Independent Submission K. Zeilenga Request for Comments: 5805 Isode Limited Category: Experimental March 2010 ISSN: 2070-1721
Independent Submission K. Zeilenga Request for Comments: 5805 Isode Limited Category: Experimental March 2010 ISSN: 2070-1721
Lightweight Directory Access Protocol (LDAP) Transactions
轻型目录访问协议(LDAP)事务
Abstract
摘要
Lightweight Directory Access Protocol (LDAP) update operations, such as Add, Delete, and Modify operations, have atomic, consistency, isolation, durability (ACID) properties. Each of these update operations act upon an entry. It is often desirable to update two or more entries in a single unit of interaction, a transaction. Transactions are necessary to support a number of applications including resource provisioning. This document extends LDAP to support transactions.
轻量级目录访问协议(LDAP)更新操作(如添加、删除和修改操作)具有原子性、一致性、隔离性和耐久性(ACID)属性。每个更新操作都作用于一个条目。通常需要在单个交互单元(事务)中更新两个或多个条目。事务是支持许多应用程序(包括资源调配)所必需的。本文档扩展了LDAP以支持事务。
Status of This Memo
关于下段备忘
This document is not an Internet Standards Track specification; it is published for examination, experimental implementation, and evaluation.
本文件不是互联网标准跟踪规范;它是为检查、实验实施和评估而发布的。
This document defines an Experimental Protocol for the Internet community. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741.
本文档为互联网社区定义了一个实验协议。这是对RFC系列的贡献,独立于任何其他RFC流。RFC编辑器已选择自行发布此文档,并且未声明其对实现或部署的价值。RFC编辑批准发布的文件不适用于任何级别的互联网标准;见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc5805.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc5805.
Copyright Notice
版权公告
Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2010 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。
This document extends the Lightweight Directory Access Protocol (LDAP) [RFC4510] to allow clients to relate a number of update operations [RFC4511] and have them performed as one unit of interaction, a transaction. As with distinct update operations, each transaction has atomic, consistency, isolation, and durability (ACID) properties [ACID].
本文档扩展了轻量级目录访问协议(LDAP)[RFC4510]以允许客户端关联大量更新操作[RFC4511],并将它们作为一个交互单元(事务)执行。与不同的更新操作一样,每个事务都具有原子、一致性、隔离和持久性(ACID)属性[ACID]。
This extension consists of two extended operations, one control, and one unsolicited notification message. The Start Transaction operation is used to obtain a transaction identifier. This identifier is then attached to multiple update operations to indicate that they belong to the transaction using the Transaction Specification control. The End Transaction is used to settle (commit or abort) the transaction. The Aborted Transaction Notice is provided by the server to notify the client that the server is no longer willing or able to process an outstanding transaction.
此扩展包含两个扩展操作、一个控件和一条未经请求的通知消息。启动事务操作用于获取事务标识符。然后将该标识符附加到多个更新操作,以指示它们属于使用事务规范控件的事务。结束事务用于结算(提交或中止)事务。中止的事务通知由服务器提供,用于通知客户端服务器不再愿意或无法处理未完成的事务。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中所述进行解释。
Protocol elements are described using ASN.1 [X.680] with implicit tags. The term "BER-encoded" means the element is to be encoded using the Basic Encoding Rules [X.690] under the restrictions detailed in Section 5.1 of [RFC4511].
协议元素使用带有隐式标记的ASN.1[X.680]进行描述。术语“BER编码”是指根据[RFC4511]第5.1节详述的限制,使用基本编码规则[X.690]对元素进行编码。
DSA stands for "Directory System Agent" (a server). DSE stands for "DSA-specific entry".
DSA代表“目录系统代理”(服务器)。DSE代表“DSA特定条目”。
A Start Transaction Request is an LDAPMessage of CHOICE extendedReq where the requestName is 1.3.6.1.1.21.1 and the requestValue is absent.
