1 2 3 4 5 6 7Network Working Group S. Kille 8Request for Comments: 2294 Isode Ltd. 9Obsoletes: 1836 March 1998 10Category: Standards Track 11 12 13 Representing the O/R Address hierarchy in the 14 X.500 Directory Information Tree 15 16Status of this Memo 17 18 This document specifies an Internet standards track protocol for the 19 Internet community, and requests discussion and suggestions for 20 improvements. Please refer to the current edition of the "Internet 21 Official Protocol Standards" (STD 1) for the standardization state 22 and status of this protocol. Distribution of this memo is unlimited. 23 24Copyright Notice 25 26 Copyright (C) The Internet Society (1998). All Rights Reserved. 27 28Abstract 29 30 This document defines a representation of the O/R Address hierarchy 31 in the Directory Information Tree [6, 1]. This is useful for a range 32 of purposes, including: 33 34 o Support for MHS Routing [4]. 35 36 o Support for X.400/RFC 822 address mappings [2, 5]. 37 38 Please send comments to the author or to the discussion group <mhs- 39 ds@mercury.udev.cdc.com>. 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58Kille Standards Track [Page 1] 59 60RFC 2294 Directory Information Tree March 1998 61 62 63 Object Class Mandatory 64 ------------ --------- 65 mHSCountry M 66 aDMD M 67 pRMD O 68 mHSX121 O 69 mHSNumericUserIdentifier O 70 mHSOrganization O 71 mHSOrganizationalUnit O 72 mHSPerson O 73 mHSNamedObject O 74 mHSTerminalID O 75 mHSDomainDefinedAttribute O 76 77 Table 1: Order of O/R Address Directory Components 78 791 The O/R Address Hierarchy 80 81 An O/R Address hierarchy is represented in the X.500 directory by 82 associating directory name components with O/R Address components. 83 An example of this is given in Figure 1. The object classes and 84 attributes required to support this representation are defined in 85 Figure 2. The schema, which defines the hierarchy in which these 86 objects are represented in the directory information tree is 87 specified in Table 1. A given object class defined in the table will 88 always be higher in the DIT than an object class defined lower down 89 the table. Valid combinations of O/R Address components are defined 90 in X.400. 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114Kille Standards Track [Page 2] 115 116RFC 2294 Directory Information Tree March 1998 117 118 119 /\ 120 / \ 121 C=GB / \ Numeric-C=234 122 / \ 123 / \ 124 / \ 125 +------------+<----------------+----+ 126 | Country | | | 127 +------------+ +----+ 128 /\ 129 / \ 130 / \ 131 / \ 132 ADMD=" " / \ ADMD=Gold 400 133 +-------------+ +------------+ 134 | ADMD | | ADMD | 135 +-------------+ +------------+ 136 \ \ 137 \ \ 138 \ PRMD=UK.AC \ PRMD=UK.AC 139 \ \ 140 +----------+ +----+ 141 | PRMD |< -----------| | 142 +----------+ +----+ 143 / 144 / 145 O=UCL 146 / 147 / 148 +------------+ 149 | MHS-Org | 150 +------------+ 151 \ 152 \ OU=CS 153 \ 154 \ 155 +-----------+ 156 | MHS-OU | 157 +-----------+ 158 159 160 Figure 1: Example O/R Address Tree 161 162 163 164 165 166 167 168 169 170Kille Standards Track [Page 3] 171 172RFC 2294 Directory Information Tree March 1998 173 174 175IMPORTS 176 ub-domain-name-length, ub-organization-name-length, 177 ub-organizational-unit-name-length, ub-common-name-length, 178 ub-x121-address-length, ub-domain-defined-attribute-type-length, 179 ub-domain-defined-attribute-value-length, ub-terminal-id-length, 180 ub-numeric-user-id-length, ub-country-name-numeric-length, 181 ub-surname-length, ub-given-name-length, ub-initials-length, 182 ub-generation-qualifier-length 183 184 FROM MTSUpperBounds {joint-iso-ccitt mhs-motis(6) mts(3) 10 185 modules(0) upper-bounds(3) }; 186 187mHSCountry OBJECT-CLASS ::= { 188 SUBCLASS OF {country} 189 MAY CONTAIN {mHSNumericCountryName} 190 ID oc-mhs-country} 191 192mHSNumericCountryName ATTRIBUTE ::= { 193 WITH