mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-27 03:20:22 +08:00
340 lines
9.7 KiB
Plaintext
340 lines
9.7 KiB
Plaintext
|
||
|
||
|
||
|
||
|
||
|
||
Network Working Group J. Hodges
|
||
Request for Comments: 3377 Sun Microsystems Inc.
|
||
Category: Standards Track R. Morgan
|
||
University of Washington
|
||
September 2002
|
||
|
||
|
||
Lightweight Directory Access Protocol (v3):
|
||
Technical Specification
|
||
|
||
Status of this Memo
|
||
|
||
This document specifies an Internet standards track protocol for the
|
||
Internet community, and requests discussion and suggestions for
|
||
improvements. Please refer to the current edition of the "Internet
|
||
Official Protocol Standards" (STD 1) for the standardization state
|
||
and status of this protocol. Distribution of this memo is unlimited.
|
||
|
||
Copyright Notice
|
||
|
||
Copyright (C) The Internet Society (2002). All Rights Reserved.
|
||
|
||
Abstract
|
||
|
||
This document specifies the set of RFCs comprising the Lightweight
|
||
Directory Access Protocol Version 3 (LDAPv3), and addresses the "IESG
|
||
Note" attached to RFCs 2251 through 2256.
|
||
|
||
1. Background and Motivation
|
||
|
||
The specification for the Lightweight Directory Access Protocol
|
||
version 3 (LDAPv3) nominally comprises eight RFCs which were issued
|
||
in two distinct subsets at separate times -- RFCs 2251 through 2256
|
||
first, then RFCs 2829 and 2830 following later.
|
||
|
||
RFC 2251 through 2256 do not mandate the implementation of any
|
||
satisfactory authentication mechanisms and hence were published with
|
||
an "IESG Note" discouraging implementation and deployment of LDAPv3
|
||
clients or servers implementing update functionality until a Proposed
|
||
Standard for mandatory authentication in LDAPv3 is published.
|
||
|
||
RFC 2829 was subsequently published in answer to the IESG Note.
|
||
|
||
The purpose of this document is to explicitly specify the set of RFCs
|
||
comprising LDAPv3, and formally address the IESG Note through
|
||
explicit inclusion of RFC 2829.
|
||
|
||
|
||
|
||
|
||
|
||
Hodges & Morgan Standards Track [Page 1]
|
||
|
||
RFC 3377 LDAPv3: Technical Specification September 2002
|
||
|
||
|
||
2. Specification of LDAPv3
|
||
|
||
The Lightweight Directory Access Protocol version 3 (LDAPv3) is
|
||
specified by this set of nine RFCs:
|
||
|
||
[RFC2251] Lightweight Directory Access Protocol (v3) [the
|
||
specification of the LDAP on-the-wire protocol]
|
||
|
||
[RFC2252] Lightweight Directory Access Protocol (v3): Attribute
|
||
Syntax Definitions
|
||
|
||
[RFC2253] Lightweight Directory Access Protocol (v3): UTF-8
|
||
String Representation of Distinguished Names
|
||
|
||
[RFC2254] The String Representation of LDAP Search Filters
|
||
|
||
[RFC2255] The LDAP URL Format
|
||
|
||
[RFC2256] A Summary of the X.500(96) User Schema for use with
|
||
LDAPv3
|
||
|
||
[RFC2829] Authentication Methods for LDAP
|
||
|
||
[RFC2830] Lightweight Directory Access Protocol (v3): Extension
|
||
for Transport Layer Security
|
||
|
||
And, this document (RFC3377).
|
||
|
||
The term "LDAPv3" is often used informally to refer to the protocol
|
||
specified by the above set of RFCs, or subsets thereof. However, the
|
||
LDAPv3 protocol suite, as defined here, should be formally identified
|
||
in other documents by a normative reference to this document.
|
||
|
||
3. Addressing the "IESG Note" in RFCs 2251 through 2256
|
||
|
||
The IESG approved publishing RFCs 2251 through 2256 with an attendant
|
||
IESG Note included in each document. The Note begins with:
|
||
|
||
This document describes a directory access protocol that provides
|
||
both read and update access. Update access requires secure
|
||
authentication, but this document does not mandate implementation
|
||
of any satisfactory authentication mechanisms.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Hodges & Morgan Standards Track [Page 2]
|
||
|
||
RFC 3377 LDAPv3: Technical Specification September 2002
|
||
|
||
|
||
The Note ends with this statement:
|
||
|
||
Implementors are hereby discouraged from deploying LDAPv3 clients
|
||
or servers which implement the update functionality, until a
|
||
Proposed Standard for mandatory authentication in LDAPv3 has been
|
||
approved and published as an RFC.
|
||
|
||
[RFC2829] is expressly the "Proposed Standard for mandatory
|
||
authentication in LDAPv3" called for in the Note. Thus, the IESG
|
||
Note in [RFC2251], [RFC2252], [RFC2253], [RFC2254], [RFC2255], and
|
||
[RFC2256] is addressed.
|
||
|
||
4. Security Considerations
|
||
|
||
This document does not directly discuss security, although the
|
||
context of the aforementioned IESG Note is security related, as is
|
||
the manner in which it is addressed.
|
||
|
||
Please refer to the referenced documents, especially [RFC2829],
|
||
[RFC2251], and [RFC2830], for further information concerning LDAPv3
|
||
security.
