06 10:46:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

Approved revision

Browse Source
This commit is contained in:
Kurt Zeilenga 2006-01-31 18:49:32 +00:00
parent 4f63fb900f
commit c80b8626b9
1 changed files with 93 additions and 93 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

186
doc/drafts/draft-legg-ldap-binary-xx.txt
View File

@ -5,15 +5,14 @@
INTERNET-DRAFT S. Legg INTERNET-DRAFT S. Legg
draft-legg-ldap-binary-03.txt eB2Bcom draft-legg-ldap-binary-04.txt eB2Bcom
Intended Category: Standards Track 7 June 2005 Intended Category: Standards Track 30 January 2006
Updates: [SYNTAX]
Lightweight Directory Access Protocol (LDAP): Lightweight Directory Access Protocol (LDAP):
The Binary Encoding Option The Binary Encoding Option
Copyright (C) The Internet Society (2005). All Rights Reserved. Copyright (C) The Internet Society (2006).
Status of this Memo Status of this Memo
@ -22,9 +21,6 @@ Updates: [SYNTAX]
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
By submitting this Internet-draft, I accept the provisions of Section
3 of BCP 78.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as other groups may also distribute working documents as
@ -46,24 +42,24 @@ Updates: [SYNTAX]
<ietf-ldapbis@openldap.org>. Please send editorial comments directly <ietf-ldapbis@openldap.org>. Please send editorial comments directly
to the editor <steven.legg@eb2bcom.com>. to the editor <steven.legg@eb2bcom.com>.
This Internet-Draft expires on 7 December 2005. This Internet-Draft expires on 30 July 2006.
Abstract Abstract
Each attribute stored in a Lightweight Directory Access Protocol Each attribute stored in a Lightweight Directory Access Protocol
(LDAP) directory has a defined syntax (i.e., data type). A syntax (LDAP) directory has a defined syntax (i.e., data type). A syntax
Legg Expires 7 December 2005 [Page 1]
INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
definition specifies how attribute values conforming to the syntax definition specifies how attribute values conforming to the syntax
are normally represented when transferred in LDAP operations. This are normally represented when transferred in LDAP operations. This
representation is referred to as the LDAP-specific encoding to representation is referred to as the LDAP-specific encoding to
distinguish it from other methods of encoding attribute values. This distinguish it from other methods of encoding attribute values. This
Legg Expires 30 July 2006 [Page 1]
INTERNET-DRAFT LDAP: The Binary Encoding Option January 30, 2006
document defines an attribute option, the binary option, which can be document defines an attribute option, the binary option, which can be
used to specify that the associated attribute values are instead used to specify that the associated attribute values are instead
encoded according to the Basic Encoding Rules (BER) used by X.500 encoded according to the Basic Encoding Rules (BER) used by X.500
@ -111,9 +107,13 @@ INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
Legg Expires 7 December 2005 [Page 2]
Legg Expires 30 July 2006 [Page 2]
INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005 INTERNET-DRAFT LDAP: The Binary Encoding Option January 30, 2006
Table of Contents Table of Contents
@ -123,11 +123,11 @@ Table of Contents
3. The binary Option. . . . . . . . . . . . . . . . . . . . . . . 4 3. The binary Option. . . . . . . . . . . . . . . . . . . . . . . 4
4. Syntaxes Requiring Binary Transfer . . . . . . . . . . . . . . 4 4. Syntaxes Requiring Binary Transfer . . . . . . . . . . . . . . 4
5. Attributes Returned in a Search. . . . . . . . . . . . . . . . 5 5. Attributes Returned in a Search. . . . . . . . . . . . . . . . 5
6. All User Attributes. . . . . . . . . . . . . . . . . . . . . . 5 6. All User Attributes. . . . . . . . . . . . . . . . . . . . . . 6
7. Conflicting Requests . . . . . . . . . . . . . . . . . . . . . 6 7. Conflicting Requests . . . . . . . . . . . . . . . . . . . . . 6
8. Security Considerations. . . . . . . . . . . . . . . . . . . . 6 8. Security Considerations. . . . . . . . . . . . . . . . . . . . 6
9. IANA Considerations. . . . . . . . . . . . . . . . . . . . . . 6 9. IANA Considerations. . . . . . . . . . . . . . . . . . . . . . 6
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7
10.1. Normative References. . . . . . . . . . . . . . . . . . 7 10.1. Normative References. . . . . . . . . . . . . . . . . . 7
10.2. Informative References. . . . . . . . . . . . . . . . . 7 10.2. Informative References. . . . . . . . . . . . . . . . . 7
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 8 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 8
@ -155,21 +155,25 @@ Table of Contents
The binary option was originally defined in RFC 2251 [RFC2251]. The The binary option was originally defined in RFC 2251 [RFC2251]. The
LDAP technical specification [ROADMAP] has obsoleted the previously LDAP technical specification [ROADMAP] has obsoleted the previously
defined LDAP technical specification [RFC3377], which included RFC defined LDAP technical specification [RFC3377], which included RFC
2251. However the binary option was not included in the newer LDAP 2251. The binary option was not included in the revised LDAP
technical specification due to a lack of consistency in its technical specification for a variety of reasons including
implementation. This document reintroduces the binary option. implementation inconsistencies. No attempt is made here to resolve
However, except for the case of certain attribute syntaxes whose the known inconsistencies.