SYNTAX NumericString (SIZE (1..ub-country-name-numeric-length)) 194 SINGLE VALUE 20 195 ID at-mhs-numeric-country-name} 196 197aDMD OBJECT-CLASS ::= { 198 SUBCLASS OF {top} 199 MUST CONTAIN {aDMDName} 200 ID oc-admd} 201 202aDMDName ATTRIBUTE ::= { 203 SUBTYPE OF name 204 WITH SYNTAX DirectoryString {ub-domain-name-length} 30 205 ID at-admd-name} 206 207pRMD OBJECT-CLASS ::= { 208 SUBCLASS OF {top} 209 MUST CONTAIN {pRMDName} 210 ID oc-prmd} 211 212pRMDName ATTRIBUTE ::= { 213 SUBTYPE OF name 214 WITH SYNTAX DirectoryString {ub-domain-name-length} 40 215 ID at-prmd-name} 216 217mHSOrganization OBJECT-CLASS ::= { 218 SUBCLASS OF {top} 219 MUST CONTAIN {mHSOrganizationName } 220 ID oc-mhs-organization} 221 222 223 224 225 226Kille Standards Track [Page 4] 227 228RFC 2294 Directory Information Tree March 1998 229 230 231mHSOrganizationName ATTRIBUTE ::= { 232 SUBTYPE OF organizationName 233 WITH SYNTAX DirectoryString {ub-organization-name-length} 50 234 ID at-mhs-organization-name} 235 236mHSOrganizationalUnit OBJECT-CLASS ::= { 237 SUBCLASS OF {top} 238 MUST CONTAIN {mHSOrganizationalUnitName} 239 ID oc-mhs-organizational-unit} 240 241mHSOrganizationalUnitName ATTRIBUTE ::= { 242 SUBTYPE OF organizationalUnitName 60 243 WITH SYNTAX DirectoryString {ub-organizational-unit-name-length} 244 ID at-mhs-organizational-unit-name} 245 246mHSPerson OBJECT-CLASS ::= { 247 SUBCLASS OF {top} 248 MUST CONTAIN {mHSSurname} 249 MAY CONTAIN {mHSGivenName| 250 mHSInitials| 251 mHSGenerationalQualifier} 252 ID oc-mhs-person} 70 253 254mHSSurname ATTRIBUTE ::= { 255 SUBTYPE OF surname 256 WITH SYNTAX DirectoryString {ub-surname-length} 257 ID at-mhs-surname} 258 259mHSGivenName ATTRIBUTE ::= { 260 SUBTYPE OF givenName 261 WITH SYNTAX DirectoryString {ub-given-name-length} 262 ID at-mhs-given-name} 80 263 264mHSInitials ATTRIBUTE ::= { 265 SUBTYPE OF initials 266 WITH SYNTAX DirectoryString {ub-initials-length} 267 ID at-mhs-initials} 268 269mHSGenerationQualifier ATTRIBUTE ::= { 270 SUBTYPE OF generationQualifier 271 WITH SYNTAX DirectoryString {ub-generation-qualifier-length} 272 ID at-mhs-generation-qualifier} 90 273 274mHSNamedObject OBJECT-CLASS ::= { 275 SUBCLASS OF {top} 276 MUST CONTAIN {mHSCommonName} 277 ID oc-mhs-named-object} 278 279 280 281 282Kille Standards Track [Page 5] 283 284RFC 2294 Directory Information Tree March 1998 285 286 287mHSCommonName ATTRIBUTE ::= { 288 SUBTYPE OF commonName 289 WITH SYNTAX DirectoryString {ub-common-name-length} 290 ID at-mhs-common-name} 100 291 292mHSX121 OBJECT-CLASS ::= { 293 SUBCLASS OF {top} 294 MUST CONTAIN {mHSX121Address} 295 ID oc-mhs-x121} 296 297mHSX121Address ATTRIBUTE ::= { 298 SUBTYPE OF name 299 WITH SYNTAX DirectoryString {ub-x121-address-length} 300 ID at-x121-address} 110 301 302mHSDomainDefinedAttribute OBJECT-CLASS ::= { 303 SUBCLASS OF {top} 304 MUST CONTAIN { 305 mHSDomainDefinedAttributeType| 306 mHSDomainDefinedAttributeValue} 307 ID oc-mhs-domain-defined-attribute} 308 309mHSDomainDefinedAttributeType ATTRIBUTE ::= { 310 SUBTYPE OF name 120 311 WITH SYNTAX DirectoryString {ub-domain-defined-attribute-type-length} 312 SINGLE VALUE 313 ID at-mhs-domain-defined-attribute-type} 314 315mHSDomainDefinedAttributeValue ATTRIBUTE ::= { 316 SUBTYPE OF name 317 WITH SYNTAX DirectoryString {ub-domain-defined-attribute-value-length} 318 SINGLE VALUE 319 ID at-mhs-domain-defined-attribute-value} 320 130 321 322mHSTerminalID OBJECT-CLASS ::= { 323 SUBCLASS OF {top} 324 MUST CONTAIN {mHSTerminalIDName} 325 ID oc-mhs-terminal-id} 326 327mHSTerminalIDName ATTRIBUTE ::= { 328 SUBTYPE OF name 329 WITH SYNTAX DirectoryString {ub-terminal-id-length} 330 ID at-mhs-terminal-id-name} 140 331 332 333 334 335 336 337 338Kille Standards Track [Page 6] 339 340RFC 2294 Directory Information Tree March 1998 341 342 343mHSNumericUserIdentifier OBJECT-CLASS ::= { 344 SUBCLASS OF {top} 345 MUST CONTAIN {mHSNumericUserIdentifierName} 346 ID oc-mhs-numeric-user-id} 347 348mHSNumericeUserIdentifierName ATTRIBUTE ::= { 349 SUBTYPE OF name 350 WITH SYNTAX DirectoryString {ub-numeric-user-id-length} 150 351 ID at-mhs-numeric-user-id-name} 352 353 Figure 2: O/R Address Hierarchy 354 355 The hierarchy is defined so that: 356 357 1. The representation is defined so that it is straightforward to 358 make a mechanical transformation in either direction. This 359 requires that each node is named by an attribute whose type can 360 determine the mapping. 