RFC - 2252
Lightweight Directory Access Protocol (v3): Attribute Syntax Definitions
| Original: | ftp://ftp.isi.edu/in-notes/rfc2252.txt |
|---|---|
| Authors: | M. Wahl [Critical Angle Inc.], A. Coulbeck [Isode Inc.], T. Howes [Netscape Communications Corp.], S. Kille [Isode Limited] |
| Date: | December 1997 |
| Category: | Informational |
| This specification has been !!! obsoleted !!! | |
| Obsoleted by: | |
|---|---|
| RFC-4523prop | Lightweight Directory Access Protocol (LDAP) Schema Definitions for X.509 Certificates |
| RFC-4517prop | Lightweight Directory Access Protocol (LDAP): Syntaxes and Matching Rules |
| RFC-4512prop | Lightweight Directory Access Protocol (LDAP): Directory Information Models |
| RFC-4510prop | Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map |
| Updated by: | |
|---|---|
| RFC-3377 | Lightweight Directory Access Protocol (v3): Technical Specification (Obsoleted by RFC-4510prop) |
| Referred by: | 59 RFC |
| Refers to: | 9 RFC |
Status
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1997). All Rights Reserved.
IESG Note
This document describes a directory access protocol that provides both read and update access. Update access requires secure authentication, but this document does not mandate implementation of any satisfactory authentication mechanisms.
In accordance with RFC 2026, section 4.4.1, this specification is being approved by IESG as a Proposed Standard despite this limitation, for the following reasons:
- to encourage implementation and interoperability testing of these protocols (with or without update access) before they are deployed, and
- to encourage deployment and use of these protocols in read-only applications. (e.g. applications where LDAPv3 is used as a query language for directories which are updated by some secure mechanism other than LDAP), and
- to avoid delaying the advancement and deployment of other Internet standards-track protocols which require the ability to query, but not update, LDAPv3 directory servers.
Readers are hereby warned that until mandatory authentication mechanisms are standardized, clients and servers written according to this specification which make use of update functionality are UNLIKELY TO INTEROPERATE, or MAY INTEROPERATE ONLY IF AUTHENTICATION IS REDUCED TO AN UNACCEPTABLY WEAK LEVEL.
Implementors are hereby discouraged from deploying LDAPv3 clients or servers which implement the update functionality, until a Proposed Standard for mandatory authentication in LDAPv3 has been approved and published as an RFC.
Abstract
The Lightweight Directory Access Protocol (LDAP) [1] requires that the contents of AttributeValue fields in protocol elements be octet strings. This document defines a set of syntaxes for LDAPv3, and the rules by which attribute values of these syntaxes are represented as octet strings for transmission in the LDAP protocol. The syntaxes defined in this document are referenced by this and other documents that define attribute types. This document also defines the set of attribute types which LDAP servers should support.
-
prepared by Miloslav Nic
- the founder of Zvon.org and Law-Ref.org
- the head of B.Sc. program Informatics and chemistry [in Czech]
- the founder of Lidem.org - Volby 2006 - parliamentary elections in the Czech Republic [in Czech]
- the chief consultant of the publishing house ICT Press
- and Pavel Srb, a student of B.Sc. program Informatics and chemistry