Network Working Group                                   K. Zeilenga, Ed.
Request for Comments: 4510                           OpenLDAP Foundation
Obsoletes: 2251, 2252, 2253, 2254, 2255,                       June 2006
           2256, 2829, 2830, 3377, 3771
Category: Standards Track
        
Network Working Group                                   K. Zeilenga, Ed.
Request for Comments: 4510                           OpenLDAP Foundation
Obsoletes: 2251, 2252, 2253, 2254, 2255,                       June 2006
           2256, 2829, 2830, 3377, 3771
Category: Standards Track
        

Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map

轻量级目录访问协议(LDAP):技术规范路线图

Status of This Memo

关于下段备忘

This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.

本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。

Copyright Notice

版权公告

Copyright (C) The Internet Society (2006).

版权所有(C)互联网协会(2006年)。

Abstract

摘要

The Lightweight Directory Access Protocol (LDAP) is an Internet protocol for accessing distributed directory services that act in accordance with X.500 data and service models. This document provides a road map of the LDAP Technical Specification.

轻量级目录访问协议(LDAP)是一种Internet协议,用于访问根据X.500数据和服务模型运行的分布式目录服务。本文档提供了LDAP技术规范的路线图。

1. The LDAP Technical Specification
1. LDAP技术规范

The technical specification detailing version 3 of the Lightweight Directory Access Protocol (LDAP), an Internet Protocol, consists of this document and the following documents:

详细说明轻量级目录访问协议(LDAP)第3版(一种互联网协议)的技术规范由本文档和以下文档组成:

      LDAP: The Protocol [RFC4511]
      LDAP: Directory Information Models [RFC4512]
      LDAP: Authentication Methods and Security Mechanisms [RFC4513]
      LDAP: String Representation of Distinguished Names [RFC4514]
      LDAP: String Representation of Search Filters [RFC4515]
      LDAP: Uniform Resource Locator [RFC4516]
      LDAP: Syntaxes and Matching Rules [RFC4517]
      LDAP: Internationalized String Preparation [RFC4518]
      LDAP: Schema for User Applications [RFC4519]
        
      LDAP: The Protocol [RFC4511]
      LDAP: Directory Information Models [RFC4512]
      LDAP: Authentication Methods and Security Mechanisms [RFC4513]
      LDAP: String Representation of Distinguished Names [RFC4514]
      LDAP: String Representation of Search Filters [RFC4515]
      LDAP: Uniform Resource Locator [RFC4516]
      LDAP: Syntaxes and Matching Rules [RFC4517]
      LDAP: Internationalized String Preparation [RFC4518]
      LDAP: Schema for User Applications [RFC4519]
        

The terms "LDAP" and "LDAPv3" are commonly used to refer informally to the protocol specified by this technical specification. The LDAP suite, as defined here, should be formally identified in other documents by a normative reference to this document.

术语“LDAP”和“LDAPv3”通常用于非正式地指代本技术规范规定的协议。此处定义的LDAP套件应通过对本文档的规范性引用在其他文档中正式标识。

LDAP is an extensible protocol. Extensions to LDAP may be specified in other documents. Nomenclature denoting such combinations of LDAP-plus-extensions is not defined by this document but may be defined in some future document(s). Extensions are expected to be truly optional. Considerations for the LDAP extensions described in BCP 118, RFC 4521 [RFC4521] fully apply to this revision of the LDAP Technical Specification.

LDAP是一种可扩展的协议。LDAP的扩展可以在其他文档中指定。本文档未定义表示LDAP plus扩展组合的术语,但可能在未来的一些文档中定义。扩展应该是真正可选的。BCP 118、RFC 4521[RFC4521]中描述的LDAP扩展注意事项完全适用于本版本的LDAP技术规范。

IANA (Internet Assigned Numbers Authority) considerations for LDAP described in BCP 64, RFC 4520 [RFC4520] apply fully to this revision of the LDAP technical specification.

BCP 64、RFC 4520[RFC4520]中描述的LDAP IANA(互联网分配号码管理局)注意事项完全适用于本版本的LDAP技术规范。

1.1. Conventions
1.1. 习俗

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119].

本文件中的关键词“必须”、“不得”、“必需”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照BCP 14[RFC2119]中所述进行解释。

2. Relationship to X.500
2. 与X.500的关系

This technical specification defines LDAP in terms of [X.500] as an X.500 access mechanism. An LDAP server MUST act in accordance with the X.500 (1993) series of International Telecommunication Union - Telecommunication Standardization (ITU-T) Recommendations when providing the service. However, it is not required that an LDAP server make use of any X.500 protocols in providing this service. For example, LDAP can be mapped onto any other directory system so long as the X.500 data and service models [X.501][X.511], as used in LDAP, are not violated in the LDAP interface.

本技术规范根据[X.500]将LDAP定义为X.500访问机制。提供服务时,LDAP服务器必须按照国际电信联盟-电信标准化(ITU-T)的X.500(1993)系列建议进行操作。但是,LDAP服务器在提供此服务时不需要使用任何X.500协议。例如,只要在LDAP接口中不违反LDAP中使用的X.500数据和服务模型[X.501][X.511],LDAP就可以映射到任何其他目录系统。

This technical specification explicitly incorporates portions of X.500(93). Later revisions of X.500 do not automatically apply to this technical specification.