启动事务请求是一个LDAPMessage of CHOICE extendedReq,其中requestName为1.3.6.1.1.21.1,requestValue不存在。
A Start Transaction Response is an LDAPMessage of CHOICE extendedRes sent in response to a Start Transaction Request. Its responseName is absent. When the resultCode is success (0), responseValue is present and contains a transaction identifier. Otherwise, the responseValue is absent.
启动事务响应是选择extendedRes的LDAPMessage,用于响应启动事务请求。它的响应名不存在。当resultCode为success(0)时,responseValue存在并包含事务标识符。否则,responseValue将不存在。
A Transaction Specification Control is an LDAPControl where the controlType is 1.3.6.1.1.21.2, the criticality is TRUE, and the controlValue is a transaction identifier. The control is appropriate for update requests including Add, Delete, Modify, and ModifyDN (Rename) requests [RFC4511], as well as the Password Modify requests [RFC3062].
事务规范控件是一种LDAPControl,其中controlType为1.3.6.1.1.21.2,criticality为TRUE,controlValue为事务标识符。该控件适用于更新请求,包括添加、删除、修改和修改DN(重命名)请求[RFC4511],以及密码修改请求[RFC3062]。
As discussed in Section 4, the Transaction Specification control can be used in conjunction with request controls appropriate for the update request.
如第4节所述,事务规范控件可以与适用于更新请求的请求控件结合使用。
An End Transaction Request is an LDAPMessage of CHOICE extendedReq where the requestName is 1.3.6.1.1.21.3 and the requestValue is present and contains a BER-encoded txnEndReq.
结束事务请求是一个LDAPMessage of CHOICE extendedReq,其中requestName为1.3.6.1.1.21.3,requestValue存在,并包含一个BER编码的txnEndReq。
txnEndReq ::= SEQUENCE { commit BOOLEAN DEFAULT TRUE, identifier OCTET STRING }
txnEndReq ::= SEQUENCE { commit BOOLEAN DEFAULT TRUE, identifier OCTET STRING }
A commit value of TRUE indicates a request to commit the transaction identified by the identifier. A commit value of FALSE indicates a request to abort the identified transaction.
commit值TRUE表示提交标识符标识的事务的请求。commit值FALSE表示中止已标识事务的请求。
An End Transaction Response is an LDAPMessage sent in response to a End Transaction Request. Its response name is absent. The responseValue when present contains a BER-encoded txnEndRes.
结束事务响应是响应结束事务请求而发送的LDAPMessage。它的响应名称不存在。存在时的responseValue包含BER编码的txnEndRes。
txnEndRes ::= SEQUENCE { messageID MessageID OPTIONAL, -- msgid associated with non-success resultCode updatesControls SEQUENCE OF updateControls SEQUENCE { messageID MessageID, -- msgid associated with controls controls Controls } OPTIONAL } -- where MessageID and Controls are as specified in RFC 4511
txnEndRes ::= SEQUENCE { messageID MessageID OPTIONAL, -- msgid associated with non-success resultCode updatesControls SEQUENCE OF updateControls SEQUENCE { messageID MessageID, -- msgid associated with controls controls Controls } OPTIONAL } -- where MessageID and Controls are as specified in RFC 4511
The txnEndRes.messageID provides the message id of the update request associated with a non-success response. txnEndRes.messageID is absent when resultCode of the End Transaction Response is success (0).
txnEndRes.messageID提供与非成功响应关联的更新请求的消息id。当结束事务响应的resultCode为success(0)时,txnEndRes.messageID不存在。
The txnEndRes.updatesControls provides a facility for returning response controls that normally (i.e., in the absence of transactions) would be returned in an update response. The updateControls.messageID provides the message id of the update request associated with the response controls provided in updateControls.controls.
txnEndRes.updatesControls提供了一种返回响应控件的工具,这些控件通常(即,在没有事务的情况下)会在更新响应中返回。UpdateControl.messageID提供与UpdateControl.controls中提供的响应控件关联的更新请求的消息id。
The txnEndRes.updatesControls is absent when there are no update response controls to return.
