1 2 3 4 5 6 7Network Working Group K. Zeilenga, Ed. 8Request for Comments: 4510 OpenLDAP Foundation 9Obsoletes: 2251, 2252, 2253, 2254, 2255, June 2006 10 2256, 2829, 2830, 3377, 3771 11Category: Standards Track 12 13 14 Lightweight Directory Access Protocol (LDAP): 15 Technical Specification Road Map 16 17Status of This Memo 18 19 This document specifies an Internet standards track protocol for the 20 Internet community, and requests discussion and suggestions for 21 improvements. Please refer to the current edition of the "Internet 22 Official Protocol Standards" (STD 1) for the standardization state 23 and status of this protocol. Distribution of this memo is unlimited. 24 25Copyright Notice 26 27 Copyright (C) The Internet Society (2006). 28 29Abstract 30 31 The Lightweight Directory Access Protocol (LDAP) is an Internet 32 protocol for accessing distributed directory services that act in 33 accordance with X.500 data and service models. This document 34 provides a road map of the LDAP Technical Specification. 35 361. The LDAP Technical Specification 37 38 The technical specification detailing version 3 of the Lightweight 39 Directory Access Protocol (LDAP), an Internet Protocol, consists of 40 this document and the following documents: 41 42 LDAP: The Protocol [RFC4511] 43 LDAP: Directory Information Models [RFC4512] 44 LDAP: Authentication Methods and Security Mechanisms [RFC4513] 45 LDAP: String Representation of Distinguished Names [RFC4514] 46 LDAP: String Representation of Search Filters [RFC4515] 47 LDAP: Uniform Resource Locator [RFC4516] 48 LDAP: Syntaxes and Matching Rules [RFC4517] 49 LDAP: Internationalized String Preparation [RFC4518] 50 LDAP: Schema for User Applications [RFC4519] 51 52 53 54 55 56 57 58Zeilenga Standards Track [Page 1] 59 60RFC 4510 LDAP: TS Road Map June 2006 61 62 63 The terms "LDAP" and "LDAPv3" are commonly used to refer informally 64 to the protocol specified by this technical specification. The LDAP 65 suite, as defined here, should be formally identified in other 66 documents by a normative reference to this document. 67 68 LDAP is an extensible protocol. Extensions to LDAP may be specified 69 in other documents. Nomenclature denoting such combinations of 70 LDAP-plus-extensions is not defined by this document but may be 71 defined in some future document(s). Extensions are expected to be 72 truly optional. Considerations for the LDAP extensions described in 73 BCP 118, RFC 4521 [RFC4521] fully apply to this revision of the LDAP 74 Technical Specification. 75 76 IANA (Internet Assigned Numbers Authority) considerations for LDAP 77 described in BCP 64, RFC 4520 [RFC4520] apply fully to this revision 78 of the LDAP technical specification. 79 801.1. Conventions 81 82 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 83 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 84 document are to be interpreted as described in BCP 14 [RFC2119]. 85 862. Relationship to X.500 87 88 This technical specification defines LDAP in terms of [X.500] as an 89 X.500 access mechanism. An LDAP server MUST act in accordance with 90 the X.500 (1993) series of International Telecommunication Union - 91 Telecommunication Standardization (ITU-T) Recommendations when 92 providing the service. However, it is not required that an LDAP 93 server make use of any X.500 protocols in providing this service. 94 For example, LDAP can be mapped onto any other directory system so 95 long as the X.500 data and service models [X.501][X.511], as used in 96 LDAP, are not violated in the LDAP interface. 97 98 This technical specification explicitly incorporates portions of 99 X.500(93). Later revisions of X.500 do not automatically apply to 100 this technical specification. 101 1023. Relationship to Obsolete Specifications 103 104 This technical specification, as defined in Section 1, obsoletes 105 entirely the previously defined LDAP technical specification defined 106 in RFC 3377 (and consisting of RFCs 2251-2256, 2829, 2830, 3771, and 107 3377 itself). The technical specification was significantly 108 reorganized. 109 110 111 112 113 114Zeilenga Standards Track [Page 2] 115 116RFC 4510 LDAP: TS Road Map June 2006 117 118 119 This document replaces RFC 3377 as well as Section 3.3 of RFC 2251. 120 [RFC4512] replaces portions of RFC 2251, RFC 2252, and RFC 2256. 121 [RFC4511] replaces the majority RFC 2251, portions of RFC 2252, and 122 all of RFC 3771. [RFC4513] replaces RFC 2829, RFC 2830, and portions 123 of RFC 2251. [RFC4517] replaces the majority of RFC 2252 and 124 portions of RFC 2256. [RFC4519] replaces the majority of RFC 2256. 125 [RFC4514] replaces RFC 2253. [RFC4515] replaces RFC 2254. [RFC4516] 126 replaces RFC 2255. 127 128 [RFC4518] is new to this revision of the LDAP technical 129 specification. 130 131 Each document of this specification contains appendices summarizing 132 changes to all sections of the specifications they replace. Appendix 133 A.1 of this document details changes made to RFC 3377. Appendix A.2 134 of this document details changes made to Section 3.3 of RFC 2251. 135 136 Additionally, portions of this technical specification update and/or 137 replace a number of other documents not listed above. These 138 relationships are discussed in the documents detailing these portions 139 of this technical specification. 140 1414. Security Considerations 142 143 LDAP security considerations are discussed in each document 144 comprising the technical specification. 145 1465. Acknowledgements 147 148 This document is based largely on RFC 3377 by J. Hodges and R. 149 Morgan, a product of the LDAPBIS and LDAPEXT Working Groups. The 150 document also borrows from RFC 2251 by M. Wahl, T. Howes, and S. 151 Kille, a product of the ASID Working Group. 152 153 This document is a product of the IETF LDAPBIS Working Group. 