本技术规范明确包含X.500(93)的部分内容。X.500的后续版本不自动适用于本技术规范。

3. Relationship to Obsolete Specifications
3. 与过时规范的关系

This technical specification, as defined in Section 1, obsoletes entirely the previously defined LDAP technical specification defined in RFC 3377 (and consisting of RFCs 2251-2256, 2829, 2830, 3771, and 3377 itself). The technical specification was significantly reorganized.

如第1节所述,本技术规范完全废除了RFC 3377中定义的先前定义的LDAP技术规范(由RFC 2251-2256、2829、2830、3771和3377本身组成)。对技术规范进行了重大重组。

   This document replaces RFC 3377 as well as Section 3.3 of RFC 2251.
   [RFC4512] replaces portions of RFC 2251, RFC 2252, and RFC 2256.
   [RFC4511] replaces the majority RFC 2251, portions of RFC 2252, and
   all of RFC 3771.  [RFC4513] replaces RFC 2829, RFC 2830, and portions
   of RFC 2251.  [RFC4517] replaces the majority of RFC 2252 and
   portions of RFC 2256.  [RFC4519] replaces the majority of RFC 2256.
   [RFC4514] replaces RFC 2253.  [RFC4515] replaces RFC 2254.  [RFC4516]
   replaces RFC 2255.
        
   This document replaces RFC 3377 as well as Section 3.3 of RFC 2251.
   [RFC4512] replaces portions of RFC 2251, RFC 2252, and RFC 2256.
   [RFC4511] replaces the majority RFC 2251, portions of RFC 2252, and
   all of RFC 3771.  [RFC4513] replaces RFC 2829, RFC 2830, and portions
   of RFC 2251.  [RFC4517] replaces the majority of RFC 2252 and
   portions of RFC 2256.  [RFC4519] replaces the majority of RFC 2256.
   [RFC4514] replaces RFC 2253.  [RFC4515] replaces RFC 2254.  [RFC4516]
   replaces RFC 2255.
        

[RFC4518] is new to this revision of the LDAP technical specification.

[RFC4518]是本版本LDAP技术规范的新版本。

Each document of this specification contains appendices summarizing changes to all sections of the specifications they replace. Appendix A.1 of this document details changes made to RFC 3377. Appendix A.2 of this document details changes made to Section 3.3 of RFC 2251.

本规范的每个文件都包含附录,总结了对其所替代规范所有章节的变更。本文件附录A.1详细说明了对RFC 3377所做的更改。本文件附录A.2详细说明了对RFC 2251第3.3节所做的更改。

Additionally, portions of this technical specification update and/or replace a number of other documents not listed above. These relationships are discussed in the documents detailing these portions of this technical specification.

此外,本技术规范的部分内容更新和/或替换了上文未列出的许多其他文件。这些关系在详细说明本技术规范这些部分的文件中进行了讨论。

4. Security Considerations
4. 安全考虑

LDAP security considerations are discussed in each document comprising the technical specification.

包含技术规范的每个文档中都讨论了LDAP安全注意事项。

5. Acknowledgements
5. 致谢

This document is based largely on RFC 3377 by J. Hodges and R. Morgan, a product of the LDAPBIS and LDAPEXT Working Groups. The document also borrows from RFC 2251 by M. Wahl, T. Howes, and S. Kille, a product of the ASID Working Group.

本文件主要基于J.Hodges和R.Morgan的RFC 3377,这是LDAPBIS和LDAPEXT工作组的成果。该文件还借用了M.Wahl、T.Howes和S.Kille(ASID工作组的产品)的RFC 2251。

This document is a product of the IETF LDAPBIS Working Group.

本文件是IETF LDAPBIS工作组的成果。

6. Normative References
6. 规范性引用文件

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。

[RFC4511] Sermersheim, J., Ed., "Lightweight Directory Access Protocol (LDAP): The Protocol", RFC 4511, June 2006.

[RFC4511]Sermersheim,J.,Ed.,“轻量级目录访问协议(LDAP):协议”,RFC4511,2006年6月。

[RFC4512] Zeilenga, K., "Lightweight Directory Access Protocol (LDAP): Directory Information Models", RFC 4512, June 2006.

[RFC4512]Zeilenga,K.,“轻量级目录访问协议(LDAP):目录信息模型”,RFC4512,2006年6月。

[RFC4513] Harrison, R., Ed., "Lightweight Directory Access Protocol (LDAP): Authentication Methods and Security Mechanisms", RFC 4513, June 2006.

[RFC4513]Harrison,R.,Ed.“轻量级目录访问协议(LDAP):身份验证方法和安全机制”,RFC4513,2006年6月。

[RFC4514] Zeilenga, K., Ed., "Lightweight Directory Access Protocol (LDAP): String Representation of Distinguished Names", RFC 4514, June 2006.

