1Net::LDAP::RFC(3)     User Contributed Perl Documentation    Net::LDAP::RFC(3)
2
3
4

NAME

6       Net::LDAP::RFC - List of related RFC's
7

SYNOPSIS

9         none
10

DESCRIPTION

12       The LDAP protocol is defined in the following RFC's
13

Core LDAP Specification

15   RFC-4510 Lightweight Directory Access Protocol (LDAP): Technical
16       Specification Road Map
17       http://www.ietf.org/rfc/rfc4510.txt
18
19       The Lightweight Directory Access Protocol (LDAP) is an Internet
20       protocol for accessing distributed directory services that act in
21       accordance with X.500 data and service models.  This document provides
22       a road map of the LDAP Technical Specification.
23
24   RFC-4511 Lightweight Directory Access Protocol (LDAP): The Protocol
25       http://www.ietf.org/rfc/rfc4511.txt
26
27       This document describes the protocol elements, along with their
28       semantics and encodings, of the Lightweight Directory Access Protocol
29       (LDAP).  LDAP provides access to distributed directory services that
30       act in accordance with X.500 data and service models.  These protocol
31       elements are based on those described in the X.500 Directory Access
32       Protocol (DAP).
33
34   RFC-4512 Lightweight Directory Access Protocol (LDAP): Directory
35       Information Models
36       http://www.ietf.org/rfc/rfc4512.txt
37
38       The Lightweight Directory Access Protocol (LDAP) is an Internet
39       protocol for accessing distributed directory services that act in
40       accordance with X.500 data and service models.  This document describes
41       the X.500 Directory Information Models, as used in LDAP.
42
43   RFC-4513 Lightweight Directory Access Protocol (LDAP): Authentication
44       Methods and Security Mechanisms
45       http://www.ietf.org/rfc/rfc4513.txt
46
47       This document describes authentication methods and security mechanisms
48       of the Lightweight Directory Access Protocol (LDAP).  This document
49       details establishment of Transport Layer Security (TLS) using the
50       StartTLS operation.
51
52       This document details the simple Bind authentication method including
53       anonymous, unauthenticated, and name/password mechanisms and the Simple
54       Authentication and Security Layer (SASL) Bind authentication method
55       including the EXTERNAL mechanism.
56
57       This document discusses various authentication and authorization states
58       through which a session to an LDAP server may pass and the actions that
59       trigger these state changes.
60
61   RFC-4514 Lightweight Directory Access Protocol (LDAP): String
62       Representation of Distinguished Names
63       http://www.ietf.org/rfc/rfc4514.txt
64
65       The X.500 Directory uses distinguished names (DNs) as primary keys to
66       entries in the directory.  This document defines the string
67       representation used in the Lightweight Directory Access Protocol (LDAP)
68       to transfer distinguished names.  The string representation is designed
69       to give a clean representation of commonly used distinguished names,
70       while being able to represent any distinguished name.
71
72   RFC-4515 Lightweight Directory Access Protocol (LDAP): String
73       Representation of Search Filters
74       http://www.ietf.org/rfc/rfc4515.txt
75
76       Lightweight Directory Access Protocol (LDAP) search filters are
77       transmitted in the LDAP protocol using a binary representation that is
78       appropriate for use on the network.  This document defines a human-
79       readable string representation of LDAP search filters that is
80       appropriate for use in LDAP URLs (RFC 4516) and in other applications.
81
82   RFC-4516 Lightweight Directory Access Protocol (LDAP): Uniform Resource
83       Locator
84       http://www.ietf.org/rfc/rfc4516.txt
85
86       This document describes a format for a Lightweight Directory Access
87       Protocol (LDAP) Uniform Resource Locator (URL).  An LDAP URL describes
88       an LDAP search operation that is used to retrieve information from an
89       LDAP directory, or, in the context of an LDAP referral or reference, an
90       LDAP URL describes a service where an LDAP operation may be progressed.
91
92   RFC-4517 Lightweight Directory Access Protocol (LDAP): Syntaxes and
93       Matching Rules
94       http://www.ietf.org/rfc/rfc4517.txt
95
96       Each attribute stored in a Lightweight Directory Access Protocol (LDAP)
97       directory, whose values may be transferred in the LDAP protocol, has a
98       defined syntax that constrains the structure and format of its values.
99       The comparison semantics for values of a syntax are not part of the
100       syntax definition but are instead provided through separately defined
101       matching rules.  Matching rules specify an argument, an assertion
102       value, which also has a defined syntax.  This document defines a base
103       set of syntaxes and matching rules for use in defining attributes for
104       LDAP directories.
105
106   RFC-4518 Lightweight Directory Access Protocol (LDAP): Internationalized
107       String Preparation
108       http://www.ietf.org/rfc/rfc4518.txt
109
110       The previous Lightweight Directory Access Protocol (LDAP) technical
111       specifications did not precisely define how character string matching
112       is to be performed.  This led to a number of usability and
113       interoperability problems.  This document defines string preparation
114       algorithms for character-based matching rules defined for use in LDAP.
115
116   RFC-4519 Lightweight Directory Access Protocol (LDAP): Schema for User
117       Applications
118       http://www.ietf.org/rfc/rfc4519.txt
119
120       This document is an integral part of the Lightweight Directory Access
121       Protocol (LDAP) technical specification.  It provides a technical
122       specification of attribute types and object classes intended for use by
123       LDAP directory clients for many directory services, such as White
124       Pages.  These objects are widely used as a basis for the schema in many
125       LDAP directories.  This document does not cover attributes used for the
126       administration of directory servers, nor does it include directory
127       objects defined for specific uses in other documents.
128
130   RFC-4532 Lightweight Directory Access Protocol (LDAP) Who am I? Operation
131       http://www.ietf.org/rfc/rfc4532.txt
132
133       This specification provides a mechanism for Lightweight Directory
134       Access Protocol (LDAP) clients to obtain the authorization identity the
135       server has associated with the user or application entity.  This
136       mechanism is specified as an LDAP extended operation called the LDAP
137       "Who am I?" operation.
