Network Working Group C. Newman Request for Comments: 2244 Innosoft Category: Standards Track J. G. Myers Netscape November 1997
Network Working Group C. Newman Request for Comments: 2244 Innosoft Category: Standards Track J. G. Myers Netscape November 1997
ACAP -- Application Configuration Access Protocol
ACAP——应用程序配置访问协议
Status of this Memo
本备忘录的状况
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society 1997. All Rights Reserved.
版权所有(C)互联网协会1997。版权所有。
Abstract
摘要
The Application Configuration Access Protocol (ACAP) is designed to support remote storage and access of program option, configuration and preference information. The data store model is designed to allow a client relatively simple access to interesting data, to allow new information to be easily added without server re-configuration, and to promote the use of both standardized data and custom or proprietary data. Key features include "inheritance" which can be used to manage default values for configuration settings and access control lists which allow interesting personal information to be shared and group information to be restricted.
应用程序配置访问协议(ACAP)旨在支持远程存储和访问程序选项、配置和首选项信息。数据存储模型旨在允许客户端相对简单地访问感兴趣的数据,允许在不重新配置服务器的情况下轻松添加新信息,并促进标准化数据和自定义或专有数据的使用。主要功能包括“继承”,可用于管理配置设置和访问控制列表的默认值,允许共享感兴趣的个人信息和限制组信息。
Table of Contents
目录
Status of this Memo ............................................... i Copyright Notice .................................................. i Abstract .......................................................... i ACAP Protocol Specification ....................................... 1 1. Introduction ............................................. 1 1.1. Conventions Used in this Document ........................ 1 1.2. ACAP Data Model .......................................... 1 1.3. ACAP Design Goals ........................................ 1 1.4. Validation ............................................... 2 1.5. Definitions .............................................. 2 1.6. ACAP Command Overview .................................... 4 2. Protocol Framework ....................................... 4 2.1. Link Level ............................................... 4 2.2. Commands and Responses ................................... 4 2.2.1. Client Protocol Sender and Server Protocol Receiver ...... 4 2.2.2. Server Protocol Sender and Client Protocol Receiver ...... 5 2.3. Server States ............................................ 6 2.3.1. Non-Authenticated State .................................. 6 2.3.2. Authenticated State ...................................... 6 2.3.3. Logout State ............................................. 6 2.4. Operational Considerations ............................... 7 2.4.1. Untagged Status Updates .................................. 7 2.4.2. Response when No Command in Progress ..................... 7 2.4.3. Auto-logout Timer ........................................ 7 2.4.4. Multiple Commands in Progress ............................ 8 2.5. Server Command Continuation Request ...................... 8 2.6. Data Formats ............................................. 8 2.6.1. Atom ..................................................... 9 2.6.2. Number ................................................... 9 2.6.3. String ................................................... 9 2.6.3.1. 8-bit and Binary Strings ................................. 10 2.6.4. Parenthesized List ....................................... 10 2.6.5. NIL ...................................................... 10 3. Protocol Elements ........................................ 10 3.1. Entries and Attributes ................................... 10 3.1.1. Predefined Attributes .................................... 11 3.1.2. Attribute Metadata ....................................... 12 3.2. ACAP URL scheme .......................................... 13 3.2.1. ACAP URL User Name and Authentication Mechanism .......... 13 3.2.2. Relative ACAP URLs ....................................... 14 3.3. Contexts ................................................. 14
Status of this Memo ............................................... i Copyright Notice .................................................. i Abstract .......................................................... i ACAP Protocol Specification ....................................... 1 1. Introduction ............................................. 1 1.1. Conventions Used in this Document ........................ 1 1.2. ACAP Data Model .......................................... 1 1.3. ACAP Design Goals ........................................ 1 1.4. Validation ............................................... 2 1.5. Definitions .............................................. 2 1.6. ACAP Command Overview .................................... 4 2. Protocol Framework ....................................... 4 2.1. Link Level ............................................... 4 2.2. Commands and Responses ................................... 4 2.2.1. Client Protocol Sender and Server Protocol Receiver ...... 4 2.2.2. Server Protocol Sender and Client Protocol Receiver ...... 5 2.3. Server States ............................................ 6 2.3.1. Non-Authenticated State .................................. 6 2.3.2. Authenticated State ...................................... 6 2.3.3. Logout State ............................................. 6 2.4. Operational Considerations ............................... 7 2.4.1. Untagged Status Updates .................................. 7 2.4.2. Response when No Command in Progress ..................... 7 2.4.3. Auto-logout Timer ........................................ 7 2.4.4. Multiple Commands in Progress ............................ 8 2.5. Server Command Continuation Request ...................... 8 2.6. Data Formats ............................................. 8 2.6.1. Atom ..................................................... 9 2.6.2. Number ................................................... 9 2.6.3. String ................................................... 9 2.6.3.1. 8-bit and Binary Strings ................................. 10 2.6.4. Parenthesized List ....................................... 10 2.6.5. NIL ...................................................... 10 3. Protocol Elements ........................................ 10 3.1. Entries and Attributes ................................... 10 3.1.1. Predefined Attributes .................................... 11 3.1.2. Attribute Metadata ....................................... 12 3.2. ACAP URL scheme .......................................... 13 3.2.1. ACAP URL User Name and Authentication Mechanism .......... 13 3.2.2. Relative ACAP URLs ....................................... 14 3.3. Contexts ................................................. 14
3.4. Comparators .............................................. 15 3.5. Access Control Lists (ACLs) .............................. 17 3.6. Server Response Codes .................................... 18 4. Namespace Conventions .................................... 21 4.1. Dataset Namespace ........................................ 21 4.2. Attribute Namespace ...................................... 21 4.3. Formal Syntax for Dataset and Attribute Namespace ........ 22 5. Dataset Management ....................................... 23 5.1. Dataset Inheritance ...................................... 23 5.2. Dataset Attributes ....................................... 24 5.3. Dataset Creation ......................................... 25 5.4. Dataset Class Capabilities ............................... 25 5.5. Dataset Quotas ........................................... 26 6. Command and Response Specifications ...................... 26 6.1. Initial Connection ....................................... 26 6.1.1. ACAP Untagged Response ................................... 26 6.2. Any State ................................................ 27 6.2.1. NOOP Command ............................................. 27 6.2.2. LANG Command ............................................. 28 6.2.3. LANG Intermediate Response ............................... 28 6.2.4. LOGOUT Command ........................................... 29 6.2.5. OK Response .............................................. 29 6.2.6. NO Response .............................................. 29 6.2.7. BAD Response ............................................. 30 6.2.8. BYE Untagged Response .................................... 30 6.2.9. ALERT Untagged Response .................................. 31 6.3. Non-Authenticated State .................................. 31 6.3.1. AUTHENTICATE Command ..................................... 31 6.4. Searching ................................................ 33 6.4.1. SEARCH Command ........................................... 33 6.4.2. ENTRY Intermediate Response .............................. 37 6.4.3. MODTIME Intermediate Response ............................ 38 6.4.4. REFER Intermediate Response .............................. 38 6.4.5. Search Examples .......................................... 38 6.5. Contexts ................................................. 39 6.5.1. FREECONTEXT Command ...................................... 39 6.5.2. UPDATECONTEXT Command .................................... 40 6.5.3. ADDTO Untagged Response .................................. 40 6.5.4. REMOVEFROM Untagged Response ............................. 41 6.5.5. CHANGE Untagged Response ................................. 41 6.5.6. MODTIME Untagged Response ................................ 42 6.6. Dataset modification ..................................... 42 6.6.1. STORE Command ............................................ 42 6.6.2. DELETEDSINCE Command ..................................... 45 6.6.3. DELETED Intermediate Response ............................ 45 6.7. Access Control List Commands ............................. 45 6.7.1. SETACL Command ........................................... 46 6.7.2. DELETEACL Command ........................................ 46
3.4. Comparators .............................................. 15 3.5. Access Control Lists (ACLs) .............................. 17 3.6. Server Response Codes .................................... 18 4. Namespace Conventions .................................... 21 4.1. Dataset Namespace ........................................ 21 4.2. Attribute Namespace ...................................... 21 4.3. Formal Syntax for Dataset and Attribute Namespace ........ 22 5. Dataset Management ....................................... 23 5.1. Dataset Inheritance ...................................... 23 5.2. Dataset Attributes ....................................... 24 5.3. Dataset Creation ......................................... 25 5.4. Dataset Class Capabilities ............................... 25 5.5. Dataset Quotas ........................................... 26 6. Command and Response Specifications ...................... 26 6.1. Initial Connection ....................................... 26 6.1.1. ACAP Untagged Response ................................... 26 6.2. Any State ................................................ 27 6.2.1. NOOP Command ............................................. 27 6.2.2. LANG Command ............................................. 28 6.2.3. LANG Intermediate Response ............................... 28 6.2.4. LOGOUT Command ........................................... 29 6.2.5. OK Response .............................................. 29 6.2.6. NO Response .............................................. 29 6.2.7. BAD Response ............................................. 30 6.2.8. BYE Untagged Response .................................... 30 6.2.9. ALERT Untagged Response .................................. 31 6.3. Non-Authenticated State .................................. 31 6.3.1. AUTHENTICATE Command ..................................... 31 6.4. Searching ................................................ 33 6.4.1. SEARCH Command ........................................... 33 6.4.2. ENTRY Intermediate Response .............................. 37 6.4.3. MODTIME Intermediate Response ............................ 38 6.4.4. REFER Intermediate Response .............................. 38 6.4.5. Search Examples .......................................... 38 6.5. Contexts ................................................. 39 6.5.1. FREECONTEXT Command ...................................... 39 6.5.2. UPDATECONTEXT Command .................................... 40 6.5.3. ADDTO Untagged Response .................................. 40 6.5.4. REMOVEFROM Untagged Response ............................. 41 6.5.5. CHANGE Untagged Response ................................. 41 6.5.6. MODTIME Untagged Response ................................ 42 6.6. Dataset modification ..................................... 42 6.6.1. STORE Command ............................................ 42 6.6.2. DELETEDSINCE Command ..................................... 45 6.6.3. DELETED Intermediate Response ............................ 45 6.7. Access Control List Commands ............................. 45 6.7.1. SETACL Command ........................................... 46 6.7.2. DELETEACL Command ........................................ 46
6.7.3. MYRIGHTS Command ......................................... 47 6.7.4. MYRIGHTS Intermediate Response ........................... 47 6.7.5. LISTRIGHTS Command ....................................... 47 6.7.6. LISTRIGHTS Intermediate Response ......................... 48 6.8. Quotas ................................................... 48 6.8.1. GETQUOTA Command ......................................... 48 6.8.3. QUOTA Untagged Response .................................. 49 6.9. Extensions ............................................... 49 7. Registration Procedures .................................. 49 7.1. ACAP Capabilities ........................................ 50 7.2. ACAP Response Codes ...................................... 50 7.3. Dataset Classes .......................................... 51 7.4. Vendor Subtree ........................................... 51 8. Formal Syntax ............................................ 52 9. Multi-lingual Considerations ............................. 61 10. Security Considerations .................................. 62 11. Acknowledgments .......................................... 63 12. Authors' Addresses ....................................... 63 Appendices ........................................................ 64 A. References ............................................... 64 B. ACAP Keyword Index ....................................... 66 C. Full Copyright Statement
6.7.3. MYRIGHTS Command ......................................... 47 6.7.4. MYRIGHTS Intermediate Response ........................... 47 6.7.5. LISTRIGHTS Command ....................................... 47 6.7.6. LISTRIGHTS Intermediate Response ......................... 48 6.8. Quotas ................................................... 48 6.8.1. GETQUOTA Command ......................................... 48 6.8.3. QUOTA Untagged Response .................................. 49 6.9. Extensions ............................................... 49 7. Registration Procedures .................................. 49 7.1. ACAP Capabilities ........................................ 50 7.2. ACAP Response Codes ...................................... 50 7.3. Dataset Classes .......................................... 51 7.4. Vendor Subtree ........................................... 51 8. Formal Syntax ............................................ 52 9. Multi-lingual Considerations ............................. 61 10. Security Considerations .................................. 62 11. Acknowledgments .......................................... 63 12. Authors' Addresses ....................................... 63 Appendices ........................................................ 64 A. References ............................................... 64 B. ACAP Keyword Index ....................................... 66 C. Full Copyright Statement
ACAP Protocol Specification
ACAP协议规范
In examples, "C:" and "S:" indicate lines sent by the client and server respectively. If such lines are wrapped without a new "C:" or "S:" label, then the wrapping is for editorial clarity and is not part of the command.
在示例中,“C:”和“S:”分别表示客户端和服务器发送的行。如果这些行没有新的“C:”或“S:”标签而被换行,则换行是为了编辑清晰,而不是命令的一部分。
The key words "REQUIRED", "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY" in this document are to be interpreted as described in "Key words for use in RFCs to Indicate Requirement Levels" [KEYWORDS].
本文件中的关键词“必需”、“必须”、“不得”、“应该”、“不应该”和“可能”应按照“RFC中用于指示需求水平的关键词”[关键词]中的描述进行解释。
An ACAP server exports a hierarchical tree of entries. Each level of the tree is called a dataset, and each dataset is made up of a list of entries. Each entry has a unique name and may contain any number of named attributes. Each attribute within an entry may be single valued or multi-valued and may have associated metadata to assist access and interpretation of the value.
ACAP服务器导出条目的层次结构树。树的每一层称为数据集,每个数据集由一个条目列表组成。每个条目都有一个唯一的名称,可以包含任意数量的命名属性。条目中的每个属性可以是单值或多值的,并且可以有关联的元数据来帮助访问和解释值。
The rules with which a client interprets the data within a portion of ACAP's tree of entries are called a dataset class.
客户机用来解释ACAP条目的树的一部分中的数据的规则称为dataset类。
ACAP's primary purpose is to allow users access to their configuration data from multiple network-connected computers. Users can then sit down in front of any network-connected computer, run any ACAP-enabled application and have access to their own configuration data. Because it is hoped that many applications will become ACAP-enabled, client simplicity was preferred to server or protocol simplicity whenever reasonable.
ACAP的主要目的是允许用户从多台网络连接的计算机访问其配置数据。然后,用户可以坐在任何连接网络的计算机前,运行任何启用ACAP的应用程序,并访问自己的配置数据。因为人们希望许多应用程序能够支持ACAP,所以在合理的情况下,客户端的简单性比服务器或协议的简单性更受欢迎。
ACAP is designed to be easily manageable. For this reason, it includes "inheritance" which allows one dataset to inherit default attributes from another dataset. In addition, access control lists are included to permit delegation of management and quotas are included to control storage. Finally, an ACAP server which is conformant to this base specification should be able to support most dataset classes defined in the future without requiring a server reconfiguration or upgrade.
ACAP设计为易于管理。因此,它包括“继承”,允许一个数据集从另一个数据集继承默认属性。此外,还包括访问控制列表以允许授权管理,并包括配额以控制存储。最后,符合此基本规范的ACAP服务器应该能够支持将来定义的大多数数据集类,而无需重新配置或升级服务器。
ACAP is designed to operate well with a client that only has intermittent access to an ACAP server. For this reason, each entry has a server maintained modification time so that the client may detect changes. In addition, the client may ask the server for a list of entries which have been removed since it last accessed the server.
ACAP的设计目的是在客户端只能间歇访问ACAP服务器的情况下运行良好。因此,每个条目都有一个由服务器维护的修改时间,以便客户端可以检测到更改。此外,客户机可能会要求服务器提供自上次访问服务器以来已删除的条目列表。
ACAP presumes that a dataset may be potentially large and/or the client's network connection may be slow, and thus offers server sorting, selective fetching and change notification for entries within a dataset.
ACAP假定数据集可能很大和/或客户端的网络连接可能较慢,因此为数据集中的条目提供服务器排序、选择性获取和更改通知。
As required for most Internet protocols, security, scalability and internationalization were important design goals.
正如大多数互联网协议所要求的那样,安全性、可扩展性和国际化是重要的设计目标。
Given these design goals, an attempt was made to keep ACAP as simple as possible. It is a traditional Internet text based protocol which massively simplifies protocol debugging. It was designed based on the successful IMAP [IMAP4] protocol framework, with a few refinements.
考虑到这些设计目标,我们试图使ACAP尽可能简单。它是一种传统的基于互联网文本的协议,大大简化了协议调试。它是基于成功的IMAP[IMAP4]协议框架设计的,并进行了一些改进。
By default, any value may be stored in any attribute for which the user has appropriate permission and quota. This rule is necessary to allow the addition of new simple dataset classes without reconfiguring or upgrading the server.
默认情况下,任何值都可以存储在用户具有适当权限和配额的任何属性中。此规则对于允许添加新的简单数据集类而无需重新配置或升级服务器是必需的。
In some cases, such as when the value has special meaning to the server, it is useful to have the server enforce validation by returning the INVALID response code to a STORE command. These cases MUST be explicitly identified in the dataset class specification which SHOULD include specific fixed rules for validation. Since a given ACAP server may be unaware of any particular dataset class specification, clients MUST NOT depend on the presence of enforced validation on the server.
在某些情况下,例如当该值对服务器具有特殊意义时,让服务器通过向STORE命令返回无效的响应代码来强制验证非常有用。这些情况必须在dataset类规范中明确标识,该规范应包括用于验证的特定固定规则。由于给定的ACAP服务器可能不知道任何特定的数据集类规范,因此客户端不能依赖于服务器上是否存在强制验证。
access control list (ACL) A set of identifier, rights pairs associated with an object. An ACL is used to determine which operations a user is permitted to perform on that object. See section 3.5.
访问控制列表(ACL)与对象关联的一组标识符、权限对。ACL用于确定允许用户对该对象执行哪些操作。见第3.5节。
attribute A named value within an entry. See section 3.1.
属性项中的命名值。见第3.1节。
comparator A named function which can be used to perform one or more of three comparison operations: ordering, equality and substring matching. See section 3.4.
比较器一种命名函数,可用于执行三种比较操作中的一种或多种:排序、相等和子字符串匹配。见第3.4节。
context An ordered subset of entries in a dataset, created by a SEARCH command with a MAKECONTEXT modifier. See section 3.3.
上下文数据集中条目的有序子集,由带有MAKECONTEXT修饰符的搜索命令创建。见第3.3节。
dataset One level of hierarchy in ACAP's tree of entries.
数据集ACAP条目树中的一级层次结构。
dataset class specification The rules which allow a client to interpret the data within a portion of ACAP's tree of entries.
数据集类规范允许客户机解释ACAP部分条目树中的数据的规则。
entry A set of attributes with a unique entry name. See section 3.1.
条目具有唯一条目名称的一组属性。见第3.1节。
metadata Information describing an attribute, its value and any access controls associated with that attribute. See section 3.1.2.
描述属性、属性值以及与该属性关联的任何访问控制的元数据信息。见第3.1.2节。
NIL This represents the non-existence of a particular data item.
NIL这表示特定数据项不存在。
NUL A control character encoded as 0 in US-ASCII [US-ASCII].
NUL在US-ASCII[US-ASCII]中编码为0的控制字符。
octet An 8-bit value. On most modern computer systems, an octet is one byte.
八位字节8位值。在大多数现代计算机系统中,八位字节是一个字节。
SASL Simple Authentication and Security Layer [SASL].
SASL简单身份验证和安全层[SASL]。
UTC Universal Coordinated Time as maintained by the Bureau International des Poids et Mesures (BIPM).
由国际计量局(BIPM)维护的UTC世界协调时间。
UTF-8 An 8-bit transformation format of the Universal Character Set [UTF8]. Note that an incompatible change was made to the coded character set referenced by [UTF8], so for the purpose of this document, UTF-8 refers to the UTF-8 encoding as defined by version 2.0 of Unicode [UNICODE-2], or ISO 10646 [ISO-10646] including amendments one through seven.
UTF-8通用字符集[UTF8]的8位转换格式。请注意,对[UTF8]引用的编码字符集进行了不兼容的更改,因此在本文档中,UTF-8指的是Unicode[Unicode-2]或ISO 10646[ISO-10646]版本2.0定义的UTF-8编码,包括第1至第7次修订。
The AUTHENTICATE, NOOP, LANG and LOGOUT commands provide basic protocol services. The SEARCH command is used to select, sort, fetch and monitor changes to attribute values and metadata. The UPDATECONTEXT and FREECONTEXT commands are also used to assist in monitoring changes in attribute values and metadata. The STORE command is used to add, modify and delete entries and attributes. The DELETEDSINCE command is used to assist a client in re-synchronizing a cache with the server. The GETQUOTA, SETACL, DELETEACL, LISTRIGHTS and MYRIGHTS commands are used to examine storage quotas and examine or modify access permissions.
AUTHENTICATE、NOOP、LANG和LOGOUT命令提供基本的协议服务。SEARCH命令用于选择、排序、获取和监视属性值和元数据的更改。UPDATECONTEXT和FREECONTEXT命令还用于帮助监视属性值和元数据的更改。STORE命令用于添加、修改和删除条目和属性。DELETEDSINCE命令用于帮助客户端与服务器重新同步缓存。GETQUOTA、SETACL、DELETEACL、LISTRIGHTS和MYRIGHTS命令用于检查存储配额以及检查或修改访问权限。
The ACAP protocol assumes a reliable data stream such as provided by TCP. When TCP is used, an ACAP server listens on port 674.
ACAP协议采用可靠的数据流,如TCP提供的数据流。使用TCP时,ACAP服务器会侦听端口674。
An ACAP session consists of the establishment of a client/server connection, an initial greeting from the server, and client/server interactions. These client/server interactions consist of a client command, server data, and a server completion result.
ACAP会话包括建立客户机/服务器连接、来自服务器的初始问候语以及客户机/服务器交互。这些客户机/服务器交互包括客户机命令、服务器数据和服务器完成结果。
ACAP is a text-based line-oriented protocol. In general, interactions transmitted by clients and servers are in the form of lines; that is, sequences of characters that end with a CRLF. The protocol receiver of an ACAP client or server is either reading a line, or is reading a sequence of octets with a known count (a literal) followed by a line. Both clients and servers must be capable of handling lines of arbitrary length.
ACAP是一种基于文本的面向行协议。一般来说,客户端和服务器传输的交互是线的形式;也就是说,以CRLF结尾的字符序列。ACAP客户端或服务器的协议接收器正在读取一行,或者正在读取一个八位字节序列,该序列的已知计数(文字)后跟一行。客户端和服务器都必须能够处理任意长度的线路。
The client command begins an operation. Each client command is prefixed with a identifier (an alphanumeric string of no more than 32 characters, e.g., A0001, A0002, etc.) called a "tag". A different tag SHOULD be generated by the client for each command.
client命令开始一个操作。每个客户端命令都以一个称为“标记”的标识符(不超过32个字符的字母数字字符串,例如A0001、A0002等)作为前缀。客户端应为每个命令生成不同的标记。
There are two cases in which a line from the client does not represent a complete command. In one case, a command argument is quoted with an octet count (see the description of literal in section 2.6.3); in the other case, the command arguments require server
有两种情况下,客户端的一行并不代表完整的命令。在一种情况下,使用八位字节计数引用命令参数(参见第2.6.3节中的文字描述);在另一种情况下,命令参数需要服务器
feedback (see the AUTHENTICATE command). In some of these cases, the server sends a command continuation request if it is ready for the next part of the command. This response is prefixed with the token "+".
反馈(请参阅AUTHENTICATE命令)。在某些情况下,如果服务器准备好执行命令的下一部分,则会发送命令继续请求。此响应以标记“+”作为前缀。
Note: If, instead, the server detected an error in a command, it sends a BAD completion response with tag matching the command (as described below) to reject the command and prevent the client from sending any more of the command.
注意:相反,如果服务器在命令中检测到错误,它将发送错误的完成响应,标记与命令匹配(如下所述),以拒绝命令并阻止客户端发送更多命令。
It is also possible for the server to send a completion or intermediate response for some other command (if multiple commands are in progress), or untagged data. In either case, the command continuation request is still pending; the client takes the appropriate action for the response, and reads another response from the server.
服务器还可以发送其他命令(如果正在执行多个命令)或未标记数据的完成或中间响应。在这两种情况下,命令继续请求仍处于挂起状态;客户端对响应采取适当的操作,并从服务器读取另一个响应。
The ACAP server reads a command line from the client, parses the command and its arguments, and transmits server data and a server command completion result.
ACAP服务器从客户端读取命令行,解析命令及其参数,并传输服务器数据和服务器命令完成结果。
Data transmitted by the server to the client come in four forms: command continuation requests, command completion results, intermediate responses, and untagged responses.
服务器向客户机传输的数据有四种形式:命令继续请求、命令完成结果、中间响应和未标记响应。
A command continuation request is prefixed with the token "+".
命令继续请求的前缀为标记“+”。
A command completion result indicates the success or failure of the operation. It is tagged with the same tag as the client command which began the operation. Thus, if more than one command is in progress, the tag in a server completion response identifies the command to which the response applies. There are three possible server completion responses: OK (indicating success), NO (indicating failure), or BAD (indicating protocol error such as unrecognized command or command syntax error).