[RFC4514]Zeilenga,K.,Ed.“轻量级目录访问协议(LDAP):可分辨名称的字符串表示”,RFC4514,2006年6月。

[RFC4515] Smith, M., Ed. and T. Howes, "Lightweight Directory Access Protocol (LDAP): String Representation of Search Filters", RFC 4515, June 2006.

[RFC4515]Smith,M.,Ed.和T.Howes,“轻量级目录访问协议(LDAP):搜索过滤器的字符串表示”,RFC45152006年6月。

[RFC4516] Smith, M., Ed. and T. Howes, "Lightweight Directory Access Protocol (LDAP): Uniform Resource Locator", RFC 4516, June 2006.

[RFC4516]Smith,M.,Ed.和T.Howes,“轻量级目录访问协议(LDAP):统一资源定位器”,RFC4516,2006年6月。

[RFC4517] Legg, S., Ed., "Lightweight Directory Access Protocol (LDAP): Syntaxes and Matching Rules", RFC 4517, June 2006.

[RFC4517]Legg,S.,Ed.,“轻量级目录访问协议(LDAP):语法和匹配规则”,RFC4517,2006年6月。

[RFC4518] Zeilenga, K., "Lightweight Directory Access Protocol (LDAP): Internationalized String Preparation", RFC 4518, June 2006.

[RFC4518]Zeilenga,K.,“轻量级目录访问协议(LDAP):国际化字符串准备”,RFC4518,2006年6月。

[RFC4519] Sciberras, A., Ed., "Lightweight Directory Access Protocol (LDAP): Schema for User Applications", RFC 4519, June 2006.

[RFC4519]Sciberras,A.,Ed.,“轻量级目录访问协议(LDAP):用户应用程序模式”,RFC4519,2006年6月。

[RFC4520] Zeilenga, K., "Internet Assigned Numbers Authority (IANA) Considerations for the Lightweight Directory Access Protocol (LDAP)", BCP 64, RFC 4520, June 2006.

[RFC4520]Zeilenga,K.,“轻量级目录访问协议(LDAP)的互联网分配号码管理局(IANA)注意事项”,BCP 64,RFC 4520,2006年6月。

[RFC4521] Zeilenga, K., "Considerations for LDAP Extensions", BCP 118, RFC 4521, June 2006.

[RFC4521]Zeilenga,K.,“LDAP扩展的注意事项”,BCP 118,RFC 45212006年6月。

[X.500] International Telecommunication Union - Telecommunication Standardization Sector, "The Directory -- Overview of concepts, models and services", X.500(1993) (also ISO/IEC 9594-1:1994).

[X.500]国际电信联盟-电信标准化部门,“目录——概念、模型和服务概述”,X.500(1993年)(也指ISO/IEC 9594-1:1994)。

[X.501] International Telecommunication Union - Telecommunication Standardization Sector, "The Directory -- Models", X.501(1993) (also ISO/IEC 9594- 2:1994).

[X.501]国际电信联盟-电信标准化部门,“目录——模型”,X.501(1993)(也指ISO/IEC 9594-2:1994)。

[X.511] International Telecommunication Union - Telecommunication Standardization Sector, "The Directory: Abstract Service Definition", X.511(1993) (also ISO/IEC 9594-3:1993).

[X.511]国际电信联盟-电信标准化部门,“目录:抽象服务定义”,X.511(1993)(也称ISO/IEC 9594-3:1993)。

Appendix A. Changes to Previous Documents
附录A.对以前文件的更改

This appendix outlines changes this document makes relative to the documents it replaces (in whole or in part).

本附录概述了本文件相对于其替换的文件(全部或部分)所做的更改。

A.1. Changes to RFC 3377
A.1. 对RFC 3377的更改

This document is nearly a complete rewrite of RFC 3377 as much of the material of RFC 3377 is no longer applicable. The changes include redefining the terms "LDAP" and "LDAPv3" to refer to this revision of the technical specification.

本文件几乎是对RFC 3377的完全重写,因为RFC 3377的大部分材料不再适用。变更包括重新定义术语“LDAP”和“LDAPv3”,以参考本技术规范版本。

A.2. Changes to Section 3.3 of RFC 2251
A.2. RFC 2251第3.3节的变更

The section was modified slightly (the word "document" was replaced with "technical specification") to clarify that it applies to the entire LDAP technical specification.

本节稍作修改(“文档”一词替换为“技术规范”),以澄清其适用于整个LDAP技术规范。

Author's Address

作者地址

Kurt D. Zeilenga OpenLDAP Foundation

库尔特D.Zeeliga OpenLDAP基金会

   EMail: Kurt@OpenLDAP.org
        
   EMail: Kurt@OpenLDAP.org
        

Full Copyright Statement

完整版权声明

Copyright (C) The Internet Society (2006).

版权所有(C)互联网协会(2006年)。

This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.

本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。

This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

本文件及其包含的信息是按“原样”提供的,贡献者、他/她所代表或赞助的组织(如有)、互联网协会和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。

Intellectual Property

知识产权

The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.

IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。

Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.

向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.

The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.

IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.

Acknowledgement

确认

Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA).

RFC编辑器功能的资金由IETF行政支持活动(IASA)提供。