138
139   RFC-4530 Lightweight Directory Access Protocol (LDAP) entryUUID Operational
140       Attribute
141       http://www.ietf.org/rfc/rfc4530.txt
142
143       This document describes the LDAP/X.500 'entryUUID' operational
144       attribute and associated matching rules and syntax.  The attribute
145       holds a server-assigned Universally Unique Identifier (UUID) for the
146       object.  Directory clients may use this attribute to distinguish
147       objects identified by a distinguished name or to locate an object after
148       renaming.
149
150   RFC-4528 Lightweight Directory Access Protocol (LDAP) Assertion Control
151       http://www.ietf.org/rfc/rfc4528.txt
152
153       This document defines the Lightweight Directory Access Protocol (LDAP)
154       Assertion Control, which allows a client to specify that a directory
155       operation should only be processed if an assertion applied to the
156       target entry of the operation is true.  It can be used to construct
157       "test and set", "test and clear", and other conditional operations.
158
159   RFC-4527 Lightweight Directory Access Protocol (LDAP) Read Entry Controls
160       http://www.ietf.org/rfc/rfc4527.txt
161
162       This document specifies an extension to the Lightweight Directory
163       Access Protocol (LDAP) to allow the client to read the target entry of
164       an update operation.  The client may request to read the entry before
165       and/or after the modifications are applied.  These reads are done as an
166       atomic part of the update operation.
167
168   RFC-4526 Lightweight Directory Access Protocol (LDAP) Absolute True and
169       False Filters
170       http://www.ietf.org/rfc/rfc4526.txt
171
172       This document extends the Lightweight Directory Access Protocol (LDAP)
173       to support absolute True and False filters based upon similar
174       capabilities found in X.500 directory systems.  The document also
175       extends the String Representation of LDAP Search Filters to support
176       these filters.
177
178   RFC-4524 COSINE LDAP/X.500 Schema
179       http://www.ietf.org/rfc/rfc4524.txt
180
181       This document provides a collection of schema elements for use with the
182       Lightweight Directory Access Protocol (LDAP) from the COSINE and
183       Internet X.500 pilot projects.
184
185   RFC-4523 Lightweight Directory Access Protocol (LDAP) Schema Definitions
186       for X.509 Certificates
187       http://www.ietf.org/rfc/rfc4523.txt
188
189       This document describes schema for representing X.509 certificates,
190       X.521 security information, and related elements in directories
191       accessible using the Lightweight Directory Access Protocol (LDAP).  The
192       LDAP definitions for these X.509 and X.521 schema elements replace
193       those provided in RFCs 2252 and 2256.
194
195   RFC-4522 Lightweight Directory Access Protocol (LDAP): The Binary Encoding
196       Option
197       http://www.ietf.org/rfc/rfc4522.txt
198
199       Each attribute stored in a Lightweight Directory Access Protocol (LDAP)
200       directory has a defined syntax (i.e., data type).  A syntax definition
201       specifies how attribute values conforming to the syntax are normally
202       represented when transferred in LDAP operations.  This representation
203       is referred to as the LDAP-specific encoding to distinguish it from
204       other methods of encoding attribute values.  This document defines an
205       attribute option, the binary option, that can be used to specify that
206       the associated attribute values are instead encoded according to the
207       Basic Encoding Rules (BER) used by X.500 directories.
208
209   RFC-4370 Lightweight Directory Access Protocol (LDAP) Proxied Authorization
210       Control
211       http://www.ietf.org/rfc/rfc4370.txt
212
213       This document defines the Lightweight Directory Access Protocol (LDAP)
214       Proxy Authorization Control.  The Proxy Authorization Control allows a
215       client to request that an operation be processed under a provided
216       authorization identity instead of under the current authorization
217       identity associated with the connection.
218
219   RFC-3928 Lightweight Directory Access Protocol (LDAP) Client Update
220       Protocol (LCUP)
221       http://www.ietf.org/rfc/rfc3928.txt
222
223       This document defines the Lightweight Directory Access Protocol (LDAP)
224       Client Update Protocol (LCUP).  The protocol is intended to allow an
225       LDAP client to synchronize with the content of a directory information
226       tree (DIT) stored by an LDAP server and to be notified about the
227       changes to that content.
228
229   RFC-3909 Lightweight Directory Access Protocol (LDAP) Cancel Operation
230       http://www.ietf.org/rfc/rfc3909.txt
231
232       This specification describes a Lightweight Directory Access Protocol
233       (LDAP) extended operation to cancel (or abandon) an outstanding
234       operation.  Unlike the LDAP Abandon operation, but like the X.511
235       Directory Access Protocol (DAP) Abandon operation, this operation has a
236       response which provides an indication of its outcome.
237
238   RFC-3876 Returning Matched Values with the Lightweight Directory Access
239       Protocol version 3 (LDAPv3)
240       http://www.ietf.org/rfc/rfc3876.txt
241
242       This document describes a control for the Lightweight Directory Access
243       Protocol version 3 that is used to return a subset of attribute values
244       from an entry.  Specifically, only those values that match a "values
245       return" filter.  Without support for this control, a client must
246       retrieve all of an attribute's values and search for specific values
247       locally.
248
249   RFC-3866 Language Tags and Ranges in the Lightweight Directory Access
250       Protocol (LDAP)
251       http://www.ietf.org/rfc/rfc3866.txt
252
253       It is often desirable to be able to indicate the natural language
254       associated with values held in a directory and to be able to query the
255       directory for values which fulfill the user's language needs.  This
256       document details the use of Language Tags and Ranges in the Lightweight
257       Directory Access Protocol (LDAP).
258
259   RFC-3727 ASN.1 Module Definition for the LDAP and X.500 Component Matching
260       Rules
261       http://www.ietf.org/rfc/rfc3727.txt
262
263       This document updates the specification of the component matching rules
264       for Lightweight Directory Access Protocol (LDAP) and X.500 directories
265       (RFC3687) by collecting the Abstract Syntax Notation One (ASN.1)
266       definitions of the component matching rules into an appropriately
267       identified ASN.1 module so that other specifications may reference the
268       component matching rule definitions from within their own ASN.1
269       modules.