命令完成结果指示操作的成功或失败。它使用与开始操作的客户端命令相同的标记进行标记。因此,如果正在执行多个命令,则服务器完成响应中的标记将标识响应所应用的命令。有三种可能的服务器完成响应:OK(表示成功)、NO(表示失败)或BAD(表示协议错误,如无法识别的命令或命令语法错误)。
An intermediate response returns data which can only be interpreted within the context of a command in progress. It is tagged with the same tag as the client command which began the operation. Thus, if more than one command is in progress, the tag in an intermediate response identifies the command to which the response applies. A tagged response other than "OK", "NO", or "BAD" is an intermediate response.
中间响应返回的数据只能在正在执行的命令的上下文中进行解释。它使用与开始操作的客户端命令相同的标记进行标记。因此,如果正在执行多个命令,则中间响应中的标记将标识响应应用到的命令。除了“OK”、“NO”或“BAD”之外的标记响应是中间响应。
An untagged response returns data or status messages which may be interpreted outside the context of a command in progress. It is prefixed with the token "*". Untagged data may be sent as a result of a client command, or may be sent unilaterally by the server. There is no syntactic difference between untagged data that resulted from a specific command and untagged data that were sent unilaterally.
未标记的响应返回数据或状态消息,这些数据或状态消息可能在正在执行的命令的上下文之外进行解释。它的前缀是标记“*”。未标记的数据可以通过客户端命令发送,也可以由服务器单方面发送。由特定命令生成的未标记数据和单方面发送的未标记数据之间没有语法差异。
The protocol receiver of an ACAP client reads a response line from the server. It then takes action on the response based upon the first token of the response, which may be a tag, a "*", or a "+" as described above.
ACAP客户端的协议接收器从服务器读取响应行。然后,它根据响应的第一个标记对响应采取操作,该标记可以是标记、“*”或“+”,如上所述。
A client MUST be prepared to accept any server response at all times. This includes untagged data that it may not have requested.
客户机必须随时准备接受任何服务器响应。这包括它可能没有请求的未标记数据。
This topic is discussed in greater detail in the Server Responses section.
服务器响应部分将更详细地讨论此主题。
An ACAP server is in one of three states. Most commands are valid in only certain states. It is a protocol error for the client to attempt a command while the server is in an inappropriate state for that command. In this case, a server will respond with a BAD command completion result.
ACAP服务器处于三种状态之一。大多数命令仅在某些状态下有效。当服务器处于不适合该命令的状态时,客户端尝试该命令是一种协议错误。在这种情况下,服务器将以错误的命令完成结果进行响应。
In non-authenticated state, the user must supply authentication credentials before most commands will be permitted. This state is entered when a connection starts.
在非身份验证状态下,用户必须提供身份验证凭据,然后才能允许大多数命令。此状态在连接启动时进入。
In authenticated state, the user is authenticated and most commands will be permitted. This state is entered when acceptable authentication credentials have been provided.
在“已验证”状态下,用户已验证,大多数命令将被允许。当提供了可接受的身份验证凭据时,将进入此状态。
In logout state, the session is being terminated, and the server will close the connection. This state can be entered as a result of a client request or by unilateral server decision.
在注销状态下,会话将被终止,服务器将关闭连接。此状态可以作为客户端请求的结果或通过单边服务器决定输入。
+--------------------------------------+ |initial connection and server greeting| +--------------------------------------+ || (1) || (2) VV || +-----------------+ || |non-authenticated| || +-----------------+ || || (4) || (3) || || VV || || +----------------+ || || | authenticated | || || +----------------+ || || || (4) || VV VV VV +--------------------------------------+ | logout and close connection | +--------------------------------------+
+--------------------------------------+ |initial connection and server greeting| +--------------------------------------+ || (1) || (2) VV || +-----------------+ || |non-authenticated| || +-----------------+ || || (4) || (3) || || VV || || +----------------+ || || | authenticated | || || +----------------+ || || || (4) || VV VV VV +--------------------------------------+ | logout and close connection | +--------------------------------------+
(1) connection (ACAP greeting) (2) rejected connection (BYE greeting) (3) successful AUTHENTICATE command (4) LOGOUT command, server shutdown, or connection closed
(1) 连接(ACAP问候语)(2)拒绝连接(BYE问候语)(3)成功验证命令(4)注销命令、服务器关闭或连接关闭
At any time, a server can send data that the client did not request.
在任何时候,服务器都可以发送客户端未请求的数据。
Server implementations are permitted to send an untagged response while there is no command in progress. Server implementations that send such responses MUST deal with flow control considerations. Specifically, they must either (1) verify that the size of the data does not exceed the underlying transport's available window size, or (2) use non-blocking writes.
允许服务器实现在没有命令进行时发送未标记的响应。发送此类响应的服务器实现必须处理流控制注意事项。具体地说,他们必须(1)验证数据大小不超过基础传输的可用窗口大小,或者(2)使用非阻塞写入。
If a server has an inactivity auto-logout timer, that timer MUST be of at least 30 minutes duration. The receipt of ANY command from the client during that interval MUST suffice to reset the auto-logout timer.
如果服务器具有非活动自动注销计时器,则该计时器的持续时间必须至少为30分钟。在该间隔期间,从客户端接收到的任何命令必须足以重置自动注销计时器。
The client is not required to wait for the completion result of a command before sending another command, subject to flow control constraints on the underlying data stream. Similarly, a server is not required to process a command to completion before beginning processing of the next command, unless an ambiguity would result because of a command that would affect the results of other commands. If there is such an ambiguity, the server executes commands to completion in the order given by the client.
根据底层数据流上的流控制约束,客户端不需要在发送另一个命令之前等待命令的完成结果。类似地,服务器不需要在开始处理下一个命令之前将命令处理到完成,除非由于某个命令会影响其他命令的结果而导致歧义。如果存在这种歧义,服务器将按照客户机给出的顺序执行命令以完成。
The command continuation request is indicated by a "+" token instead of a tag. This indicates that the server is ready to accept the continuation of a command from the client.
命令继续请求由“+”标记而不是标记表示。这表示服务器已准备好接受来自客户端的命令的继续。
This response is used in the AUTHENTICATE command to transmit server data to the client, and request additional client data. This response is also used if an argument to any command is a synchronizing literal (see section 2.6.3).
此响应在AUTHENTICATE命令中用于将服务器数据传输到客户端,并请求其他客户端数据。如果任何命令的参数是同步文字,也会使用此响应(参见第2.6.3节)。
The client is not permitted to send the octets of a synchronizing literal unless the server indicates that it expects it. This permits the server to process commands and reject errors on a line-by-line basis, assuming it checks for non-synchronizing literals at the end of each line. The remainder of the command, including the CRLF that terminates a command, follows the octets of the literal. If there are any additional command arguments the literal octets are followed by a space and those arguments.
不允许客户端发送同步文本的八位字节,除非服务器表明它需要它。这允许服务器逐行处理命令和拒绝错误,假设它检查每行末尾的非同步文本。命令的其余部分(包括终止命令的CRLF)位于文本的八位字节之后。如果有任何其他命令参数,则文字八位字节后面会有一个空格和这些参数。
Example: C: A099 FREECONTEXT {10} S: + "Ready for additional command text" C: FRED C: FOOB S: A099 OK "FREECONTEXT completed" C: A044 BLURDYBLOOP {102856} S: A044 BAD "No such command as 'BLURDYBLOOP'"
Example: C: A099 FREECONTEXT {10} S: + "Ready for additional command text" C: FRED C: FOOB S: A099 OK "FREECONTEXT completed" C: A044 BLURDYBLOOP {102856} S: A044 BAD "No such command as 'BLURDYBLOOP'"
ACAP uses textual commands and responses. Data in ACAP can be in one of five forms: atom, number, string, parenthesized list or NIL.
ACAP使用文本命令和响应。ACAP中的数据可以是五种形式之一:原子、数字、字符串、括号列表或NIL。
An atom consists of one to 1024 non-special characters. It must begin with a letter. Atoms are used for protocol keywords.
一个原子由一到1024个非特殊字符组成。它必须以字母开头。原子用于协议关键字。
A number consists of one or more digit characters, and represents a numeric value. Numbers are restricted to the range of an unsigned 32-bit integer: 0 < number < 4,294,967,296.
数字由一个或多个数字字符组成,表示一个数值。数字限制在无符号32位整数的范围内:0<数字<4294967296。
A string is in one of two forms: literal and quoted string. The literal form is the general form of string. The quoted string form is an alternative that avoids the overhead of processing a literal at the cost of restrictions of what may be in a quoted string.
字符串有两种形式:文字和带引号的字符串。文字形式是字符串的一般形式。引用字符串形式是一种替代方法,它避免了以限制引用字符串中可能包含的内容为代价来处理文本的开销。
A literal is a sequence of zero or more octets (including CR and LF), prefix-quoted with an octet count in the form of an open brace ("{"), the number of octets, close brace ("}"), and CRLF. In the case of literals transmitted from server to client, the CRLF is immediately followed by the octet data.
文字是由零个或多个八位字节(包括CR和LF)组成的序列,前缀以开括号(“{”)、八位字节数、闭括号(“}”)和CRLF的形式引用八位字节计数。对于从服务器传输到客户端的文本,CRLF后面紧跟着八位字节数据。
There are two forms of literals transmitted from client to server. The form where the open brace ("{") and number of octets is immediately followed by a close brace ("}") and CRLF is called a synchronizing literal. When sending a synchronizing literal, the client must wait to receive a command continuation request before sending the octet data (and the remainder of the command). The other form of literal, the non-synchronizing literal, is used to transmit a string from client to server without waiting for a command continuation request. The non-synchronizing literal differs from the synchronizing literal by having a plus ("+") between the number of octets and the close brace ("}") and by having the octet data immediately following the CRLF.
有两种形式的文本从客户端传输到服务器。打开大括号(“{”)和八位字节数紧跟着关闭大括号(“}”)和CRLF的形式称为同步文字。发送同步文本时,客户端必须等待接收到命令继续请求,然后再发送八位字节数据(以及命令的其余部分)。另一种形式的文本(非同步文本)用于在不等待命令继续请求的情况下将字符串从客户端传输到服务器。非同步文字与同步文字的不同之处在于八位字节数和右大括号(“}”)之间有一个加号(“+”),并且八位字节数据紧跟在CRLF之后。
A quoted string is a sequence of zero to 1024 octets excluding NUL, CR and LF, with double quote (<">) characters at each end.
带引号的字符串是由0到1024个八位字节组成的序列,不包括NUL、CR和LF,每端都有双引号(<“>)字符。
The empty string is represented as "" (a quoted string with zero characters between double quotes), as {0} followed by CRLF (a synchronizing literal with an octet count of 0), or as {0+} followed by a CRLF (a non-synchronizing literal with an octet count of 0).
空字符串表示为“”(双引号之间为零个字符的带引号字符串),表示为{0}后跟CRLF(八位字节计数为0的同步文字),或表示为{0+}后跟CRLF(八位字节计数为0的非同步文字)。
Note: Even if the octet count is 0, a client transmitting a synchronizing literal must wait to receive a command continuation request.
注意:即使八位字节计数为0,发送同步文本的客户端也必须等待接收命令继续请求。
Most strings in ACAP are restricted to UTF-8 characters and may not contain NUL octets. Attribute values MAY contain any octets including NUL.
ACAP中的大多数字符串限制为UTF-8字符,并且可能不包含NUL八位字节。属性值可以包含任何八位字节,包括NUL。
Data structures are represented as a "parenthesized list"; a sequence of data items, delimited by space, and bounded at each end by parentheses. A parenthesized list can contain other parenthesized lists, using multiple levels of parentheses to indicate nesting.
数据结构表示为“括号列表”;一组数据项,用空格分隔,两端用括号限定。带括号的列表可以包含其他带括号的列表,使用多级括号表示嵌套。
The empty list is represented as () -- a parenthesized list with no members.
空列表表示为()——一个括号中没有成员的列表。
The special atom "NIL" represents the non-existence of a particular data item that is represented as a string or parenthesized list, as distinct from the empty string "" or the empty parenthesized list ().
特殊原子“NIL”表示不存在表示为字符串或括号列表的特定数据项,与空字符串“”或空括号列表()不同。
This section defines data formats and other protocol elements used throughout the ACAP protocol.
本节定义了整个ACAP协议中使用的数据格式和其他协议元素。
Within a dataset, each entry name is made up of zero or more UTF-8 characters other than slash ("/"). A slash separated list of entries, one at each level of the hierarchy, forms the full path to an entry.
在数据集中,每个条目名称由零个或多个UTF-8字符组成,斜杠(“/”)除外。一个以斜杠分隔的条目列表,层次结构的每一级都有一个条目,构成条目的完整路径。
Each entry is made up of a set of attributes. Each attribute has a hierarchical name in UTF-8, with each component of the name separated by a period (".").
每个条目由一组属性组成。每个属性在UTF-8中都有一个层次名称,名称的每个组成部分用句点(“.”)分隔。
The value of an attribute is either single or multi-valued. A single value is NIL (has no value), or a string of zero or more octets. A multi-value is a list of zero or more strings, each of zero or more octets.
属性的值可以是单值的,也可以是多值的。单个值为NIL(无值),或者是由零个或多个八位字节组成的字符串。多值是零个或多个字符串的列表,每个字符串包含零个或多个八位字节。
Attribute names are not permitted to contain asterisk ("*") or percent ("%") and MUST be valid UTF-8 strings which do not contain NUL. Invalid attribute names result in a BAD response. Entry names
属性名称不允许包含星号(“*”)或百分比(“%”),并且必须是不包含NUL的有效UTF-8字符串。无效的属性名称会导致错误的响应。条目名称
are not permitted to begin with "." or contain slash ("/") and MUST be valid UTF-8 strings which do not contain NUL. Invalid entry names in the entry field of a command result in a BAD response.
不允许以“.”开头或包含斜杠(“/”),并且必须是不包含NUL的有效UTF-8字符串。命令输入字段中的无效输入名将导致错误响应。
Use of non-visible UTF-8 characters in attribute and entry names is discouraged.
不鼓励在属性和条目名称中使用不可见的UTF-8字符。
Attribute names which do not contain a dot (".") are reserved for standardized attributes which have meaning in any dataset. The following attributes are defined by the ACAP protocol.
不包含点(“.”)的属性名称保留给在任何数据集中都有意义的标准化属性。以下属性由ACAP协议定义。
entry Contains the name of the entry. MUST be single valued. Attempts to use illegal or multi-valued values for the entry attribute are protocol errors and MUST result in a BAD completion response. This is a special case.
条目包含条目的名称。必须是单值的。尝试为entry属性使用非法或多值值是协议错误,必须导致错误的完成响应。这是一个特例。
modtime Contains the date and time any read-write metadata in the entry was last modified. This value MUST be in UTC, MUST be automatically updated by the server.
modtime包含上次修改条目中任何读写元数据的日期和时间。此值必须以UTC为单位,并且必须由服务器自动更新。
The value consists of 14 or more US-ASCII digits. The first four indicate the year, the next two indicate the month, the next two indicate the day of month, the next two indicate the hour (0 - 23), the next two indicate the minute, and the next two indicate the second. Any further digits indicate fractions of a second.
该值由14个或更多US-ASCII数字组成。前四个表示年份,后两个表示月份,后两个表示月份的日期,后两个表示小时(0-23),后两个表示分钟,后两个表示秒。任何进一步的数字表示秒的分数。
The time, particularly fractions of a second, need not be accurate. It is REQUIRED, however, that any two entries in a dataset changed by successive modifications have strictly ascending modtime values. In addition, each STORE command within a dataset (including simultaneous stores from different connections) MUST use different modtime values.
时间,特别是几分之一秒,不需要精确。但是,要求通过连续修改而更改的数据集中的任意两个条目具有严格递增的modtime值。此外,数据集中的每个存储命令(包括来自不同连接的同时存储)必须使用不同的modtime值。
This attribute has enforced validation, so any attempt to STORE a value in this attribute MAY result in a NO response with an INVALID response code.
此属性已强制验证,因此任何在该属性中存储值的尝试都可能导致响应代码无效的无响应。
subdataset If this attribute is set, it indicates the existence of a sub-dataset of this entry.
子数据集如果设置了此属性,则表示存在此条目的子数据集。
The value consists of a list of relative ACAP URLs (see section 3.2) which may be used to locate the sub-dataset. The base URL is the full path to the entry followed by a slash ("/"). The value "." indicates a subdataset is located directly under this one. Multiple values indicate replicated copies of the subdataset.
该值由可用于定位子数据集的相对ACAP URL列表组成(见第3.2节)。基本URL是条目的完整路径,后跟斜杠(“/”)。值“.”表示子数据集位于该子数据集的正下方。多个值表示子数据集的复制副本。
For example, if the dataset "/folder/site/" has an entry "public-folder" with a subdataset attribute of ".", then there exists a dataset "/folder/site/public-folder/". If the value of the subdataset attribute was instead "//other.acap.domain//folder/site/public-folder/", that would indicate the dataset is actually located on a different ACAP server.
例如,如果数据集“/folder/site/”具有子数据集属性为“.”的条目“public folder”,则存在数据集“/folder/site/public folder/”。如果子数据集属性的值改为“//other.acap.domain//folder/site/public folder/”,则表示数据集实际位于不同的acap服务器上。
A dataset can be created by storing a "subdataset" attribute including ".", and a sub-hierarchy of datasets is deleted by storing a NIL value to the "subdataset" attribute on the entry in the parent dataset.
可以通过存储“子数据集”属性(包括“.”)来创建数据集,并通过在父数据集中的条目上存储“子数据集”属性的NIL值来删除数据集的子层次结构。
This attribute has enforced syntax validation. Specifically, if an attempt is made to STORE a non-list value (other than NIL), an empty list, or one of the values does not follow the URL syntax rules [BASIC-URL, REL-URL], then this will result in a NO response with an INVALID response code.
此属性已强制进行语法验证。具体地说,如果试图存储非列表值(除NIL外)、空列表或其中一个值不符合URL语法规则[BASIC-URL,REL-URL],则这将导致无响应和无效响应代码。
Each attribute is made up of metadata items which describe that attribute, its value and any associated access controls. Metadata items may be either read-only, in which case the client is never permitted to modify the item, or read-write, in which case the client may modify the item if the access control list (ACL) permits.
每个属性都由元数据项组成,元数据项描述该属性、属性值和任何相关的访问控制。元数据项可以是只读的,在这种情况下不允许客户端修改该项;也可以是读写的,在这种情况下,如果访问控制列表(ACL)允许,客户端可以修改该项。
The following metadata items are defined in this specification:
本规范中定义了以下元数据项:
acl The access control list for the attribute, if one exists. If the attribute does not have an ACL, NIL is returned. Read-write. See section 3.5 for the contents of an ACL.
acl属性的访问控制列表(如果存在)。如果属性没有ACL,则返回NIL。读写。有关ACL的内容,请参见第3.5节。
attribute The attribute name. Read-only.
属性指定属性名称。只读。
myrights The set of rights that the client has to the attribute. Read-only. See section 3.5 for the possible rights.
客户端对属性拥有的权限集。只读。有关可能的权利,请参见第3.5节。
size This is the length of the value. In the case of a multi-value, this is a list of lengths for each of the values. Read-only.
大小这是值的长度。对于多值,这是每个值的长度列表。只读。
value The value. For a multi-value, this is a list of single values. Read-write.
重视价值。对于多值,这是单个值的列表。读写。
Additional items of metadata may be defined in extensions to this protocol. Servers MUST respond to unrecognized metadata by returning a BAD command completion result.
可以在本协议的扩展中定义其他元数据项。服务器必须通过返回错误的命令完成结果来响应无法识别的元数据。
ACAP URLs are used within the ACAP protocol for the "subdataset" attribute, referrals and inheritance. They provide a convenient syntax for referring to other ACAP datasets. The ACAP URL follows the common Internet scheme syntax as defined in [BASIC-URL] except that plaintext passwords are not permitted. If :<port> is omitted, the port defaults to 674.
ACAP URL在ACAP协议中用于“子数据集”属性、引用和继承。它们为引用其他ACAP数据集提供了方便的语法。ACAP URL遵循[BASIC-URL]中定义的通用互联网方案语法,但不允许使用明文密码。如果省略:<port>,则端口默认为674。
An ACAP URL has the following general form:
ACAP URL具有以下一般形式:
url-acap = "acap://" url-server "/" url-enc-entry [url-filter] [url-extension]
url-acap = "acap://" url-server "/" url-enc-entry [url-filter] [url-extension]
The <url-server> element includes the hostname, and optional user name, authentication mechanism and port number. The <url-enc-entry> element contains the name of an entry path encoded according to the rules in [BASIC-URL].
元素包括主机名、可选用户名、身份验证机制和端口号。元素包含根据[BASIC-url]中的规则编码的条目路径的名称。
The <url-filter> element is an optional list of interesting attribute names. If omitted, the URL refers to all attributes of the named entry. The <url-extension> element is reserved for extensions to this URL scheme.
<url filter>元素是有趣属性名称的可选列表。如果省略,URL将引用命名项的所有属性。<url extension>元素保留用于此url方案的扩展。
Note that unsafe or reserved characters such as " " or "?" MUST be hex encoded as described in the URL specification [BASIC-URL]. Hex encoded octets are interpreted according to UTF-8 [UTF8].
请注意,不安全或保留字符,如“或”?,必须按照URL规范[BASIC-URL]中的说明进行十六进制编码。十六进制编码的八位字节根据UTF-8[UTF8]进行解释。
A user name and/or authentication mechanism may be supplied. They are used in the "AUTHENTICATE" command after making the connection to the ACAP server. If no user name or authentication mechanism is supplied, then the SASL ANONYMOUS [SASL-ANON] mechanism is used by default. If an authentication mechanism is supplied without a user
可以提供用户名和/或认证机制。连接到ACAP服务器后,在“AUTHENTICATE”命令中使用它们。如果未提供用户名或身份验证机制,则默认使用SASL匿名[SASL-ANON]机制。如果在没有用户的情况下提供身份验证机制
name, then one SHOULD be obtained from the specified mechanism or requested from the user as appropriate. If a user name is supplied without an authentication mechanism then ";AUTH=*" is assumed.
名称,则应从指定的机制中获取一个,或根据需要从用户处请求一个。如果提供的用户名没有身份验证机制,则假定为“AUTH=*”。
The ";AUTH=" authentication parameter is interpreted as described in the IMAP URL Scheme [IMAP-URL].
“AUTH=”身份验证参数的解释如IMAP URL方案[IMAP-URL]中所述。
Note that if unsafe or reserved characters such as " " or ";" are present in the user name or authentication mechanism, they MUST be encoded as described in the URL specification [BASIC-URL].
请注意,如果用户名或身份验证机制中存在不安全或保留字符,如“或”;,则必须按照URL规范[BASIC-URL]中的说明对其进行编码。
Because ACAP uses "/" as the hierarchy separator for dataset paths, it works well with the relative URL rules defined in the relative URL specification [REL-URL].
由于ACAP使用“/”作为数据集路径的层次分隔符,因此它与相对URL规范[REL-URL]中定义的相对URL规则配合良好。
The <aauth> grammar element is considered part of the user name for purposes of resolving relative ACAP URLs.
出于解析相对ACAP URL的目的,<aauth>语法元素被视为用户名的一部分。
The base URL for a relative URL stored in an attribute's value is formed by taking the path to the dataset containing that attribute, appending a "/" followed by the entry name of the entry containing that attribute followed by "/".
存储在属性值中的相对URL的基本URL是通过以下方式形成的:获取包含该属性的数据集的路径,在“/”后面加上包含该属性的条目的条目名,再加上“/”。
A context is subset of entries in a dataset or datasets, created by a SEARCH command with a MAKECONTEXT modifier. Context names are client-generated strings and must not start with the slash ('/') character.
上下文是一个或多个数据集中的条目子集,由带有MAKECONTEXT修饰符的搜索命令创建。上下文名称是客户端生成的字符串,不能以斜杠(“/”)字符开头。
When a client creates a context, it may request automatic notification of changes. A client may also request enumeration of entries within a context. Enumeration simplifies the implementation of a "virtual scrollbar" by the client.
当客户端创建上下文时,它可能会请求更改的自动通知。客户端还可以请求上下文中的条目枚举。枚举简化了客户端对“虚拟滚动条”的实现。
A context exists only within the ACAP session in which it was created. When the connection is closed, all contexts associated with that connection are automatically discarded. A server is required to support at least 100 active contexts within a session. If the server supports a larger limit it must advertise it in a CONTEXTLIMIT capability.
上下文仅存在于创建它的ACAP会话中。当连接关闭时,与该连接关联的所有上下文将自动丢弃。服务器需要在一个会话中支持至少100个活动上下文。如果服务器支持更大的限制,则必须在CONTEXTLIMIT功能中公布该限制。
A comparator is a named function which takes two input values and can be used to perform one or more of four comparison operations: ordering, equality, prefix and substring matching.
