idnits 2.17.1 draft-dally-acp133-and-ldap-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 1) being 61 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 76 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 8 instances of too long lines in the document, the longest one being 5 characters in excess of 72. ** The abstract seems to contain references ([2], [1]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. == There are 269 instances of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 369: '... MUST 2.5.4.3 ; cn...' RFC 2119 keyword, line 370: '... MAY ( 2.5.4.13 $ ; descript...' RFC 2119 keyword, line 383: '... MUST 2.5.4.3 ; cn...' RFC 2119 keyword, line 384: '... MAY ( 2.16.840.1.101.2.2.1.1...' RFC 2119 keyword, line 400: '... MUST ( 2.5.4.3 $ ; cn...' (119 more instances...) Miscellaneous warnings: ---------------------------------------------------------------------------- -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (22 September 2000) is 8616 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: '4' is defined on line 3418, but no explicit reference was found in the text == Unused Reference: '5' is defined on line 3420, but no explicit reference was found in the text -- Possible downref: Non-RFC (?) normative reference: ref. '1' ** Obsolete normative reference: RFC 2252 (ref. '2') (Obsoleted by RFC 4510, RFC 4512, RFC 4517, RFC 4523) ** Obsolete normative reference: RFC 2256 (ref. '3') (Obsoleted by RFC 4510, RFC 4512, RFC 4517, RFC 4519, RFC 4523) -- Possible downref: Non-RFC (?) normative reference: ref. '4' -- Possible downref: Non-RFC (?) normative reference: ref. '5' -- Possible downref: Non-RFC (?) normative reference: ref. '6' -- Possible downref: Non-RFC (?) normative reference: ref. '7' -- Possible downref: Non-RFC (?) normative reference: ref. '8' ** Obsolete normative reference: RFC 2587 (ref. '9') (Obsoleted by RFC 4523) -- Possible downref: Non-RFC (?) normative reference: ref. '10' -- Possible downref: Non-RFC (?) normative reference: ref. '11' -- Possible downref: Non-RFC (?) normative reference: ref. '12' ** Obsolete normative reference: RFC 1274 (ref. '13') (Obsoleted by RFC 4524) -- Possible downref: Non-RFC (?) normative reference: ref. '14' -- Possible downref: Non-RFC (?) normative reference: ref. '15' ** Obsolete normative reference: RFC 822 (ref. '16') (Obsoleted by RFC 2822) -- Possible downref: Non-RFC (?) normative reference: ref. '17' -- Possible downref: Non-RFC (?) normative reference: ref. '18' ** Downref: Normative reference to an Informational RFC: RFC 2798 (ref. '19') Summary: 13 errors (**), 0 flaws (~~), 6 warnings (==), 15 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 INTERNET-DRAFT Kathy Dally 2 Informational Draft The MITRE Corp. 3 Expires 22 March 2001 22 September 2000 5 ACP 133 Common Content and LDAP 6 8 STATUS OF THIS MEMO 10 This document is an Internet-Draft and is in full conformance with 11 all provisions of Section 10 of RFC 2026 except that the 12 right to produce derivative works is not granted. Internet-Drafts 13 are working documents of the Internet Engineering Task Force 14 (IETF), its areas, and its working groups. Note that other groups 15 may also distribute working documents as Internet-Drafts. 17 Internet-Drafts are draft documents valid for a maximum of six 18 months and may be updated, replaced, or obsoleted by other 19 documents at any time. It is inappropriate to use Internet-Drafts 20 as reference material or to cite them other than as "work in 21 progress." 23 The list of current Internet-Drafts can be accessed at 24 http://www.ietf.org/ietf/1id-abstracts.txt 26 The list of Internet-Draft Shadow Directories can be accessed at 27 http://www.ietf.org/shadow.html. 29 ABSTRACT 31 In Allied Communications Publication (ACP) 133 [1], an X.500 32 directory user schema, called Common Content, is specified for the 33 Allied Directory. In order to enable Lightweight Directory Access 34 Protocol (LDAP) access to the Allied Directory and to enable the 35 general use by others of elements from the Common Content, this 36 document specifies the encoding of the Common Content using the 37 LDAP notation from Request for Comments (RFC) 2252 [2]. 39 TABLE OF CONTENTS 41 STATUS OF THIS MEMO....................................................1 42 ABSTRACT...............................................................1 43 TABLE OF CONTENTS......................................................2 44 1. INTRODUCTION.......................................................8 45 1.1 Background........................................................8 46 1.2 Purpose...........................................................8 47 2. OBJECT CLASSES.....................................................9 48 2.1 aCPNetworkEdB Object Class........................................9 49 2.2 aCPNetworkInstructionsEdB Object Class............................9 50 2.3 addressList Object Class..........................................9 51 2.4 aliasCommonName Object Class.....................................10 52 2.5 aliasOrganizationalUnit Object Class.............................10 53 2.6 altSpellingACP127 Object Class...................................10 54 2.7 cadACP127 Object Class...........................................11 55 2.8 distributionCodeDescription Object Class.........................11 56 2.9 distributionCodesHandled Object Class............................11 57 2.10 dSSCSPLA Object Class............................................11 58 2.11 messagingGateway Object Class....................................12 59 2.12 mhs-distribution-list Object Class...............................12 