values are required to BER encoded, no attempt is made here to
eliminate the known consistency problems. Rather the focus is on This document reintroduces the binary option for use with certain
capturing current behaviours. A more thorough solution is left for a attribute syntaxes, such as certificate syntax [PKI], which
future specification. specifically require it. No attempt has been made to address use of
the binary option with attributes of syntaxes which do not require
Legg Expires 30 July 2006 [Page 3]
Legg Expires 7 December 2005 [Page 3]
INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005 INTERNET-DRAFT LDAP: The Binary Encoding Option January 30, 2006
its use. Unless addressed in a future specification, this use is to
be avoided.
2. Conventions 2. Conventions
@ -177,7 +181,7 @@ INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in BCP 14, RFC 2119 document are to be interpreted as described in BCP 14, RFC 2119
[KEYWORD]. [BCP14].
3. The binary Option 3. The binary Option
@ -216,24 +220,26 @@ INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
4. Syntaxes Requiring Binary Transfer 4. Syntaxes Requiring Binary Transfer
Legg Expires 30 July 2006 [Page 4]
INTERNET-DRAFT LDAP: The Binary Encoding Option January 30, 2006
The attribute values of certain attribute syntaxes are defined The attribute values of certain attribute syntaxes are defined
without an LDAP-specific encoding and are required to be transferred without an LDAP-specific encoding and are required to be transferred
in the BER encoded form. For the purposes of this document, these in the BER encoded form. For the purposes of this document, these
syntaxes are said to have a binary transfer requirement. The syntaxes are said to have a binary transfer requirement. The
Legg Expires 7 December 2005 [Page 4]
INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
Certificate, Certificate List, Certificate Pair and Supported Certificate, Certificate List, Certificate Pair and Supported
Algorithm syntaxes [PKI] are examples of syntaxes with a binary Algorithm syntaxes [PKI] are examples of syntaxes with a binary
transfer requirement. These syntaxes also have an additional transfer requirement. These syntaxes also have an additional
requirement that the exact BER encoding must be preserved. Note that requirement that the exact BER encoding must be preserved. Note that
this is a property of the syntaxes themselves, and not a property of this is a property of the syntaxes themselves, and not a property of
the binary option. the binary option. In the absence of this requirement, LDAP clients
would need to re-encode values using the Distinguished Encoding Rules
(DER).
5. Attributes Returned in a Search 5. Attributes Returned in a Search
@ -270,20 +276,20 @@ INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
requested encoding. requested encoding.
Regardless of the encoding chosen, a particular attribute value is Regardless of the encoding chosen, a particular attribute value is
Legg Expires 30 July 2006 [Page 5]
INTERNET-DRAFT LDAP: The Binary Encoding Option January 30, 2006
returned at most once. returned at most once.
6. All User Attributes 6. All User Attributes
If the list of attributes in a search request is empty, or contains If the list of attributes in a search request is empty, or contains
the special attribute description string "*", then all user the special attribute description string "*", then all user
Legg Expires 7 December 2005 [Page 5]
INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
attributes are requested to be returned. attributes are requested to be returned.
Attributes of a syntax with the binary transfer requirement, if Attributes of a syntax with the binary transfer requirement, if
@ -326,6 +332,14 @@ INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
Family of Options: NO Family of Options: NO
Person & email address to contact for further information: Person & email address to contact for further information:
Steven Legg <steven.legg@eb2bcom.com> Steven Legg <steven.legg@eb2bcom.com>
Legg Expires 30 July 2006 [Page 6]
INTERNET-DRAFT LDAP: The Binary Encoding Option January 30, 2006
Specification: RFC XXXX Specification: RFC XXXX
Author/Change Controller: IESG Author/Change Controller: IESG
Comments: The existing registration for "binary" Comments: The existing registration for "binary"
@ -333,21 +347,14 @@ INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
10. References 10. References
Legg Expires 7 December 2005 [Page 6]
INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
10.1. Normative References 10.1. Normative References
[KEYWORD] Bradner, S., "Key words for use in RFCs to Indicate [BCP14] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[BCP64] Zeilenga, K., "Internet Assigned Numbers Authority (IANA) [BCP64] Zeilenga, K., "Internet Assigned Numbers Authority (IANA)
Considerations for the Lightweight Directory Access Considerations for the Lightweight Directory Access
Protcol (LDAP)", BCP 64, RFC 3383, September 2002. Protocol (LDAP)", BCP 64, RFC 3383, September 2002.