比较器是一个命名函数,它接受两个输入值,可用于执行四个比较操作中的一个或多个:排序、相等、前缀和子字符串匹配。
The ordering operation is used both for the SORT search modifier and the COMPARE and COMPARESTRICT search keys. Ordering comparators can determine the ordinal precedence of any two values. When used for ordering, a comparator's name can be prefixed with "+" or "-" to indicate that the ordering should be normal order or reversed order respectively. If no prefix is included, "+" is assumed.
排序操作用于排序搜索修改器以及比较和比较搜索键。排序比较器可以确定任意两个值的顺序优先级。当用于排序时,比较器的名称可以前缀为“+”或“-”,以指示排序应分别为正常顺序或颠倒顺序。如果不包含前缀,则假定为“+”。
For the purpose of ordering, a comparator may designate certain values as having an undefined ordinal precedence. Such values always collate with equal value after all other values regardless of whether normal or reversed ordering is used. Unless the comparator definition specifies otherwise, multi-values and NIL values have an undefined ordinal precedence.
为了排序,比较器可以指定某些值具有未定义的顺序优先级。无论使用的是正常顺序还是反向顺序,这些值总是在所有其他值之后以相等的值进行比较。除非比较器定义另有规定,否则多值和零值具有未定义的顺序优先级。
The equality operation is used for the EQUAL search modifier, and simply determines if the two values are considered equal under the comparator function. When comparing a single value to a multi-value, the two are considered equal if any one of the multiple values is equal to the single value.
相等操作用于相等搜索修饰符,并简单地确定在比较器函数下两个值是否相等。将单个值与多个值进行比较时,如果多个值中的任何一个值等于单个值,则认为这两个值相等。
The prefix match operation is used for the PREFIX search modifier, and simply determines if the search value is a prefix of the item being searched. In the case of prefix search on a multi-value, the match is successful if the value is a prefix of any one of the multiple values.
前缀匹配操作用于前缀搜索修改器,并简单地确定搜索值是否为正在搜索的项的前缀。在对多个值进行前缀搜索的情况下,如果该值是多个值中任何一个的前缀,则匹配成功。
The substring match operation is used for the SUBSTRING search modifier, and simply determines if search value is a substring of the item being searched. In the case of substring search on a multi-value, the match is successful if the value is a substring of any one of the multiple values.
子字符串匹配操作用于子字符串搜索修改器,并简单地确定搜索值是否为正在搜索的项的子字符串。在对多个值进行子字符串搜索的情况下,如果该值是多个值中任意一个的子字符串,则匹配成功。
Rules for naming and registering comparators will be defined in a future specification. Servers MUST respond to unknown or improperly used comparators with a BAD command completion result.
命名和注册比较器的规则将在未来的规范中定义。服务器必须以错误的命令完成结果响应未知或使用不当的比较器。
The following comparators are defined by this standard and MUST be implemented:
本标准定义了以下比较器,必须实施:
i;octet Operations: Ordering, Equality, Prefix match, Substring match
我八位字节操作:排序、相等、前缀匹配、子字符串匹配
For collation, the i;octet comparator interprets the value of an attribute as a series of unsigned octets with ordinal values from 0 to 255. When ordering two strings, each octet pair is compared in sequence until the octets are unequal or the end of the string is reached. When collating two strings where the shorter is a prefix of the longer, the shorter string is interpreted as having a smaller ordinal value. The "i;octet" or "+i;octet" forms collate smaller ordinal values earlier, and the "-i;octet" form collates larger ordinal values earlier.
对于校勘,我;八位字节比较器将属性值解释为一系列无符号八位字节,其序数值从0到255。对两个字符串排序时,将按顺序比较每个八位字节对,直到八位字节不相等或到达字符串的末尾。在比较两个字符串时,如果较短的字符串是较长字符串的前缀,则较短的字符串将被解释为具有较小的序数值。“i;八位组”或“+i;八位组”形式更早地整理较小的序数值,“-i;八位组”形式更早地整理较大的序数值。
For the equality function, two strings are equal if they are the same length and contain the same octets in the same order. NIL is equal only to itself.
对于equality函数,如果两个字符串长度相同且包含相同顺序的相同八位字节,则它们是相等的。零只等于它本身。
For non-binary, non-nil single values, i;octet ordering is equivalent to the ANSI C [ISO-C] strcmp() function applied to C string representations of the values. For non-binary, non-nil single values, i;octet substring match is equivalent to the ANSI C strstr() function applied to the C string representations of the values.
对于非二进制、非零单值,i;八位字节顺序相当于应用于值的C字符串表示形式的ANSI C[ISO-C]strcmp()函数。对于非二进制、非零单值,i;八位字节子字符串匹配相当于应用于值的C字符串表示形式的ANSI C strstr()函数。
i;ascii-casemap Operations: Ordering, Equality, Prefix match, Substring match
我ascii casemap操作:排序、相等、前缀匹配、子字符串匹配
The i;ascii-casemap comparator first applies a mapping to the attribute values which translates all US-ASCII letters to uppercase (octet values 0x61 to 0x7A are translated to octet values 0x41 to 0x5A respectively), then applies the i;octet comparator as described above. With this function the values "hello" and "HELLO" have the same ordinal value and are considered equal.
我;ascii casemap comparator首先将映射应用于将所有US-ascii字母转换为大写的属性值(八位字节值0x61至0x7A分别转换为八位字节值0x41至0x5A),然后应用i;如上所述的八位组比较器。使用此函数,“hello”和“hello”的值具有相同的序数值,并被视为相等。
i;ascii-numeric Operations: Ordering, Equality
我ascii数字操作:排序、相等
The i;ascii-numeric comparator interprets strings as decimal positive integers represented as US-ASCII digits. All values which do not begin with a US-ASCII digit are considered equal with an ordinal value higher than all non-NIL single-valued
我;ascii数字比较器将字符串解释为十进制正整数,表示为US-ascii数字。所有不以US-ASCII数字开头的值被视为等于大于所有非零单值的序数值
attributes. Otherwise, all US-ASCII digits (octet values 0x30 to 0x39) are interpreted starting from the beginning of the string to the first non-digit or the end of the string.
属性。否则,所有US-ASCII数字(八位字节值0x30到0x39)将从字符串的开头开始解释为第一个非数字或字符串的结尾。
An access control list is a set of identifier, rights pairs used to restrict access to a given dataset, attribute or attribute within an entry. An ACL is represented by a multi-value with each value containing an identifier followed by a tab character followed by the rights. The syntax is defined by the "acl" rule in the formal syntax in section 8.
访问控制列表是一组标识符、权限对,用于限制对条目中给定数据集、属性或属性的访问。ACL由一个多值表示,每个值包含一个标识符,后跟一个制表符,后跟权限。该语法由第8节正式语法中的“acl”规则定义。
Identifier is a UTF-8 string. The identifier "anyone" is reserved to refer to the universal identity (all authentications, including anonymous). All user name strings accepted by the AUTHENTICATE command to authenticate to the ACAP server are reserved as identifiers for the corresponding user. Identifiers starting with a slash ("/") character are reserved for authorization groups which will be defined in a future specification. Identifiers MAY be prefixed with a dash ("-") to indicate a revocation of rights. All other identifiers have implementation-defined meanings.
标识符是一个UTF-8字符串。标识符“anywhere”保留为引用通用身份(所有身份验证,包括匿名身份验证)。所有被AUTHENTICATE命令接受以向ACAP服务器进行身份验证的用户名字符串都保留为相应用户的标识符。以斜杠(“/”)字符开头的标识符保留给将在未来规范中定义的授权组。标识符可以加上破折号(“-”)作为前缀,以表示权利的撤销。所有其他标识符都具有实现定义的含义。
Rights is a string listing a (possibly empty) set of alphanumeric characters, each character listing a set of operations which is being controlled. Letters are reserved for "standard" rights, listed below. The set of standard rights may only be extended by a standards-track or IESG approved experimental RFC. Digits are reserved for implementation or site defined rights. The currently defined standard rights are:
权限是一个字符串,列出一组字母数字字符(可能为空),每个字符列出一组被控制的操作。信件保留“标准”权利,如下所示。标准权利集只能通过标准轨道或IESG批准的实验RFC进行扩展。数字保留用于实施或站点定义的权限。当前定义的标准权利包括:
x - search (use EQUAL search key with i;octet comparator) r - read (access with SEARCH command) w - write (modify with STORE command) i - insert (perform STORE on a previously NIL value) a - administer (perform SETACL or STORE on ACL attribute/metadata)
x - search (use EQUAL search key with i;octet comparator) r - read (access with SEARCH command) w - write (modify with STORE command) i - insert (perform STORE on a previously NIL value) a - administer (perform SETACL or STORE on ACL attribute/metadata)
An implementation may force rights to always or never be granted. In particular, implementations are expected to grant implicit read and administer rights to a user's personal dataset storage in order to avoid denial of service problems. Rights are never tied, unlike the IMAP ACL extension [IMAP-ACL].
实施可能会强制始终授予或从不授予权利。具体而言,实现需要授予用户个人数据集存储的隐式读取和管理权限,以避免拒绝服务问题。与IMAP ACL扩展[IMAP-ACL]不同,权限从不绑定。
It is possible for multiple identifiers in an access control list to apply to a given user (or other authentication identity). For example, an ACL may include rights to be granted to the identifier matching the user, one or more implementation-defined identifiers
访问控制列表中的多个标识符可以应用于给定用户(或其他身份验证标识)。例如,ACL可以包括要授予与用户匹配的标识符的权限、一个或多个实现定义的标识符
matching groups which include the user, and/or the identifier "anyone". These rights are combined by taking the union of all positive rights which apply to a given user and subtracting the union of all negative rights which apply to that user. A client MAY avoid this calculation by using the MYRIGHTS command and metadata items.
包括用户和/或标识符“任何人”的匹配组。这些权利的组合方式是:取适用于给定用户的所有积极权利的并集,减去适用于该用户的所有消极权利的并集。客户端可以通过使用MYRIGHTS命令和元数据项来避免这种计算。
Each attribute of each entry of a dataset may potentially have an ACL. If an attribute in an entry does not have an ACL, then access is controlled by a default ACL for that attribute in the dataset, if it exists. If there is no default ACL for that attribute in the dataset, access is controlled by a default ACL for that dataset. The default ACL for a dataset must exist.
数据集每个条目的每个属性都可能具有ACL。如果条目中的属性没有ACL,则访问由数据集中该属性(如果存在)的默认ACL控制。如果数据集中没有该属性的默认ACL,则访问由该数据集的默认ACL控制。数据集的默认ACL必须存在。
In order to perform any access or manipulation on an entry in a dataset, the client must have 'r' rights on the "entry" attribute of the entry. Implementations should take care not to reveal via error messages the existence of an entry for which the client does not have 'r' rights. A client does not need access to the "subdataset" attribute of the parent dataset in order to access the contents of a dataset.
为了对数据集中的条目执行任何访问或操作,客户端必须对条目的“条目”属性具有“r”权限。实现应注意不要通过错误消息透露存在客户端没有“r”权限的条目。客户端不需要访问父数据集的“子数据集”属性即可访问数据集的内容。
Many of the ACL commands and responses include an "acl object" parameter, for specifying what the ACL applies to. This is a parenthesized list. The list contains just the dataset name when referring to the default ACL for a dataset. The list contains a dataset name and an attribute name when referring to the default ACL for an attribute in a dataset. The list contains a dataset name, an attribute name, and an entry name when referring to the ACL for an attribute of an entry of a dataset.
许多ACL命令和响应都包含“ACL对象”参数,用于指定ACL应用于的对象。这是一个带括号的列表。当引用数据集的默认ACL时,该列表仅包含数据集名称。当引用数据集中属性的默认ACL时,该列表包含数据集名称和属性名称。当引用数据集条目属性的ACL时,该列表包含数据集名称、属性名称和条目名称。
An OK, NO, BAD, ALERT or BYE response from the server MAY contain a response code to describe the event in a more detailed machine parsable fashion. A response code consists of data inside parentheses in the form of an atom, possibly followed by a space and arguments. Response codes are defined when there is a specific action that a client can take based upon the additional information. In order to support future extension, the response code is represented as a slash-separated hierarchy with each level of hierarchy representing increasing detail about the error. Clients MUST tolerate additional hierarchical response code detail which they don't understand.
来自服务器的OK、NO、BAD、ALERT或BYE响应可能包含响应代码,以更详细的机器分析方式描述事件。响应代码由原子形式的括号内的数据组成,后面可能跟有空格和参数。当客户端可以根据附加信息执行特定操作时,将定义响应代码。为了支持将来的扩展,响应代码表示为斜杠分隔的层次结构,每一层次结构表示有关错误的更多细节。客户端必须容忍他们不理解的其他层次化响应代码细节。
The currently defined response codes are:
当前定义的响应代码为:
AUTH-TOO-WEAK This response code is returned on a tagged NO result from an AUTHENTICATE command. It indicates that site security policy forbids the use of the requested mechanism for the specified authentication identity.
AUTH-TOO-WEAK此响应代码在来自AUTHENTICATE命令的标记为NO的结果上返回。它表示站点安全策略禁止对指定的身份验证标识使用请求的机制。
ENCRYPT-NEEDED This response code is returned on a tagged NO result from an AUTHENTICATE command. It indicates that site security policy requires the use of a strong encryption mechanism for the specified authentication identity and mechanism.
ENCRYPT-REQUIRED此响应代码在来自AUTHENTICATE命令的标记为NO的结果上返回。它表示站点安全策略要求对指定的身份验证标识和机制使用强加密机制。
INVALID This response code indicates that a STORE command included data which the server implementation does not permit. It MUST NOT be used unless the dataset class specification for the attribute in question explicitly permits enforced server validation. The argument is the attribute which was invalid.
无效此响应代码表示STORE命令包含服务器实现不允许的数据。除非相关属性的dataset类规范明确允许强制服务器验证,否则不得使用该属性。参数是无效的属性。
MODIFIED This response code indicates that a conditional store failed because the modtime on the entry is later than the modtime specified with the STORE command UNCHANGEDSINCE modifier. The argument is the entry which had been modified.
MODIFIED此响应代码表示条件存储失败,因为条目上的modtime晚于使用store命令UNCHANGEDSINCE modifier指定的modtime。参数是已修改的条目。
NOEXIST This response code indicates that a search or NOCREATE store failed because a specified dataset did not exist. The argument is the dataset which does not exist.
NOEXIST此响应代码表示搜索或NOCREATE存储失败,因为指定的数据集不存在。参数是不存在的数据集。
PERMISSION A command failed due to insufficient permission based on the access control list or implicit rights. The argument is the acl-object which caused the permission failure.
权限由于基于访问控制列表或隐式权限的权限不足,命令失败。参数是导致权限失败的acl对象。
QUOTA A STORE or SETACL command which would have increased the size of the dataset failed due to insufficient quota.
配额由于配额不足,本来会增加数据集大小的存储或SETACL命令失败。
REFER This response code may be returned in a tagged NO response to any command that takes a dataset name as a parameter. It has one or more arguments with the syntax of relative URLs. It is a referral, indicating that the command should be retried using one of the relative URLs.
REFERE此响应代码可能在对任何以数据集名称为参数的命令的标记无响应中返回。它有一个或多个具有相对URL语法的参数。它是一个引用,指示应该使用一个相对URL重试该命令。
SASL This response code can occur in the tagged OK response to a successful AUTHENTICATE command and includes the optional final server response data from the server as specified by SASL [SASL].
SASL此响应代码可以出现在对成功的AUTHENTICATE命令的标记OK响应中,并包括SASL[SASL]指定的来自服务器的可选最终服务器响应数据。
TOOMANY This response code may be returned in a tagged OK response to a SEARCH command which includes the LIMIT modifier. The argument returns the total number of matching entries.
太多此响应代码可能在对包含LIMIT修饰符的搜索命令的标记OK响应中返回。参数返回匹配项的总数。
TOOOLD The modtime specified in the DELETEDSINCE command is too old, so deletedsince information is no longer available.
ToOld在DELETEDSINCE命令中指定的modtime太旧,因此DELETEDSINCE信息不再可用。
TRANSITION-NEEDED This response code occurs on a NO response to an AUTHENTICATE command. It indicates that the user name is valid, but the entry in the authentication database needs to be updated in order to permit authentication with the specified mechanism. This can happen if a user has an entry in a system authentication database such as Unix /etc/passwd, but does not have credentials suitable for use by the specified mechanism.
转换-此响应代码发生在对AUTHENTICATE命令无响应时。它表示用户名有效,但需要更新身份验证数据库中的条目,以便允许使用指定的机制进行身份验证。如果用户在系统身份验证数据库(如Unix/etc/passwd)中有条目,但没有适合指定机制使用的凭据,则可能发生这种情况。
TRYLATER A command failed due to a temporary server failure. The client MAY continue using local information and try the command later.
TRYLATER由于临时服务器故障,命令失败。客户端可以继续使用本地信息,稍后重试该命令。
TRYFREECONTEXT This response code may be returned in a tagged NO response to a SEARCH command which includes the MAKECONTEXT modifier. It indicates that a new context may not be created due to the server's limit on the number of existing contexts.
TRYFREECONTEXT此响应代码可以在对包含MAKECONTEXT修饰符的搜索命令的标记无响应中返回。它表示由于服务器对现有上下文数量的限制,可能无法创建新上下文。
WAYTOOMANY This response code may be returned in a tagged NO response to a SEARCH command which includes a HARDLIMIT search modifier. It indicates that the SEARCH would have returned more entries than the HARDLIMIT permitted.
WayToomy此响应代码可能在对包含硬限制搜索修饰符的搜索命令的标记无响应中返回。它表示搜索返回的条目将超过允许的硬限制。
Additional response codes MUST be registered with IANA according to the proceedures in section 7.2. Client implementations MUST tolerate response codes that they do not recognize.
根据第7.2节中的程序,必须向IANA注册其他响应代码。客户端实现必须容忍它们无法识别的响应代码。
The dataset namespace is a slash-separated hierarchy. The first component of the dataset namespace is a dataset class. Dataset classes MUST have a vendor prefix (vendor.<vendor/product>) or be specified in a standards track or IESG approved experimental RFC. See section 7.3 for the registration template.
数据集命名空间是以斜杠分隔的层次结构。dataset命名空间的第一个组件是dataset类。数据集类必须具有供应商前缀(vendor.<vendor/product>),或在标准跟踪或IESG批准的实验RFC中指定。注册模板见第7.3节。
The second component of the dataset name is "site", "group", "host", or "user" referring to server-wide data, administrative group data, per-host data and per-user data respectively.
数据集名称的第二个组件是“站点”、“组”、“主机”或“用户”,分别指服务器范围的数据、管理组数据、每主机数据和每用户数据。
For "group", "host", and "user" areas, the third component of the path is the group name, the fully qualified host domain name, or the user name. A path of the form "/<dataset-class>/~/" is a convenient abbreviation for "/<dataset-class>/user/<current-user>/".
对于“组”、“主机”和“用户”区域,路径的第三个组件是组名、完全限定的主机域名或用户名。格式为“/<dataset class>/~/”的路径是“/<dataset class>/user/<current user>/”的方便缩写。
Dataset names which begin with "/byowner/" are reserved as an alternate view of the namespace. This provides a way to see all the dataset classes which a particular owner uses. For example, "/byowner/~/<dataset-class>/" is an alternate name for "/<dataset-class>/~/". Byowner provides a way to view a list of dataset classes owned by a given user; this is done using the dataset "/byowner/user/<current-user>/" with the NOINHERIT SEARCH modifier.
以“/byowner/”开头的数据集名称保留为命名空间的备用视图。这提供了一种查看特定所有者使用的所有数据集类的方法。例如,“/byowner/~/<dataset class>/”是“/<dataset class>/~/”的替代名称。Byowner提供了一种查看给定用户拥有的数据集类列表的方法;这是使用带有NOINHERIT搜索修饰符的数据集“/byowner/user/<current user>/”完成的。
The dataset "/" may be used to find all dataset classes visible to the current user. A dataset of the form "/<dataset-class>/user/" may be used to find all users which have made a dataset or entry of that class visible to the current user.
数据集“/”可用于查找当前用户可见的所有数据集类。格式为“/<dataset class>/user/”的数据集可用于查找已使该类的数据集或条目对当前用户可见的所有用户。
The formal syntax for a dataset name is defined by the "dataset-name" rule in section 4.3.
数据集名称的形式语法由第4.3节中的“数据集名称”规则定义。
Attribute names which do not contain a dot (".") are reserved for standardized attributes which have meaning in any dataset. In order to simplify client implementations, the attribute namespace is intended to be unique across all datasets. To achieve this, attribute names are prefixed with the dataset class name followed by a dot ("."). Attributes which affect management of the dataset are prefixed with "dataset.". In addition, a subtree of the "vendor." attribute namespace may be registered with IANA according to the rules in section 7.4. ACAP implementors are encouraged to help define interoperable dataset classes specifications rather than using the private attribute namespace.
不包含点(“.”)的属性名称保留给在任何数据集中都有意义的标准化属性。为了简化客户端实现,属性名称空间在所有数据集中都是唯一的。为了实现这一点,属性名称的前缀是dataset类名,后跟一个点(“.”)。影响数据集管理的属性以“数据集”作为前缀。此外,“vendor.”属性名称空间的子树可以根据第7.4节中的规则向IANA注册。鼓励ACAP实现者帮助定义可互操作的数据集类规范,而不是使用私有属性名称空间。
Some users or sites may wish to add their own private attributes to certain dataset classes. In order to enable this, the "user.<user-name>." and "site." subtrees of the attribute namespace are reserved for user-specific and site-specific attributes respectively and will not be standardized. Such attributes are not interoperable so are discouraged in favor of defining standard attributes. A future extension is expected to permit discovery of syntax for user or site-specific attributes. Clients wishing to support display of user or site-specific attributes should display the value of any non-NIL single-valued "user.<user-name>." or "site." attribute which has valid UTF-8 syntax.
一些用户或站点可能希望向某些数据集类添加自己的私有属性。为了启用此功能,属性名称空间的“user.<user name>和“site.”子树分别为用户特定属性和站点特定属性保留,不会标准化。这样的属性是不可互操作的,因此不鼓励定义标准属性。未来的扩展将允许发现用户或站点特定属性的语法。希望支持显示用户或站点特定属性的客户端应显示任何具有有效UTF-8语法的非零单值“user.<user name>”或“site.”属性的值。
The formal syntax for an attribute name is defined by the "attribute-name" rule in the next section.
属性名的形式语法由下一节中的“属性名”规则定义。
The naming conventions for datasets and attributes are defined by the following ABNF. Note that this grammar is not part of the ACAP protocol syntax in section 8, as dataset names and attribute names are encoded as strings within the ACAP protocol.
数据集和属性的命名约定由以下ABNF定义。请注意,此语法不是第8节中ACAP协议语法的一部分,因为数据集名称和属性名称在ACAP协议中编码为字符串。
attribute-dacl = "dataset.acl" *("." name-component)
属性dacl=“dataset.acl”*(“”名称组件)
attribute-dset = dataset-std 1*("." name-component) ;; MUST be defined in a dataset class specification
attribute-dset = dataset-std 1*("." name-component) ;; MUST be defined in a dataset class specification
attribute-name = attribute-std / attr-site / attr-user / vendor-name
attribute-name = attribute-std / attr-site / attr-user / vendor-name
attribute-std = "entry" / "subdataset" / "modtime" / "dataset.inherit" / attribute-dacl / attribute-dset
attribute-std = "entry" / "subdataset" / "modtime" / "dataset.inherit" / attribute-dacl / attribute-dset
attr-site = "site" 1*("." name-component)
attr site=“site”1*(“”名称组件)
attr-user = "user." name-component 1*("." name-component)
attr user=“user.”名称组件1*(“.”名称组件)
byowner = "/byowner/" owner "/" [dataset-class "/" dataset-sub]
byowner = "/byowner/" owner "/" [dataset-class "/" dataset-sub]
dataset-class = dataset-std / vendor-name
dataset-class = dataset-std / vendor-name
dataset-normal = "/" [dataset-class "/" (owner-prefix / dataset-tail)]
dataset-normal = "/" [dataset-class "/" (owner-prefix / dataset-tail)]
dataset-name = byowner / dataset-normal
dataset-name = byowner / dataset-normal
dataset-std = name-component ;; MUST be registered with IANA and the spec MUST ;; be published as a standards track or ;; IESG-approved experimental RFC
dataset-std = name-component ;; MUST be registered with IANA and the spec MUST ;; be published as a standards track or ;; IESG-approved experimental RFC
dataset-sub = *(dname-component "/") ;; The rules for this portion of the namespace may ;; be further restricted by the dataset class ;; specification.
dataset-sub = *(dname-component "/") ;; The rules for this portion of the namespace may ;; be further restricted by the dataset class ;; specification.
dataset-tail = owner "/" dataset-sub
数据集尾部=所有者“/”数据集子
dname-component = 1*UTF8-CHAR ;; MUST NOT begin with "." or contain "/"
dname-component = 1*UTF8-CHAR ;; MUST NOT begin with "." or contain "/"
name-component = 1*UTF8-CHAR ;; MUST NOT contain ".", "/", "%", or "*"
name-component = 1*UTF8-CHAR ;; MUST NOT contain ".", "/", "%", or "*"
owner = "site" / owner-host / owner-group / owner-user / "~"
owner = "site" / owner-host / owner-group / owner-user / "~"
owner-group = "group/" dname-component
owner group=“group/”dname组件
owner-host = "host/" dname-component
owner host=“host/”dname组件
owner-prefix = "group/" / "host/" / "user/"
owner-prefix = "group/" / "host/" / "user/"
owner-user = "user/" dname-component
所有者user=“user/”dname组件
vendor-name = vendor-token *("." name-component)
供应商名称=供应商令牌*(“”名称组件)
vendor-token = "vendor." name-component ;; MUST be registered with IANA
供应商令牌=“供应商。”名称组件;;必须在IANA注册
The entry with an empty name ("") in the dataset is used to hold management information for the dataset as a whole.