361 362 2. Where there are multiple domain defined attributes, the first 363 in the sequence is the most significant. 364 365 3. Physical Delivery (postal) addresses are not represented in 366 this hierarchy. This is primarily because physical delivery can 367 be handled by the Access Unit routing mechanisms defined in [4], 368 and there is no need for this representation. 369 370 4. Terminal and network forms of address are not handled, except 371 for X.121 form, which is useful for addressing faxes. 372 373 5. MHSCountry is defined as a subclass of Country, and so the 374 same entry will be used for MHS Routing as for the rest of the 375 DIT. 376 377 6. The numeric country code will be an alias. 378 379 7. ADMD will always be present in the hierarchy. This is true 380 in the case of " " and of "0". This facilitates an easy 381 mechanical transformation between the two forms of address. 382 383 8. Each node is named by the relevant part of the O/R Address. 384 385 9. Aliases may be used in other parts of the tree, in order to 386 normalize alternate values. Where an alias is used, the value of 387 the alias should be present as an alternate value in the node 388 aliased to. Aliases may not be used for domain defined 389 attributes. 390 391 392 393 394Kille Standards Track [Page 7] 395 396RFC 2294 Directory Information Tree March 1998 397 398 399 10. Domain Defined Attributes are named by a multi-valued RDN 400 (Relative Distinguished Name), consisting of the type and value. 401 This is done so that standard attribute syntaxes can be used. 402 403 11. Where an O/R Address has a valid Printable String and T.61 form, 404 both must be present, with one as an alias for the other. This 405 is so that direct lookup of the name will work, independent of 406 the variant used. When both are present in an O/R Address being 407 looked up, either may be used to construct the distinguished 408 name. 409 410 12. Personal name is handled by use of the mHSPerson object class. 411 Each of the components of the personal name will be present in 412 the relative distinguished name, which will usually be multi- 413 valued. 414 415 The relationship between X.400 O/R Addresses and the X.400 Entries 416 (Attribute Type and Object Class) are given in Table 2. Where there 417 are multiple Organizational Units or Domain Defined Attributes, each 418 component is mapped onto a single X.500 entry. 419 420 Note: When an X.121 address is used for addressing fax transmission, 421 this may only be done relative to the PRMD or ADMD. This is in 422 line with the current X.400 standards position. This means that 423 it is not possible to use this form of addressing for an 424 organizational or departmental fax gateway service. 425 426O/R Address Object Class Naming Attribute 427----------- ------------ ---------------- 428C mHSCountry countryName 429 or 430 mHSNumericCountryName 431A aDMD aDMDName 432P pRMD pRMDName 433O mHSOrganization mHSOrganizationName 434OU/OU1/OU2 mHSOrganizationalUnit mHSOrganizationalUnitName 435OU3/OU4 436PN mHSPerson personName 437CN mHSNamedObject mHSCommonName 438X121 mHSX121 mHSX121Address 439T-ID mHSTerminalID mHSTerminalIDName 440UA-ID mHSNumericUserIdentifier mHSNumericUserIdentifierName 441DDA mHSDomainDefinedAttribute mHSDomainDefinedAttributeType 442 and 443 mHSDomainDefinedAttributeValue 444 445 446 Table 2: O/R Address relationship to Directory Name 447 448 449 450Kille Standards Track [Page 8] 451 452RFC 2294 Directory Information Tree March 1998 453 454 4552 Notation 456 457 O/R Addresses are written in the standard X.400 Notation. 