270
271   RFC-3703 Policy Core Lightweight Directory Access Protocol (LDAP) Schema
272       http://www.ietf.org/rfc/rfc3703.txt
273
274       This document defines a mapping of the Policy Core Information Model to
275       a form that can be implemented in a directory that uses Lightweight
276       Directory Access Protocol (LDAP) as its access protocol.  This model
277       defines two hierarchies of object classes: structural classes
278       representing information for representing and controlling policy data
279       as specified in RFC 3060, and relationship classes that indicate how
280       instances of the structural classes are related to each other.  Classes
281       are also added to the LDAP schema to improve the performance of a
282       client's interactions with an LDAP server when the client is retrieving
283       large amounts of policy-related information.  These classes exist only
284       to optimize LDAP retrievals: there are no classes in the information
285       model that correspond to them.
286
287   RFC-3698 Lightweight Directory Access Protocol (LDAP): Additional Matching
288       Rules
289       http://www.ietf.org/rfc/rfc3698.txt
290
291       This document provides a collection of matching rules for use with the
292       Lightweight Directory Access Protocol (LDAP).  As these matching rules
293       are simple adaptations of matching rules specified for use with the
294       X.500 Directory, most are already in wide use.
295
296   RFC-3687 Lightweight Directory Access Protocol (LDAP) and X.500 Component
297       Matching Rules
298       http://www.ietf.org/rfc/rfc3687.txt
299
300       The syntaxes of attributes in a Lightweight Directory Access Protocol
301       (LDAP) or X.500 directory range from simple data types, such as text
302       string, integer, or boolean, to complex structured data types, such as
303       the syntaxes of the directory schema operational attributes.  Matching
304       rules defined for the complex syntaxes usually only provide the most
305       immediately useful matching capability.  This document defines generic
306       matching rules that can match any user selected component parts in an
307       attribute value of any arbitrarily complex attribute syntax.
308
309   RFC-3672 Subentries in the Lightweight Directory Access Protocol (LDAP)
310       http://www.ietf.org/rfc/rfc3672.txt
311
312       In X.500 directories, subentries are special entries used to hold
313       information associated with a subtree or subtree refinement.  This
314       document adapts X.500 subentries mechanisms for use with the
315       Lightweight Directory Access Protocol (LDAP).
316
317   RFC-3671 Collective Attributes in the Lightweight Directory Access Protocol
318       (LDAP)
319       http://www.ietf.org/rfc/rfc3671.txt
320
321       X.500 collective attributes allow common characteristics to be shared
322       between collections of entries.  This document summarizes the X.500
323       information model for collective attributes and describes use of
324       collective attributes in LDAP (Lightweight Directory Access Protocol).
325       This document provides schema definitions for collective attributes for
326       use in LDAP.
327
328   RFC-3296 Named Subordinate References in Lightweight Directory Access
329       Protocol (LDAP) Directories
330       http://www.ietf.org/rfc/rfc3296.txt
331
332       This document details schema and protocol elements for representing and
333       managing named subordinate references in Lightweight Directory Access
334       Protocol (LDAP) Directories.
335
336   RFC-3062 LDAP Password Modify Extended Operation
337       http://www.ietf.org/rfc/rfc3062.txt
338
339       The integration of the Lightweight Directory Access Protocol (LDAP) and
340       external authentication services has introduced non-DN authentication
341       identities and allowed for non-directory storage of passwords.  As
342       such, mechanisms which update the directory (e.g., Modify) cannot be
343       used to change a user's password.  This document describes an LDAP
344       extended operation to allow modification of user passwords which is not
345       dependent upon the form of the authentication identity nor the password
346       storage mechanism used.
347
348   RFC-2891 LDAP Control Extension for Server Side Sorting of Search Results
349       http://www.ietf.org/rfc/rfc2891.txt
350
351       This document describes two LDAPv3 control extensions for server side
352       sorting of search results. These controls allows a client to specify
353       the attribute types and matching rules a server should use when
354       returning the results to an LDAP search request. The controls may be
355       useful when the LDAP client has limited functionality or for some other
356       reason cannot sort the results but still needs them sorted. Other
357       permissible controls on search operations are not defined in this
358       extension.
359
360   RFC-2849 The LDAP Data Interchange Format (LDIF) - Technical Specification
361       http://www.ietf.org/rfc/rfc2849.txt
362
363       This document describes a file format suitable for describing directory
364       information or modifications made to directory information. The file
365       format, known as LDIF, for LDAP Data Interchange Format, is typically
366       used to import and export directory information between LDAP-based
367       directory servers, or to describe a set of changes which are to be
368       applied to a directory.
369
370   RFC-2831 Using Digest Authentication as a SASL Mechanism
371       http://www.ietf.org/rfc/rfc2831.txt
372
373       This specification defines how HTTP Digest Authentication can be used
374       as a SASL [RFC 2222] mechanism for any protocol that has a SASL
375       profile. It is intended both as an improvement over CRAM-MD5 [RFC 2195]
376       and as a convenient way to support a single authentication mechanism
377       for web, mail, LDAP, and other protocols.