60 2.13 mhs-message-store Object Class...................................13 61 2.14 mhs-message-transfer-agent Object Class..........................13 62 2.15 mhs-user Object Class............................................14 63 2.16 mhs-user-agent Object Class......................................14 64 2.17 mLA Object Class.................................................14 65 2.18 mLAgent Object Class.............................................15 66 2.19 orgACP127 Object Class...........................................15 67 2.20 otherContactInformation Object Class.............................16 68 2.21 pkiCA Object Class...............................................16 69 2.22 pkiUser Object Class.............................................16 70 2.23 plaACP127 Object Class...........................................16 71 2.24 plaCollectiveACP127 Object Class.................................17 72 2.25 plaData Object Class.............................................17 73 2.26 plaUser Object Class.............................................17 74 2.27 releaseAuthorityPerson Object Class..............................18 75 2.28 releaseAuthorityPersonA Object Class.............................18 76 2.29 routingIndicator Object Class....................................18 77 2.30 secure-user Object Class.........................................18 78 2.31 securePkiUser Object Class.......................................19 79 2.32 sigintPLA Object Class...........................................19 80 2.33 sIPLA Object Class...............................................19 81 2.34 spotPLA Object Class.............................................20 82 2.35 taskForceACP127 Object Class.....................................20 83 2.36 tenantACP127 Object Class........................................20 84 2.37 ukms Object Class................................................21 85 3. ATTRIBUTE TYPES...................................................22 86 3.1 accessCodes Attribute............................................22 87 3.2 accountingCode Attribute.........................................22 88 3.3 aCPLegacyFormat Attribute........................................22 89 3.4 aCPMobileTelephoneNumber Attribute...............................22 90 3.5 aCPNetwAccessSchemaEdB Attribute.................................22 91 3.6 aCPNetworkSchemaEdB Attribute....................................23 92 3.7 aCPPagerTelephoneNumber Attribute................................23 93 3.8 aCPPreferredDelivery Attribute...................................23 94 3.9 aCPTelephoneFaxNumber............................................23 95 3.10 actionAddressees Attribute.......................................24 96 3.11 additionalAddressees Attribute...................................25 97 3.12 additionalSecondPartyAddressees Attribute........................25 98 3.13 adminConversion Attribute........................................25 99 3.14 administrator Attribute..........................................25 100 3.15 aigsExpanded Attribute...........................................25 101 3.16 aLExemptedAddressProcessor Attribute.............................26 102 3.17 aliasPointer Attribute...........................................26 103 3.18 alid Attribute...................................................26 104 3.19 allowableOriginators Attribute...................................26 105 3.20 aLReceiptPolicy Attribute........................................26 106 3.21 alternateRecipient Attribute.....................................27 107 3.22 aLType Attribute.................................................27 108 3.23 aprUKMs Attribute................................................27 109 3.24 associatedAL Attribute...........................................27 110 3.25 associatedOrganization Attribute.................................27 111 3.26 associatedPLA Attribute..........................................28 112 3.27 augUKMs Attribute................................................28 113 3.28 buildingName Attribute...........................................28 114 3.29 cognizantAuthority Attribute.....................................28 115 3.30 collective-mhs-or-addresses Attribute............................29 116 3.31 collectiveMilitaryFacsimileNumber Attribute......................29 117 3.32 collectiveMilitaryTelephoneNumber Attribute......................29 118 3.33 collectiveNationality Attribute..................................29 119 3.34 collectiveSecureFacsimileNumber Attribute........................29 120 3.35 collectiveSecureTelephoneNumber Attribute........................29 121 3.36 community Attribute..............................................29 122 3.37 copyMember.......................................................30 123 3.38 decUKMs Attribute................................................30 124 3.39 deployed Attribute...............................................30 125 3.40 distributionCodeAction Attribute.................................30 126 3.41 distributionCodeInfo Attribute...................................31 127 3.42 dualRoute Attribute..............................................31 128 3.43 effectiveDate Attribute..........................................31 129 3.44 entryClassification Attribute....................................31 130 3.45 expirationDate Attribute.........................................31 131 3.46 febUKMs Attribute................................................32 132 3.47 garrison Attribute...............................................32 133 3.48 gatewayType Attribute............................................32 