数据集中名称为空(“”)的条目用于保存整个数据集的管理信息。
It is possible for one dataset to inherit data from another. The dataset from which the data is inherited is called the base dataset. Data in the base dataset appears in the inheriting dataset, except when overridden by a STORE to the inheriting dataset.
一个数据集可以从另一个数据集继承数据。从中继承数据的数据集称为基本数据集。基本数据集中的数据显示在继承数据集中,除非被继承数据集的存储覆盖。
The base dataset is usually a system-wide or group-wide set of defaults. A system-wide dataset usually has one inheriting dataset per user, allowing each user to add to or modify the defaults as appropriate.
基本数据集通常是一组系统范围或组范围的默认值。系统范围的数据集通常每个用户有一个继承数据集,允许每个用户根据需要添加或修改默认值。
An entry which exists in both the inheriting and base dataset inherits a modtime equal to the greater of the two modtimes. An attribute in such an entry is inherited from the base dataset if it was never modified by a STORE command in the inheriting dataset or if DEFAULT was stored to that attribute. This permits default entries to be amended rather than replaced in the inheriting dataset.
同时存在于继承数据集和基础数据集中的条目继承的modtime等于两个modtime中的较大者。如果此类条目中的属性从未被继承数据集中的STORE命令修改,或者默认值已存储到该属性,则该条目中的属性将从基本数据集中继承。这允许在继承数据集中修改而不是替换默认条目。
The "subdataset" attribute is not directly inherited. If the base dataset includes a "subdataset" attribute and the inheriting dataset does not, then the "subdataset" attribute will inherit a virtual value of a list containing a ".". The subdataset at that node is said to be a "virtual" dataset as it is simply a virtual copy of the appropriate base dataset with all "subdataset" attributes changed to a list containing a ".". A virtual dataset is not visible if NOINHERIT is specified on the SEARCH command.
“子数据集”属性不是直接继承的。如果基本数据集包含“subdataset”属性而继承的数据集不包含,则“subdataset”属性将继承包含“.”的列表的虚拟值。该节点上的子数据集称为“虚拟”数据集,因为它只是相应基本数据集的虚拟副本,所有“子数据集”属性都更改为包含“.”的列表。如果在搜索命令中指定了NOINHERIT,则虚拟数据集不可见。
Servers MUST support at least two levels of inheritance. This permits a user's dataset such as "/options/user/fred/common" to inherit from a group dataset such as "/options/group/dinosaur operators/common" which in turn inherits from a server-wide dataset such as "/options/site/common".
服务器必须至少支持两级继承。这允许用户的数据集(如“/options/user/fred/common”)继承自组数据集(如“/options/group/diogran operators/common),而组数据集又继承自服务器范围的数据集(如“/options/site/common”)。
The following attributes apply to management of the dataset when stored in the "" entry of a dataset. These attributes are not inherited.
当存储在数据集的“”条目中时,以下属性适用于数据集的管理。这些属性不是继承的。
dataset.acl This holds the default access control list for the dataset. This attribute is validated, so an invalid access control list in a STORE command will result in a NO response with an INVALID response code.
dataset.acl此文件保存数据集的默认访问控制列表。此属性已验证,因此STORE命令中的无效访问控制列表将导致响应代码无效的NO响应。
dataset.acl.<attribute> This holds the default access control list for an attribute within the dataset. This attribute is validated, so an invalid access control list in a STORE command will result in a NO response with an INVALID response code.
dataset.acl.<attribute>保存数据集中某个属性的默认访问控制列表。此属性已验证,因此STORE命令中的无效访问控制列表将导致响应代码无效的NO响应。
dataset.inherit This holds the name of a dataset from which to inherit according to the rules in the previous section. This attribute MAY refer
dataset.inherit根据上一节中的规则保存要从中继承的数据集的名称。此属性可以引用
to a non-existent dataset, in which case nothing is inherited. This attribute is validated, so illegal dataset syntax or an attempt to store a multi-value will result in a NO response with an INVALID response code.
到不存在的数据集,在这种情况下,不会继承任何内容。此属性已验证,因此非法的数据集语法或尝试存储多值将导致响应代码无效的无响应。
When a dataset is first created (by storing a "." in the subdataset attribute or storing an entry in a previously non-existent dataset), the dataset attributes are initialized with the values from the parent dataset in the "/byowner/" hierarchy. In the case of the "dataset.inherit" attribute, the appropriate hierarchy component is added. For example, given the following entry (note that \t refers to the US-ASCII horizontal tab character):
首次创建数据集时(通过在子数据集属性中存储“.”或在以前不存在的数据集中存储条目),数据集属性将使用“/byowner/”层次结构中父数据集的值初始化。对于“dataset.inherit”属性,将添加相应的层次结构组件。例如,给定以下条目(注意\t指US-ASCII水平制表符):
entry path "/byowner/user/joe/" dataset.acl ("joe\txrwia" "fred\txr") dataset.inherit "/byowner/site"
entry path "/byowner/user/joe/" dataset.acl ("joe\txrwia" "fred\txr") dataset.inherit "/byowner/site"
If a new dataset class "/byowner/user/joe/new" is created, it will have the following dataset attributes:
如果创建了新的数据集类“/byowner/user/joe/new”,它将具有以下数据集属性:
entry path "/byowner/user/joe/new/" dataset.acl ("joe\txrwia" "fred\txr") dataset.inherit "/byowner/site/new"
entry path "/byowner/user/joe/new/" dataset.acl ("joe\txrwia" "fred\txr") dataset.inherit "/byowner/site/new"
Note that the dataset "/byowner/user/joe/new/" is equivalent to "/new/user/joe/".
请注意,数据集“/byowner/user/joe/new/”等同于“/new/user/joe/”。
Certain dataset classes or dataset class features may only be useful if there is an active updating client or integrated server support for the feature. The dataset class "capability" is reserved to allow clients or servers to advertise such features. The "entry" attribute within this dataset class is the name of the dataset class whose features are being described. The attributes are prefixed with "capability.<dataset-class>." and are defined by the appropriate dataset class specification.
某些数据集类或数据集类功能只有在有活动更新客户端或集成服务器支持该功能时才有用。dataset类“capability”保留为允许客户端或服务器公布此类功能。此dataset类中的“entry”属性是描述其功能的dataset类的名称。属性的前缀为“capability.<dataset class>”,并由相应的数据集类规范定义。
Since it is possible for an unprivileged user to run an active client for himself, a per-user capability dataset is useful. The dataset "/capability/~/" holds information about all features available to the user (via inheritance), and the dataset "/capability/site/" holds information about all features supported by the site.
由于非特权用户可以自己运行活动客户机,因此每个用户的能力数据集非常有用。数据集“/capability/~/”保存有关用户可用的所有功能的信息(通过继承),数据集“/capability/site/”保存有关站点支持的所有功能的信息。
Management and scope of quotas is implementation dependent. Clients can check the applicable quota limit and usage (in bytes) with the GETQUOTA command. Servers can notify the client of a low quota situation with the QUOTA untagged response.
配额的管理和范围取决于实施情况。客户端可以使用GETQUOTA命令检查适用的配额限制和使用情况(以字节为单位)。服务器可以使用配额未标记响应通知客户端配额不足的情况。
ACAP commands and responses are described in this section. Commands are organized first by the state in which the command is permitted, then by a general category of command type.
本节介绍了ACAP命令和响应。命令首先按允许命令的状态组织,然后按命令类型的常规类别组织。
Command arguments, identified by "Arguments:" in the command descriptions below, are described by function, not by syntax. The precise syntax of command arguments is described in the Formal Syntax section.
在下面的命令描述中,由“arguments:”标识的命令参数是按函数描述的,而不是按语法描述的。命令参数的精确语法在“形式语法”一节中介绍。
Some commands cause specific server data to be returned; these are identified by "Data:" in the command descriptions below. See the response descriptions in the Responses section for information on these responses, and the Formal Syntax section for the precise syntax of these responses. It is possible for server data to be transmitted as a result of any command; thus, commands that do not specifically require server data specify "no specific data for this command" instead of "none".
某些命令导致返回特定的服务器数据;在下面的命令描述中,这些由“数据:”标识。有关这些响应的信息,请参阅响应部分中的响应描述,有关这些响应的精确语法,请参阅正式语法部分。任何命令都可以传输服务器数据;因此,不特别需要服务器数据的命令指定“此命令无特定数据”而不是“无”。
The "Result:" in the command description refers to the possible tagged status responses to a command, and any special interpretation of these status responses.
命令描述中的“结果:”是指对命令可能的标记状态响应,以及对这些状态响应的任何特殊解释。
Upon session startup, the server sends one of two untagged responses: ACAP or BYE. The untagged BYE response is described in section 6.2.8.
会话启动时,服务器发送两个未标记的响应之一:ACAP或BYE。第6.2.8节描述了未标记的BYE响应。
Data: capability list
数据:能力列表
The untagged ACAP response indicates the session is ready to accept commands and contains a space-separated listing of capabilities that the server supports. Each capability is represented by a list containing the capability name optionally followed by capability specific string arguments.
未标记的ACAP响应表示会话已准备好接受命令,并包含以空格分隔的服务器支持的功能列表。每个功能都由一个列表表示,该列表包含功能名称(可选),后跟特定于功能的字符串参数。
ACAP capability names MUST be registered with IANA according to the rules in section 7.1.
ACAP能力名称必须根据第7.1节的规定向IANA注册。
Client implementations SHOULD NOT require any capability name beyond those defined in this specification, and MUST tolerate any unknown capability names. A client implementation MAY be configurable to require SASL mechanisms other than CRAM-MD5 [CRAM-MD5] for site security policy reasons.
客户机实现不应要求任何超出本规范中定义的功能名称,并且必须允许任何未知的功能名称。出于站点安全策略的原因,客户机实现可以配置为需要除CRAM-MD5[CRAM-MD5]之外的SASL机制。
The following initial capabilities are defined:
定义了以下初始功能:
CONTEXTLIMIT The CONTEXTLIMIT capability has one argument which is a number describing the maximum number of contexts the server supports per connection. The number 0 indicates the server has no limit, otherwise this number MUST be greater than 100.
CONTEXTLIMIT CONTEXTLIMIT功能有一个参数,该参数是一个数字,用于描述服务器在每个连接上支持的最大上下文数。数字0表示服务器没有限制,否则该数字必须大于100。
IMPLEMENTATION The IMPLEMENTATION capability has one argument which is a string describing the server implementation. ACAP clients MUST NOT alter their behavior based on this value. It is intended primarily for debugging purposes.
实现实现功能有一个参数,该参数是描述服务器实现的字符串。ACAP客户端不得基于此值更改其行为。它主要用于调试目的。
SASL The SASL capability includes a list of the authentication mechanisms supported by the server. See section 6.3.1.
SASL SASL功能包括服务器支持的身份验证机制的列表。见第6.3.1节。
Example: S: * ACAP (IMPLEMENTATION "ACME v3.5") (SASL "CRAM-MD5") (CONTEXTLIMIT "200")
示例:S:*ACAP(实现“Acmev3.5”)(SASL“CRAM-MD5”)(上下文限制“200”)
The following commands and responses are valid in any state.
以下命令和响应在任何状态下都有效。
Arguments: none
论点:无
Data: no specific data for this command (but see below)
数据:此命令没有特定数据(请参见下文)
Result: OK - noop completed BAD - command unknown or arguments invalid
结果:确定-noop已完成错误-命令未知或参数无效
The NOOP command always succeeds. It does nothing. It can be used to reset any inactivity auto-logout timer on the server.
NOOP命令总是成功的。它什么也不做。它可用于重置服务器上的任何非活动自动注销计时器。
Example: C: a002 NOOP
示例:C:a002 NOOP
S: a002 OK "NOOP completed"
S:a002 OK“NOOP已完成”
Arguments: list of language preferences
参数:语言首选项列表
Data: intermediate response: LANG
数据:中间应答:LANG
Result: OK - lang completed NO - no matching language available BAD - command unknown or arguments invalid
结果:确定-lang已完成否-没有可用的匹配语言错误-命令未知或参数无效
One or more arguments are supplied to indicate the client's preferred languages [LANG-TAGS] for error messages. The server will match each client preference in order against its internal table of available error string languages. For a client preference to match a server language, the client's language tag MUST be a prefix of the server's tag and match up to a "-" or the end of string. If a match is found, the server returns an intermediate LANG response and an OK response. The LANG response indicates the actual language selected and appropriate comparators for use with the languages listed in the LANG command.
提供了一个或多个参数,用于指示错误消息的客户端首选语言[LANG-TAGS]。服务器将按照可用错误字符串语言的内部表匹配每个客户端首选项。要使客户端首选项与服务器语言匹配,客户端的语言标记必须是服务器标记的前缀,并匹配到“-”或字符串的结尾。如果找到匹配项,服务器将返回中间LANG响应和OK响应。LANG响应指示所选的实际语言以及与LANG命令中列出的语言一起使用的适当比较器。
If no LANG command is issued, all error text strings MUST be in the registered language "i-default" [CHARSET-LANG-POLICY], intended for an international audience.
如果未发出LANG命令,则所有错误文本字符串必须使用注册语言“i-default”[CHARSET-LANG-POLICY],面向国际受众。
Example: C: A003 LANG "fr-ca" "fr" "en-ca" "en-uk" S: A003 LANG "fr-ca" "i;octet" "i;ascii-numeric" "i;ascii-casemap" "en;primary" "fr;primary" S: A003 OK "Bonjour"
Example: C: A003 LANG "fr-ca" "fr" "en-ca" "en-uk" S: A003 LANG "fr-ca" "i;octet" "i;ascii-numeric" "i;ascii-casemap" "en;primary" "fr;primary" S: A003 OK "Bonjour"
Data: language for error responses appropriate comparators
数据:适当比较器的错误响应语言
The LANG response indicates the language which will be used for error responses and the comparators which are appropriate for the languages listed in the LANG command. The comparators SHOULD be in approximate order from most efficient (usually "i;octet") to most appropriate for human text in the preferred language.
LANG响应指示将用于错误响应的语言以及适用于LANG命令中列出的语言的比较器。比较器应按照从最有效(通常为“i;八位字节”)到最适合首选语言的人类文本的大致顺序排列。
Arguments: none
论点:无
Data: mandatory untagged response: BYE
数据:强制未标记响应:再见
Result: OK - logout completed BAD - command unknown or arguments invalid
结果:确定-注销完成错误-命令未知或参数无效
The LOGOUT command informs the server that the client is done with the session. The server must send a BYE untagged response before the (tagged) OK response, and then close the network connection.
LOGOUT命令通知服务器客户端已完成会话。服务器必须在(标记的)OK响应之前发送BYE untagged响应,然后关闭网络连接。
Example: C: A023 LOGOUT S: * BYE "ACAP Server logging out" S: A023 OK "LOGOUT completed" (Server and client then close the connection)
Example: C: A023 LOGOUT S: * BYE "ACAP Server logging out" S: A023 OK "LOGOUT completed" (Server and client then close the connection)
Data: optional response code human-readable text
数据:可选响应代码人类可读文本
The OK response indicates an information message from the server. When tagged, it indicates successful completion of the associated command. The human-readable text may be presented to the user as an information message. The untagged form indicates an information-only message; the nature of the information MAY be indicated by a response code.
OK响应表示来自服务器的信息消息。标记后,表示关联命令已成功完成。人类可读文本可以作为信息消息呈现给用户。未标记的表单表示仅提供信息的消息;信息的性质可由响应代码表示。
Example: S: * OK "Master ACAP server is back up"
Example: S: * OK "Master ACAP server is back up"
Data: optional response code human-readable text
数据:可选响应代码人类可读文本
The NO response indicates an operational error message from the server. When tagged, it indicates unsuccessful completion of the associated command. The untagged form indicates a warning; the command may still complete successfully. The human-readable text describes the condition.
无响应表示来自服务器的操作错误消息。标记后,表示相关命令未成功完成。未标记的表单表示警告;该命令仍可能成功完成。人类可读的文本描述了这种情况。
Example: C: A010 SEARCH "/addressbook/" DEPTH 3 RETURN ("*") EQUAL "entry" "+i;octet" "bozo" S: * NO "Master ACAP server is down, your data may
Example: C: A010 SEARCH "/addressbook/" DEPTH 3 RETURN ("*") EQUAL "entry" "+i;octet" "bozo" S: * NO "Master ACAP server is down, your data may
be out of date." S: A010 OK "search done" ... C: A222 STORE ("/folder/site/comp.mail.misc" "folder.creation-time" "19951206103412") S: A222 NO (PERMISSION ("/folder/site/")) "Permission denied"
be out of date." S: A010 OK "search done" ... C: A222 STORE ("/folder/site/comp.mail.misc" "folder.creation-time" "19951206103412") S: A222 NO (PERMISSION ("/folder/site/")) "Permission denied"
Data: optional response code human-readable text
数据:可选响应代码人类可读文本
The BAD response indicates an error message from the server. When tagged, it reports a protocol-level error in the client's command; the tag indicates the command that caused the error. The untagged form indicates a protocol-level error for which the associated command can not be determined; it may also indicate an internal server failure. The human-readable text describes the condition.
错误响应表示来自服务器的错误消息。标记后,它会报告客户端命令中的协议级错误;标记指示导致错误的命令。未标记形式表示协议级错误,无法确定相关命令;它还可能表示内部服务器出现故障。人类可读的文本描述了这种情况。
Example: C: ...empty line... S: * BAD "Empty command line" C: A443 BLURDYBLOOP S: A443 BAD "Unknown command" C: A444 NOOP Hello S: A444 BAD "invalid arguments"
Example: C: ...empty line... S: * BAD "Empty command line" C: A443 BLURDYBLOOP S: A443 BAD "Unknown command" C: A444 NOOP Hello S: A444 BAD "invalid arguments"
Data: optional response code human-readable text
数据:可选响应代码人类可读文本
The untagged BYE response indicates that the server is about to close the connection. The human-readable text may be displayed to the user in a status report by the client. The BYE response may be sent as part of a normal logout sequence, or as a panic shutdown announcement by the server. It is also used by some server implementations as an announcement of an inactivity auto-logout.
未标记的BYE响应表示服务器即将关闭连接。用户可读文本可以由客户端在状态报告中显示给用户。BYE响应可以作为正常注销序列的一部分发送,也可以作为服务器的紧急关机通知发送。某些服务器实现还将其用作非活动自动注销的通知。
This response is also used as one of two possible greetings at session startup. It indicates that the server is not willing to accept a session from this client.
此响应还用作会话启动时两种可能的问候语之一。它表示服务器不愿意接受来自此客户端的会话。
Example: S: * BYE "Auto-logout; idle for too long"
Example: S: * BYE "Auto-logout; idle for too long"
Data: optional response code human-readable text
数据:可选响应代码人类可读文本
The human-readable text contains a special human generated alert message that MUST be presented to the user in a fashion that calls the user's attention to the message. This is intended to be used for vital messages from the server administrator to the user, such as a warning that the server will soon be shut down for maintenance.
人类可读文本包含特殊的人类生成的警报消息,必须以引起用户注意消息的方式呈现给用户。这用于从服务器管理员发送给用户的重要消息,例如服务器即将关闭以进行维护的警告。
Example: S: * ALERT "This ACAP server will be shut down in 10 minutes for system maintenance."
示例:S:*警报“此ACAP服务器将在10分钟内关闭以进行系统维护。”
In non-authenticated state, the AUTHENTICATE command establishes authentication and enters authenticated state. The AUTHENTICATE command provides a general mechanism for a variety of authentication techniques.
在非身份验证状态下,AUTHENTICATE命令建立身份验证并进入身份验证状态。AUTHENTICATE命令为各种身份验证技术提供了通用机制。
Server implementations may allow non-authenticated access to certain information by supporting the SASL ANONYMOUS [SASL-ANON] mechanism.
通过支持SASL ANONYMOUS[SASL-ANON]机制,服务器实现可能允许对某些信息进行未经身份验证的访问。
Once authenticated (including as anonymous), it is not possible to re-enter non-authenticated state.
一旦验证(包括匿名),就不可能重新进入未验证状态。
Only the any-state commands (NOOP, LANG and LOGOUT) and the AUTHENTICATE command are valid in non-authenticated state.
只有any state命令(NOOP、LANG和LOGOUT)和AUTHENTICATE命令在非身份验证状态下有效。
Arguments: SASL mechanism name optional initial response
参数:SASL机制名称可选初始响应
Data: continuation data may be requested
数据:可能需要继续数据
Result: OK - authenticate completed, now in authenticated state NO - authenticate failure: unsupported authentication mechanism, credentials rejected BAD - command unknown or arguments invalid, authentication exchange cancelled
结果:确定-身份验证已完成,现在处于身份验证状态否-身份验证失败:不支持的身份验证机制,拒绝的凭据错误-命令未知或参数无效,身份验证交换已取消
The AUTHENTICATE command indicates a SASL [SASL] authentication mechanism to the server. If the server supports the requested authentication mechanism, it performs an authentication protocol exchange to authenticate and identify the user. Optionally, it also negotiates a security layer for subsequent protocol interactions. If the requested authentication mechanism is not supported, the server rejects the AUTHENTICATE command by sending a tagged NO response.
AUTHENTICATE命令向服务器指示SASL[SASL]身份验证机制。如果服务器支持请求的身份验证机制,它将执行身份验证协议交换以验证和标识用户。可选地,它还为后续协议交互协商安全层。如果不支持请求的身份验证机制,服务器将通过发送带标记的“无”响应来拒绝“身份验证”命令。
The authentication protocol exchange consists of a series of server challenges and client answers that are specific to the authentication mechanism. A server challenge consists of a command continuation request with the "+" token followed by a string. The client answer consists of a line consisting of a string. If the client wishes to cancel an authentication exchange, it should issue a line with a single unquoted "*". If the server receives such an answer, it must reject the AUTHENTICATE command by sending a tagged BAD response.
身份验证协议交换由一系列特定于身份验证机制的服务器质询和客户端应答组成。服务器质询由一个命令延续请求组成,该请求带有“+”标记,后跟一个字符串。客户机答案由一行字符串组成。如果客户端希望取消身份验证交换,则应发出一行,其中包含一个不带引号的“*”。如果服务器收到这样的应答,它必须通过发送标记的错误响应来拒绝AUTHENTICATE命令。
The optional initial-response argument to the AUTHENTICATE command is used to save a round trip when using authentication mechanisms that are defined to send no data in the initial challenge. When the initial-response argument is used with such a mechanism, the initial empty challenge is not sent to the client and the server uses the data in the initial-response argument as if it were sent in response to the empty challenge. If the initial-response argument to the AUTHENTICATE command is used with a mechanism that sends data in the initial challenge, the server rejects the AUTHENTICATE command by sending a tagged NO response.
当使用定义为在初始质询中不发送数据的身份验证机制时,AUTHENTICATE命令的可选初始响应参数用于保存往返。当initialresponse参数与这种机制一起使用时,初始空质询不会发送给客户端,服务器使用initialresponse参数中的数据,就好像它是响应空质询而发送的一样。如果AUTHENTICATE命令的initial response参数与在初始质询中发送数据的机制一起使用,则服务器将通过发送带标记的NO响应来拒绝AUTHENTICATE命令。
The service name specified by this protocol's profile of SASL is "acap".
此协议的SASL配置文件指定的服务名称为“acap”。
If a security layer is negotiated through the SASL authentication exchange, it takes effect immediately following the CRLF that concludes the authentication exchange for the client, and the CRLF of the tagged OK response for the server.
如果通过SASL身份验证交换协商安全层,则该层将在完成客户端身份验证交换的CRLF和服务器标记的OK响应的CRLF之后立即生效。
All ACAP implementations MUST implement the CRAM-MD5 SASL mechanism [CRAM-MD5], although they MAY offer a configuration option to disable it if site security policy dictates. The example below is the same example described in the CRAM-MD5 specification.