378
379   RFC-2739 Calendar Attributes for vCard and LDAP
380       http://www.ietf.org/rfc/rfc2739.txt
381
382       When scheduling a calendar entity, such as an event, it is a
383       prerequisite that an organizer has the calendar address of each
384       attendee that will be invited to the event. Additionally, access to an
385       attendee's current "busy time" provides an a priori indication of
386       whether the attendee will be free to participate in the event. In order
387       to meet these challenges, a calendar user agent (CUA) needs a mechanism
388       to locate individual user's calendar and free/busy time. This memo
389       defines three mechanisms for obtaining a URI to a user's calendar and
390       free/busy time. These include:
391
392   RFC-2589 Extensions for Dynamic Directory Services
393       http://www.ietf.org/rfc/rfc2589.txt
394
395       LDAP supports lightweight access to static directory services, allowing
396       relatively fast search and update access. Static directory services
397       store information about people that persists in its accuracy and value
398       over a long period of time. Dynamic directory services are different in
399       that they store information about people that only persists in its
400       accuracy and value while people are online. Though the protocol
401       operations and attributes used by dynamic directory services are
402       similar to the ones used for static directory services, clients that
403       are bound to a dynamic directory service need to periodically refresh
404       their presence at the server to keep directory entries from getting
405       stale in the presence of client application crashes. A flow control
406       mechanism from the server is also described that allows a server to
407       inform clients how often they should refresh their presence.
408
409   RFC-2559 Internet X.509 Public Key Infrastructure Operational Protocols -
410       LDAPv2
411       http://www.ietf.org/rfc/rfc2559.txt
412
413       The protocol described in this document is designed to satisfy some of
414       the operational requirements within the Internet X.509 PKI.
415       Specifically, this document addresses requirements to provide access to
416       PKI repositories for the purposes of retrieving PKI information and
417       managing that same information.  The mechanism described in this
418       document is based on the LDAPv2, defined in RFC 1777, defining a
419       profile of that protocol for use within the PKIX and updates encodings
420       for certificates and revocation lists from RFC 1778. Additional
421       mechanisms addressing PKIX operational requirements are specified in
422       separate documents.
423
424   RFC-2247 Using Domains in LDAP/X.500 Distinguished Names
425       http://www.ietf.org/rfc/rfc2247.txt
426
427       LDAP uses X.500-compatible distinguished names for providing unique
428       identification of entries. This document defines an algorithm by which
429       a name registered with the Internet Domain Name Service can be
430       represented as an LDAP distinguished name.
431
432   RFC-2222 Simple Authentication and Security Layer (SASL)
433       http://www.ietf.org/rfc/rfc2222.txt
434
435       This document describes a method for adding authentication support to
436       connection-based protocols. To use this specification, a protocol
437       includes a command for identifying and authenticating a user to a
438       server and for optionally negotiating protection of subsequent protocol
439       interactions. If its use is negotiated, a security layer is inserted
440       between the protocol and the connection. This document describes how a
441       protocol specifies such a command, defines several mechanisms for use
442       by the command, and defines the protocol used for carrying a negotiated
443       security layer over the connection.
444
445   RFC-2218 A Common Schema for the Internet White Pages Service
446       http://www.ietf.org/rfc/rfc2218.txt
447
448       This IETF Integrated Directory Services(IDS) Working Group proposes a
449       standard specification for a simple Internet White Pages service by
450       defining a common schema for use by the various White Pages servers.
451       This schema is independent of specific implementations of the White
452       Pages service. This document specifies the minimum set of core
453       attributes of a White Pages entry for an individual and describes how
454       new objects with those attributes can be defined and published. It does
455       not describe how to represent other objects in the White Pages service.
456       Further, it does not address the search sort expectations within a
457       particular service.
458
459   RFC-2164 Use of an X.500/LDAP directory to support MIXER address mapping
460       http://www.ietf.org/rfc/rfc2164.txt
461
462       MIXER (RFC 2156) defines an algorithm for use of a set of global
463       mapping between X.400 and RFC 822 addresses. This specification defines
464       how to represent and maintain these mappings (MIXER Conformant Global
465       Address Mappings of MCGAMs) in an X.500 or LDAP directory. Mechanisms
466       for representing OR Address and Domain hierarchies within the DIT.
467       These techniques are used to define two independent subtrees in the
468       DIT, which contain the mapping information.
469
470   RFC-2079 Definition of an X.500 Attribute Type and an Object Class to Hold
471       Uniform Resource Identifiers
472       http://www.ietf.org/rfc/rfc2079.txt
473
474       URLs are being widely used to specify the location of Internet
475       resources. There is an urgent need to be able to include URLs in
476       directories that conform to the LDAP and X.500 information models, and
477       a desire to include other types of URIs as they are defined. A number
478       of independent groups are already experimenting with the inclusion of
479       URLs in LDAP and X.500 directories. This document builds on the
480       experimentation to date and defines a new attribute type and an
481       auxiliary object class to allow URIs, including URLs, to be stored in
482       directory entries in a standard way.
483
485   RFC-4521 Considerations for Lightweight Directory Access Protocol (LDAP)
486       Extensions
487       http://www.ietf.org/rfc/rfc4521.txt
488
489       The Lightweight Directory Access Protocol (LDAP) is extensible.  It
490       provides mechanisms for adding new operations, extending existing
491       operations, and expanding user and system schemas.  This document
492       discusses considerations for designers of LDAP extensions.
493
494   RFC-4520 Internet Assigned Numbers Authority (IANA) Considerations for the
495       Lightweight Directory Access Protocol (LDAP)
496       http://www.ietf.org/rfc/rfc4520.txt
497
498       This document provides procedures for registering extensible elements
499       of the Lightweight Directory Access Protocol (LDAP).  The document also
500       provides guidelines to the Internet Assigned Numbers Authority (IANA)
501       describing conditions under which new values can be assigned.
502
503   RFC-2148 Deployment of the Internet White Pages Service
504       http://www.ietf.org/rfc/rfc2148.txt
505
506       The Internet is used for information exchange and communication between
507       its users. It can only be effective as such if users are able to find
508       each other's addresses. Therefore the Internet benefits from an
509       adequate White Pages Service, i.e., a directory service offering
510       (Internet) address information related to people and organizations.