134 3.49 ghpType Attribute................................................32 135 3.50 guard Attribute..................................................33 136 3.51 host Attribute...................................................33 137 3.52 hostOrgACP127 Attribute..........................................33 138 3.53 infoAddressees Attribute.........................................33 139 3.54 janUKMs Attribute................................................33 140 3.55 julUKMs Attribute................................................34 141 3.56 junUKMs Attribute................................................34 142 3.57 lastRecapDate Attribute..........................................34 143 3.58 listPointer Attribute............................................34 144 3.59 lmf Attribute....................................................34 145 3.60 longTitle Attribute..............................................35 146 3.61 mailDomains Attribute............................................35 147 3.62 marUKMs Attribute................................................35 148 3.63 mayUKMs Attribute................................................35 149 3.64 mhs-acceptable-eits Attribute....................................36 150 3.65 mhs-deliverable-classes Attribute................................36 151 3.66 mhs-deliverable-content-types Attribute..........................36 152 3.67 mhs-dl-archive-service Attribute.................................36 153 3.68 mhs-dl-members Attribute.........................................36 154 3.69 mhs-dl-policy Attribute..........................................37 155 3.70 mhs-dl-related-lists Attribute...................................37 156 3.71 mhs-dl-submit-permissions Attribute..............................37 157 3.72 mhs-dl-subscription-service Attribute............................37 158 3.73 mhs-exclusively-acceptable-eits Attribute........................37 159 3.74 mhs-maximum-content-length Attribute.............................38 160 3.75 mhs-message-store-dn Attribute...................................38 161 3.76 mhs-or-addresses Attribute.......................................38 162 3.77 mhs-or-addresses-with-capabilities Attribute.....................38 163 3.78 mhs-supported-attributes Attribute...............................39 164 3.79 mhs-supported-automatic-actions Attribute........................39 165 3.80 mhs-supported-content-types Attribute............................39 166 3.81 mhs-supported-matching-rules Attribute...........................40 167 3.82 mhs-unacceptable-eits Attribute..................................40 168 3.83 militaryFacsimileNumber Attribute................................40 169 3.84 militaryTelephoneNumber Attribute................................40 170 3.85 minimize Attribute...............................................41 171 3.86 minimizeOverride Attribute.......................................41 172 3.87 nameClassification Attribute.....................................41 173 3.88 nationality Attribute............................................41 174 3.89 networkDN Attribute..............................................41 175 3.90 novUKMs Attribute................................................42 176 3.91 octUKMs Attribute................................................42 177 3.92 onSupported Attribute............................................42 178 3.93 operationName Attribute..........................................42 179 3.94 plaAddressees Attribute..........................................43 180 3.95 plaNameACP127 Attribute..........................................43 181 3.96 plaReplace Attribute.............................................43 182 3.97 plasServed Attribute.............................................43 183 3.98 positionNumber Attribute.........................................44 184 3.99 primarySpellingACP127 Attribute..................................44 185 3.100 proprietaryMailboxes Attribute..................................44 186 3.101 publish Attribute...............................................44 187 3.102 rank Attribute..................................................44 188 3.103 recapDueDate Attribute..........................................45 189 3.104 releaseAuthorityName Attribute..................................45 190 3.105 remarks Attribute...............................................45 191 3.106 rfc822Mailbox Attribute.........................................45 192 3.107 rI Attribute....................................................45 193 3.108 rIClassification Attribute......................................46 194 3.109 rIInfo Attribute................................................46 195 3.110 roomNumber Attribute............................................46 196 3.111 secondPartyAddressees Attribute.................................46 197 3.112 section Attribute...............................................47 198 3.113 secureFacsimileNumber Attribute.................................47 199 3.114 secureTelephoneNumber Attribute.................................47 200 3.115 sepUKMs Attribute...............................................47 201 3.116 serviceNumber Attribute.........................................47 202 3.117 serviceOrAgency Attribute.......................................48 203 3.118 sHD Attribute...................................................48 204 3.119 shortTitle Attribute............................................48 205 3.120 sigad Attribute.................................................48 206 3.121 spot Attribute..................................................49 207 3.122 tARE