所有ACAP实现都必须实现CRAM-MD5 SASL机制[CRAM-MD5],尽管如果站点安全策略要求,它们可能会提供一个配置选项来禁用它。下面的示例与CRAM-MD5规范中描述的示例相同。
If an AUTHENTICATE command fails with a NO response, the client may try another authentication mechanism by issuing another AUTHENTICATE command. In other words, the client may request authentication types in decreasing order of preference.
如果AUTHENTICATE命令失败且没有响应,则客户端可以通过发出另一个AUTHENTICATE命令来尝试另一种身份验证机制。换言之,客户机可以按偏好的降序请求认证类型。
Example: S: * ACAP (IMPLEMENTATION "Blorfysoft v3.5") (SASL "CRAM-MD5" "KERBEROS_V4") C: A001 AUTHENTICATE "CRAM-MD5" S: + "<1896.697170952@postoffice.reston.mci.net>" C: "tim b913a602c7eda7a495b4e6e7334d3890" S: A001 OK "CRAM-MD5 authentication successful"
Example: S: * ACAP (IMPLEMENTATION "Blorfysoft v3.5") (SASL "CRAM-MD5" "KERBEROS_V4") C: A001 AUTHENTICATE "CRAM-MD5" S: + "<1896.697170952@postoffice.reston.mci.net>" C: "tim b913a602c7eda7a495b4e6e7334d3890" S: A001 OK "CRAM-MD5 authentication successful"
This section describes the SEARCH command, for retrieving data from datasets.
本节介绍用于从数据集中检索数据的搜索命令。
Arguments: dataset or context name optional list of modifiers search criteria
参数:数据集或上下文名称修饰符搜索条件的可选列表
Data: intermediate responses: ENTRY, MODTIME, REFER untagged responses: ADDTO, REMOVEFROM, CHANGE, MODTIME
数据:中间响应:ENTRY,MODTIME,REFER未标记的响应:ADDTO,REMOVEFROM,CHANGE,MODTIME
Result: OK - search completed NO - search failure: can't perform search BAD - command unknown or arguments invalid
Result: OK - search completed NO - search failure: can't perform search BAD - command unknown or arguments invalid
The SEARCH command identifies a subset of entries in a dataset and returns information on that subset to the client. Inherited entries and attributes are included in the search unless the NOINHERIT search modifier is included or the user does not have permission to read the attributes in the base dataset.
SEARCH命令标识数据集中的条目子集,并将该子集的信息返回给客户端。继承的条目和属性将包含在搜索中,除非包含NOINHERIT搜索修饰符,或者用户没有读取基本数据集中属性的权限。
The first argument to SEARCH identifies what is to be searched. If the string begins with a slash ("/"), it is the name of a dataset to be searched, otherwise it is a name of a context that was created by a SEARCH command given previously in the session.
SEARCH的第一个参数标识要搜索的内容。如果字符串以斜杠(“/”)开头,则它是要搜索的数据集的名称,否则它是由先前在会话中给出的搜索命令创建的上下文的名称。
A successful SEARCH command MAY result in intermediate ENTRY responses and MUST result in a MODTIME intermediate response.
成功的搜索命令可能会导致中间条目响应,并且必须导致MODTIME中间响应。
Following that are zero or more modifiers to the search. Each modifier may be specified at most once. The defined modifiers are:
之后是零个或多个搜索修饰符。每个修改器最多只能指定一次。定义的修改器包括:
DEPTH number The SEARCH command will traverse the dataset tree up to the specified depth. ENTRY responses will include the full path to the entry. A value of "0" indicates that the search should traverse the entire tree. A value of "1" is the default and indicates only the specified dataset should be searched. If a dataset is traversed which is not located on the current server, then a REFER intermediate response is returned for that subtree and the search continues.
深度编号搜索命令将遍历数据集树直到指定深度。条目响应将包括条目的完整路径。值“0”表示搜索应遍历整个树。默认值为“1”,表示只搜索指定的数据集。如果遍历的数据集不位于当前服务器上,则会为该子树返回一个referemediate响应,然后继续搜索。
HARDLIMIT number If the SEARCH command would result in more than number entries, the SEARCH fails with a NO completion result with a WAYTOOMANY response code.
HARDLIMIT number如果搜索命令将导致多个条目,则搜索失败,结果为“无完成”,返回WAYTOOMANY响应代码。
LIMIT number number Limits the number of intermediate ENTRY responses that the search may generate. The first numeric argument specifies the limit, the second number specifies the number of entries to return if the number of matches exceeds the limit. If the limit is exceeded, the SEARCH command still succeeds, returning the total number of matches in a TOOMANY response code in the tagged OK response.
限制数量限制搜索可能生成的中间条目响应的数量。第一个数字参数指定限制,第二个数字指定匹配数超过限制时要返回的条目数。如果超过限制,则SEARCH命令仍会成功,返回带标记的OK响应中太多响应代码中的匹配总数。
MAKECONTEXT [ENUMERATE] [NOTIFY] context Causes the SEARCH command to create a context with the name given in the argument to refer to the matching entries. If the SEARCH is successful, the context name may then be given as an argument to subsequent SEARCH commands to search the set of matching entries. If a context with the specified name already exists, it is first freed. If a new context may not be created due to the server's limit on the number of existing contexts, the command fails, returning a TRYFREECONTEXT response code in the NO completion response.
MAKECONTEXT[ENUMERATE][NOTIFY]上下文使搜索命令创建一个上下文,该上下文使用参数中给定的名称引用匹配的条目。如果搜索成功,则可以将上下文名称作为参数提供给后续搜索命令,以搜索匹配项集。如果具有指定名称的上下文已存在,则首先将其释放。如果由于服务器对现有上下文数量的限制而无法创建新上下文,则该命令将失败,并在无完成响应中返回TRYFREECONTEXT响应代码。
The optional "ENUMERATE" and "NOTIFY" arguments may be included to request enumeration of the context (for virtual scroll bars) or change notifications for the context. If "NOTIFY" is not requested, the context represents a snapshot of the entries at the time the SEARCH was issued.
可选的“ENUMERATE”和“NOTIFY”参数可用于请求上下文枚举(对于虚拟滚动条)或上下文更改通知。如果未请求“NOTIFY”,则上下文表示发布搜索时条目的快照。
ENUMERATE requests that the contents of the context be ordered according to the SORT modifier and that sequential numbers, starting with one, be assigned to the entries in the context. This permits the RANGE modifier to be used to fetch portions of the ordered context.
枚举根据排序修饰符对上下文内容进行排序的请求,并将从1开始的序列号分配给上下文中的条目。这允许使用范围修饰符获取部分有序上下文。
NOTIFY requests that the server send untagged ADDTO, REMOVEFROM, CHANGE, and MODTIME responses while the context created by this SEARCH command exists. The server MAY issue untagged ADDTO, REMOVEFROM, CHANGE and MODTIME notifications for a context at any time between the issuing of the SEARCH command with MAKECONTEXT NOTIFY and the completion of a FREECONTEXT command for the context. Notifications are only issued for changes which occur after the server receives the SEARCH command which created the context. After issuing a sequence of ADDTO, REMOVEFROM or CHANGE notifications, the server MUST issue an untagged MODTIME notification indicating that the client has all updates to the entries in the context up to and including the given modtime value. Servers are permitted a reasonable delay to batch change notifications before sending them to the client.
当此搜索命令创建的上下文存在时,通知服务器发送未标记的ADDTO、REMOVEFROM、CHANGE和MODTIME响应的请求。在发出带有MAKECONTEXT NOTIFY的搜索命令和完成上下文的FREECONTEXT命令之间的任何时间,服务器都可以为上下文发出未标记的ADDTO、removfrom、CHANGE和MODTIME通知。只有在服务器收到创建上下文的搜索命令后发生的更改才会发出通知。在发出一系列ADDTO、REMOVEFROM或CHANGE通知后,服务器必须发出一个未标记的MODTIME通知,指示客户端在给定的MODTIME值之前(包括该值)对上下文中的条目进行了所有更新。允许服务器在向客户端发送批量更改通知之前有合理的延迟。
The position arguments of the ADDTO, REMOVEFROM and CHANGE notifications are 0 if ENUMERATE is not requested.
如果未请求枚举,则ADDTO、REMOVEFROM和CHANGE通知的位置参数为0。
NOINHERIT This causes the SEARCH command to operate without inheritance. It can be used to tell which values are explicit overrides. If MAKECONTEXT is also specified, the created context is also not affected by inheritance.
NOINHERIT这会导致SEARCH命令在没有继承的情况下运行。它可以用来告诉哪些值是显式重写。如果还指定了MAKECONTEXT,则创建的上下文也不受继承的影响。
RETURN (metadata...) Specifies what is to be returned in intermediate ENTRY responses. If this modifier is not specified, no intermediate ENTRY responses are returned.
RETURN(元数据…)指定在中间条目响应中要返回的内容。如果未指定此修饰符,则不会返回中间条目响应。
Inside the parentheses is an optional list of attributes, each optionally followed by a parenthesized list of metadata. If the parenthesized list of metadata is not specified, it defaults to "(value)".
括号内是可选的属性列表,每个属性后面都有一个带括号的元数据列表。如果未指定带括号的元数据列表,则默认为“(值)”。
An attribute name with a trailing "*" requests all attributes with that prefix. A "*" by itself requests all attributes. If the parenthesized list of metadata is not specified for an attribute with a trailing "*", it defaults to "(attribute value)". Results matching such an attribute pattern are grouped in parentheses.
带有尾随“*”的属性名称请求具有该前缀的所有属性。“*”本身请求所有属性。如果未为尾随“*”的属性指定带括号的元数据列表,则默认为“(属性值)”。匹配此类属性模式的结果分组在括号中。
Following the last intermediate ENTRY response, the server returns a single intermediate MODTIME response.
在最后一个中间条目响应之后,服务器返回一个中间MODTIME响应。
SORT (attribute comparator ...) Specifies the order in which any resulting ENTRY replies are to be returned to the client. The SORT modifier takes as an argument a parenthesized list of one or more attribute/comparator pairs. Attribute lists the attribute to sort on, comparator specifies the name of the collation rule to apply to the values of the attribute. Successive attribute/comparator pairs are used to order two entries only when all preceding pairs indicate the two entries collate the same.
排序(属性比较器…)指定将任何结果条目回复返回给客户端的顺序。排序修饰符将一个或多个属性/比较器对的括号列表作为参数。属性列出要排序的属性,comparator指定要应用于属性值的排序规则的名称。连续属性/比较器对仅当所有前面的对指示两个条目的排序相同时,才用于对两个条目进行排序。
If the SORT modifier is used in conjunction with the MAKECONTEXT modifier, the SORT modifier specifies the ordering of entries in the created context.
如果排序修饰符与MAKECONTEXT修饰符一起使用,则排序修饰符指定所创建上下文中条目的顺序。
If no SORT modifier is specified, or none of the attribute/comparator pairs indicates an order for the two entries, the server uses the order of the entries that exists in the context or dataset being searched.
如果未指定排序修饰符,或者没有任何属性/比较器对指示两个条目的顺序,服务器将使用正在搜索的上下文或数据集中存在的条目顺序。
Following the modifiers is the search criteria. Searching criteria consist of one or more search keys. Search keys may be combined using the AND, and OR search keys. For example, the criteria (the newline is for readability and not part of the criteria): AND COMPARE "modtime" "+i;octet" "19951206103400" COMPARE "modtime" "-i;octet" "19960112000000" refers to all entries modified between 10:34 December 6 1995 and midnight January 12, 1996 UTC.
修饰符后面是搜索条件。搜索条件由一个或多个搜索键组成。可以使用AND、AND或搜索键组合搜索键。例如,标准(换行符是为了可读性,而不是标准的一部分):和比较“modtime”+i;八位组“19951206103400”和比较“modtime”-i;八位组“19960112000000”指1995年12月6日10:34到1996年1月12日午夜之间修改的所有条目。
The currently defined search keys are as follows.
当前定义的搜索键如下所示。
ALL This matches all entries.
所有这些匹配所有条目。
AND search-key1 search-key2 Entries that match both search keys.
和search-key1 search-key2匹配两个搜索键的条目。
COMPARE attribute comparator value Entries for which the value of the specified attribute collates using the specified comparator the same or later than the specified value.
使用指定的比较器将指定属性的值与指定值相同或更晚的属性比较器值项进行比较。
COMPARESTRICT attribute comparator value Entries for which the specified attribute collates using the specified comparator later than the specified value.
COMPARESTRICT属性comparator值项,指定属性使用指定比较器(晚于指定值)对其进行比较。
EQUAL attribute comparator value Entries for which the value of the attribute is equal to the specified value using the specified comparator.
使用指定的比较器,属性值等于指定值的相等属性比较器值项。
NOT search-key Entries that do not match the specified search key.
不搜索与指定搜索关键字不匹配的关键字条目。
OR search-key1 search-key2 Entries that match either search key.
或与任一搜索键匹配的search-key1 search-key2条目。
PREFIX attribute comparator value Entries which begin with the specified value using the specified comparator. If the specified comparator doesn't support substring matching, a BAD response is returned.
使用指定的比较器为以指定值开头的属性比较器值项添加前缀。如果指定的比较器不支持子字符串匹配,则返回错误响应。
RANGE start end time Entries which are within the specified range of the enumerated context's ordering. The lowest-ordered entry in the context is assigned number one, the next lowest entry is assigned number two, and so on. The numeric arguments specify the lowest and highest numbers to match. The time specifies that the client has processed notifications for the context up to the specified time. If the context has been modified since then, the server MUST either return a NO with a MODIFIED response code, or return the results that the SEARCH would have returned if none of the changes since that time had been made.
在枚举上下文顺序的指定范围内的范围开始结束时间项。上下文中顺序最低的条目被分配为数字1,下一个最低的条目被分配为数字2,依此类推。数值参数指定要匹配的最低和最高数字。时间指定客户端在指定时间之前已处理上下文的通知。如果此后上下文已被修改,则服务器必须返回带有修改响应代码的“否”,或者返回自那时起未进行任何更改时搜索将返回的结果。
RANGE is only permitted on enumerated contexts. If RANGE is used with a dataset or non-enumerated context, the server MUST return a BAD response.
范围仅在枚举上下文上允许。如果范围与数据集或非枚举上下文一起使用,则服务器必须返回错误响应。
SUBSTRING attribute comparator value Entries which contain the specified value, using the specified comparator. If the specified comparator doesn't support substring matching, a BAD response is returned.
使用指定的比较器,包含指定值的子字符串属性比较器值项。如果指定的比较器不支持子字符串匹配,则返回错误响应。
Data: entry name entry data
数据:条目名称条目数据
The ENTRY intermediate response occurs as a result of a SEARCH or STORE command. This is the means by which dataset entries are returned to the client.
条目中间响应是搜索或存储命令的结果。这是将数据集条目返回给客户端的方法。
The ENTRY response begins with the entry name, if a SEARCH command without the DEPTH modifier was issued, or the entry path in other cases. This is followed by a set of zero or more items, one for each metadata item in the RETURN search modifier. Results matching an attribute pattern or returning multiple metadata items are grouped in parentheses.
如果发出了不带深度修改器的搜索命令,则条目响应以条目名称开头,或者在其他情况下以条目路径开头。然后是一组零个或多个项目,返回搜索修饰符中的每个元数据项目对应一个项目。匹配属性模式或返回多个元数据项的结果分组在括号中。
Data: modtime value
数据:modtime值
The MODTIME intermediate response occurs as a result of a SEARCH command. It indicates that the just created context or the previously returned ENTRY responses include all updates to the returned entries up to and including the modtime value in the argument.
MODTIME中间响应是搜索命令的结果。它表示刚刚创建的上下文或以前返回的条目响应包括对返回条目的所有更新,直到并包括参数中的modtime值。
Data: dataset path relative ACAP URLs
数据:数据集路径相对ACAP URL
The REFER intermediate response occurs as a result of a multi-level SEARCH where one of the levels is located on a different server. The response indicates the dataset which is not located on the current server and one or more relative ACAP URLs for where that dataset may be found.
引用中间响应是多级搜索的结果,其中一个级别位于不同的服务器上。响应指示不位于当前服务器上的数据集以及可在其中找到该数据集的一个或多个相对ACAP URL。
Here are some SEARCH command exchanges between the client and server:
以下是客户端和服务器之间的一些搜索命令交换:
C: A046 SEARCH "/addressbook/" DEPTH 3 RETURN ("addressbook.Alias" "addressbook.Email" "addressbook.List") OR NOT EQUAL "addressbook.Email" "i;octet" NIL NOT EQUAL "addressbook.List" "i;octet" NIL S: A046 ENTRY "/addressbook/user/joe/A0345" "fred" "fred@stone.org" NIL S: A046 ENTRY "/addressbook/user/fred/A0537" "joe" "joe@stone.org" NIL S: A046 ENTRY "/addressbook/group/Dinosaur Operators/A423" "saurians" NIL "1" S: A046 MODTIME "19970728105252" S: A046 OK "SEARCH completed"
C: A046 SEARCH "/addressbook/" DEPTH 3 RETURN ("addressbook.Alias" "addressbook.Email" "addressbook.List") OR NOT EQUAL "addressbook.Email" "i;octet" NIL NOT EQUAL "addressbook.List" "i;octet" NIL S: A046 ENTRY "/addressbook/user/joe/A0345" "fred" "fred@stone.org" NIL S: A046 ENTRY "/addressbook/user/fred/A0537" "joe" "joe@stone.org" NIL S: A046 ENTRY "/addressbook/group/Dinosaur Operators/A423" "saurians" NIL "1" S: A046 MODTIME "19970728105252" S: A046 OK "SEARCH completed"
C: A047 SEARCH "/addressbook/user/fred/" RETURN ("*") EQUAL "entry" "i;octet" "A0345" S: A047 ENTRY "A0345" (("modtime" "19970728102226")
C: A047 SEARCH "/addressbook/user/fred/" RETURN ("*") EQUAL "entry" "i;octet" "A0345" S: A047 ENTRY "A0345" (("modtime" "19970728102226")
("addressbook.Alias" "fred") ("addressbook.Email" "fred@stone.org") ("addressbook.CommonName" "Fred Flintstone") ("addressbook.Surname" "Flintstone") ("addressbook.GivenName" "Fred")) S: A047 MODTIME "19970728105258" S: A047 OK "SEARCH completed"
("addressbook.Alias" "fred") ("addressbook.Email" "fred@stone.org") ("addressbook.CommonName" "Fred Flintstone") ("addressbook.Surname" "Flintstone") ("addressbook.GivenName" "Fred")) S: A047 MODTIME "19970728105258" S: A047 OK "SEARCH completed"
C: A048 SEARCH "/options/~/vendor.example/" RETURN ("option.value"("size" "value" "myrights")) SORT ("entry" "i;octet") COMPARE "modtime" "i;octet" "19970727123225" S: A048 ENTRY "blurdybloop" (5 "ghoti" "rwia") S: A048 ENTRY "buckybits" (2 "10" "rwia") S: A048 ENTRY "windowSize" (7 "100x100" "rwia") S: A048 MODTIME "19970728105304" S: A048 OK "SEARCH completed"
C: A048 SEARCH "/options/~/vendor.example/" RETURN ("option.value"("size" "value" "myrights")) SORT ("entry" "i;octet") COMPARE "modtime" "i;octet" "19970727123225" S: A048 ENTRY "blurdybloop" (5 "ghoti" "rwia") S: A048 ENTRY "buckybits" (2 "10" "rwia") S: A048 ENTRY "windowSize" (7 "100x100" "rwia") S: A048 MODTIME "19970728105304" S: A048 OK "SEARCH completed"
C: A049 SEARCH "/addressbook/~/public" RETURN ("addressbook.Alias" "addressbook.Email") MAKECONTEXT ENUMERATE "blob" LIMIT 100 1 SORT ("addressbook.Alias" "i;octet") NOT EQUAL "addressbook.Email" NIL S: A049 ENTRY "A437" "aaguy" "aaguy@stone.org" S: A049 MODTIME "19970728105308" S: A049 OK (TOOMANY 347) "Context 'blob' created"
C: A049 SEARCH "/addressbook/~/public" RETURN ("addressbook.Alias" "addressbook.Email") MAKECONTEXT ENUMERATE "blob" LIMIT 100 1 SORT ("addressbook.Alias" "i;octet") NOT EQUAL "addressbook.Email" NIL S: A049 ENTRY "A437" "aaguy" "aaguy@stone.org" S: A049 MODTIME "19970728105308" S: A049 OK (TOOMANY 347) "Context 'blob' created"
C: A050 SEARCH "blob" RANGE 2 2 "19970728105308" ALL S: A050 ENTRY "A238" "abguy" "abguy@stone.org" S: A050 MODTIME "19970728105310" S: A050 OK "SEARCH Completed"
C: A050 SEARCH "blob" RANGE 2 2 "19970728105308" ALL S: A050 ENTRY "A238" "abguy" "abguy@stone.org" S: A050 MODTIME "19970728105310" S: A050 OK "SEARCH Completed"
The following commands use contexts created by a SEARCH command with a MAKECONTEXT modifier.
以下命令使用带有MAKECONTEXT修饰符的搜索命令创建的上下文。
Arguments: context name
参数:上下文名称
Data: no specific data for this command
数据:此命令没有特定数据
Result: OK - freecontext completed NO - freecontext failure: no such context BAD - command unknown or arguments invalid
Result: OK - freecontext completed NO - freecontext failure: no such context BAD - command unknown or arguments invalid
The FREECONTEXT command causes the server to free all state associated with the named context. The context may no longer be searched and the server will no longer issue any untagged responses for the context. The context is no longer counted against the server's limit on the number of contexts.
FREECONTEXT命令使服务器释放与命名上下文关联的所有状态。该上下文可能不再被搜索,服务器将不再针对该上下文发出任何未标记的响应。不再根据服务器对上下文数量的限制来计算上下文。
Example: C: A683 FREECONTEXT "blurdybloop" S: A683 OK "Freecontext completed"
示例:C:A683 FREECONTEXT“blurdybloop”S:A683 OK“FREECONTEXT已完成”
Arguments: list of context names
参数:上下文名称列表
Data: untagged responses: ADDTO REMOVEFROM CHANGE MODTIME
数据:未标记的响应:AddToRemovefromChangeModTime
Result: OK - Updatecontext completed: all updates completed NO - Updatecontext failed: no such context not a notify context BAD - command unknown or arguments invalid
Result: OK - Updatecontext completed: all updates completed NO - Updatecontext failed: no such context not a notify context BAD - command unknown or arguments invalid
The UPDATECONTEXT command causes the server to ensure that the client is notified of all changes known to the server for the contexts listed as arguments up to the current time. The contexts listed in the arguments must have been previously given to a successful SEARCH command with a MAKECONTEXT NOTIFY modifier. A MODTIME untagged response MUST be returned if any read-write metadata in the context changed since the last MODTIME for that context. This includes metadata which is not listed in the RETURN modifier for the context.
UPDATECONTEXT命令使服务器确保将服务器知道的到当前为止作为参数列出的上下文的所有更改通知客户端。参数中列出的上下文之前必须已被赋予带有MAKECONTEXT NOTIFY修饰符的成功搜索命令。如果上下文中的任何读写元数据自该上下文的上次MODTIME更改以来发生了更改,则必须返回MODTIME Untaged响应。这包括未在上下文的返回修饰符中列出的元数据。
While a server may issue untagged ADDTO, REMOVEFROM, CHANGE, and MODTIME at any time, the UPDATECONTEXT command is used to "prod" the server to send any notifications it has not sent yet.
虽然服务器可以随时发出未标记的ADDTO、REMOVEFROM、CHANGE和MODTIME,但UPDATECONTEXT命令用于“催促”服务器发送其尚未发送的任何通知。
The UPDATECONTEXT command SHOULD NOT be used to poll for updates.
UPDATECONTEXT命令不应用于轮询更新。
Example: C: Z4S9 UPDATECONTEXT "blurdybloop" "blarfl" S: Z4S9 OK "client has been notified of all changes"
示例:C:Z4S9 UPDATECONTEXT“blurdybloop”“blarfl”S:Z4S9 OK“客户端已收到所有更改的通知”
Data: context name entry name position metadata list
数据:上下文名称条目名称位置元数据列表
The untagged ADDTO response informs the client that an entry has been added to a context. The response includes the position number of the added entry (the first entry in the context is numbered 1) and those metadata contained in the entry which match the RETURN statement when the context was created.
未标记的ADDTO响应通知客户端已将条目添加到上下文中。响应包括添加的条目的位置号(上下文中的第一个条目编号为1)以及在创建上下文时与RETURN语句匹配的条目中包含的元数据。
For enumerated contexts, the ADDTO response implicitly adds one to the position of all members of the context which had position numbers that were greater than or equal to the ADDTO position number. For non-enumerated contexts, the position field is always 0.