当没有要返回的更新响应控件时,txnEndRes.updatesControls不存在。
If both txnEndRes.messageID and txnEndRes.updatesControl are absent, the responseValue of the End Transaction Response is absent.
如果txnEndRes.messageID和txnEndRes.updatesControl都不存在,则结束事务响应的responseValue不存在。
The Aborted Transaction Notice is an Unsolicited Notification message where the responseName is 1.3.6.1.1.21.4 and responseValue is present and contains a transaction identifier.
中止的事务通知是一条未经请求的通知消息,其中responseName为1.3.6.1.1.21.4,responseValue存在并包含事务标识符。
To allow clients to discover support for this extension, servers implementing this specification SHOULD publish 1.3.6.1.1.21.1 and 1.3.6.1.1.21.3 as values of the 'supportedExtension' attribute [RFC4512] within the Root DSE, and publish the 1.3.6.1.1.21.2 as a value of the 'supportedControl' attribute [RFC4512] of the Root DSE.
为了允许客户端发现对此扩展的支持,实现此规范的服务器应将1.3.6.1.1.21.1和1.3.6.1.1.21.3发布为根DSE中“supportedExtension”属性[RFC4512]的值,并将1.3.6.1.1.21.2发布为根DSE的“supportedControl”属性[RFC4512]的值。
A server MAY choose to advertise this extension only when the client is authorized to use it.
只有当客户机被授权使用此扩展时,服务器才可以选择公布此扩展。
A client wishing to perform a sequence of directory updates as a transaction issues a Start Transaction Request. A server that is willing and able to support transactions responds to this request with a Start Transaction Response providing a transaction identifier and with a resultCode of success (0). Otherwise, the server responds with a Start Transaction Response with a resultCode other than success indicating the nature of the failure.
希望在事务中执行一系列目录更新的客户端发出启动事务请求。愿意并能够支持事务的服务器使用提供事务标识符的启动事务响应和成功的结果代码(0)响应此请求。否则,服务器将使用一个启动事务响应来响应,并使用一个resultCode而不是success来指示故障的性质。
The transaction identifier provided upon successful start of a transaction is used in subsequent protocol messages to identify this transaction.
成功启动事务时提供的事务标识符用于后续协议消息中,以标识该事务。
The client then can issue one or more update requests, each with a Transaction Specification control containing the transaction identifier indicating the updates are to be processed as part of the transaction. Each of these update requests MUST have a different MessageID value. If the server is unwilling or unable to attempt to process the requested update operation as part of the transaction, the server immediately returns the appropriate response to the request with a resultCode indicating the nature of the failure. Otherwise, the server immediately returns a resultCode of success (0) and the defers further processing of the operation is then deferred until settlement.
然后,客户机可以发出一个或多个更新请求,每个更新请求都具有一个包含事务标识符的事务规范控件,该事务标识符指示更新将作为事务的一部分进行处理。每个更新请求必须具有不同的MessageID值。如果服务器不愿意或无法尝试将请求的更新操作作为事务的一部分进行处理,则服务器会立即返回对请求的相应响应,并使用resultCode指示故障的性质。否则,服务器会立即返回一个resultCode of success(0),然后延迟操作的进一步处理,直到结算。
If the server becomes unwilling or unable to continue the specification of a transaction, the server issues an Aborted Transaction Notice with a non-success resultCode indicating the nature of the failure. All operations that were to be processed as part of the transaction are implicitly abandoned. Upon receipt of an Aborted Transaction Notice, the client is to discontinue all use of the transaction identifier as the transaction is null and void. Any future use of identifier by the client will result in a response containing a non-success resultCode.