Attribute..................................................49 208 3.123 tCC Attribute...................................................49 209 3.124 tCCG Attribute..................................................49 210 3.125 transferStation Attribute.......................................49 211 3.126 tRC Attribute...................................................50 212 3.127 usdConversion Attribute.........................................50 213 4. NAME FORMS........................................................51 214 4.1 aCPNetworkEdBNameForm............................................51 215 4.2 aCPNetworkInstrEdBNameForm.......................................51 216 4.3 addressListNameForm..............................................51 217 4.4 aENameForm.......................................................51 218 4.5 aliasCNNameForm..................................................51 219 4.6 aliasOUNameForm..................................................51 220 4.7 applProcessNameForm..............................................51 221 4.8 alternateSpellingPLANameForm.....................................51 222 4.9 cadPLANameForm...................................................52 223 4.10 cRLDistPtNameForm................................................52 224 4.11 countryNameForm..................................................52 225 4.12 deviceNameForm...................................................52 226 4.13 distributionCodeDescriptionNameForm..............................52 227 4.14 dSANameForm......................................................52 228 4.15 dSSCSPLANameForm.................................................52 229 4.16 gONNameForm......................................................52 230 4.17 locNameForm......................................................53 231 4.18 messagingGatewayNameForm.........................................53 232 4.19 mhs-dLNameForm...................................................53 233 4.20 mLANameForm......................................................53 234 4.21 mLAgentNameForm..................................................53 235 4.22 mSNameForm.......................................................53 236 4.23 mTANameForm......................................................53 237 4.24 mUANameForm......................................................53 238 4.25 organizationalPLANameForm........................................54 239 4.26 organizationNameForm.............................................54 240 4.27 orgRNameForm.....................................................54 241 4.28 orgUNameForm.....................................................54 242 4.29 plaCollectiveNameForm............................................54 243 4.30 qualifiedOrgPersonNameForm.......................................54 244 4.31 releaseAuthorityPersonNameForm...................................54 245 4.32 releaseAuthorityPersonANameForm..................................54 246 4.33 routingIndicatorNameForm.........................................55 247 4.34 sigintNameForm...................................................55 248 4.35 sIPLANameForm....................................................55 249 4.36 sOPNameForm......................................................55 250 4.37 spotPLANameForm..................................................55 251 4.38 taskForcePLANameForm.............................................55 252 4.39 tenantPLANameForm................................................55 253 5. MATCHING RULES....................................................56 254 5.1 addressCapabilitiesMatch Matching Rule...........................56 255 5.2 capabilityMatch Matching Rule....................................56 256 5.3 oRAddressMatch Matching Rule.....................................56 257 5.4 oRNameExactMatch Matching Rule...................................56 258 5.5 caseIgnoreListSubstringsMatch Matching Rule......................56 259 5.6 booleanMatch Matching Rule.......................................56 260 6. ATTRIBUTE SYNTAXES................................................57 261 6.1 aCPLegacyFormat Attribute Syntax.................................57 262 6.2 aCPPreferredDelivery Attribute Syntax for the 263 aCPPreferredDelivery Attribute...................................57 264 6.3 aCPTelephoneFaxNumber Attribute Syntax...........................57 265 6.4 AddressCapabilities Attribute Syntax from X.402..................58 266 6.5 addressees Attribute Syntax......................................58 267 6.6 addressListType Attribute Syntax for the aLType Attribute........58 268 6.7 Capability Attribute Syntax from X.402...........................59 269 6.8 Classification Attribute Syntax..................................59 270 6.9 Community Abstract Syntax for the community Attribute............60 271 6.10 DLPolicy Attribute Syntax from X.402.............................60 272 6.11 DLSubmitPermission Attribute Syntax from X.402...................62 273 6.12 MLReceiptPolicy Attribute Syntax.................................62 274 6.13 ORName Attribute Syntax from X.411...............................63 275 6.14 otherNotificationsSupported Abstract Syntax for the 276 onSupported Attribute............................................63 277 6.15 Remarks Attribute Syntax.........................................63 278 6.16 RIParameters Attribute Syntax....................................64 279 7. EXAMPLE CONTENT RULES.............................................65 280 7.1 aCPApplicationEntityRuleEdA Content Rule.........................65 281 7.2 aCPCRLDistributionPointRule Content Rule.........................65 