对于枚举上下文,ADDTO响应会隐式地将一个添加到所有位置号大于或等于ADDTO位置号的上下文成员的位置。对于非枚举上下文,位置字段始终为0。
Example: S: * ADDTO "blurdybloop" "fred" 15 ("addressbook.Email" "fred@stone.org")
Example: S: * ADDTO "blurdybloop" "fred" 15 ("addressbook.Email" "fred@stone.org")
Data: context name entry name old position
数据:上下文名称条目名称旧位置
The untagged REMOVEFROM response informs the client that an entry has been removed from a context. The response includes the position number that the removed entry used to have (the first entry in the context is numbered 1).
Untaged REMOVEFROM响应通知客户端某个条目已从上下文中删除。响应包括删除的条目以前的位置号(上下文中的第一个条目编号为1)。
For enumerated contexts, the REMOVEFROM response implicitly subtracts one from the position numbers of all members of the context which had position numbers greater than the REMOVEFROM position number. For non-enumerated contexts, the position field is always 0.
对于枚举上下文,REMOVEFROM响应隐式地从位置号大于REMOVEFROM位置号的上下文的所有成员的位置号中减去一。对于非枚举上下文,位置字段始终为0。
Example: S: * REMOVEFROM "blurdybloop" "fred" 15
Example: S: * REMOVEFROM "blurdybloop" "fred" 15
Data: context name entry name old position new position metadata list
数据:上下文名称条目名称旧位置新位置元数据列表
The untagged CHANGE response informs the client that an entry in a context has either changed position in the context or has changed the values of one or more of the attributes specified in the RETURN modifier when the context was created.
未标记的更改响应通知客户机上下文中的条目已更改上下文中的位置,或者在创建上下文时更改了返回修饰符中指定的一个或多个属性的值。
The response includes the previous and current position numbers of the entry (which are 0 if ENUMERATE was not specified on the context) and the attribute metadata requested in the RETURN modifier when the context was created.
响应包括条目的先前和当前位置号(如果未在上下文中指定ENUMERATE,则为0)以及创建上下文时在RETURN修饰符中请求的属性元数据。
For enumerated contexts, the CHANGE response implicitly changes the position numbers of all entries which had position numbers between the old and new position. If old position is less than new position, than one is subtracted from all entries which had position numbers in that range. Otherwise one is added to all entries which had position numbers in that range. If the old position and new position are the same, then no implicit position renumbering occurs.
对于枚举上下文,更改响应会隐式更改位置号介于新旧位置之间的所有条目的位置号。若旧位置小于新位置,则从该范围内位置编号的所有条目中减去1。否则,位置号在该范围内的所有条目都将添加一个。如果旧位置和新位置相同,则不会发生隐式位置重新编号。
CHANGE responses are not issued for entries which have changed position implicitly due to another ADDTO, REMOVEFROM or CHANGE response.
对于由于另一个ADDTO、REMOVEFROM或CHANGE response而隐式更改了位置的条目,不会发出更改响应。
Example: S: * CHANGE "blurdybloop" "fred" 15 10 ("addressbook.Email" "fred@stone.org")
Example: S: * CHANGE "blurdybloop" "fred" 15 10 ("addressbook.Email" "fred@stone.org")
Data: context name modtime value
数据:上下文名称modtime值
The untagged MODTIME response informs the client that it has received all updates to entries in the context which have modtime values less than or equal to the modtime value in the argument.
Untaged MODTIME响应通知客户端它已收到上下文中MODTIME值小于或等于参数中MODTIME值的所有条目更新。
Example: S: * MODTIME mycontext "19970320162338"
Example: S: * MODTIME mycontext "19970320162338"
The following commands and responses handle modification of datasets.
以下命令和响应处理数据集的修改。
Arguments: entry store list
参数:条目存储列表
Data: intermediate responses: ENTRY
数据:中间回答:条目
Result: OK - store completed NO - store failure: can't store that name UNCHANGEDSINCE specified and entry changed BAD - command unknown or arguments invalid invalid UTF-8 syntax in attribute name
结果:确定-存储完成无-存储失败:无法存储指定的名称未更改且条目已更改错误-命令未知或参数无效属性名称中的UTF-8语法无效
Creates, modifies, or deletes the named entries in the named datasets. The values of metadata not specified in the command are not changed. Setting the "value" metadata of an attribute to NIL removes that attribute from the entry. Setting the "value" of the "entry" attribute to NIL removes that entry from the dataset and cancels inheritance for the entire entry. Setting the "value" of the "entry" attribute to DEFAULT removes that entry from the inheriting dataset and reverts the entry and its attributes to inherited values, if any. Changing the value of the "entry" attribute renames the entry.
创建、修改或删除命名数据集中的命名项。命令中未指定的元数据值不会更改。将属性的“值”元数据设置为NIL将从条目中删除该属性。将“entry”属性的“value”设置为NIL将从数据集中删除该条目,并取消对整个条目的继承。将“条目”属性的“值”设置为默认值将从继承数据集中删除该条目,并将该条目及其属性还原为继承值(如果有)。更改“entry”属性的值将重命名条目。
Storing DEFAULT to the "value" metadata of an attribute is equivalent to storing NIL, except that inheritance is enabled for that attribute. If a non-NIL value is inherited then an ENTRY intermediate response is generated to notify the client of the this change. The ENTRY response includes the entry-path and the attribute name and value metadata for each attribute which reverted to a non-NIL inherited setting.
将默认值存储到属性的“值”元数据等同于存储NIL,只是为该属性启用了继承。若继承了一个非NIL值,那个么将生成一个条目中间响应来通知客户机此更改。条目响应包括条目路径以及还原为非NIL继承设置的每个属性的属性名称和值元数据。
Storing NIL to the "value" metadata of an attribute MAY be treated equivalent to storing DEFAULT to that "value" if there is a NIL value in the base dataset.
如果基本数据集中存在NIL值,则将NIL存储到属性的“值”元数据可能被视为等同于将默认值存储到该“值”。
The STORE command is followed by one or more entry store lists. Each entry store list begins with an entry path followed by STORE modifiers, followed by zero or more attribute store items. Each attribute store item is made up of the attribute name followed by NIL (to remove the attribute's value), DEFAULT (to revert the item to any inherited value), a single value (to set the attribute's single value), or a list of metadata items to modify. The following STORE modifiers may be specified:
STORE命令后面是一个或多个条目存储列表。每个条目存储列表以条目路径开始,后跟存储修饰符,后跟零个或多个属性存储项。每个属性存储项由属性名称后跟NIL(删除属性的值)、DEFAULT(将项还原为任何继承的值)、单个值(设置属性的单个值)或要修改的元数据项列表组成。可以指定以下存储修改器:
NOCREATE By default, the server MUST create any datasets necessary to store the entry, including multiple hierarchy levels. If NOCREATE is specified, the STORE command will fail with a NOEXIST error unless the parent dataset already exists.
NOCREATE默认情况下,服务器必须创建存储条目所需的任何数据集,包括多个层次结构级别。如果指定了NOCREATE,则STORE命令将失败,并出现NOEXIST错误,除非父数据集已经存在。
UNCHANGEDSINCE If the "modtime" of the entry is later than the unchangedsince time, then the store fails with a MODIFIED response code. Use of UNCHANGEDSINCE with a time of "00000101000000" will always fail if the entry exists. Clients writing to a shared dataset are encouraged to use UNCHANGEDSINCE when modifying an existing entry.
UNCHANGEDSINCE如果条目的“modtime”晚于UNCHANGEDSINCE时间,则存储失败,响应代码修改。如果条目存在,则使用时间为“00000 101000000”的UNCHANGEDSINCE将始终失败。建议写入共享数据集的客户端在修改现有条目时使用UNCHANGEDSINCE。
The server MUST either make all the changes specified in a single STORE command or make none of them. If successful, the server MUST update the "modtime" attribute for every entry which was changed.
服务器必须进行单个存储命令中指定的所有更改,或者不进行任何更改。如果成功,服务器必须为更改的每个条目更新“modtime”属性。
It is illegal to list any metadata item within an attribute twice, any attribute within an entry twice or any entry path twice. The server MUST return a BAD response if this happens.
在一个属性中列出任何元数据项两次、在一个条目中列出任何属性两次或在任何条目路径中列出两次是非法的。如果发生这种情况,服务器必须返回错误响应。
The server MAY re-order the strings in a multi-value on STORE and MAY remove duplicate strings. However, SEARCH MUST return multi-values and the associated size list metadata in a consistant order.
服务器可以在多值存储中重新排序字符串,并可以删除重复的字符串。但是,搜索必须以一致的顺序返回多个值和关联的大小列表元数据。
Example: C: A342 STORE ("/addressbook/user/fred/ABC547" "addressbook.TelephoneNumber" "555-1234" "addressbook.CommonName" "Barney Rubble" "addressbook.AlternateNames" ("value" ("Barnacus Rubble" "Coco Puffs Thief")) "addressbook.Email" NIL) S: A342 OK "Store completed" C: A343 STORE ("/addressbook/user/joe/ABD42" UNCHANGEDSINCE "19970320162338" "user.joe.hair-length" "10 inches") S: A343 NO (MODIFIED) "'ABD42' has been changed by somebody else." C: A344 STORE ("/addressbook/group/Developers/ACD54" "entry" NIL) S: A344 OK "Store completed" C: A345 STORE ("/option/~/common/SMTPserver" "option.value" DEFAULT) S: A345 ENTRY "/option/~/common/SMTPserver"
Example: C: A342 STORE ("/addressbook/user/fred/ABC547" "addressbook.TelephoneNumber" "555-1234" "addressbook.CommonName" "Barney Rubble" "addressbook.AlternateNames" ("value" ("Barnacus Rubble" "Coco Puffs Thief")) "addressbook.Email" NIL) S: A342 OK "Store completed" C: A343 STORE ("/addressbook/user/joe/ABD42" UNCHANGEDSINCE "19970320162338" "user.joe.hair-length" "10 inches") S: A343 NO (MODIFIED) "'ABD42' has been changed by somebody else." C: A344 STORE ("/addressbook/group/Developers/ACD54" "entry" NIL) S: A344 OK "Store completed" C: A345 STORE ("/option/~/common/SMTPserver" "option.value" DEFAULT) S: A345 ENTRY "/option/~/common/SMTPserver"
"option.value" "smtp.server.do.main" S: A345 OK "Store completed" C: A347 STORE ("/addressbook/~/" "dataset.inherit" "/addressbook/group/Developers") S: A347 OK "Store completed"
"option.value" "smtp.server.do.main" S: A345 OK "Store completed" C: A347 STORE ("/addressbook/~/" "dataset.inherit" "/addressbook/group/Developers") S: A347 OK "Store completed"
Arguments: dataset name time
参数:数据集名称时间
Data: intermediate response: DELETED
数据:中间响应:已删除
Result: OK - DELETEDSINCE completed NO - DELETEDSINCE failure: can't read dataset date too far in the past BAD - command unknown or arguments invalid
结果:OK-DELETEDSINCE已完成否-DELETEDSINCE失败:无法读取数据集日期过远,过去错误-命令未知或参数无效
The DELETEDSINCE command returns in intermediate DELETED replies the names of entries that have been deleted from the named dataset since the given time.
DELETEDSINCE命令以中间删除回复的形式返回自给定时间以来已从命名数据集中删除的条目的名称。
Servers may impose a limit on the number or age of deleted entry names they keep track of. If the server does not have information going back to the specified time, the command fails, returning a TOOOLD response code in the tagged NO response.
服务器可能会对其跟踪的已删除条目名称的数量或期限施加限制。如果服务器没有返回到指定时间的信息,则该命令将失败,并在标记的“无响应”中返回Toold响应代码。
Example: C: Z4S9 DELETEDSINCE "/folder/site/" 19951205103412 S: Z4S9 DELETED "blurdybloop" S: Z4S9 DELETED "anteaters" S: Z4S9 OK "DELETEDSINCE completed" C: Z4U3 DELETEDSINCE "/folder/site/" 19951009040854 S: Z4U3 NO (TOOOLD) "Don't have that information"
Example: C: Z4S9 DELETEDSINCE "/folder/site/" 19951205103412 S: Z4S9 DELETED "blurdybloop" S: Z4S9 DELETED "anteaters" S: Z4S9 OK "DELETEDSINCE completed" C: Z4U3 DELETEDSINCE "/folder/site/" 19951009040854 S: Z4U3 NO (TOOOLD) "Don't have that information"
Data: entry name
数据:条目名称
The intermediate DELETED response occurs as a result of a DELETEDSINCE command. It returns an entry that has been deleted from the dataset specified in the DELETEDSINCE command.
中间删除响应是DELETEDSINCE命令的结果。它返回已从DELETEDSINCE命令中指定的数据集中删除的条目。
The commands in this section are used to manage access control lists.
本节中的命令用于管理访问控制列表。
Arguments: acl object authentication identifier access rights
参数:acl对象身份验证标识符访问权限
Data: no specific data for this command
数据:此命令没有特定数据
Result: OK - setacl completed NO - setacl failure: can't set acl BAD - command unknown or arguments invalid
Result: OK - setacl completed NO - setacl failure: can't set acl BAD - command unknown or arguments invalid
The SETACL command changes the access control list on the specified object so that the specified identifier is granted the permissions enumerated in rights. If the object did not previously have an access control list, one is created.
SETACL命令更改指定对象上的访问控制列表,以便向指定标识符授予权限中枚举的权限。如果对象以前没有访问控制列表,则会创建一个。
Example: C: A123 SETACL ("/addressbook/~/public/") "anyone" "r" S: A123 OK "Setacl complete" C: A124 SETACL ("/folder/site/") "B1FF" "rwa" S: A124 NO (PERMISSION ("/folder/site/")) "'B1FF' not permitted to modify access rights for '/folder/site/'"
Example: C: A123 SETACL ("/addressbook/~/public/") "anyone" "r" S: A123 OK "Setacl complete" C: A124 SETACL ("/folder/site/") "B1FF" "rwa" S: A124 NO (PERMISSION ("/folder/site/")) "'B1FF' not permitted to modify access rights for '/folder/site/'"
Arguments: acl object optional authentication identifier
参数:acl对象可选身份验证标识符
Data: no specific data for this command
数据:此命令没有特定数据
Result: OK - deleteacl completed NO - deleteacl failure: can't delete acl BAD - command unknown or arguments invalid
Result: OK - deleteacl completed NO - deleteacl failure: can't delete acl BAD - command unknown or arguments invalid
If given the optional identifier argument, the DELETEACL command removes any portion of the access control list on the specified object for the specified identifier.
如果给定可选标识符参数,DELETEACL命令将删除指定标识符的指定对象上访问控制列表的任何部分。
If not given the optional identifier argument, the DELETEACL command removes the ACL from the object entirely, causing access to be controlled by a higher-level default ACL. This form of the DELETEACL command is not permitted on the default ACL for a dataset and servers MUST return a BAD.
如果未提供可选标识符参数,DELETEACL命令将从对象中完全删除ACL,从而导致访问由更高级别的默认ACL控制。数据集的默认ACL上不允许使用这种形式的DELETEACL命令,服务器必须返回错误的。
Example: C: A223 DELETEACL ("/addressbook/~/public") "anyone" S: A223 OK "Deleteacl complete" C: A224 DELETEACL ("/folder/site") S: A224 BAD "Can't delete ACL from dataset" C: A225 DELETEACL ("/addressbook/user/fred" "addressbook.Email" "barney") S: A225 OK "Deleteacl complete"
Example: C: A223 DELETEACL ("/addressbook/~/public") "anyone" S: A223 OK "Deleteacl complete" C: A224 DELETEACL ("/folder/site") S: A224 BAD "Can't delete ACL from dataset" C: A225 DELETEACL ("/addressbook/user/fred" "addressbook.Email" "barney") S: A225 OK "Deleteacl complete"
Arguments: acl object
参数:acl对象
Data: intermediate responses: MYRIGHTS
数据:中间反应:百万分之一
Result: OK - myrights completed NO - myrights failure: can't get rights BAD - command unknown or arguments invalid
Result: OK - myrights completed NO - myrights failure: can't get rights BAD - command unknown or arguments invalid
The MYRIGHTS command returns the set of rights that the client has to the given dataset or dataset attribute.
MYRIGHTS命令返回客户端对给定数据集或数据集属性拥有的一组权限。
Example: C: A003 MYRIGHTS ("/folder/site") S: A003 MYRIGHTS "r" S: A003 OK "Myrights complete"
Example: C: A003 MYRIGHTS ("/folder/site") S: A003 MYRIGHTS "r" S: A003 OK "Myrights complete"
Data: rights
数据:权利
The MYRIGHTS response occurs as a result of a MYRIGHTS command. The argument is the set of rights that the client has for the object referred to in the MYRIGHTS command.
MYRIGHTS响应是MYRIGHTS命令的结果。参数是客户端对MYRIGHTS命令中引用的对象拥有的一组权限。
Arguments: acl object authentication identifier
参数:acl对象身份验证标识符
Data: untagged responses: LISTRIGHTS
数据:未标记的响应:LISTRIGHTS
Result: OK - listrights completed NO - listrights failure: can't get rights list BAD - command unknown or arguments invalid
Result: OK - listrights completed NO - listrights failure: can't get rights list BAD - command unknown or arguments invalid
The LISTRIGHTS command takes an object and an identifier and returns information about what rights the current user may revoke or grant to that identifier in the ACL for that object.
LISTRIGHTS命令获取一个对象和一个标识符,并返回有关当前用户可以在该对象的ACL中撤销或授予该标识符哪些权限的信息。
Example: C: a001 LISTRIGHTS ("/folder/~/") "smith" S: a001 LISTRIGHTS "xra" "w" "i" S: a001 OK Listrights completed C: a005 LISTRIGHTS ("/folder/site/archive/imap") "anyone" S: a005 LISTRIGHTS "" "x" "r" "w" "i" S: a005 OK Listrights completed
Example: C: a001 LISTRIGHTS ("/folder/~/") "smith" S: a001 LISTRIGHTS "xra" "w" "i" S: a001 OK Listrights completed C: a005 LISTRIGHTS ("/folder/site/archive/imap") "anyone" S: a005 LISTRIGHTS "" "x" "r" "w" "i" S: a005 OK Listrights completed
Data: required rights list of optional rights
数据:可选权限的必需权限列表
The LISTRIGHTS response occurs as a result of a LISTRIGHTS command. The first argument is a string containing the (possibly empty) set of rights the identifier will always be granted on the dataset or attribute.
LISTRIGHTS响应是LISTRIGHTS命令的结果。第一个参数是一个字符串,其中包含一组权限(可能为空),标识符将始终被授予数据集或属性。
Following this are zero or more strings each containing a single right which the current user may revoke or grant to the identifier in the dataset or attribute.
接下来是零个或多个字符串,每个字符串都包含一个权限,当前用户可以撤销或授予数据集或属性中的标识符。
The same right MUST NOT be listed more than once in the LISTRIGHTS response.
同一权利在LISTRIGHTS响应中不得列出多次。
The section defines the commands and responses relating to quotas.
本节定义了与配额相关的命令和响应。
Arguments: dataset
参数:数据集
Data: untagged responses: QUOTA
数据:未标记的响应:配额
Result: OK - Quota information returned NO - Quota failure: can't access resource limit no resource limit BAD - command unknown or arguments invalid
结果:确定-配额信息返回无-配额失败:无法访问资源限制无资源限制错误-命令未知或参数无效
The GETQUOTA command takes the name of a dataset, and returns in an untagged QUOTA response the name of the dataset, quota limit in bytes that applies to that dataset and the quota usage within that limit. The scope of a quota limit is implementation dependent.
GETQUOTA命令获取数据集的名称,并在未标记配额响应中返回数据集的名称、应用于该数据集的配额限制(以字节为单位)以及该限制内的配额使用情况。配额限制的范围取决于实现。
Example: C: A043 GETQUOTA "/option/user/fred/common" S: * QUOTA "/option/user/fred/common" 1048576 2475 S: A043 OK "Getquota completed"
Example: C: A043 GETQUOTA "/option/user/fred/common" S: * QUOTA "/option/user/fred/common" 1048576 2475 S: A043 OK "Getquota completed"
Data: dataset quota limit in bytes amount of quota limit used extension data
数据:数据集配额限制(以字节为单位)使用的配额限制量扩展数据
The QUOTA untagged response is generated as a result of a GETQUOTA command or MAY be generated by the server in response to a SEARCH or STORE command to warn about high usage of a quota. It includes the name of the applicable dataset, the quota limit in bytes, the quota usage and some optional extension data. Clients MUST tolerate the extension data as its use is reserved for a future extension.
配额未标记响应是由GETQUOTA命令生成的,也可以由服务器生成,以响应搜索或存储命令,以警告配额的高使用率。它包括适用数据集的名称、以字节为单位的配额限制、配额使用情况和一些可选的扩展数据。客户端必须容忍扩展数据,因为它的使用是为将来的扩展保留的。
In order to simplify the process of extending the protocol, clients MUST tolerate unknown server responses which meet the syntax of response-extend. In addition, clients MUST tolerate unknown server response codes which meet the syntax of resp-code-ext. Availability of new commands MUST be announced via a capability on the initial greeting line and such commands SHOULD meet the syntax of command-extend.
为了简化扩展协议的过程,客户端必须容忍满足response extend语法的未知服务器响应。此外,客户端必须容忍满足resp-code-ext语法的未知服务器响应代码。必须通过初始问候语上的功能宣布新命令的可用性,并且此类命令应符合命令扩展的语法。
Servers MUST respond to unknown commands with a BAD command completion result. Servers MUST skip over non-synchronizing literals contained in an unknown command. This may be done by assuming the unknown command matches the command-extend syntax, or by reading a line at a time and checking for the non-synchronizing literal syntax at the end of the line.
服务器必须以错误的命令完成结果响应未知命令。服务器必须跳过未知命令中包含的非同步文本。这可以通过假设未知命令与命令扩展语法匹配来实现,也可以通过每次读取一行并在该行末尾检查非同步文字语法来实现。
ACAP's usefulness comes from providing a structured storage model for all sorts of configuration data. However, for its potential to be achieved, it is important that the Internet community strives for the following goals:
ACAP的有用性来自于为各种配置数据提供结构化存储模型。然而,为了实现其潜力,互联网社区必须努力实现以下目标:
(1) Standardization. It is very important to standardize dataset classes. The authors hope that ACAP achieves the success that SNMP has seen with the definition of numerous standards track MIBs.
(1) 标准化。标准化数据集类非常重要。作者希望ACAP能够取得SNMP在定义众多标准跟踪MIB方面所取得的成功。
(2) Community Review. In the absence of standardization, it is important to get community review on a proposal to improve its engineering quality. Community review is strongly recommended prior to registration. The ACAP implementors mailing list <ietf-acap@andrew.cmu.edu> should be used for this purpose.
(2) 社区审查。在缺乏标准化的情况下,重要的是让社区对提案进行审查,以提高其工程质量。强烈建议在注册前进行社区审查。ACAP实施者邮件列表<ietf-acap@andrew.cmu.edu>应用于此目的。
(3) Registration. Registration serves a two-fold purpose. First it prevents use of the same name for different purposes, and second it provides a one-stop list which can be used to locate existing extensions or dataset classes to prevent duplicate work.
(3) 登记注册有两个目的。首先,它防止为不同目的使用相同的名称,其次,它提供一个一站式列表,可用于定位现有扩展或数据集类,以防止重复工作。
The following registration templates may be used to register ACAP protocol elements with the Internet Assigned Numbers Authority (IANA).
以下注册模板可用于向互联网分配号码管理局(IANA)注册ACAP协议元素。
New ACAP capabilities MUST be registered prior to use. Careful consideration should be made before extending the protocol, as it can lead to complexity or interoperability problems. Review of proposals on the acap implementors mailing list is strongly encouraged prior to registration.
新的ACAP功能必须在使用前注册。在扩展协议之前应仔细考虑,因为它可能导致复杂性或互操作性问题。强烈鼓励在注册前审查acap实施者邮件列表上的提案。
To: iana@iana.org Subject: Registration of ACAP capability
致:iana@iana.org主题:ACAP能力的注册
Capability name:
功能名称:
Capability keyword:
能力关键字:
Capability arguments:
功能参数:
Published Specification(s):
已发布的规范:
(Optional, but strongly encouraged)
(可选,但强烈鼓励)
Person and email address to contact for further information:
联系人和电子邮件地址,以获取更多信息:
ACAP response codes are registered on a first come, first served basis. Review of proposals on the acap implementors mailing list is strongly encouraged prior to registration.