458 Distinguished Names use the string representation of distinguished 459 names defined in [3]. The keywords used for the attributes defined 460 in this specification are given in Table 3. 461 4623 Example Representation 463 464 The O/R Address: 465 466 I=S; S=Kille; OU1=CS; O=UCL, 467 P=UK.AC; A=Gold 400; C=GB; 468 469 470 would be represented in the directory as: 471 472 MHS-I=S + MHS-S=Kille, MHS-OU=CS, MHS-O=UCL, 473 474 475 Attribute Keyword 476 --------- ------- 477 mHSNumericCountryName MHS-Numeric-Country 478 aDMDName ADMD 479 pRMDName PRMD 480 mHSOrganizationName MHS-O 481 mHSOrganizationalUnitName MHS-OU 482 mHSSurname MHS-S 483 mHSGivenName MHS-G 484 mHSInitials MHS-I 485 mHSGenerationalQualifier MHS-GQ 486 mHSCommonName MHS-CN 487 mHSX121Address MHS-X121 488 mHSDomainDefinedAttributeType MHS-DDA-Type 489 mHSDomainDefinedAttributeValue MHS-DDA-Value 490 mHSTerminalIDName MHS-T-ID 491 mHSNumericeUserIdentifierName MHS-UA-ID 492 493 Table 3: Keywords for String DN Representation 494 495 496 PRMD=UK.AC, ADMD=Gold 400, C=GB 497 4984 Mapping from O/R Address to Directory Name 499 500 The primary application of this mapping is to take an X.400 encoded 501 O/R Address and to generate an equivalent directory name. This 502 mapping is only used for selected types of O/R Address: 503 504 505 506Kille Standards Track [Page 9] 507 508RFC 2294 Directory Information Tree March 1998 509 510 511 o Mnemonic form 512 513 o Numeric form 514 515 o Terminal form, where country is present and X121 addressing 516 is used 517 518 Other forms of O/R address are handled by Access Unit mechanisms. 519 The O/R Address is treated as an ordered list, with the order as 520 defined in Table 1. For each O/R Address attribute, generate the 521 equivalent directory naming attribute. In most cases, the mapping is 522 mechanical. Printable String or Teletex encodings are chosen as 523 appropriate. Where both forms are present in the O/R Address, either 524 form may be used to generate the distinguished name. Both will be 525 represented in the DIT. There are two special cases: 526 527 1. A DDA generates a multi-valued RDN 528 529 2. The Personal Name is mapped to a multi-valued RDN 530 531 In many cases, an O/R Address will be provided, and only the higher 532 components of the address will be represented in the DIT. In this 533 case, the "longest possible match" should be returned. 534 5355 Mapping from Directory Name to O/R Address 536 537 The reverse mapping is also needed in some cases. All of the naming 538 attributes are unique, so the mapping is mechanically reversible. 539 5406 Acknowledgments 541 542 Acknowledgments for work on this document are given in [4]. 543 544References 545 546 [1] The Directory --- overview of concepts, models and services, 547 1993. CCITT X.500 Series Recommendations. 548 549 [2] Kille, S., "MIXER (Mime Internet X.400 Enhanced Relay): Mapping 550 between X.400 and RFC 822/MIME", RFC 2156, January 1998. 551 552 [3] Kille, S., "A String Representation of Distinguished Names", 553 RFC 1779, March 1995. 554 555 [4] Kille, S., "Use of an X.500/LDAP directory to support MIXER address 556 mapping", RFC 2164, January 1998. 557 558 559 560 561 562Kille Standards Track [Page 10] 563 564RFC 2294 Directory Information Tree March 1998 565 566 567 [5] Kille, S., "X.400-MHS use of the X.500 directory to support 568 X.400-MHS routing", RFC 1801, June 1995. 569 570 [6] CCITT recommendations X.400 / ISO 10021, April 1988. CCITT 571 SG 5/VII / ISO/IEC JTC1, Message Handling: System and Service 572 Overview. 