282 7.3 aCPDeviceRuleEdA Content Rule....................................65 283 7.4 aCPDSARuleEdA Content Rule.......................................65 284 7.5 aCPGroupOfNamesRule Content Rule.................................65 285 7.6 aCPLocalityRule Content Rule.....................................66 286 7.7 aCPMhs-distribution-listRule Content Rule........................66 287 7.8 aCPMhs-message-storeRuleEdA Content Rule.........................66 288 7.9 aCPMhs-message-transfer-agentRuleEdA Content Rule................66 289 7.10 aCPMhs-user-agentRule Content Rule...............................66 290 7.11 aCPOrganizationalPersonRuleEdB Content Rule......................66 291 7.12 aCPOrganizationalRoleRuleEdB Content Rule........................67 292 7.13 aCPOrganizationalUnitRuleEdB Content Rule........................67 293 7.14 aCPOrganizationRuleEdB Content Rule..............................68 294 7.15 aCPRoutingIndicatorEdB Content Rule..............................68 295 7.16 addressListRuleEdA Content Rule..................................68 296 7.17 aliasCommonNameRule Content Rule.................................69 297 7.18 aliasOrganizationalUnitRule Content Rule.........................69 298 7.19 distributionCodeDescriptionRule Content Rule.....................69 299 7.20 messagingGatewayRuleEdA Content Rule.............................69 300 7.21 mLAgentRule Content Rule.........................................69 301 7.22 networkEdBRule Content Rule......................................69 302 7.23 networkInstructionsRuleEdB Content Rule..........................70 303 7.24 rAPersonRuleEdA Content Rule.....................................70 304 7.25 sigintPLARule Content Rule.......................................70 305 7.26 spotPLARule Content Rule.........................................70 306 8. STRUCTURE RULES...................................................71 307 9. SECURITY CONSIDERATIONS...........................................71 308 10. REFERENCES........................................................72 309 11. ABBREVIATIONS.....................................................74 310 12. ACKNOWLEDGEMENTS..................................................76 311 13. AUTHOR'S ADDRESS..................................................76 312 1. INTRODUCTION 314 1.1 Background 316 ACP 133(B) [1] is the specification, developed by the Combined 317 Communications-Electronics Board (CCEB), of the X.500-based Allied 318 Directory. One of the things specified in ACP 133(B) [1] is the 319 directory user schema, which is called Common Content. In the 320 Common Content are directory elements that support several 321 communications applications including electronic mail (e-mail), 322 Message Handling Systems (MHS), and telephony. 324 The CCEB is a five nation joint military communications-electronics 325 organization whose mission is the coordination of any military 326 communications information systems matters among the members. The 327 Member Nations of the CCEB are Australia, Canada, New Zealand, the 328 United Kingdom, and the United States. 330 ACP 133(B) [1] specifies access to the Allied Directory using the 331 X.500 Directory Access Protocol (DAP). Also, within the CCEB, 332 guidelines have been developed for the use of the Internet LDAP. 334 1.2 Purpose 336 This document is meant to be informational. Its purpose is to 337 record an LDAP encoding of the Common Content, so that: 339 * elements from the Common Content can be applied generally to 340 applications and environments other than the Allied 341 Directory. For example, the name forms for components of 342 X.400 MHS could be used in any X.400/X.500 system. Likewise, 343 the addressList object class could be used in cases where 344 lists of recipients are processed differently than X.400 345 distribution lists. 347 * use of LDAP to access the Allied Directory is enabled 349 Since the Common Content is based on X.500, this document refers 350 to RFC 2252 [2] and RFC 2256 [3] for the X.500 schema elements 351 (e.g., localityName attribute, country object class). The 352 contents of this document are the specifications of all of the 353 rest of the schema elements in the Common Content (e.g., 354 mLAgentNameForm name form, otherContactInformation object class). 355 For descriptions and procedures regarding the Common Content 356 schema elements, consult ACP 133(B) [1]. 358 2. OBJECT CLASSES 360 2.1 aCPNetworkEdB Object Class 362 The aCPNetworkEdB structural object class is used to define 363 directory entries representing interconnected communications 364 networks. A Network EdB entry can have subordinate entries that 365 define the access and instructions for reaching other networks. 367 ( 2.16.840.1.101.2.2.3.68 NAME 'aCPNetworkEdB' 368 SUP 2.5.6.0 ; top 369 MUST 2.5.4.3 ; cn 370 MAY ( 2.5.4.13 $ ; description 371 2.16.840.1.101.2.2.1.147 $ ; aCPNetworkSchemaEdB 372 2.16.840.1.101.2.2.1.124 $ ; operationName 373 2.5.4.34 ) ) ; seeAlso 375 2.2 aCPNetworkInstructionsEdB Object Class 377 The aCPNetworkInstructionsEdB structural object class is used to 378 define a directory entry that provides the description of how to 379 reach the subject network from another network. 381 ( 2.16.840.1.101.2.2.3.69 NAME 'aCPNetworkInstructionsEdB' 382 SUP 2.5.6.0 ; top 383 MUST 2.5.4.3 ; cn 384 MAY ( 2.16.840.1.101.2.2.1.106 $ ; accessCodes 385 2.16.840.1.101.2.2.1.146 $ ; aCPNetwAccessSchemaEdB 386 2.5.4.13 $ ; description 387 2.16.840.1.101.2.2.1.121 ) ) ; networkDN 389 2.3 addressList Object Class 391 The addressList (aL) object class is used to define directory 392 entries that represent address lists, in particular, the members 393 of the list. The sender of a message uses the address list name 394 to send to all of the members in the list. The replacement of 395 the address list name by the members of the list is performed by 396 the sending User Agent (UA) or a Mailing List Agent (MLA), instead 397 of the Message Transfer System (MTS). 