ACAP响应代码以先到先得的方式注册。强烈鼓励在注册前审查acap实施者邮件列表上的提案。
To: iana@iana.org Subject: Registration of ACAP response code
致:iana@iana.org主题:注册ACAP响应代码
Response Code:
响应代码:
Arguments (use ABNF to specify syntax):
参数(使用ABNF指定语法):
Purpose:
目的:
Published Specification(s):
已发布的规范:
(Optional, but strongly encouraged)
(可选,但强烈鼓励)
Person and email address to contact for further information:
联系人和电子邮件地址,以获取更多信息:
A dataset class provides a core set of attributes for use in a specified hierarchy. It may also define rules for the dataset hierarchy underneath that class. Dataset class specifications must be standards track or IESG approved experimental RFCs.
dataset类提供一组核心属性,用于指定的层次结构。它还可以为该类下的数据集层次结构定义规则。数据集类规范必须是标准跟踪或IESG批准的实验RFC。
To: iana@iana.org Subject: Registration of ACAP dataset class
致:iana@iana.org主题:注册ACAP数据集类
Dataset class name/attribute prefix:
数据集类名/属性前缀:
Purpose:
目的:
Published Specification(s):
已发布的规范:
(Standards track or IESG approved experimental RFC)
(标准轨道或IESG批准的实验RFC)
Person and email address to contact for further information:
联系人和电子邮件地址,以获取更多信息:
Vendors may reserve a portion of the ACAP namespace for private use. Dataset class names beginning with "vendor.<company/product name>." are reserved for use by that company or product. In addition, all attribute names beginning with "vendor.<company/product name>." are reserved for use by that company or product once registered. Registration is on a first come, first served basis. Whenever possible, private attributes and dataset classes should be avoided in favor of improving interoperable dataset class definitions.
供应商可以保留部分ACAP命名空间供私人使用。以“vendor.<company/product name>”开头的数据集类名保留供该公司或产品使用。此外,以“vendor.<company/product name>”开头的所有属性名称在注册后保留供该公司或产品使用。报名以先到先得方式进行。尽可能避免使用私有属性和数据集类,以改进可互操作的数据集类定义。
To: iana@iana.org Subject: Registration of ACAP vendor subtree
致:iana@iana.org主题:注册ACAP供应商子树
Private Prefix: vendor.<company/product name>.
专用前缀:供应商。<company/product name>。
Person and email address to contact for further information:
联系人和电子邮件地址,以获取更多信息:
(company names and addresses should be included when appropriate)
(适当时应包括公司名称和地址)
The following syntax specification uses the augmented Backus-Naur Form (BNF) notation as specified in [ABNF]. This uses the ABNF core rules as specified in Appendix A of the ABNF specification [ABNF].
以下语法规范使用[ABNF]中指定的增广巴科斯诺尔形式(BNF)表示法。这使用ABNF规范[ABNF]附录A中规定的ABNF核心规则。
Except as noted otherwise, all alphabetic characters are case-insensitive. The use of upper or lower case characters to define token strings is for editorial clarity only. Implementations MUST accept these strings in a case-insensitive fashion.
除非另有说明,否则所有字母字符都不区分大小写。使用大写或小写字符定义标记字符串仅为编辑目的。实现必须以不区分大小写的方式接受这些字符串。
The "initial-greeting" rule below defines the initial ACAP greeting from the server. The "command" rule below defines the syntax for commands sent by the client. The "response" rule below defines the syntax for responses sent by the server.
下面的“初始问候语”规则定义了来自服务器的初始ACAP问候语。下面的“命令”规则定义了客户端发送的命令的语法。下面的“响应”规则定义了服务器发送的响应的语法。
ATOM-CHAR = "!" / %x23-27 / %x2A-5B / %x5D-7A / %x7C-7E ;; Any CHAR except ATOM-SPECIALS
ATOM-CHAR = "!" / %x23-27 / %x2A-5B / %x5D-7A / %x7C-7E ;; Any CHAR except ATOM-SPECIALS
ATOM-SPECIALS = "(" / ")" / "{" / SP / CTL / QUOTED-SPECIALS
ATOM-SPECIALS = "(" / ")" / "{" / SP / CTL / QUOTED-SPECIALS
CHAR = %x01-7F
CHAR = %x01-7F
DIGIT-NZ = %x31-39 ; non-zero digits ("1" - "9")
DIGIT-NZ = %x31-39 ; non-zero digits ("1" - "9")
QUOTED-CHAR = SAFE-UTF8-CHAR / "\" QUOTED-SPECIALS
QUOTED-CHAR=SAFE-UTF8-CHAR/“\”QUOTED-SPECIALS
QUOTED-SPECIALS = <"> / "\"
QUOTED-SPECIALS = <"> / "\"
SAFE-CHAR = %x01-09 / %x0B-0C / %x0E-21 / %x23-5B / %x5D-7F ;; any TEXT-CHAR except QUOTED-SPECIALS
SAFE-CHAR = %x01-09 / %x0B-0C / %x0E-21 / %x23-5B / %x5D-7F ;; any TEXT-CHAR except QUOTED-SPECIALS
SAFE-UTF8-CHAR = SAFE-CHAR / UTF8-2 / UTF8-3 / UTF8-4 / UTF8-5 / UTF8-6
SAFE-UTF8-CHAR = SAFE-CHAR / UTF8-2 / UTF8-3 / UTF8-4 / UTF8-5 / UTF8-6
TAG-CHAR = %x21 / %x23-27 / %x2C-5B / %x5D-7A / %x7C-7E ;; Any ATOM-CHAR except "*" or "+"
TAG-CHAR = %x21 / %x23-27 / %x2C-5B / %x5D-7A / %x7C-7E ;; Any ATOM-CHAR except "*" or "+"
TEXT-CHAR = %x01-09 / %x0B-0C / %x0E-7F ;; any CHAR except CR and LF
TEXT-CHAR = %x01-09 / %x0B-0C / %x0E-7F ;; any CHAR except CR and LF
TEXT-UTF8-CHAR = SAFE-UTF8-CHAR / QUOTED-SPECIALS
TEXT-UTF8-CHAR = SAFE-UTF8-CHAR / QUOTED-SPECIALS
UTF8-1 = %x80-BF
UTF8-1 = %x80-BF
UTF8-2 = %xC0-DF UTF8-1
UTF8-2 = %xC0-DF UTF8-1
UTF8-3 = %xE0-EF 2UTF8-1
UTF8-3 = %xE0-EF 2UTF8-1
UTF8-4 = %xF0-F7 3UTF8-1
UTF8-4 = %xF0-F7 3UTF8-1
UTF8-5 = %xF8-FB 4UTF8-1
UTF8-5 = %xF8-FB 4UTF8-1
UTF8-6 = %xFC-FD 5UTF8-1
UTF8-6 = %xFC-FD 5UTF8-1
UTF8-CHAR = TEXT-UTF8-CHAR / CR / LF
UTF8-CHAR = TEXT-UTF8-CHAR / CR / LF
acl = "(" [acl-identrights *(SP acl-identrights)] ")" *(SPACE acl-identrights)] ")"
acl = "(" [acl-identrights *(SP acl-identrights)] ")" *(SPACE acl-identrights)] ")"
acl-identifier = string-utf8 ;; MUST NOT contain HTAB
acl标识符=string-utf8;;不得包含HTAB
acl-identrights = string-utf8 ;; The identifier followed by a HTAB, ;; followed by the rights.
acl identrights=string-utf8;;标识符后跟一个HTAB;;其次是权利。
acl-delobject = "(" dataset SP attribute [SP entry-name] ")"
acl delobject=“(“数据集SP属性[SP条目名称]”)
acl-object = "(" dataset [SP attribute [SP entry-name]] ")"
acl object=“(“数据集[SP属性[SP条目名称]]”)
acl-rights = quoted
acl-rights = quoted
atom = ALPHA *1023ATOM-CHAR
原子=α*1023ATOM-CHAR
attribute = string-utf8 ;; dot-separated attribute name ;; MUST NOT contain "*" or "%"
attribute = string-utf8 ;; dot-separated attribute name ;; MUST NOT contain "*" or "%"
attribute-store = attribute SP (value-nildef / "(" 1*(metadata-write-q SP value-store) ")") ;; MUST NOT include the same metadata twice
attribute-store = attribute SP (value-nildef / "(" 1*(metadata-write-q SP value-store) ")") ;; MUST NOT include the same metadata twice
auth-type = <"> auth-type-name <">
auth-type = <"> auth-type-name <">
auth-type-name = iana-token ;; as defined in SASL [SASL]
身份验证类型名称=iana令牌;;根据SASL[SASL]中的定义
command = tag SP (command-any / command-auth / command-nonauth) CRLF ;; Modal based on state
command = tag SP (command-any / command-auth / command-nonauth) CRLF ;; Modal based on state
command-authent = "AUTHENTICATE" SP auth-type [SP string] *(CRLF string)
command authent=“AUTHENTICATE”SP身份验证类型[SP字符串]*(CRLF字符串)
command-any = "NOOP" / command-lang / "LOGOUT" / command-extend
command-any = "NOOP" / command-lang / "LOGOUT" / command-extend
command-auth = command-delacl / command-dsince / command-freectx / command-getquota / command-lrights / command-myrights / command-search / command-setacl / command-store ;; only valid in authenticated state
command-auth = command-delacl / command-dsince / command-freectx / command-getquota / command-lrights / command-myrights / command-search / command-setacl / command-store ;; only valid in authenticated state
command-delacl = "DELETEACL" SP acl-delobject [SP acl-identifier]
命令delacl=“DELETEACL”SP acl delobject[SP acl identifier]
command-dsince = "DELETEDSINCE" SP dataset SP time
命令dsince=“DELETEDSINCE”SP数据集SP时间
command-extend = extend-token [SP extension-data]
命令扩展=扩展令牌[SP扩展数据]
command-freectx = "FREECONTEXT" SP context
命令freectx=“FREECONTEXT”SP context
command-getquota = "GETQUOTA" SP dataset
命令getquota=“getquota”SP数据集
command-lang = "LANG" *(SP lang-tag)
命令lang=“lang”*(SP lang标记)
command-lrights = "LISTRIGHTS" SP acl-object
命令lrights=“LISTRIGHTS”SP acl对象
command-myrights = "MYRIGHTS" SP acl-object
命令myrights=“myrights”SP acl对象
command-nonauth = command-authent ;; only valid in non-authenticated state
命令非授权=命令授权;;仅在未验证状态下有效
command-search = "SEARCH" SP (dataset / context) *(SP search-modifier) SP search-criteria ;; MUST NOT include same search-modifier twice
command-search = "SEARCH" SP (dataset / context) *(SP search-modifier) SP search-criteria ;; MUST NOT include same search-modifier twice
command-setacl = "SETACL" SP acl-object SP acl-identifier SP acl-rights
命令setacl=“setacl”SP acl对象SP acl标识符SP acl权限
command-store = "STORE" SP store-entry-list
命令store=“store”SP存储条目列表
comparator = <"> comparator-name <">
comparator = <"> comparator-name <">
comparator-name = ["+" / "-"] iana-token
comparator-name = ["+" / "-"] iana-token
context = string-utf8 ;; MUST NOT begin with slash ("/")
context = string-utf8 ;; MUST NOT begin with slash ("/")
dataset = string-utf8 ;; slash-separated dataset name ;; begins with slash
dataset = string-utf8 ;; slash-separated dataset name ;; begins with slash
entry = entry-name / entry-path
entry = entry-name / entry-path
entry-name = string-utf8 ;; entry name MUST NOT contain slash ;; MUST NOT begin with "."
entry-name = string-utf8 ;; entry name MUST NOT contain slash ;; MUST NOT begin with "."
entry-path = string-utf8 ;; slash-separated path to entry ;; begins with slash
entry-path = string-utf8 ;; slash-separated path to entry ;; begins with slash
entry-relative = string-utf8 ;; potentially relative path to entry
条目相对=字符串-utf8;;潜在相对进入路径
extend-token = atom ;; MUST be defined by a standards track or ;; IESG approved experimental protocol extension
extend-token = atom ;; MUST be defined by a standards track or ;; IESG approved experimental protocol extension
extension-data = extension-item *(SP extension-item)
扩展数据=扩展项*(SP扩展项)
extension-item = extend-token / string / number / "(" [extension-data] ")"
extension-item = extend-token / string / number / "(" [extension-data] ")"
iana-token = atom ;; MUST be registered with IANA
iana令牌=原子;;必须在IANA注册
initial-greeting = "*" SP "ACAP" *(SP "(" init-capability ")") CRLF
initial-greeting = "*" SP "ACAP" *(SP "(" init-capability ")") CRLF
init-capability = init-cap-context / init-cap-extend / init-cap-implem / init-cap-sasl
init-capability = init-cap-context / init-cap-extend / init-cap-implem / init-cap-sasl
init-cap-context = "CONTEXTLIMIT" SP string
init cap context=“CONTEXTLIMIT”SP字符串
init-cap-extend = iana-token [SP string-list]
init cap extend=iana令牌[SP字符串列表]
init-cap-implem = "IMPLEMENTATION" SP string
init cap implem=“实现”SP字符串
init-cap-sasl = "SASL" SP string-list
init cap sasl=“sasl”SP字符串列表
lang-tag = <"> Language-Tag <"> ;; Language-Tag rule is defined in [LANG-TAGS]
lang-tag = <"> Language-Tag <"> ;; Language-Tag rule is defined in [LANG-TAGS]
literal = "{" number [ "+" ] "}" CRLF *OCTET ;; The number represents the number of octets ;; MUST be literal-utf8 except for values
literal = "{" number [ "+" ] "}" CRLF *OCTET ;; The number represents the number of octets ;; MUST be literal-utf8 except for values
literal-utf8 = "{" number [ "+" ] "}" CRLF *UTF8-CHAR ;; The number represents the number of octets ;; not the number of characters
literal-utf8 = "{" number [ "+" ] "}" CRLF *UTF8-CHAR ;; The number represents the number of octets ;; not the number of characters
metadata = attribute [ "(" metadata-type-list ")" ] ;; attribute MAY end in "*" as wildcard.
元数据=属性[“(“元数据类型列表”)”];;属性可以以“*”结尾作为通配符。
metadata-list = metadata *(SP metadata)
元数据列表=元数据*(SP元数据)
metadata-type = "attribute" / "myrights" / "size" / "count" / metadata-write
metadata-type = "attribute" / "myrights" / "size" / "count" / metadata-write
metadata-type-q = <"> metadata-type <">
metadata-type-q = <"> metadata-type <">
metadata-type-list = metadata-type-q *(SP metadata-type-q)
元数据类型列表=metadata-type-q*(SP metadata-type-q)
metadata-write = "value" / "acl"
metadata-write = "value" / "acl"
metadata-write-q = <"> metadata-write <">
metadata-write-q = <"> metadata-write <">
nil = "NIL"
nil = "NIL"
number = *DIGIT ;; A 32-bit unsigned number. ;; (0 <= n < 4,294,967,296)
number = *DIGIT ;; A 32-bit unsigned number. ;; (0 <= n < 4,294,967,296)
nz-number = DIGIT-NZ *DIGIT ;; A 32-bit unsigned non-zero number. ;; (0 < n < 4,294,967,296)
nz-number = DIGIT-NZ *DIGIT ;; A 32-bit unsigned non-zero number. ;; (0 < n < 4,294,967,296)
position = number ;; "0" if context is not enumerated ;; otherwise this is non-zero
position = number ;; "0" if context is not enumerated ;; otherwise this is non-zero
quota-limit = number
quota-limit = number
quota-usage = number
quota-usage = number
quoted = <"> *QUOTED-CHAR <"> ;; limited to 1024 octets between the <">s
quoted = <"> *QUOTED-CHAR <"> ;; limited to 1024 octets between the <">s
response = response-addto / response-alert / response-bye / response-change / response-cont / response-deleted / response-done / response-entry / response-extend / response-listr / response-lang / response-mtimei / response-mtimeu / response-myright / response-quota / response-refer / response-remove / response-stat
response = response-addto / response-alert / response-bye / response-change / response-cont / response-deleted / response-done / response-entry / response-extend / response-listr / response-lang / response-mtimei / response-mtimeu / response-myright / response-quota / response-refer / response-remove / response-stat
response-addto = "*" SP "ADDTO" SP context SP entry-name SP position SP return-data-list
response addto=“*”SP“addto”SP上下文SP条目名称SP位置SP返回数据列表
response-alert = "*" SP "ALERT" SP resp-body CRLF ;; Client MUST display alert text to user
response-alert = "*" SP "ALERT" SP resp-body CRLF ;; Client MUST display alert text to user
response-bye = "*" SP "BYE" SP resp-body CRLF ;; Server will disconnect condition
response-bye = "*" SP "BYE" SP resp-body CRLF ;; Server will disconnect condition
response-change = "*" SP "CHANGE" SP context SP entry-name SP position SP position SP return-data-list
响应更改=“*”SP“更改”SP上下文SP条目名称SP位置SP位置SP返回数据列表
response-cont = "+" SP string
response cont=“+”SP字符串
response-deleted = tag SP "DELETED" SP entry-name
响应已删除=标记SP“已删除”SP条目名称
response-done = tag SP resp-cond-state CRLF
response-done = tag SP resp-cond-state CRLF
response-entry = tag SP "ENTRY" SP entry SP return-data-list
响应条目=标记SP“条目”SP条目SP返回数据列表
response-extend = (tag / "*") SP extend-token [SP extension-data]
response-extend = (tag / "*") SP extend-token [SP extension-data]
response-lang = "*" SP "LANG" SP lang-tag 1*(SP comparator)
response-lang = "*" SP "LANG" SP lang-tag 1*(SP comparator)
response-listr = tag SP "LISTRIGHTS" SP acl-rights *(SP acl-rights)
响应列表=标记SP“LISTRIGHTS”SP acl权限*(SP acl权限)
response-mtimei = tag SP "MODTIME" SP time
响应mtimei=标记SP“MODTIME”SP时间
response-mtimeu = "*" SP "MODTIME" SP context SP time
响应mtimeu=“*”SP“MODTIME”SP上下文SP时间
response-myright = tag SP "MYRIGHTS" SP acl-rights
response myright=标记SP“MYRIGHTS”SP acl权限
response-quota = "*" SP "QUOTA" SP dataset SP quota-limit SP quota-usage [SP extension-data]
response quota=“*”SP“quota”SP数据集SP quota limit SP quota usage[SP扩展数据]
response-refer = tag SP "REFER" SP dataset 1*(SP <"> url-relative <">)
response-refer = tag SP "REFER" SP dataset 1*(SP <"> url-relative <">)
response-remove = "*" SP "REMOVEFROM" SP context SP entry-name SP position
response remove=“*”SP“REMOVEFROM”SP上下文SP条目名称SP位置
response-stat = "*" SP resp-cond-state CRLF
response stat=“*”SP响应状态CRLF
resp-body = ["(" resp-code ")" SP] quoted
resp-body = ["(" resp-code ")" SP] quoted
resp-code = "AUTH-TOO-WEAK" / "ENCRYPT-NEEDED" / resp-code-inval / resp-code-mod / resp-code-noexist / resp-code-perm / "QUOTA" / resp-code-refer / resp-code-sasl / resp-code-toomany / "TOOOLD" / "TRANSITION-NEEDED" / "TRYFREECONTEXT" / "TRYLATER" / "WAYTOOMANY" / resp-code-ext
resp-code = "AUTH-TOO-WEAK" / "ENCRYPT-NEEDED" / resp-code-inval / resp-code-mod / resp-code-noexist / resp-code-perm / "QUOTA" / resp-code-refer / resp-code-sasl / resp-code-toomany / "TOOOLD" / "TRANSITION-NEEDED" / "TRYFREECONTEXT" / "TRYLATER" / "WAYTOOMANY" / resp-code-ext
resp-code-ext = iana-token [SP extension-data] ;; unknown codes MUST be tolerated by the client
resp code ext=iana令牌[SP扩展数据];;客户必须容忍未知代码
resp-code-inval = "INVALID" 1*(SP entry-path SP attribute)
resp code inval=“INVALID”1*(SP条目路径SP属性)
resp-code-mod = "MODIFIED" SP entry-path
resp code mod=“已修改”SP条目路径
resp-code-noexist = "NOEXIST" SP dataset
响应代码noexist=“noexist”SP数据集
resp-code-perm = "PERMISSION" SP acl-object
resp code perm=“PERMISSION”SP acl对象
resp-code-refer = "REFER" 1*(SP <"> url-relative <">)
resp-code-refer = "REFER" 1*(SP <"> url-relative <">)
resp-code-sasl = "SASL" SP string
响应代码sasl=“sasl”SP字符串
resp-code-toomany = "TOOMANY" SP nz-number
响应代码toomany=“toomany”SP nz编号
resp-cond-state = ("OK" / "NO" / "BAD") SP resp-body ;; Status condition
resp-cond-state = ("OK" / "NO" / "BAD") SP resp-body ;; Status condition
return-attr-list = "(" return-metalist *(SP return-metalist) ")" ;; occurs when "*" in RETURN pattern on SEARCH
return-attr-list = "(" return-metalist *(SP return-metalist) ")" ;; occurs when "*" in RETURN pattern on SEARCH
return-data = return-metadata / return-metalist / return-attr-list
返回数据=返回元数据/返回金属列表/返回属性列表
return-data-list = return-data *(SP return-data)
返回数据列表=返回数据*(SP返回数据)
return-metalist = "(" return-metadata *(SP return-metadata) ")" ;; occurs when multiple metadata items requested
return-metalist = "(" return-metadata *(SP return-metadata) ")" ;; occurs when multiple metadata items requested
return-metadata = nil / string / value-list / acl
return-metadata = nil / string / value-list / acl
searchkey-equal = "EQUAL" SP attribute SP comparator SP value-nil
searchkey equal=“equal”SP属性SP比较器SP值nil
searchkey-comp = "COMPARE" SP attribute SP comparator SP value
searchkey comp=“COMPARE”SP属性SP比较器SP值
searchkey-prefix = "PREFIX" SP attribute SP comparator SP value
searchkey prefix=“prefix”SP属性SP比较器SP值
searchkey-range = "RANGE" SP nz-number SP nz-number SP time
searchkey range=“range”SP nz编号SP nz编号SP时间
searchkey-strict = "COMPARESTRICT" SP attribute SP comparator SP value
searchkey strict=“COMPARESTRICT”SP属性SP比较器SP值
searchkey-substr = "SUBSTRING" SP attribute SP comparator SP value
searchkey substr=“SUBSTRING”SP属性SP比较器SP值
searchmod-depth = "DEPTH" SP number
searchmod depth=“depth”SP编号
searchmod-hard = "HARDLIMIT" SP nz-number
searchmod hard=“HARDLIMIT”SP nz编号
searchmod-limit = "LIMIT" SP number SP number
searchmod limit=“limit”SP编号SP编号
searchmod-make = "MAKECONTEXT" [SP "ENUMERATE"] [SP "NOTIFY"] SP context
searchmod make=“MAKECONTEXT”[SP“枚举”][SP“通知”]SP上下文
searchmod-ninh = "NOINHERIT"
searchmod-ninh = "NOINHERIT"
searchmod-return = "RETURN" SP "(" [metadata-list] ")"
searchmod return=“return”SP”(“[元数据列表]”)
searchmod-sort = "SORT" SP "(" sort-list ")"
searchmod sort=“sort”SP”(“排序列表”)
search-criteria = "ALL" / searchkey-equal / searchkey-comp / searchkey-strict / searchkey-range / searchkey-prefix / searchkey-substr / "NOT" SP search-criteria / "OR" SP search-criteria SP search-criteria / "AND" SP search-criteria SP search-criteria
search-criteria = "ALL" / searchkey-equal / searchkey-comp / searchkey-strict / searchkey-range / searchkey-prefix / searchkey-substr / "NOT" SP search-criteria / "OR" SP search-criteria SP search-criteria / "AND" SP search-criteria SP search-criteria
search-modifier = searchmod-depth / searchmod-hard / searchmod-limit / searchmod-make / searchmod-ninh / searchmod-return / searchmod-sort
search-modifier = searchmod-depth / searchmod-hard / searchmod-limit / searchmod-make / searchmod-ninh / searchmod-return / searchmod-sort
sort-list = sort-item *(SP sort-item)
排序列表=排序项*(SP排序项)
sort-item = attribute SP comparator
sort-item = attribute SP comparator
store-entry = "(" entry-path *(SP store-modifier) *(SP attribute-store) ")" ;; MUST NOT include same store-modifier twice ;; MUST NOT include same attribute twice
store-entry = "(" entry-path *(SP store-modifier) *(SP attribute-store) ")" ;; MUST NOT include same store-modifier twice ;; MUST NOT include same attribute twice
store-entry-list = store-entry *(SP store-entry) ;; MUST NOT include same entry twice
store-entry-list = store-entry *(SP store-entry) ;; MUST NOT include same entry twice
store-modifier = store-mod-unchang / store-mod-nocreate
store-modifier = store-mod-unchang / store-mod-nocreate
store-mod-nocreate = "NOCREATE"
store-mod-nocreate = "NOCREATE"
store-mod-unchang = "UNCHANGEDSINCE" SP time
存储mod unchange=“UNCHANGEDSINCE”SP时间
string = quoted / literal
string = quoted / literal
string-list = string *(SP string)
字符串列表=字符串*(SP字符串)
string-utf8 = quoted / literal-utf8
string-utf8 = quoted / literal-utf8
tag = 1*32TAG-CHAR
tag = 1*32TAG-CHAR
time = <"> time-year time-month time-day time-hour time-minute time-second time-subsecond <"> ;; Timestamp in UTC
time = <"> time-year time-month time-day time-hour time-minute time-second time-subsecond <"> ;; Timestamp in UTC
time-day = 2DIGIT ;; 01-31
time-day = 2DIGIT ;; 01-31
time-hour = 2DIGIT ;; 00-23
time-hour = 2DIGIT ;; 00-23
time-minute = 2DIGIT ;; 00-59
time-minute = 2DIGIT ;; 00-59
time-month = 2DIGIT ;; 01-12
time-month = 2DIGIT ;; 01-12
time-second = 2DIGIT ;; 00-60
time-second = 2DIGIT ;; 00-60
time-subsecond = *DIGIT
time-subsecond = *DIGIT
time-year = 4DIGIT
time-year = 4DIGIT
value = string
value = string
value-list = "(" [value *(SP value)] ")"
value-list = "(" [value *(SP value)] ")"
value-nil = value / nil
value-nil = value / nil
value-nildef = value-nil / "DEFAULT"
值nildef=值nil/“默认值”
value-store = value-nildef / value-list / acl
value-store = value-nildef / value-list / acl
url-acap = "acap://" url-server "/" url-enc-entry [url-filter] [url-extension] ;; url-enc-entry interpreted relative to "/"
url-acap = "acap://" url-server "/" url-enc-entry [url-filter] [url-extension] ;; url-enc-entry interpreted relative to "/"
url-attr-list = url-enc-attr *("&" url-enc-attr)
url属性列表=url enc attr*(“&”url enc attr)
url-auth = ";AUTH=" ("*" / url-enc-auth)
url-auth = ";AUTH=" ("*" / url-enc-auth)
url-achar = uchar / "&" / "=" / "~" ;; See RFC 1738 for definition of "uchar"
url-achar = uchar / "&" / "=" / "~" ;; See RFC 1738 for definition of "uchar"
url-char = uchar / "=" / "~" / ":" / "@" / "/" ;; See RFC 1738 for definition of "uchar"
url-char = uchar / "=" / "~" / ":" / "@" / "/" ;; See RFC 1738 for definition of "uchar"
url-enc-attr = 1*url-char ;; encoded version of attribute name
url-enc-attr = 1*url-char ;; encoded version of attribute name
url-enc-auth = 1*url-achar ;; encoded version of auth-type-name above
url-enc-auth = 1*url-achar ;; encoded version of auth-type-name above
url-enc-entry = 1*url-char ;; encoded version of entry-relative above
url-enc-entry = 1*url-char ;; encoded version of entry-relative above
url-enc-user = *url-achar ;; encoded version of login userid
url-enc-user = *url-achar ;; encoded version of login userid
url-extension = *("?" 1*url-char)
url-extension = *("?" 1*url-char)
url-filter = "?" url-attr-list
url筛选器=“?”url属性列表
url-relative = url-acap / [url-enc-entry] [url-filter] ;; url-enc-entry is relative to base URL
url-relative = url-acap / [url-enc-entry] [url-filter] ;; url-enc-entry is relative to base URL
url-server = [url-enc-user [url-auth] "@"] hostport ;; See RFC 1738 for definition of "hostport"
url-server = [url-enc-user [url-auth] "@"] hostport ;; See RFC 1738 for definition of "hostport"
The IAB charset workshop [IAB-CHARSET] came to a number of conclusions which influenced the design of ACAP. The decision to use UTF-8 as the character encoding scheme was based on that work. The LANG command to negotiate a language for error messages is also included.