如果服务器不愿意或无法继续指定事务,则服务器将发出一个中止的事务通知,其中包含一个非成功结果代码,指示失败的性质。将作为事务的一部分处理的所有操作都被隐式放弃。在收到中止交易通知后,客户应停止使用交易标识符,因为交易无效。客户端将来对标识符的任何使用都将导致包含非成功resultCode的响应。
A client requests settlement of transaction by issuing an End Transaction Request for the transaction indicating whether it desires the transaction to be committed or aborted.
客户机通过发出交易的结束交易请求来请求交易结算,该请求指示其是否希望提交或中止该交易。
Upon receipt of a request to abort the transaction, the server is to abort the identified transaction (abandoning all operations that are part of the transaction) and indicate that it has done so by returning an End Transaction Response with a resultCode of success (0).
在收到中止事务的请求后,服务器将中止已标识的事务(放弃属于该事务的所有操作),并通过返回一个结果代码为success(0)的结束事务响应来指示已中止该事务。
Upon receipt of a request to commit the transaction, the server processes all update operations of the transaction as one atomic, durable, isolated, and consistent action with each requested update being processed in turn. Either all of the requested updates are to be successfully applied or none of the requested are to be applied. The server returns an End Transaction Response with a resultCode of success (0) and no responseValue to indicate all the requested updates were applied. Otherwise, the server returns an End Transaction Response with a non-success resultCode indicating the nature of the failure. If the failure is associated with a
在收到提交事务的请求后,服务器将事务的所有更新操作作为一个原子的、持久的、隔离的和一致的操作进行处理,并依次处理每个请求的更新。要么成功应用所有请求的更新,要么不应用任何请求的更新。服务器返回一个End Transaction响应,其resultCode为success(0),且没有responseValue以指示已应用所有请求的更新。否则,服务器将返回一个结束事务响应,其中包含一个非成功resultCode,指示失败的性质。如果故障与
particular update request, the txnEndRes.messageID in the responseValue is the message id of this update request. If the failure was not associated with any particular update request, no txnEnd.messageID is provided.
在特定的更新请求中,responseValue中的txnEndRes.messageID是此更新请求的消息id。如果故障与任何特定的更新请求无关,则不提供txnEnd.messageID。
There is no requirement that a server serialize transactions or updates requested outside of a transaction. That is, a server MAY process multiple commit requests (from one or more clients) acting upon different sets of entries concurrently. A server MUST avoid deadlock.
不要求服务器序列化事务或事务外部请求的更新。也就是说,服务器可以同时处理多个提交请求(来自一个或多个客户端),这些请求作用于不同的条目集。服务器必须避免死锁。
Transactions cannot be nested.
事务不能嵌套。
Each LDAP transaction should be initiated, specified, and settled within a stable security context. Between the Start Request and the End Response, the peers SHOULD avoid negotiating new security associations and/or layers.
每个LDAP事务都应该在稳定的安全上下文中启动、指定和结算。在开始请求和结束响应之间,对等方应避免协商新的安全关联和/或层。
Upon receipt of a Bind or Unbind request, the server SHALL abort any and all outstanding transactions without notice and nullify their identifiers.
在收到绑定或解除绑定请求后,服务器应在不发出通知的情况下中止任何和所有未完成的事务,并使其标识符无效。
The LDAP Transaction extension may be used with many but not all LDAP control extensions designed to extend update (and possibly other) operations. The subsections that follow discuss interaction with a number of control extensions. Interaction with other control extensions may be discussed in other documents, in particular in control extension specifications.
LDAP事务扩展可以与许多(但不是所有)LDAP控制扩展一起使用,这些扩展设计用于扩展更新(可能还有其他)操作。下面的小节将讨论与许多控件扩展的交互。与其他控制扩展的交互可在其他文件中讨论,特别是在控制扩展规范中。
The Assertion [RFC4528] control is appropriate for use with update requests specified as part of a transaction. The evaluation of the assertion is performed as part of the transaction.
断言[RFC4528]控件适合与作为事务一部分指定的更新请求一起使用。断言的评估作为事务的一部分执行。
The Assertion control is inappropriate for use with either the Start or End Transaction Extended operations.