511
512       This document describes the way in which the Internet White Pages
513       Service (from now on abbreviated as IWPS) is best exploited using
514       today's experience, today's protocols, today's products and today's
515       procedures.
516
518   RFC-4525 Lightweight Directory Access Protocol (LDAP) Modify-Increment
519       Extension
520       http://www.ietf.org/rfc/rfc4525.txt
521
522       This document describes an extension to the Lightweight Directory
523       Access Protocol (LDAP) Modify operation to support an increment
524       capability.  This extension is useful in provisioning applications,
525       especially when combined with the assertion control and/or the pre-
526       read or post-read control extension.
527
528   RFC-4403 Lightweight Directory Access Protocol (LDAP) Schema for Universal
529       Description, Discovery, and Integration version 3 (UDDIv3)
530       http://www.ietf.org/rfc/rfc4403.txt
531
532       This document defines the Lightweight Directory Access Protocol
533       (LDAPv3) schema for representing Universal Description, Discovery, and
534       Integration (UDDI) data types in an LDAP directory.  It defines the
535       LDAP object class and attribute definitions and containment rules to
536       model UDDI entities, defined in the UDDI version 3 information model,
537       in an LDAPv3-compliant directory.
538
539   RFC-4373 Lightweight Directory Access Protocol (LDAP) Bulk
540       Update/Replication Protocol (LBURP)
541       http://www.ietf.org/rfc/rfc4373.txt
542
543       The Lightweight Directory Access Protocol (LDAP) Bulk
544       Update/Replication Protocol (LBURP) allows an LDAP client to perform a
545       bulk update to an LDAP server.  The protocol frames a sequenced set of
546       update operations within a pair of LDAP extended operations to notify
547       the server that the update operations in the framed set are related in
548       such a way that the ordering of all operations can be preserved during
549       processing even when they are sent asynchronously by the client.
550       Update operations can be grouped within a single protocol message to
551       maximize the efficiency of client-server communication.
552
553       The protocol is suitable for efficiently making a substantial set of
554       updates to the entries in an LDAP server.
555
556   RFC-3944 H.350 Directory Services
557       http://www.ietf.org/rfc/rfc3944.txt
558
559       The International Telecommunications Union Standardization Sector (ITU-
560       T) has created the H.350 series of Recommendations that specify
561       directory services architectures in support of multimedia conferencing
562       protocols.  The goal of the architecture is to 'directory enable'
563       multimedia conferencing so that these services can leverage existing
564       identity management and enterprise directories.  A particular goal is
565       to enable an enterprise or service provider to maintain a canonical
566       source of users and their multimedia conferencing systems, so that
567       multiple call servers from multiple vendors, supporting multiple
568       protocols, can all access the same data store.
569
570       Because SIP is an IETF standard, the contents of H.350 and H.350.4 are
571       made available via this document to the IETF community.  This document
572       contains the entire normative text of ITU-T Recommendations H.350 and
573       H.350.4 in sections 4 and 5, respectively.  The remaining sections are
574       included only in this document, not in the ITU-T version.
575
576   RFC-3829 Lightweight Directory Access Protocol (LDAP) Authorization
577       Identity Request and Response Controls
578       http://www.ietf.org/rfc/rfc3829.txt
579
580       This document extends the Lightweight Directory Access Protocol (LDAP)
581       bind operation with a mechanism for requesting and returning the
582       authorization identity it establishes.  Specifically, this document
583       defines the Authorization Identity Request and Response controls for
584       use with the Bind operation.
585
586   RFC-3712 Lightweight Directory Access Protocol (LDAP): Schema for Printer
587       Services
588       http://www.ietf.org/rfc/rfc3712.txt
589
590       This document defines a schema, object classes and attributes, for
591       printers and printer services, for use with directories that support
592       Lightweight Directory Access Protocol v3 (LDAP-TS).  This document is
593       based on the printer attributes listed in Appendix E of Internet
594       Printing Protocol/1.1 (IPP) (RFC 2911).  A few additional printer
595       attributes are based on definitions in the Printer MIB (RFC 1759).
596
597   RFC-3494 Lightweight Directory Access Protocol version 2 (LDAPv2) to
598       Historic Status
599       http://www.ietf.org/rfc/rfc3494.txt
600
601       This document recommends the retirement of version 2 of the Lightweight
602       Directory Access Protocol (LDAPv2) and other dependent specifications,
603       and discusses the reasons for doing so.  This document recommends RFC
604       1777, 1778, 1779, 1781, and 2559 (as well as documents they superseded)
605       be moved to Historic status.
606
607   RFC-3384 Lightweight Directory Access Protocol (version 3) Replication
608       Requirements
609       http://www.ietf.org/rfc/rfc3384.txt
610
611       This document discusses the fundamental requirements for replication of
612       data accessible via the Lightweight Directory Access Protocol (version
613       3) (LDAPv3).  It is intended to be a gathering place for general
614       replication requirements needed to provide interoperability between
615       informational directories.
616
617   RFC-3112 LDAP Authentication Password Schema
618       http://www.ietf.org/rfc/rfc3112.txt
619
620       This document describes schema in support of user/password
621       authentication in a LDAP (Lightweight Directory Access Protocol)
622       directory including the authPassword attribute type.  This attribute
623       type holds values derived from the user's password(s) (commonly using
624       cryptographic strength one-way hash).  authPassword is intended to used
625       instead of userPassword.
626
627   RFC-3045 Storing Vendor Information in the LDAP root DSE
628       http://www.ietf.org/rfc/rfc3045.txt
629
630       This document specifies two Lightweight Directory Access Protocol
631       (LDAP) attributes, vendorName and vendorVersion that MAY be included in
632       the root DSA-specific Entry (DSE) to advertise vendor-specific
633       information.  These two attributes supplement the attributes defined in
634       section 3.4 of RFC 2251.