398 ( 2.16.840.1.101.2.2.3.57 NAME 'addressList' 399 SUP 2.5.6.0 ; top 400 MUST ( 2.5.4.3 $ ; cn 401 2.6.5.2.4 ) ; mhs-dl-submit-permissions 402 MAY ( 2.16.840.1.101.2.1.5.47 $ ; aLExemptedAddressProcessor 403 2.16.840.1.101.2.1.5.14 $ ; alid 404 2.16.840.1.101.2.2.1.135 $ ; aLReceiptPolicy 405 2.16.840.1.101.2.2.1.112 $ ; aLType 406 2.5.4.15 $ ; businessCategory 407 2.16.840.1.101.2.2.1.114 $ ; copyMember 408 2.5.4.13 $ ; description 409 2.5.4.31 $ ; member 410 2.6.5.2.12 $ ; mhs-dl-archive-service 411 2.6.5.2.13 $ ; mhs-dl-policy 412 2.6.5.2.14 $ ; mhs-dl-related-lists 413 2.6.5.2.15 $ ; mhs-dl-subscription-service 414 2.5.4.11 $ ; ou 415 2.5.4.10 $ ; o 416 2.5.4.32 $ ; owner 417 2.16.840.1.101.2.2.1.76 $ ; remarks 418 2.5.4.34 ) ) ; seeAlso 420 2.4 aliasCommonName Object Class 422 The aliasCommonName object class is a subclass of alias where an 423 alias entry is named by commonName. It is useful when different 424 attributes are used for the Relative Distinguished Names (RDNs) of 425 aliases to different types of entries (e.g., commonName as alias 426 to a person entry and organizationalUnitName as alias to a 427 corporate department entry). See the aliasOrganizationalUnit 428 object class. 430 ( 2.16.840.1.101.2.2.3.52 NAME 'aliasCommonName' 431 SUP 2.5.6.1 ; alias 432 MUST 2.5.4.3 ) ; cn 434 2.5 aliasOrganizationalUnit Object Class 436 The aliasOrganizationalUnit object class is a subclass of alias 437 where an alias entry is named by organizationalUnitName. It 438 is useful when different attributes are used for the RDNs of 439 aliases to different types of entries. See the aliasCommonName 440 object class definition and example. 442 ( 2.16.840.1.101.2.2.3.53 NAME 'aliasOrganizationalUnit' 443 SUP 2.5.6.1 ; alias 444 MUST 2.5.4.11 ) ; ou 446 2.6 altSpellingACP127 Object Class 448 The altSpellingACP127 object class is used to represent a Plain 449 Language Address (PLA) that is an alternative spelling of another 450 PLA. An object from this class always contains a reference to the 451 PLA for which it provides the alternative spelling. This object 452 class is a subclass of the plaACP127 auxiliary object class. 454 ( 2.16.840.1.101.2.2.3.58 NAME 'altSpellingACP127' 455 SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 456 MUST ( 2.16.840.1.101.2.2.1.72 $ ; plaReplace 457 2.16.840.1.101.2.2.1.73 ) ) ; primarySpellingACP127 459 2.7 cadACP127 Object Class 461 The cadACP127 (Collective Address Designator) object class is used 462 to represent an ACP 127/JANAP 128 (Joint Army, Navy, Air Force 463 Procedure) [4]/[5] distribution list. It is a subclass of the 464 plaACP127 auxiliary object class. 466 ( 2.16.840.1.101.2.2.3.28 NAME 'cadACP127' 467 SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 468 MUST 2.16.840.1.101.2.2.1.51 ; cognizantAuthority 469 MAY ( 2.16.840.1.101.2.2.1.113 $ ; associatedAL 470 2.16.840.1.101.2.2.1.56 $ ; entryClassification 471 2.16.840.1.101.2.2.1.75 $ ; recapDueDate 472 2.16.840.1.101.2.2.1.79 ) ) ; rIInfo 474 2.8 distributionCodeDescription Object Class 476 The distributionCodeDescription object class is used to define a 477 directory entry that represents a registered Distribution Code in 478 the directory and describes its meaning. See ACP 123 [6] for 479 specification of distribution codes. The distribution code is 480 held in the commonName attribute. 482 ( 2.16.840.1.101.2.2.3.55 NAME 'distributionCodeDescription' 483 SUP 2.5.6.0 ; top 484 MUST 2.5.4.3 ; cn 485 MAY 2.5.4.13 ) ; description 487 2.9 distributionCodesHandled Object Class 489 The distributionCodesHandled object class provides for identifying 490 the distribution codes (e.g., Subject Indicator Codes (SIC) as 491 defined in NATO Subject Indicator System (NASIS) - publication 3 492 (NATO APP-3) [7] and supplements) which are handled, either for 493 action or information, by the object (e.g., organizational role, 494 organizational person, or organizational unit) represented by the 495 directory entry in which this auxiliary is included. 497 ( 2.16.840.1.101.2.2.3.54 NAME 'distributionCodesHandled' 498 SUP 2.5.6.0 ; top 499 AUXILIARY 500 MAY ( 2.16.840.1.101.2.2.1.104 $ ; distributionCodeAction 501 2.16.840.1.101.2.2.1.105 ) ) ; distributionCodeInfo 503 2.10 dSSCSPLA Object Class 505 The dSSCSPLA object class is used to represent an Intelligence 506 Community (IC) Plain Language Address (PLA) organization that, in 507 the directory, is named using the plaNameACP127 attribute. 509 ( 2.16.840.1.101.2.2.3.67 NAME 'dSSCSPLA' 510 SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 511 MUST ( 2.16.840.1.101.2.2.1.77 ; rI ) 512 MAY ( 2.16.840.1.101.2.2.1.143 $ ; adminConversion 513 2.16.840.1.101.2.2.1.4 $ ; associatedOrganization 514 2.5.4.7 $ ; localityName 515 2.16.840.1.101.2.2.1.85 $ ; sigad 516 2.16.840.1.101.2.2.1.145 ) ) ; usdConversion 518 2.11 messagingGateway Object Class 520 The messagingGateway object class is used to store information 521 about an application entity which serves as an application layer 522 gateway between two mail systems. When a gateway performs 523 translation services, a messagingGateway object provides a 524 mechanism to address these translation services directly. 