断言控件不适合用于开始或结束事务扩展操作。
The ManageDsaIT [RFC3296] control is appropriate for use with update requests specified as part of a transaction.
ManageDsaIT[RFC3296]控件适合与作为事务一部分指定的更新请求一起使用。
The ManageDsaIT control is inappropriate for use with either the Start or End Transaction Extended operations.
ManageDsaIT控件不适合用于开始或结束事务扩展操作。
The Proxied Authorization [RFC4370] control is appropriate for use with the Start Transaction Extended operation, but not the End Transaction Extended operation or any update request specified as part of a transaction.
代理授权[RFC4370]控件适用于开始事务扩展操作,但不适用于结束事务扩展操作或指定为事务一部分的任何更新请求。
To request that a transaction be performed under a different authorization, the client provides a Proxied Authorization control with the Transaction Start Request. If the client is not authorized to assume the requested authorization identity, the server is to return the authorizationDenied (123) resultCode in its response. Otherwise, further processing of the request and transaction is performed under the requested authorization identity.
为了请求在不同的授权下执行事务,客户机为事务启动请求提供代理授权控制。如果客户端未被授权使用请求的授权标识,则服务器将在其响应中返回authorizationDenied(123)resultCode。否则,在请求的授权标识下执行请求和事务的进一步处理。
Any proxied authorization request attached to an update request specified as part of a transaction, or attached to a Transaction End Request, is to be regarded as a protocol error.
附加到指定为事务一部分的更新请求或附加到事务结束请求的任何代理授权请求都将被视为协议错误。
The Pre- and Post-Read Entry [RFC4527] request control are appropriate for use with update requests specified as part of a transaction.
读前和读后条目[RFC4527]请求控制适用于作为事务一部分指定的更新请求。
The response control produced in response to a Pre- or Post-Read Entry request control is returned in the txnEndRes.updatesControls field of responseValue of the End Transaction Response.
响应读取前或读取后条目请求控件而生成的响应控件将在结束事务响应的responseValue的txnEndRes.UpdatesControl字段中返回。
The Pre- and Post-Read Entry controls are inappropriate for use in the LDAPMessage.controls field of the Transaction Start and End Request and Response messages.
读取前和读取后输入控件不适合在事务开始和结束请求和响应消息的LDAPMessage.controls字段中使用。
The LDAP/X.500 models provide for distributed directory operations, including server-side chaining and client-side chasing of referrals.
LDAP/X.500模型提供了分布式目录操作,包括服务器端链接和客户端跟踪引用。
This document does not preclude servers from chaining operations that are part of a transaction. However, if a server does attempt such chaining, it MUST ensure that transaction semantics are provided.
本文档不排除服务器链接作为事务一部分的操作。但是,如果服务器确实尝试这样的链接,它必须确保提供了事务语义。
The mechanism defined by this document does not support client-side chasing. Transaction identifiers are specific to a particular LDAP association (as established via the LDAP Bind operation).
此文档定义的机制不支持客户端跟踪。事务标识符特定于特定的LDAP关联(通过LDAP绑定操作建立)。
The LDAP/X.500 models provide for a single-master/multiple-shadow replication architecture. There is no requirement that changes made to the directory based upon processing a transaction be replicated as one atomic action. Hence, clients SHOULD NOT assume tight data consistency nor fast data convergence of shadow copies unless they have prior knowledge that these properties are provided. Note that DontUseCopy control [DONTUSECOPY] may be used in conjunction with the LDAP search request to ask for the return of the authoritative copy of the entry.
LDAP/X.500机型提供了单主机/多卷影复制体系结构。不要求基于处理事务对目录所做的更改作为一个原子操作进行复制。因此,除非客户事先知道提供了这些属性,否则他们不应假设卷影副本的数据一致性很强,也不应假设卷影副本的数据收敛速度很快。注意,DontUseCopy控件[DontUseCopy]可以与LDAP搜索请求一起使用,以请求返回条目的权威副本。
Transaction mechanisms may be the target of denial-of-service attacks, especially where implementations lock shared resources for the duration of a transaction.