|
||
|
||
5. Acknowledgements
|
||
|
||
The authors thank Patrik Faltstrom, Leslie Daigle, Thomas Narten, and
|
||
Kurt Zeilenga for their contributions to this document.
|
||
|
||
6. References
|
||
|
||
[RFC2251] Wahl, M., Kille, S. and T. Howes, "Lightweight Directory
|
||
Access Protocol (v3)", RFC 2251, December 1997.
|
||
|
||
[RFC2252] Wahl, M., Coulbeck, A., Howes, T. and S. Kille,
|
||
"Lightweight Directory Access Protocol (v3): Attribute
|
||
Syntax Definitions", RFC 2252, December 1997.
|
||
|
||
[RFC2253] Kille, S., Wahl, M. and T. Howes, "Lightweight Directory
|
||
Access Protocol (v3): UTF-8 String Representation of
|
||
Distinguished Names", RFC 2253, December 1997.
|
||
|
||
[RFC2254] Howes, T., "The String Representation of LDAP Search
|
||
Filters", RFC 2254, December 1997.
|
||
|
||
[RFC2255] Howes, T. and M. Smith, "The LDAP URL Format", RFC 2255,
|
||
December 1997.
|
||
|
||
[RFC2256] Wahl, M., "A Summary of the X.500(96) User Schema for use
|
||
with LDAPv3", RFC 2256, December 1997.
|
||
|
||
|
||
|
||
Hodges & Morgan Standards Track [Page 3]
|
||
|
||
RFC 3377 LDAPv3: Technical Specification September 2002
|
||
|
||
|
||
[RFC2829] Wahl, M., Alvestrand, H., Hodges, J. and R. Morgan,
|
||
"Authentication Methods for LDAP", RFC 2829, May 2000.
|
||
|
||
[RFC2830] Hodges, J., Morgan, R. and M. Wahl, "Lightweight Directory
|
||
Access Protocol (v3): Extension for Transport Layer
|
||
Security", RFC 2830, May 2000.
|
||
|
||
7. Intellectual Property Rights Notices
|
||
|
||
The IETF takes no position regarding the validity or scope of any
|
||
intellectual property or other rights that might be claimed to
|
||
pertain to the implementation or use of the technology described in
|
||
this document or the extent to which any license under such rights
|
||
might or might not be available; neither does it represent that it
|
||
has made any effort to identify any such rights. Information on the
|
||
IETF's procedures with respect to rights in standards-track and
|
||
standards-related documentation can be found in BCP-11. Copies of
|
||
claims of rights made available for publication and any assurances of
|
||
licenses to be made available, or the result of an attempt made to
|
||
obtain a general license or permission for the use of such
|
||
proprietary rights by implementors or users of this specification can
|
||
be obtained from the IETF Secretariat.
|
||
|
||
The IETF invites any interested party to bring to its attention any
|
||
copyrights, patents or patent applications, or other proprietary
|
||
rights which may cover technology that may be required to practice
|
||
this standard. Please address the information to the IETF Executive
|
||
Director.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Hodges & Morgan Standards Track [Page 4]
|
||
|
||
RFC 3377 LDAPv3: Technical Specification September 2002
|
||
|
||
|
||
8. Authors' Addresses
|
||
|
||
Jeff Hodges
|
||
Sun Microsystems, Inc.
|
||
901 San Antonio Road, USCA22-212
|
||
Palo Alto, CA 94303
|
||
USA
|
||
|
||
Phone: +1-408-276-5467
|
||
EMail: Jeff.Hodges@sun.com
|
||
|
||
|
||
RL "Bob" Morgan
|
||
Computing and Communications
|
||
University of Washington
|
||
Seattle, WA
|
||
USA
|
||
|
||
Phone: +1-206-221-3307
|
||
EMail: rlmorgan@washington.edu
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Hodges & Morgan Standards Track [Page 5]
|
||
|
||
RFC 3377 LDAPv3: Technical Specification September 2002
|
||
|
||
|
||
9. Full Copyright Statement
|
||
|
||
Copyright (C) The Internet Society (2002). All Rights Reserved.
|
||
|
||
This document and translations of it may be copied and furnished to
|
||
others, and derivative works that comment on or otherwise explain it
|
||
or assist in its implementation may be prepared, copied, published
|
||
and distributed, in whole or in part, without restriction of any
|
||
kind, provided that the above copyright notice and this paragraph are
|
||
included on all such copies and derivative works. However, this
|
||
document itself may not be modified in any way, such as by removing
|
||
the copyright notice or references to the Internet Society or other
|
||
Internet organizations, except as needed for the purpose of
|
||
developing Internet standards in which case the procedures for
|
||
copyrights defined in the Internet Standards process must be
|
||
followed, or as required to translate it into languages other than
|
||
English.
|
||
|
||
The limited permissions granted above are perpetual and will not be
|
||
revoked by the Internet Society or its successors or assigns.
|
||
|
||
This document and the information contained herein is provided on an
|
||
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
|
||
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
|
||
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
|
||
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
|
||
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||
|
||
Acknowledgement
|
||
|
||
Funding for the RFC Editor function is currently provided by the
|
||
Internet Society.
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
Hodges & Morgan Standards Track [Page 6]
|
||
|