[ROADMAP] Zeilenga, K., "Lightweight Directory Access Protocol [ROADMAP] Zeilenga, K., "Lightweight Directory Access Protocol
(LDAP): Technical Specification Road Map", (LDAP): Technical Specification Road Map",
@ -360,17 +367,17 @@ INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
[PROT] Sermersheim, J., "LDAP: The Protocol", [PROT] Sermersheim, J., "LDAP: The Protocol",
draft-ietf-ldapbis-protocol-xx.txt, a work in progress, draft-ietf-ldapbis-protocol-xx.txt, a work in progress,
February 2005. October 2005.
[SYNTAX] Legg, S. and K. Dally, "Lightweight Directory Access [SYNTAX] Legg, S., "Lightweight Directory Access Protocol (LDAP):
Protocol (LDAP): Syntaxes and Matching Rules", Syntaxes and Matching Rules",
draft-ietf-ldapbis-syntaxes-xx.txt, a work in progress, draft-ietf-ldapbis-syntaxes-xx.txt, a work in progress,
February 2005. June 2005.
[PKI] Zeilenga, Kurt D., "Lightweight Directory Access Protocol [PKI] Zeilenga, Kurt D., "Lightweight Directory Access Protocol
(LDAP) schema definitions for X.509 Certificates", (LDAP) schema definitions for X.509 Certificates",
draft-zeilenga-ldap-x509-xx.txt, a work in progress, draft-zeilenga-ldap-x509-xx.txt, a work in progress, July
February 2005. 2005.
[BER] ITU-T Recommendation X.690 (07/02) | ISO/IEC 8825-1, [BER] ITU-T Recommendation X.690 (07/02) | ISO/IEC 8825-1,
Information Technology - ASN.1 encoding rules: Information Technology - ASN.1 encoding rules:
@ -381,27 +388,27 @@ INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
10.2. Informative References 10.2. Informative References
[RFC2251] Wahl, M., Howes, T. and S. Kille, "Lightweight Directory [RFC2251] Wahl, M., Howes, T. and S. Kille, "Lightweight Directory
Legg Expires 30 July 2006 [Page 7]
INTERNET-DRAFT LDAP: The Binary Encoding Option January 30, 2006
Access Protocol (v3)", RFC 2251, December 1997. Access Protocol (v3)", RFC 2251, December 1997.
[RFC3377] Hodges, J. and R. Morgan, "Lightweight Directory Access [RFC3377] Hodges, J. and R. Morgan, "Lightweight Directory Access
Protocol (v3): Technical Specification", RFC 3377, Protocol (v3): Technical Specification", RFC 3377,
September 2002. September 2002.
[X.500] ITU-T Recommendation X.500 (1993) | ISO/IEC 9594-1:1994, [X.500] ITU-T Recommendation X.500 (02/01) | ISO/IEC 9594-1:2001,
Information technology - Open Systems Interconnection -
The Directory: Overview of concepts, models and services
Legg Expires 7 December 2005 [Page 7]
INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
"Information Technology - Open Systems Interconnection -
The Directory: Overview of concepts, models and services".
Author's Address Author's Address
Steven Legg Dr. Steven Legg
eB2Bcom eB2Bcom
Suite 3, Woodhouse Corporate Centre Suite 3, Woodhouse Corporate Centre
935 Station Street 935 Station Street
@ -414,7 +421,7 @@ Author's Address
Full Copyright Statement Full Copyright Statement
Copyright (C) The Internet Society (2005). Copyright (C) The Internet Society (2006).
This document is subject to the rights, licenses and restrictions This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors contained in BCP 78, and except as set forth therein, the authors
@ -437,6 +444,14 @@ Intellectual Property
might or might not be available; nor does it represent that it has might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be on the procedures with respect to rights in RFC documents can be
Legg Expires 30 July 2006 [Page 8]
INTERNET-DRAFT LDAP: The Binary Encoding Option January 30, 2006
found in BCP 78 and BCP 79. found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any Copies of IPR disclosures made to the IETF Secretariat and any
@ -444,14 +459,6 @@ Intellectual Property
attempt made to obtain a general license or permission for the use of attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at specification can be obtained from the IETF on-line IPR repository at
Legg Expires 7 December 2005 [Page 8]
INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
http://www.ietf.org/ipr. http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
@ -496,12 +503,5 @@ INTERNET-DRAFT LDAP: The Binary Encoding Option June 7, 2005
Legg Expires 30 July 2006 [Page 9]
Legg Expires 7 December 2005 [Page 9]