事务机制可能是拒绝服务攻击的目标,特别是在实现在事务期间锁定共享资源的情况下。
General security considerations [RFC4510], especially those associated with update operations [RFC4511], apply to this extension.
一般安全注意事项[RFC4510],尤其是与更新操作[RFC4511]相关的注意事项,适用于此扩展。
The Internet Assigned Numbers Authority (IANA) has made the following assignments.
互联网分配号码管理局(IANA)已完成以下任务。
IANA has assigned an LDAP Object Identifier (21) [RFC4520] to identify the protocol elements specified in this document.
IANA已分配LDAP对象标识符(21)[RFC4520]来标识本文档中指定的协议元素。
Subject: Request for LDAP Object Identifier Registration Person & email address to contact for further information: Kurt Zeilenga <Kurt.Zeilenga@Isode.COM> Specification: RFC 5805 Author/Change Controller: Kurt Zeilenga <Kurt.Zeilenga@Isode.COM> Comments: Identifies protocol elements for LDAP Transactions
Subject: Request for LDAP Object Identifier Registration Person & email address to contact for further information: Kurt Zeilenga <Kurt.Zeilenga@Isode.COM> Specification: RFC 5805 Author/Change Controller: Kurt Zeilenga <Kurt.Zeilenga@Isode.COM> Comments: Identifies protocol elements for LDAP Transactions
IANA has registered the protocol mechanisms [RFC4520] specified in this document.
IANA已注册本文件中指定的协议机制[RFC4520]。
Subject: Request for LDAP Protocol Mechanism Registration Object Identifier: see table Description: see table Person & email address to contact for further information: Kurt Zeilenga <Kurt.Zeilenga@Isode.COM> Specification: RFC 5805 Author/Change Controller: Kurt Zeilenga <Kurt.Zeilenga@Isode.COM> Comments:
主题:请求LDAP协议机制注册对象标识符:请参阅表格说明:请参阅表格联系人和电子邮件地址以获取更多信息:Kurt Zeilenga<Kurt。Zeilenga@Isode.COM>规格:RFC 5805作者/变更控制员:Kurt Zeilenga<Kurt。Zeilenga@Isode.COM>评论:
Object Identifier Type Description ------------------- ---- ---------------------------------- 1.3.6.1.1.21.1 E Start Transaction Extended Request 1.3.6.1.1.21.2 C Transaction Specification Control 1.3.6.1.1.21.3 E End Transaction Extended Request 1.3.6.1.1.21.4 N Aborted Transaction Notice
Object Identifier Type Description ------------------- ---- ---------------------------------- 1.3.6.1.1.21.1 E Start Transaction Extended Request 1.3.6.1.1.21.2 C Transaction Specification Control 1.3.6.1.1.21.3 E End Transaction Extended Request 1.3.6.1.1.21.4 N Aborted Transaction Notice
Legend ------------------------ C => supportedControl E => supportedExtension N => Unsolicited Notice
Legend ------------------------ C => supportedControl E => supportedExtension N => Unsolicited Notice
The author gratefully acknowledges the contributions made by Internet Engineering Task Force participants.
作者衷心感谢互联网工程特别工作组参与者所做的贡献。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC3062] Zeilenga, K., "LDAP Password Modify Extended Operation", RFC 3062, February 2001.
[RFC3062]Zeilenga,K.,“LDAP密码修改扩展操作”,RFC 3062,2001年2月。
[RFC3296] Zeilenga, K., "Named Subordinate References in Lightweight Directory Access Protocol (LDAP) Directories", RFC 3296, July 2002.