635
636   RFC-2985 PKCS #9: Selected Object Classes and Attribute Types Version 2.0
637       http://www.ietf.org/rfc/rfc2985.txt
638
639       This memo provides a selection of object classes and attribute types
640       for use in conjunction with public-key cryptography and Lightweight
641       Directory Access Protocol (LDAP) accessible directories.  It also
642       includes ASN.1 syntax for all constructs.
643
644   RFC-2967 TISDAG - Technical Infrastructure for Swedish Directory Access
645       Gateways
646       http://www.ietf.org/rfc/rfc2967.txt
647
648       The strength of the TISDAG (Technical Infrastructure for Swedish
649       Directory Access Gateways) project's DAG proposal is that it defines
650       the necessary technical infrastructure to provide a single-access-
651       point service for information on Swedish Internet users.  The resulting
652       service will provide uniform access for all information -- the same
653       level of access to information (7x24 service), and the same information
654       made available, irrespective of the service provider responsible for
655       maintaining that information, their directory service protocols, or the
656       end-user's client access protocol.
657
658   RFC-2927 MIME Directory Profile for LDAP Schema
659       http://www.ietf.org/rfc/rfc2927.txt
660
661       This document defines a multipurpose internet mail extensions (MIME)
662       directory profile for holding a lightweight directory access protocol
663       (LDAP) schema.  It is intended for communication with the Internet
664       schema listing service.
665
666   RFC-2926 Conversion of LDAP Schemas to and from SLP Templates
667       http://www.ietf.org/rfc/rfc2926.txt
668
669       This document describes a procedure for mapping between Service
670       Location Protocol (SLP) service advertisements and lightweight
671       directory access protocol (LDAP) descriptions of services.  The
672       document covers two aspects of the mapping.  One aspect is mapping
673       between SLP service type templates and LDAP directory schema.  Because
674       the SLP service type template grammar is relatively simple, mapping
675       from service type templates to LDAP types is straightforward.  Mapping
676       in the other direction is straightforward if the attributes are
677       restricted to use just a few of the syntaxes defined in RFC 2252.  If
678       arbitrary ASN.1 types occur in the schema, then the mapping is more
679       complex and may even be impossible.  The second aspect is
680       representation of service information in an LDAP directory.  The
681       recommended representation simplifies interoperability with SLP by
682       allowing SLP directory agents to backend into LDAP directory servers.
683       The resulting system allows service advertisements to propagate easily
684       between SLP and LDAP.
685
686   RFC-2820 Access Control Requirements for LDAP
687       http://www.ietf.org/rfc/rfc2820.txt
688
689       This document describes the fundamental requirements of an access
690       control list (ACL) model for the LDAP directory service.  It is
691       intended to be a gathering place for access control requirements needed
692       to provide authorized access to and interoperability between
693       directories.
694
695   RFC-2798 Definition of the inetOrgPerson Object Class
696       http://www.ietf.org/rfc/rfc2798.txt
697
698       While the X.500 standards define many useful attribute types [X520] and
699       object classes [X521], they do not define a person object class that
700       meets the requirements found in today's Internet and Intranet directory
701       service deployments. We define a new object class called inetOrgPerson
702       for use in LDAP and X.500 directory services that extends the X.521
703       standard organizationalPerson class to meet these needs.
704
705   RFC-2714 Schema for Representing CORBA Objects in an LDAP Directory
706       http://www.ietf.org/rfc/rfc2714.txt
707
708       CORBA is the Common Object Request Broker Architecture defined by the
709       Object Management Group. This document defines the schema for
710       representing CORBA object references in an LDAP directory.
711
712   RFC-2713 Schema for Representing Java Objects in an LDAP Directory
713       http://www.ietf.org/rfc/rfc2713.txt
714
715       This document defines the schema for representing Java objects in an
716       LDAP directory. It defines schema elements to represent a Java
717       serialized object, a Java marshalled object, a Java remote object, and
718       a JNDI reference.
719
720   RFC-2696 LDAP Control Extension for Simple Paged Results Manipulation
721       http://www.ietf.org/rfc/rfc2696.txt
722
723       This document describes an LDAPv3 control extension for simple paging
724       of search results. This control extension allows a client to control
725       the rate at which an LDAP server returns the results of an LDAP search
726       operation. This control may be useful when the LDAP client has limited
727       resources and may not be able to process the entire result set from a
728       given LDAP query, or when the LDAP client is connected over a low-
729       bandwidth connection. Other operations on the result set are not
730       defined in this extension. This extension is not designed to provide
731       more sophisticated result set management.
732
733   RFC-1823 The LDAP Application Program Interface
734       http://www.ietf.org/rfc/rfc1823.txt
735
736       This document defines a C language application program interface to
737       LDAP, which is designed to be powerful, yet simple to use. It defines
738       compatible synchronous and asynchronous interfaces to LDAP to suit a
739       wide variety of applications. This document gives a brief overview of
740       the LDAP model, then an overview of how the API is used by an
741       application program to obtain LDAP information. The API calls are
742       described in detail, followed by an appendix that provides some example
743       code demonstrating the use of the API.
744
746   RFC-4533 The Lightweight Directory Access Protocol (LDAP) Content
747       Synchronization Operation
748       http://www.ietf.org/rfc/rfc4533.txt
749
750       This specification describes the Lightweight Directory Access Protocol
751       (LDAP) Content Synchronization Operation.  The operation allows a
752       client to maintain a copy of a fragment of the Directory Information
753       Tree (DIT).  It supports both polling for changes and listening for
754       changes.  The operation is defined as an extension of the LDAP Search
755       Operation.
756
757   RFC-4531 Lightweight Directory Access Protocol (LDAP) Turn Operation
758       http://www.ietf.org/rfc/rfc4531.txt
759
760       This specification describes a Lightweight Directory Access Protocol
761       (LDAP) extended operation to reverse (or "turn") the roles of client
762       and server for subsequent protocol exchanges in the session, or to
763       enable each peer to act as both client and server with respect to the
764       other.