526 ( 2.16.840.1.101.2.2.3.59 NAME 'messagingGateway' 527 SUP 2.6.5.1.2 ; mhs-message-transfer-agent 528 MAY ( 2.16.840.1.101.2.2.1.110 $ ; administrator 529 2.16.840.1.101.2.2.1.111 $ ; aigsExpanded 530 2.16.840.1.101.2.2.1.115 $ ; gatewayType 531 2.16.840.1.101.2.2.1.116 $ ; ghpType 532 0.9.2342.19200300.100.1.9 $ ; host 533 2.16.840.1.101.2.2.1.118 $ ; mailDomains 534 2.6.5.2.17 $ ; mhs-acceptable-eits 535 2.6.5.2.1 $ ; mhs-deliverable-content-types 536 2.6.5.2.2 $ ; mhs-exclusively-acceptable-eits 537 2.6.5.2.5 $ ; mhs-message-store-dn 538 2.6.5.2.6 $ ; mhs-or-addresses 539 2.6.5.2.16 $ ; mhs-or-addresses-with-capabilities 540 2.6.5.2.18 $ ; mhs-unacceptable-eits 541 2.16.840.1.101.2.2.1.123 $ ; onSupported 542 2.16.840.1.101.2.2.1.70 $ ; plaNameACP127 543 2.16.840.1.101.2.2.1.79 ) ) ; rIInfo 545 2.12 mhs-distribution-list Object Class 547 The mhs-distribution-list object class is used to define a 548 directory entry that represents a distribution list (DL), that 549 is, an address list that is expanded by the MTS. The attributes 550 in the entry identify the distribution list name, submit 551 permissions, and OR-addresses and, to the extent that the relevant 552 attributes are present, describe the DL, identify its organization, 553 organizational units, and owner; cite related objects; identify 554 its maximum content length, deliverable content types, and 555 acceptable, exclusively acceptable, and unacceptable encoded 556 information types (EITs); and identify its expansion policy, 557 subscription addresses, archive addresses, related lists, 558 and members. 560 ( 2.6.5.1.0 NAME 'mhs-distribution-list' 561 SUP 2.5.6.0 ; top MUST ( 2.5.4.3 $ ; cn 562 2.6.5.2.4 $ ; mhs-dl-submit-permissions 563 2.6.5.2.6 ) ; mhs-or-addresses 564 MAY ( 2.5.4.13 $ ; description 565 2.5.4.10 $ ; o 566 2.5.4.11 $ ; ou 567 2.5.4.32 $ ; owner 568 2.5.4.34 $ ; seeAlso 569 2.6.5.2.0 $ ; mhs-maximum-content-length 570 2.6.5.2.1 $ ; mhs-deliverable-content-types 571 2.6.5.2.17 $ ; mhs-acceptable-eits 572 2.6.5.2.2 $ ; mhs-exclusively-acceptable-eits 573 2.6.5.2.18 $ ; mhs-unacceptable-eits 574 2.6.5.2.13 $ ; mhs-dl-policy 575 2.6.5.2.15 $ ; mhs-dl-subscription-service 576 2.6.5.2.12 $ ; mhs-dl-archive-service 577 2.6.5.2.14 $ ; mhs-dl-related-lists 578 2.6.5.2.3 ) ) ; mhs-dl-members 580 2.13 mhs-message-store Object Class 582 The mhs-message-store object class is used to define directory 583 entries that represent application entities that implement the 584 MHS Message Store (MS) functionality. The attributes in an entry, 585 to the extent that they are present, describe the MS, identify its 586 owner, and enumerate the attributes, automatic actions, matching 587 rules, content types, and network protocols the MS supports. 589 ( 2.6.5.1.1 NAME 'mhs-message-store' 590 SUP 2.5.6.12 ; applicationEntity 591 MAY (2.5.4.32 $ ; owner 592 $ 2.6.5.2.10 $ ; mhs-supported-attributes 593 $ 2.6.5.2.8 $ ; mhs-supported-automatic-actions 594 $ 2.6.5.2.11 $ ; mhs-supported-matching-rules 595 $ 2.6.5.2.9 $ ; mhs-supported-content-types 596 $ 2.5.4.48 ) ) ; protocolInformation 598 2.14 mhs-message-transfer-agent Object Class 600 The mhs-message-transfer-agent object class is used to define 601 directory entries that represent application entities that 602 implement the MHS Message Transfer Agent (MTA) functionality. The 603 attributes in an entry, to the extent that they are present, 604 describe the MTA and identify its owner, the maximum content 605 length it can handle, and its supported network protocols. 607 ( 2.6.5.1.2 NAME 'mhs-message-transfer-agent' 608 SUP 2.5.6.12 ; applicationEntity 609 MAY ( 2.5.4.32 $ ; owner 610 2.6.5.2.0 $ ; mhs-maximum-content-length 611 2.5.4.48 ) ) ; protocolInformation 613 2.15 mhs-user Object Class 615 The mhs-user object class is used in defining directory entries 616 representing MHS users. The attributes in an entry identify the 617 MHS user's OR-address and, to the extent that the relevant 618 attributes are present, identify the maximum content length, 619 content types, and EITs that can be handled by the user; its MS; 620 and its preferred delivery methods. 622 ( 2.6.5.1.3 NAME 'mhs-user' 623 SUP 2.5.6.0 ; top 624 AUXILIARY 625 MUST 2.6.5.2.6 ; mhs-or-addresses 626 MAY ( 2.6.5.2.0 $ ; mhs-maximum-content-length 627 2.6.5.2.1 $ ; mhs-deliverable-content-types 628 2.6.5.2.17 $ ; mhs-acceptable-eits 629 2.6.5.2.2 $ ; mhs-exclusively-acceptable-eits 630 2.6.5.2.18 $ ; mhs-unacceptable-eits 631 2.6.5.2.16 $ ; mhs-or-addresses-with-capabilities 632 2.6.5.2.5 ) ) ; mhs-message-store-dn 634 2.16 mhs-user-agent Object Class 636 The mhs-message-transfer-agent object class is used to define 637 directory entries that represent application entities that 638 implement the MHS MTA functionality. The attributes in an entry, 639 to the extent that they are present, describe the MTA and identify 640 its owner, the maximum content length it can handle, and its 641 supported network protocols. 643 ( 2.6.5.1.4 NAME 'mhs-user-agent' 644 SUP 2.5.6.12 ; applicationEntity 645 MAY ( 2.5.4.32 $ ; owner 646 2.6.5.2.0 $ ; mhs-maximum-content-length 647 2.6.5.2.1 $ ; mhs-deliverable-content-types 648 2.6.5.2.17 $ ; mhs-acceptable-eits 649 2.6.5.2.2 $ ; mhs-exclusively-acceptable-eits 650 2.6.5.2.18 $ ; mhs-unacceptable-eits 651 2.6.5.2.19 $ ; mhs-deliverable-classes 652 2.6.5.2.6 $ ; mhs-or-addresses 653 2.5.4.48 ) ) ; protocolInformation 655 2.17 mLA Object Class 657 The mLA object class is used to represent an application entity 658 that performs the functions of a Mail List Agent (MLA). This 659 object class is a subclass of applicationEntity and 660 strong-authentication-user. 662 Note that this object class may become obsolete, depending on the 663 resolution of Certificate Management Infrastructure (CMI) issues. 