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170Zeilenga Standards Track [Page 3] 171 172RFC 4510 LDAP: TS Road Map June 2006 173 174 1756. Normative References 176 177 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 178 Requirement Levels", BCP 14, RFC 2119, March 1997. 179 180 [RFC4511] Sermersheim, J., Ed., "Lightweight Directory Access 181 Protocol (LDAP): The Protocol", RFC 4511, June 2006. 182 183 [RFC4512] Zeilenga, K., "Lightweight Directory Access Protocol 184 (LDAP): Directory Information Models", RFC 4512, June 185 2006. 186 187 [RFC4513] Harrison, R., Ed., "Lightweight Directory Access 188 Protocol (LDAP): Authentication Methods and Security 189 Mechanisms", RFC 4513, June 2006. 190 191 [RFC4514] Zeilenga, K., Ed., "Lightweight Directory Access 192 Protocol (LDAP): String Representation of Distinguished 193 Names", RFC 4514, June 2006. 194 195 [RFC4515] Smith, M., Ed. and T. Howes, "Lightweight Directory 196 Access Protocol (LDAP): String Representation of Search 197 Filters", RFC 4515, June 2006. 198 199 [RFC4516] Smith, M., Ed. and T. Howes, "Lightweight Directory 200 Access Protocol (LDAP): Uniform Resource Locator", RFC 201 4516, June 2006. 202 203 [RFC4517] Legg, S., Ed., "Lightweight Directory Access Protocol 204 (LDAP): Syntaxes and Matching Rules", RFC 4517, June 205 2006. 206 207 [RFC4518] Zeilenga, K., "Lightweight Directory Access Protocol 208 (LDAP): Internationalized String Preparation", RFC 209 4518, June 2006. 210 211 [RFC4519] Sciberras, A., Ed., "Lightweight Directory Access 212 Protocol (LDAP): Schema for User Applications", RFC 213 4519, June 2006. 214 215 [RFC4520] Zeilenga, K., "Internet Assigned Numbers Authority 216 (IANA) Considerations for the Lightweight Directory 217 Access Protocol (LDAP)", BCP 64, RFC 4520, June 2006. 218 219 [RFC4521] Zeilenga, K., "Considerations for LDAP Extensions", BCP 220 118, RFC 4521, June 2006. 221 222 223 224 225 226Zeilenga Standards Track [Page 4] 227 228RFC 4510 LDAP: TS Road Map June 2006 229 230 231 [X.500] International Telecommunication Union - 232 Telecommunication Standardization Sector, "The 233 Directory -- Overview of concepts, models and 234 services", X.500(1993) (also ISO/IEC 9594-1:1994). 235 236 [X.501] International Telecommunication Union - 237 Telecommunication Standardization Sector, "The 238 Directory -- Models", X.501(1993) (also ISO/IEC 9594- 239 2:1994). 240 241 [X.511] International Telecommunication Union - 242 Telecommunication Standardization Sector, "The 243 Directory: Abstract Service Definition", X.511(1993) 244 (also ISO/IEC 9594-3:1993). 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282Zeilenga Standards Track [Page 5] 283 284RFC 4510 LDAP: TS Road Map June 2006 285 286 287Appendix A. Changes to Previous Documents 288 289 This appendix outlines changes this document makes relative to the 290 documents it replaces (in whole or in part). 291 292A.1. Changes to RFC 3377 293 294 This document is nearly a complete rewrite of RFC 3377 as much of the 295 material of RFC 3377 is no longer applicable. The changes include 296 redefining the terms "LDAP" and "LDAPv3" to refer to this revision of 297 the technical specification. 298 299A.2. Changes to Section 3.3 of RFC 2251 300 301 The section was modified slightly (the word "document" was replaced 302 with "technical specification") to clarify that it applies to the 303 entire LDAP technical specification. 304 305Author's Address 306 307 Kurt D. Zeilenga 308 OpenLDAP Foundation 309 310 EMail: Kurt@OpenLDAP.org 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338Zeilenga Standards Track [Page 6] 339 340RFC 4510 LDAP: TS Road Map June 2006 341 342 343Full Copyright Statement 344 345 Copyright (C) The Internet Society (2006). 346 347 This document is subject to the rights, licenses and restrictions 348 contained in BCP 78, and except as set forth therein, the authors 349 retain all their rights. 350 351 This document and the information contained herein are provided on an 352 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 353 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET 354 ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, 355 INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE 356 INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 357 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 358 359Intellectual Property 360 361 The IETF takes no position regarding the validity or scope of any 362 Intellectual Property Rights or other rights that might be claimed to 363 pertain to the implementation or use of the technology described in 364 this document or the extent to which any license under such rights 365 might or might not be available; nor does it represent that it has 366 made any independent effort to identify any such rights. Information 367 on the procedures with respect to rights in RFC documents can be 368 found in BCP 78 and BCP 79. 369 370 Copies of IPR disclosures made to the IETF Secretariat and any 371 assurances of licenses to be made available, or the result of an 372 attempt made to obtain a general license or permission for the use of 373 such proprietary rights by implementers or users of this 374 specification can be obtained from the IETF on-line IPR repository at 375 http://www.ietf.org/ipr. 376 377 The IETF invites any interested party to bring to its attention any 378 copyrights, patents or patent applications, or other proprietary 379 rights that may cover technology that may be required to implement 380 this standard. Please address the information to the IETF at 381 ietf-ipr@ietf.org. 382 383Acknowledgement 384 385 Funding for the RFC Editor function is provided by the IETF 386 Administrative Support Activity (IASA). 387 388 389 390 391 392 393 394Zeilenga Standards Track [Page 7] 395 396