[RFC3296]Zeilenga,K.,“轻量级目录访问协议(LDAP)目录中的命名从属引用”,RFC3296,2002年7月。
[RFC4370] Weltman, R., "Lightweight Directory Access Protocol (LDAP) Proxied Authorization Control", RFC 4370, February 2006.
[RFC4370]Weltman,R.,“轻量级目录访问协议(LDAP)代理授权控制”,RFC 43702006年2月。
[RFC4510] Zeilenga, K., Ed., "Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map", RFC 4510, June 2006.
[RFC4510]Zeilenga,K.,Ed.“轻量级目录访问协议(LDAP):技术规范路线图”,RFC45102006年6月。
[RFC4511] Sermersheim, J., Ed., "Lightweight Directory Access Protocol (LDAP): The Protocol", RFC 4511, June 2006.
[RFC4511]Sermersheim,J.,Ed.,“轻量级目录访问协议(LDAP):协议”,RFC4511,2006年6月。
[RFC4512] Zeilenga, K., Ed., "Lightweight Directory Access Protocol (LDAP): Directory Information Models", RFC 4512, June 2006.
[RFC4512]Zeilenga,K.,Ed.,“轻量级目录访问协议(LDAP):目录信息模型”,RFC4512,2006年6月。
[RFC4527] Zeilenga, K., "Lightweight Directory Access Protocol (LDAP) Read Entry Controls", RFC 4527, June 2006.
[RFC4527]Zeilenga,K.,“轻量级目录访问协议(LDAP)读取条目控制”,RFC4527,2006年6月。
[RFC4528] Zeilenga, K., "Lightweight Directory Access Protocol (LDAP) Assertion Control", RFC 4528, June 2006.
[RFC4528]Zeilenga,K.,“轻量级目录访问协议(LDAP)断言控制”,RFC4528,2006年6月。
[X.680] International Telecommunication Union - Telecommunication Standardization Sector, "Abstract Syntax Notation One (ASN.1) - Specification of Basic Notation", X.680(2002) (also ISO/IEC 8824-1:2002).
[X.680]国际电信联盟-电信标准化部门,“抽象语法符号1(ASN.1)-基本符号规范”,X.680(2002)(也称ISO/IEC 8824-1:2002)。
[X.690] International Telecommunication Union - Telecommunication Standardization Sector, "Specification of ASN.1 encoding rules: Basic Encoding Rules (BER), Canonical Encoding Rules (CER), and Distinguished Encoding Rules (DER)", X.690(2002) (also ISO/IEC 8825-1:2002).
[X.690]国际电信联盟-电信标准化部门,“ASN.1编码规则规范:基本编码规则(BER)、规范编码规则(CER)和区分编码规则(DER)”,X.690(2002)(另见ISO/IEC 8825-1:2002)。
[RFC4520] Zeilenga, K., "Internet Assigned Numbers Authority (IANA) Considerations for the Lightweight Directory Access Protocol (LDAP)", BCP 64, RFC 4520, June 2006.
[RFC4520]Zeilenga,K.,“轻量级目录访问协议(LDAP)的互联网分配号码管理局(IANA)注意事项”,BCP 64,RFC 4520,2006年6月。
[ACID] "Information technology -- Open Systems Interconnection -- Distributed Transaction Processing -- Part 1: OSI TP Model", Section 4, ISO/IEC 10026-1:1992.
[ACID]“信息技术——开放系统互连——分布式事务处理——第1部分:OSI TP模型”,ISO/IEC 10026-1:1992第4节。
[DONTUSECOPY] Zeilenga, K., "The LDAP Don't Use Copy Control", Work in Progress, December 2009.
[DONTUSECOPY]Zeilenga,K.,“LDAP不使用复制控制”,正在进行的工作,2009年12月。
Author's Address
作者地址
Kurt D. Zeilenga Isode Limited
Kurt D.Zeilenga Isode有限公司
EMail: Kurt.Zeilenga@Isode.COM
EMail: Kurt.Zeilenga@Isode.COM