IAB charset研讨会[IAB-charset]得出了许多影响ACAP设计的结论。决定使用UTF-8作为字符编码方案就是基于这项工作。还包括用于协商错误消息语言的LANG命令。
Section 3.4.5 of the IAB charset workshop report states that there should be a way to identify the natural language for human readable strings. Several promising proposals have been made for use within ACAP, but no clear consensus on a single method is apparent at this stage. The following rules are likely to permit the addition of multi-lingual support in the future:
IAB字符集研讨会报告第3.4.5节指出,应该有一种方法来识别人类可读字符串的自然语言。已经提出了一些有希望的建议,供ACAP使用,但在现阶段还没有就单一方法达成明确共识。以下规则可能允许将来添加多语言支持:
(1) A work in progress called Multi-Lingual String Format (MLSF) proposes a layer on top of UTF-8 which uses otherwise illegal UTF-8 sequences to store language tags. In order to permit its addition to a future version of this standard, client-side UTF-8 interpreters MUST be able to silently ignore illegal multi-byte UTF-8 characters, and treat illegal single-byte UTF-8 characters as end of string markers. Servers, for the time being, MUST be able to silently accept illegal UTF-8 characters, except in attribute names and entry names. Clients MUST NOT send illegal UTF-8 characters to the server unless a future standard changes this rule.
(1) 一项名为多语言字符串格式(MLSF)的正在进行的工作提出在UTF-8之上建立一个层,该层使用非法的UTF-8序列来存储语言标记。为了将其添加到本标准的未来版本中,客户端UTF-8解释器必须能够安静地忽略非法的多字节UTF-8字符,并将非法的单字节UTF-8字符视为字符串结束标记。目前,服务器必须能够静默地接受非法的UTF-8字符,属性名和条目名中的字符除外。除非未来的标准更改此规则,否则客户端不得向服务器发送非法UTF-8字符。
(2) There is a proposal to add language tags to Unicode. To support this, servers MUST be able to store UTF-8 characters of up to 20 bits of data.
(2) 有人建议在Unicode中添加语言标记。为了支持这一点,服务器必须能够存储多达20位数据的UTF-8字符。
(3) The metadata item "language" is reserved for future use.
(3) 元数据项“语言”保留供将来使用。
The AUTHENTICATE command uses SASL [SASL] to provide basic authentication, authorization, integrity and privacy services. This is described in section 6.3.1.
AUTHENTICATE命令使用SASL[SASL]提供基本的身份验证、授权、完整性和隐私服务。第6.3.1节对此进行了描述。
When the CRAM-MD5 mechanism is used, the security considerations for the CRAM-MD5 SASL mechanism [CRAM-MD5] apply. The CRAM-MD5 mechanism is also susceptible to passive dictionary attacks. This means that if an authentication session is recorded by a passive observer, that observer can try common passwords through the CRAM-MD5 mechanism and see if the results match. This attack is reduced by using hard to guess passwords. Sites are encouraged to educate users and have the password change service test candidate passwords against a dictionary. ACAP implementations of CRAM-MD5 SHOULD permit passwords of at least 64 characters in length.
当使用CRAM-MD5机制时,CRAM-MD5 SASL机制[CRAM-MD5]的安全注意事项适用。CRAM-MD5机制也容易受到被动字典攻击。这意味着,如果身份验证会话是由被动观察者记录的,则该观察者可以通过CRAM-MD5机制尝试公共密码,并查看结果是否匹配。使用难以猜测的密码可以减少这种攻击。鼓励网站教育用户,并让密码更改服务根据字典测试候选密码。CRAM-MD5的ACAP实现应允许密码长度至少为64个字符。
ACAP protocol transactions are susceptible to passive observers or man in the middle attacks which alter the data, unless the optional encryption and integrity services of the AUTHENTICATE command are enabled, or an external security mechanism is used for protection. It may be useful to allow configuration of both clients and servers to refuse to transfer sensitive information in the absence of strong encryption.
ACAP协议事务易受被动观察者或中间人攻击而改变数据,除非启用认证命令的可选加密和完整性服务,或者使用外部安全机制进行保护。允许客户端和服务器的配置在没有强加密的情况下拒绝传输敏感信息可能会很有用。
ACAP access control lists provide fine grained authorization for access to attributes. A number of related security issues are described in section 3.5.
ACAP访问控制列表为访问属性提供细粒度授权。第3.5节描述了一些相关的安全问题。
ACAP URLs have the same security considerations as IMAP URLs [IMAP-URL].
ACAP URL与IMAP URL[IMAP-URL]具有相同的安全注意事项。
ACAP clients are encouraged to consider the security problems involved with a lab computer situation. Specifically, a client cache of ACAP configuration information MUST NOT allow access by an unauthorized user. One way to assure this is for an ACAP client to be able to completely flush any non-public cached configuration data when a user leaves.
鼓励ACAP客户考虑实验室计算机状况所涉及的安全问题。具体而言,ACAP配置信息的客户端缓存不得允许未经授权的用户访问。确保这一点的一种方法是,ACAP客户端能够在用户离开时完全刷新任何非公共缓存的配置数据。
As laptop computers can be easily stolen and a cache of configuration data may contain sensitive information, a disconnected mode ACAP client may wish to encrypt and password protect cached configuration information.
由于笔记本电脑容易被盗,并且配置数据缓存可能包含敏感信息,因此断开连接模式ACAP客户端可能希望加密和密码保护缓存的配置信息。
Many thanks to the follow people who have contributed to ACAP over the past four years: Wallace Colyer, Mark Crispin, Jack DeWinter, Rob Earhart, Ned Freed, Randy Gellens, Terry Gray, J. S. Greenfield, Steve Dorner, Steve Hole, Steve Hubert, Dave Roberts, Bart Schaefer, Matt Wall and other participants of the IETF ACAP working group.
非常感谢在过去四年中为ACAP做出贡献的以下人员:华莱士·科利耶、马克·克里斯宾、杰克·德温特、罗布·埃尔哈特、内德·弗里德、兰迪·盖伦斯、特里·格雷、J.S.格林菲尔德、史蒂夫·多纳、史蒂夫·霍尔、史蒂夫·休伯特、戴夫·罗伯茨、巴特·谢弗、马特·沃尔以及IETF ACAP工作组的其他参与者。
Chris Newman Innosoft International, Inc. 1050 Lakes Drive West Covina, CA 91790 USA
Chris Newman Innosoft International,Inc.美国加利福尼亚州西科维纳湖大道1050号,邮编:91790
Email: chris.newman@innosoft.com
Email: chris.newman@innosoft.com
John Gardiner Myers Netscape Communications 501 East Middlefield Road Mail Stop MV-029 Mountain View, CA 94043
约翰·加德纳·迈尔斯网景通信公司501东米德菲尔德路邮递站MV-029加利福尼亚州山景城94043
Email: jgmyers@netscape.com
Email: jgmyers@netscape.com
Appendices
附录
A. References
A.参考资料
[ABNF] Crocker, Overell, "Augmented BNF for Syntax Specifications: ABNF", RFC 2234, Internet Mail Consortium, Demon Internet Ltd, November 1997.
[ABNF]Crocker,Overell,“语法规范的扩充BNF:ABNF”,RFC 2234,互联网邮件联盟,Demon互联网有限公司,1997年11月。
<ftp://ds.internic.net/rfc/rfc2234.txt>
<ftp://ds.internic.net/rfc/rfc2234.txt>
[BASIC-URL] Berners-Lee, Masinter, McCahill, "Uniform Resource Locators (URL)", RFC 1738, CERN, Xerox Coproration, University of Minnesota, December 1994.
Berners Lee,马辛特,麦卡希尔,“统一资源定位器(URL)”,RFC 1738,欧洲核子研究中心,施乐公司,明尼苏达大学,1994年12月。
<ftp://ds.internic.net/rfc/rfc1738.txt>
<ftp://ds.internic.net/rfc/rfc1738.txt>
[CHARSET-LANG-POLICY] Alvestrand, "IETF Policy on Character Sets and Languages", work in progress.
[CHARSET-LANG-POLICY]Alvestrand,“IETF字符集和语言政策”,正在进行中。
[CRAM-MD5] Klensin, Catoe, Krumviede, "IMAP/POP AUTHorize Extension for Simple Challenge/Response", RFC 2195, MCI, September 1997.
[CRAM-MD5]Klensin,Catoe,Krumviede,“简单质询/响应的IMAP/POP授权扩展”,RFC 2195,MCI,1997年9月。
<ftp://ds.internic.net/rfc/rfc2195.txt>
<ftp://ds.internic.net/rfc/rfc2195.txt>
[IAB-CHARSET] Weider, Preston, Simonsen, Alvestrand, Atkinson, Crispin, Svanberg, "The Report of the IAB Character Set Workshop held 29 February - 1 March, 1996", RFC 2130, April 1997.
[IAB-CHARSET]Weider、Preston、Simonsen、Alvestrand、Atkinson、Crispin、Svanberg,“1996年2月29日至3月1日举行的IAB字符集研讨会报告”,RFC 21301997年4月。
<ftp://ds.internic.net/rfc/rfc2130.txt>
<ftp://ds.internic.net/rfc/rfc2130.txt>
[IMAP4] Crispin, M., "Internet Message Access Protocol - Version 4rev1", RFC 2060, University of Washington, December 1996.
[IMAP4] Crispin,M,“互联网信息访问协议-版本4ReV1”,RFC 2060,华盛顿大学,1996年12月。
<ftp://ds.internic.net/rfc/rfc2060.txt>
<ftp://ds.internic.net/rfc/rfc2060.txt>
[IMAP-ACL] Myers, J., "IMAP4 ACL extension", RFC 2086, Carnegie Mellon, January 1997.
[IMAP-ACL]迈尔斯,J.,“IMAP4 ACL扩展”,RFC 2086,卡内基梅隆大学,1997年1月。
<ftp://ds.internic.net/rfc/rfc2086.txt>
<ftp://ds.internic.net/rfc/rfc2086.txt>
[IMAP-URL] Newman, "IMAP URL Scheme", RFC 2192, Innosoft, July 1997.
[IMAP-URL]纽曼,“IMAP URL方案”,RFC 2192,Innosoft,1997年7月。
<ftp://ds.internic.net/rfc/rfc2192.txt>
<ftp://ds.internic.net/rfc/rfc2192.txt>
[ISO-10646] ISO/IEC 10646-1:1993(E) "Information Technology-- Universal Multiple-octet Coded Character Set (UCS)." See also amendments 1 through 7, plus editorial corrections.
[ISO-10646]ISO/IEC 10646-1:1993(E)“信息技术——通用多八位编码字符集(UCS)”,另见修改件1至7以及编辑更正。
[ISO-C] "Programming languages -- C", ISO/IEC 9899:1990, International Organization for Standardization. This is effectively the same as ANSI C standard X3.159-1989.
[ISO-C]“编程语言——C”,ISO/IEC 9899:1990,国际标准化组织。这实际上与ANSI C标准X3.159-1989相同。
[KEYWORDS] Bradner, "Key words for use in RFCs to Indicate Requirement Levels", RFC 2119, Harvard University, March 1997.
[关键词]Bradner,“RFC中用于表示需求水平的关键词”,RFC 2119,哈佛大学,1997年3月。
<ftp://ds.internic.net/rfc/rfc2119.txt>
<ftp://ds.internic.net/rfc/rfc2119.txt>
[LANG-TAGS] Alvestrand, H., "Tags for the Identification of Languages", RFC 1766.
[LANG-TAGS]Alvestrand,H.,“识别语言的标签”,RFC 1766。
<ftp://ds.internic.net/rfc/rfc1766.txt>
<ftp://ds.internic.net/rfc/rfc1766.txt>
[REL-URL] Fielding, "Relative Uniform Resource Locators", RFC 1808, UC Irvine, June 1995.
[REL-URL]菲尔丁,“相对统一资源定位器”,RFC 1808,加州大学欧文分校,1995年6月。
<ftp://ds.internic.net/rfc/rfc1808.txt>
<ftp://ds.internic.net/rfc/rfc1808.txt>
[SASL] Myers, J., "Simple Authentication and Security Layer (SASL)", RFC 2222, Netscape Communications, October 1997.
[SASL]迈尔斯,J.,“简单认证和安全层(SASL)”,RFC2222,网景通信,1997年10月。
<ftp://ds.internic.net/rfc/rfc2222.txt>
<ftp://ds.internic.net/rfc/rfc2222.txt>
[SASL-ANON] Newman, C., "Anonymous SASL Mechanism", RFC 2245, November 1997.
[SASL-ANON]Newman,C.,“匿名SASL机制”,RFC 22451997年11月。
[UNICODE-2] The Unicode Consortium, "The Unicode Standard, Version 2.0", Addison-Wesley, 1996. ISBN 0-201-48345-9.
[UNICODE-2]UNICODE联盟,“UNICODE标准,版本2.0”,Addison-Wesley,1996年。ISBN 0-201-48345-9。
[US-ASCII] "USA Standard Code for Information Interchange," X3.4. American National Standards Institute: New York (1968).
[US-ASCII]“美国信息交换标准代码”,X3.4。美国国家标准协会:纽约(1968年)。
[UTF8] Yergeau, F. "UTF-8, a transformation format of Unicode and ISO 10646", RFC 2044, Alis Technologies, October 1996.
[UTF8]Yergeau,F.“UTF-8,Unicode和ISO10646的转换格式”,RFC 2044,Alis技术,1996年10月。
<ftp://ds.internic.net/rfc/rfc2044.txt>
<ftp://ds.internic.net/rfc/rfc2044.txt>
B. ACAP Keyword Index
B.ACAP关键字索引
ACAP (untagged response) ................................... 26 ADDTO (untagged response) .................................. 40 ALERT (untagged response) .................................. 31 ALL (search keyword) ....................................... 36 AND (search keyword) ....................................... 36 AUTH-TOO-WEAK (response code) .............................. 19 AUTHENTICATE (command) ..................................... 31 BAD (response) ............................................. 30 BYE (untagged response) .................................... 30 CHANGE (untagged response) ................................. 41 COMPARE (search keyword) ................................... 36 COMPARESTRICT (search keyword) ............................. 36 CONTEXTLIMIT (ACAP capability) ............................. 27 DELETEACL (command) ........................................ 46 DELETED (intermediate response) ............................ 45 DELETEDSINCE (command) ..................................... 45 DEPTH (search modifier) .................................... 34 ENCRYPT-NEEDED (response code) ............................. 19 ENTRY (intermediate response) .............................. 37 EQUAL (search keyword) ..................................... 37 FREECONTEXT (command) ...................................... 39 GETQUOTA (command) ......................................... 48 HARDLIMIT (search modifier) ................................ 34 IMPLEMENTATION (ACAP capability) ........................... 27 INVALID (response code) .................................... 19 LANG (command) ............................................. 28 LANG (intermediate response) ............................... 28 LIMIT (search modifier) .................................... 34 LISTRIGHTS (command) ....................................... 47 LISTRIGHTS (intermediate response) ......................... 48 LOGOUT (command) ........................................... 29 MAKECONTEXT (search modifier) .............................. 34 MODIFIED (response code) ................................... 19 MODTIME (intermediate response) ............................ 38 MODTIME (untagged response) ................................ 42 MYRIGHTS (command) ......................................... 47 MYRIGHTS (intermediate response) ........................... 47 NO (response) .............................................. 29 NOCREATE (store modifier) .................................. 44 NOEXIST (response code) .................................... 19 NOINHERIT (search modifier) ................................ 35 NOOP (command) ............................................. 27 NOT (search keyword) ....................................... 37 OK (response) .............................................. 29 OR (search keyword) ........................................ 37 PERMISSION (response code) ................................. 19
ACAP (untagged response) ................................... 26 ADDTO (untagged response) .................................. 40 ALERT (untagged response) .................................. 31 ALL (search keyword) ....................................... 36 AND (search keyword) ....................................... 36 AUTH-TOO-WEAK (response code) .............................. 19 AUTHENTICATE (command) ..................................... 31 BAD (response) ............................................. 30 BYE (untagged response) .................................... 30 CHANGE (untagged response) ................................. 41 COMPARE (search keyword) ................................... 36 COMPARESTRICT (search keyword) ............................. 36 CONTEXTLIMIT (ACAP capability) ............................. 27 DELETEACL (command) ........................................ 46 DELETED (intermediate response) ............................ 45 DELETEDSINCE (command) ..................................... 45 DEPTH (search modifier) .................................... 34 ENCRYPT-NEEDED (response code) ............................. 19 ENTRY (intermediate response) .............................. 37 EQUAL (search keyword) ..................................... 37 FREECONTEXT (command) ...................................... 39 GETQUOTA (command) ......................................... 48 HARDLIMIT (search modifier) ................................ 34 IMPLEMENTATION (ACAP capability) ........................... 27 INVALID (response code) .................................... 19 LANG (command) ............................................. 28 LANG (intermediate response) ............................... 28 LIMIT (search modifier) .................................... 34 LISTRIGHTS (command) ....................................... 47 LISTRIGHTS (intermediate response) ......................... 48 LOGOUT (command) ........................................... 29 MAKECONTEXT (search modifier) .............................. 34 MODIFIED (response code) ................................... 19 MODTIME (intermediate response) ............................ 38 MODTIME (untagged response) ................................ 42 MYRIGHTS (command) ......................................... 47 MYRIGHTS (intermediate response) ........................... 47 NO (response) .............................................. 29 NOCREATE (store modifier) .................................. 44 NOEXIST (response code) .................................... 19 NOINHERIT (search modifier) ................................ 35 NOOP (command) ............................................. 27 NOT (search keyword) ....................................... 37 OK (response) .............................................. 29 OR (search keyword) ........................................ 37 PERMISSION (response code) ................................. 19
PREFIX (search keyword) .................................... 37 QUOTA (response code) ...................................... 19 QUOTA (untagged response) .................................. 49 RANGE (search keyword) ..................................... 37 REFER (intermediate response) .............................. 38 REFER (response code) ...................................... 19 REMOVEFROM (untagged response) ............................. 41 RETURN (search modifier) ................................... 35 SASL (ACAP capability) ..................................... 27 SASL (response code) ....................................... 20 SEARCH (command) ........................................... 33 SETACL (command) ........................................... 46 SORT (search modifier) ..................................... 36 STORE (command) ............................................ 42 SUBSTRING (search keyword) ................................. 37 TOOMANY (response code) .................................... 20 TOOOLD (response code) ..................................... 20 TRANSITION-NEEDED (response code) .......................... 20 TRYFREECONTEXT (response code) ............................. 20 TRYLATER (response code) ................................... 20 UNCHANGEDSINCE (store modifier) ............................ 44 UPDATECONTEXT (command) .................................... 40 WAYTOOMANY (response code) ................................. 20 acl (attribute metadata) ................................... 12 anyone (ACL identifier) .................................... 17 attribute (attribute metadata) ............................. 12 dataset.acl (dataset attribute) ............................ 24 dataset.acl.<attribute> (dataset attribute) ................ 24 dataset.inherit (dataset attribute) ........................ 24 entry (predefined attribute) ............................... 11 i;ascii-casemap (comparator) ............................... 16 i;ascii-numeric (comparator) ............................... 16 i;octet (comparator) ....................................... 16 modtime (predefined attribute) ............................. 11 myrights (attribute metadata) .............................. 12 size (attribute metadata) .................................. 13 subdataset (predefined attribute) .......................... 11 value (attribute metadata) ................................. 13
PREFIX (search keyword) .................................... 37 QUOTA (response code) ...................................... 19 QUOTA (untagged response) .................................. 49 RANGE (search keyword) ..................................... 37 REFER (intermediate response) .............................. 38 REFER (response code) ...................................... 19 REMOVEFROM (untagged response) ............................. 41 RETURN (search modifier) ................................... 35 SASL (ACAP capability) ..................................... 27 SASL (response code) ....................................... 20 SEARCH (command) ........................................... 33 SETACL (command) ........................................... 46 SORT (search modifier) ..................................... 36 STORE (command) ............................................ 42 SUBSTRING (search keyword) ................................. 37 TOOMANY (response code) .................................... 20 TOOOLD (response code) ..................................... 20 TRANSITION-NEEDED (response code) .......................... 20 TRYFREECONTEXT (response code) ............................. 20 TRYLATER (response code) ................................... 20 UNCHANGEDSINCE (store modifier) ............................ 44 UPDATECONTEXT (command) .................................... 40 WAYTOOMANY (response code) ................................. 20 acl (attribute metadata) ................................... 12 anyone (ACL identifier) .................................... 17 attribute (attribute metadata) ............................. 12 dataset.acl (dataset attribute) ............................ 24 dataset.acl.<attribute> (dataset attribute) ................ 24 dataset.inherit (dataset attribute) ........................ 24 entry (predefined attribute) ............................... 11 i;ascii-casemap (comparator) ............................... 16 i;ascii-numeric (comparator) ............................... 16 i;octet (comparator) ....................................... 16 modtime (predefined attribute) ............................. 11 myrights (attribute metadata) .............................. 12 size (attribute metadata) .................................. 13 subdataset (predefined attribute) .......................... 11 value (attribute metadata) ................................. 13
C. Full Copyright Statement
C.完整的版权声明
Copyright (C) The Internet Society 1997. All Rights Reserved.
版权所有(C)互联网协会1997。版权所有。
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implmentation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。