765
766   RFC-3663 Domain Administrative Data in Lightweight Directory Access
767       Protocol (LDAP)
768       http://www.ietf.org/rfc/rfc3663.txt
769
770       Domain registration data has typically been exposed to the general
771       public via Nicname/Whois for administrative purposes.  This document
772       describes the Referral Lightweight Directory Access Protocol (LDAP)
773       Service, an experimental service using LDAP and well-known LDAP types
774       to make domain administrative data available.
775
776   RFC-3088 OpenLDAP Root Service - An experimental LDAP referral service
777       http://www.ietf.org/rfc/rfc3088.txt
778
779       The OpenLDAP Project is operating an experimental LDAP (Lightweight
780       Directory Access Protocol) referral service known as the "OpenLDAP Root
781       Service".  The automated system generates referrals based upon service
782       location information published in DNS SRV RRs (Domain Name System
783       location of services resource records).  This document describes this
784       service.
785
786   RFC-2657 LDAPv2 Client vs. the Index Mesh
787       http://www.ietf.org/rfc/rfc2657.txt
788
789       LDAPv2 clients as implemented according to RFC 1777 have no notion of
790       referral. The integration between such a client and an Index Mesh, as
791       defined by the Common Indexing Protocol, heavily depends on referrals
792       and therefore needs to be handled in a special way. This document
793       defines one possible way of doing this.
794
795   RFC-2649 Signed Directory Operations Using S/MIME
796       http://www.ietf.org/rfc/rfc2649.txt
797
798       This document defines an LDAPv3 based mechanism for signing directory
799       operations in order to create a secure journal of changes that have
800       been made to each directory entry. Both client and server based
801       signatures are supported. An object class for subsequent retrieval are
802       'journal entries' is also defined. This document specifies LDAPv3
803       controls that enable this functionality. It also defines an LDAPv3
804       schema that allows for subsequent browsing of the journal information.
805
806   RFC-2307 An Approach for Using LDAP as a Network Information Service
807       http://www.ietf.org/rfc/rfc2307.txt
808
809       This document describes an experimental mechanism for mapping entities
810       related to TCP/IP and the UNIX system into X.500 entries so that they
811       may be resolved with the LDAP. A set of attribute types and object
812       classes are proposed, along with specific guidelines for interpreting
813       them. The intention is to assist the deployment of LDAP as an
814       organizational nameservice.  No proposed solutions are intended as
815       standards for the Internet. Rather, it is hoped that a general
816       consensus will emerge as to the appropriate solution to such problems,
817       leading eventually to the adoption of standards. The proposed mechanism
818       has already been implemented with some success.
819

Current Internet Drafts

821   draft-wahl-ldap-adminaddr -- Administrator Address Attribute
822       Organizations running multiple directory servers need an ability for
823       administrators to determine who is responsible for a particular server.
824       This is conceptually similar to the 'sysContact' object of SNMP. The
825       administratorsAddress attribute allows a server administrator to
826       provide the contact information of the responsible party for an LDAP
827       server. This can be used by management clients which are, for example,
828       checking the state of a replication or referral topology, to provide a
829       way for the user of the management client to send email to manager of a
830       particular server.
831
832   draft-zeilenga-ldap-txn -- LDAP Transactions
833       Lightweight Directory Access Protocol (LDAP) update operations, such as
834       Add, Delete, and Modify operations, have atomic, consistency,
835       isolation, durability (ACID) properties.  Each of these update
836       operations act upon an entry.  However, It is often desirable to update
837       two or more entries in a single unit of interaction, a transaction.
838       Transactions are necessary to support a number of applications
839       including resource provisioning.  This document defines an LDAP
840       extension to support transactions.
841
842   draft-joslin-config-schema -- A Configuration Profile Schema for LDAP-based
843       agents
844       This document consists of two primary components, a schema for agents
845       that make use of the Lightweight Directory Access protocol (LDAP) and a
846       proposed use case of that schema, for distributed configuration of
847       similar directory user agents.  A set of attribute types and an
848       objectclass are proposed.  In the proposed use case, directory user
849       agents (DUAs) can use this schema to determine directory data location
850       and access parameters for specific services they support.  In addition,
851       in the proposed use case, attribute and objectclass mapping allows DUAs
852       to re-configure their expected (default) schema to match that of the
853       end user's environment.  This document is intended to be a skeleton for
854       future documents that describe configuration of specific DUA services.
855
856   draft-zeilenga-ldap-noop -- The LDAP No-Op Control
857       This document defines the Lightweight Directory Access Protocol (LDAP)
858       No-Op control which can be used to disable the normal effect of an
859       operation.  The control can be used to discover how a server might
860       react to a particular update request without updating the directory.
861
862   draft-legg-ldap-transfer -- Lightweight Directory Access Protocol (LDAP):
863       Transfer Encoding Options
864       Each attribute stored in a Lightweight Directory Access Protocol (LDAP)
865       directory has a defined syntax (i.e., data type).  A syntax definition
866       specifies how attribute values conforming to the syntax are normally
867       represented when transferred in LDAP operations.  This representation
868       is referred to as the LDAP-specific encoding to distinguish it from
869       other methods of encoding attribute values.  This document introduces a
870       new category of attribute options, called transfer encoding options,
871       that can be used to specify that the associated attribute values are
872       encoded according to one of these other methods.
873
874   draft-furuseth-ldap-untypedobject -- Structural object class 'namedObject'
875       for LDAP/X.500
876       This document defines an 'namedObject' structural object class for the
877       Lightweight Directory Access Protocol (LDAP) and X.500.  This is useful
878       for entries with no natural choice of structural object class, e.g. if
879       an entry must exist even though its contents are uninteresting.