573 5747 Security Considerations 575 576 This protocol introduces no known security risks. 577 5788 Author's Address 579 580 Steve Kille 581 Isode Ltd. 582 The Dome 583 The Square 584 Richmond 585 TW9 1DT 586 England 587 588 Phone: +44-181-332-9091 589 EMail: S.Kille@ISODE.COM 590 591 X.400: I=S; S=Kille; P=ISODE; A=Mailnet; C=FI; 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618Kille Standards Track [Page 11] 619 620RFC 2294 Directory Information Tree March 1998 621 622 623A Object Identifier Assignment 624 625mhs-ds OBJECT IDENTIFIER ::= {iso(1) org(3) dod(6) internet(1) private(4) 626 enterprises(1) isode-consortium (453) mhs-ds (7)} 627 628 629tree OBJECT IDENTIFIER ::= {mhs-ds 2} 630 631oc OBJECT IDENTIFIER ::= {tree 1} 632at OBJECT IDENTIFIER ::= {tree 2} 633 634oc-admd OBJECT IDENTIFIER ::= {oc 1} 10 635oc-mhs-country OBJECT IDENTIFIER ::= {oc 2} 636oc-mhs-domain-defined-attribute OBJECT IDENTIFIER ::= {oc 3} 637oc-mhs-named-object OBJECT IDENTIFIER ::= {oc 4} 638oc-mhs-organization OBJECT IDENTIFIER ::= {oc 5} 639oc-mhs-organizational-unit OBJECT IDENTIFIER ::= {oc 6} 640oc-mhs-person OBJECT IDENTIFIER ::= {oc 7} 641oc-mhs-x121 OBJECT IDENTIFIER ::= {oc 8} 642oc-prmd OBJECT IDENTIFIER ::= {oc 9} 643oc-mhs-terminal-id OBJECT IDENTIFIER ::= {oc 10} 644oc-mhs-numeric-user-id OBJECT IDENTIFIER ::= {oc 11} 20 645 646at-admd-name OBJECT IDENTIFIER ::= {at 1} 647at-mhs-common-name OBJECT IDENTIFIER ::= {at 2} 648at-mhs-domain-defined-attribute-type OBJECT IDENTIFIER ::= {at 3} 649at-mhs-domain-defined-attribute-value OBJECT IDENTIFIER ::= {at 4} 650at-mhs-numeric-country-name OBJECT IDENTIFIER ::= {at 5} 651at-mhs-organization-name OBJECT IDENTIFIER ::= {at 6} 652at-mhs-organizational-unit-name OBJECT IDENTIFIER ::= {at 7} 653at-prmd-name OBJECT IDENTIFIER ::= {at 10} 654at-x121-address OBJECT IDENTIFIER ::= {at 12} 30 655at-mhs-terminal-id-name OBJECT IDENTIFIER ::= {at 13} 656at-mhs-numeric-user-id-name OBJECT IDENTIFIER ::= {at 14} 657at-mhs-surname OBJECT IDENTIFIER ::= {at 15} 658at-mhs-given-name OBJECT IDENTIFIER ::= {at 16} 659at-mhs-initials OBJECT IDENTIFIER ::= {at 17} 660at-mhs-generation-qualifier OBJECT IDENTIFIER ::= {at 18} 661 662 Figure 3: Object Identifier Assignment 663 664 665 666 667 668 669 670 671 672 673 674Kille Standards Track [Page 12] 675 676RFC 2294 Directory Information Tree March 1998 677 678 679Full Copyright Statement 680 681 Copyright (C) The Internet Society (1998). All Rights Reserved. 682 683 This document and translations of it may be copied and furnished to 684 others, and derivative works that comment on or otherwise explain it 685 or assist in its implementation may be prepared, copied, published 686 and distributed, in whole or in part, without restriction of any 687 kind, provided that the above copyright notice and this paragraph are 688 included on all such copies and derivative works. However, this 689 document itself may not be modified in any way, such as by removing 690 the copyright notice or references to the Internet Society or other 691 Internet organizations, except as needed for the purpose of 692 developing Internet standards in which case the procedures for 693 copyrights defined in the Internet Standards process must be 694 followed, or as required to translate it into languages other than 695 English. 696 697 The limited permissions granted above are perpetual and will not be 698 revoked by the Internet Society or its successors or assigns. 699 700 This document and the information contained herein is provided on an 701 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 702 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 703 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 704 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 705 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730Kille Standards Track [Page 13] 731 732