880
881   draft-zeilenga-ldap-dontusecopy -- The LDAP Don't Use Copy Control
882       This document defines the Lightweight Directory Access Protocol (LDAP)
883       Don't Use Copy control extension which allows a client to specify that
884       copied information should not be used in providing service.  This
885       control is based upon the X.511 dontUseCopy service control option.
886
887   draft-wahl-ldap-p3p -- P3P Policy Attributes for LDAP
888       This document defines attributes that can be retrieved via Lightweight
889       Directory Access Protocol version 3 (LDAP) requests, which contain URIs
890       pointing to the privacy policy documents.  These documents describe the
891       privacy policy concerning access to a directory server, and the privacy
892       policies that apply to the contents of the directory (a subtree of
893       entries).
894
895   draft-legg-ldap-gser-ei -- Encoding Instructions for the Generic String
896       Encoding Rules (GSER)
897       Abstract Syntax Notation One (ASN.1) defines a general framework for
898       annotating types in an ASN.1 specification with encoding instructions
899       that alter how values of those types are encoded according to ASN.1
900       encoding rules.  This document defines the supporting notation for
901       encoding instructions that apply to the Generic String Encoding Rules
902       (GSER), and in particular defines an encoding instruction to provide a
903       machine-processable representation for the declaration of a GSER
904       ChoiceOfStrings type.
905
906   draft-chu-ldap-xordered -- Ordered Entries and Values in LDAP
907       As LDAP is used more extensively for managing various kinds of data,
908       one often encounters a need to preserve both the ordering and the
909       content of data, despite the inherently unordered structure of entries
910       and attribute values in the directory.  This document describes a
911       scheme to attach ordering information to attributes in a directory so
912       that the ordering may be preserved and propagated to other LDAP
913       applications.
914
915   draft-chu-ldap-logschema -- A Schema for Logging the LDAP Protocol
916       In order to facilitate remote administration and auditing of LDAP
917       server operation, it is desirable to provide the server's operational
918       logs themselves as a searchable LDAP directory.  These logs may also be
919       used as a persistent change log to support various replication
920       mechanisms.  This document defines a schema that may be used to
921       represent all of the requests that have been processed by an LDAP
922       server.  It may be used by various applications for auditing, flight
923       recorder, replication, and other purposes.
924
925   draft-zeilenga-ldap-entrydn -- The LDAP entryDN Operational Attribute
926       This document describes the LDAP/X.500 'entryDN' operational attribute.
927       The attribute provides a copy of the entry's distinguished name for use
928       in attribute value assertions.
929
930   draft-zeilenga-ldap-relax -- The LDAP Relax Rules Control
931       This document defines the Lightweight Directory Access Protocol (LDAP)
932       Relax Rules Control which allows a directory user agent (a client) to
933       request the directory service temporarily relax enforcement of various
934       data and service model rules.
935
936   draft-gpaterno-dhcp-ldap -- DHCP Option for LDAP Directory Services
937       discovery
938       This document defines a new DHCP option for delivering configuration
939       information for LDAP services. Through this option, the client receives
940       an LDAP URL [8] of the closest available LDAP server/replica that can
941       be used to authenticate users or look up any useful data.
942
943   draft-schleiff-ldap-xri -- LDAP Schema for eXtensible Resource Identifier
944       (XRI)
945       This document describes Attribute Types and an Object Class for use in
946       representing XRI (eXtensible Resource Identifier) values in LDAP
947       (Lightweight Directory Access Protocol) and X.500 directory services.
948
949   draft-wahl-ldap-session -- LDAP Session Tracking Control
950       Many network devices, application servers, and middleware components of
951       a enterprise software infrastructure generate some form of session
952       tracking identifiers, which are useful when analyzing activity and
953       accounting logs to group activity relating to a particular session.
954       This document discusses how Lightweight Directory Access Protocol
955       version 3 (LDAP) clients can include session tracking identifiers with
956       their LDAP requests.  This information is provided through controls in
957       the requests the clients send to LDAP servers.  The LDAP server
958       receiving these controls can include the session tracking identifiers
959       the the log messages it writes, enabling LDAP requests in the LDAP
960       server's logs to be correlated with activity in logs of other
961       components in the infrastructure.  The control also enables session
962       tracking information to be generated by LDAP servers and returned to
963       clients and other servers.  Three formats of session tracking
964       identifiers are defined in this document.
965
966   draft-wahl-ldap-subtree-source -- LDAP Subtree Data Source URI Attribute
967       This document defines an attribute that enables administrative clients
968       using the Lightweight Directory Access Protocol (LDAP) to determine the
969       source of directory entries.
970

Expired but still interesting Internet Drafts

972   draft-ietf-ldapext-psearch -- Persistent Search: A Simple LDAP Change
973       Notification Mechanism
974       This document defines two controls that extend the LDAPv3 search
975       operation to provide a simple mechanism by which an LDAP client can
976       receive notification of changes that occur in an LDAP server. The
977       mechanism is designed to be very flexible yet easy for clients and
978       servers to implement.
979
980   draft-ietf-ldapext-ldapv3-vlv -- LDAP Extensions for Scrolling View
981       Browsing of Search Results
982       This document describes a Virtual List View control  extension  for
983       the LDAP  Search  operation.  This control is designed to allow the
984       "virtual list box" feature, common in existing  commercial  e-mail
985       address  book applications, to be supported efficiently by LDAP
986       servers. LDAP servers' inability to support this client feature is a
987       significant impediment  to LDAP replacing proprietary protocols in
988       commercial e-mail systems.
989
990       The control allows a client to specify that the  server  return,  for
991       a given  LDAP search with associated sort keys, a contiguous subset of
992       the search result set. This subset is specified in terms of offsets
993       into the ordered list, or in terms of a greater than or equal
994       comparison value.
995
996
997
998perl v5.12.0                      2008-06-30                 Net::LDAP::RFC(3)
Impressum