665 ( 2.16.840.1.101.2.2.3.31 NAME 'mLA' 666 SUP ( 2.5.6.12 $ ; applicationEntity 667 2.5.6.15 ) ; strongAuthenticationUser 668 MAY 2.5.4.52 ) ; supportedAlgorithms 670 2.18 mLAgent Object Class 672 The mLAgent object class is used to represent an application 673 entity that performs the functions of a MLA. This object class 674 is a subclass of applicationEntity and pkiUser. 676 ( 2.16.840.1.101.2.2.3.64 NAME 'mLAgent' 677 SUP ( 2.5.6.12 $ ; applicationEntity 678 2.5.6.21 ; pkiUser ) 679 MAY 2.5.4.52 ) ; supportedAlgorithms 681 2.19 orgACP127 Object Class 683 The orgACP127 object class is used to define the entry for a 684 single ACP 127/JANAP 128 [4]/[5] messaging user. This object 685 class is a subclass of the plaACP127 auxiliary object class. 687 ( 2.16.840.1.101.2.2.3.34 NAME 'orgACP127' 688 SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 689 MAY ( 2.16.840.1.101.2.2.1.53 $ ; accountingCode 690 2.16.840.1.101.2.2.1.4 $ ; associatedOrganization 691 2.5.4.6 $ ; c 692 2.16.840.1.101.2.2.1.54 $ ; dualRoute 693 2.16.840.1.101.2.2.1.56 $ ; entryClassification 694 2.5.4.7 $ ; l 695 2.16.840.1.101.2.2.1.63 $ ; longTitle 696 2.16.840.1.101.2.2.1.64 $ ; minimize 697 2.16.840.1.101.2.2.1.65 $ ; minimizeOverride 698 2.16.840.1.101.2.2.1.67 $ ; nameClassification 699 2.16.840.1.101.2.2.1.77 $ ; rI 700 2.16.840.1.101.2.2.1.79 $ ; rIInfo 701 2.16.840.1.101.2.2.1.81 $ ; section 702 2.5.4.8 $ ; st 703 2.16.840.1.101.2.2.1.87 ) ) ; tARE 705 2.20 otherContactInformation Object Class 707 The otherContactInformation object class provides for additional 708 telephone, location, and mailbox information in directory entries. 710 ( 2.16.840.1.101.2.2.3.62 NAME 'otherContactInformation' 711 SUP 2.5.6.0 ; top 712 AUXILIARY 713 MAY ( 2.16.840.1.101.2.2.1.94 $ ; aCPMobileTelephoneNumber 714 2.16.840.1.101.2.2.1.95 $ ; aCPPagerTelephoneNumber 715 2.16.840.1.101.2.2.1.108 $ ; aCPPreferredDelivery 716 2.16.840.1.101.2.2.1.118 $ ; mailDomains 717 2.16.840.1.101.2.2.1.119 $ ; militaryFacsimileNumber 718 2.16.840.1.101.2.2.1.120 $ ; militaryTelephoneNumber 719 2.16.840.1.101.2.2.1.126 $ ; proprietaryMailboxes 720 0.9.2342.19200300.100.1.6 $ ; roomNumber 721 2.16.840.1.101.2.2.1.127 $ ; secureFacsimileNumber 722 2.16.840.1.101.2.2.1.128 ) ) ; secureTelephoneNumber 724 2.21 pkiCA Object Class 726 The pkiCA object class is used to represent Certification Authorities. 728 ( 2.5.6.22 NAME 'pkiCA' 729 SUP 2.5.6.0 ; top 730 AUXILIARY 731 MAY ( 2.5.4.37 $ ; cACertificate 732 2.5.4.39 $ ; certificateRevocationList 733 2.5.4.38 $ ; authorityRevocationList 734 2.5.4.40 ) ) ; crossCertificatePair 736 2.22 pkiUser Object Class 738 The pkiUser object class is used to represent certificate 739 subjects. A certificate subject is a human or other type of 740 directory user to which a certificate has been issued. 742 ( 2.5.6.21 NAME 'pkiUser' 743 SUP 2.5.6.0 ; top 744 AUXILIARY 745 MAY 2.5.4.36 ) ; userCertificate 747 2.23 plaACP127 Object Class 749 The plaACP127 object class provides for the general PLA attributes 750 common to general service (GENSER) PLA entries, all of which 751 inherit this class. 753 ( 2.16.840.1.101.2.2.3.47 NAME 'plaACP127' 754 SUP 2.5.6.0 ; top 755 AUXILIARY 756 MUST 2.16.840.1.101.2.2.1.70 ; plaNameACP127 758 MAY ( 2.16.840.1.101.2.2.1.52 $ ; community 759 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 760 2.16.840.1.101.2.2.1.57 $ ; expirationDate 761 2.16.840.1.101.2.2.1.68 $ ; nationality 762 2.16.840.1.101.2.2.1.74 $ ; publish 763 2.16.840.1.101.2.2.1.76 $ ; remarks 764 2.16.840.1.101.2.2.1.82 ) ) ; serviceOrAgency 766 2.24 plaCollectiveACP127 Object Class 768 The plaCollectiveACP127 object class is used to define the entry 769 for an ACP 127/JANAP 128 [4]/[5] Address Indicator Group (AIG) 770 distribution list or Type distribution list. This object class is 771 a subclass of the plaACP127 auxiliary object class. 773 ( 2.16.840.1.101.2.2.3.35 NAME 'plaCollectiveACP127' 774 SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 775 MUST 2.16.840.1.101.2.2.1.51 ; cognizantAuthority 776 MAY ( 2.16.840.1.101.2.2.1.46 $ ; actionAddressees 777 2.16.840.1.101.2.2.1.50 $ ; allowableOriginators 778 2.16.840.1.101.2.2.1.113 $ ; associatedAL 779 2.5.4.13 $ ; description 780 2.16.840.1.101.2.2.1.56 $ ; entryClassification 781 2.16.840.1.101.2.2.1.59 $ ; infoAddressees 782 2.16.840.1.101.2.2.1.60 $ ; lastRecapDate 783 2.16.840.1.101.2.2.1.75 ) ) ; recapDueDate 785 2.25 plaData Object Class 787 The plaData object class contains attributes common to Special 788 Intelligence (SI) PLAs. 790 ( 2.16.840.1.101.2.2.3.26 NAME 'plaData' 791 SUP 2.5.6.0 ; top 792 AUXILIARY 793 MAY ( 2.16.840.1.101.2.2.1.52 $ ; community 794 2.5.4.13 $ ; description 795 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 796 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 798 2.26 plaUser Object Class 800 The plaUser object class contains the name of a PLA's directory 801 entry and, optionally, Routing Indicator (RI) for addressing 802 that PLA. 804 ( 2.16.840.1.101.2.2.3.56 NAME 'plaUser' 805 SUP 2.5.6.0 ; top 806 AUXILIARY 807 MUST 2.16.840.1.101.2.2.1.70 ; plaNameACP127 808 MAY 2.16.840.1.101.2.2.1.79 ) ; rIInfo 810 2.27 releaseAuthorityPerson Object Class 812 The releaseAuthorityPerson object class is used to define the 813 entry for a role of release authority who releases organizational 814 messages on behalf of an organization. Whereas organizations 815 originate their organizational messages, it is the job of the 816 release authority to sign the messages. Release authorities do 817 not send individual messages and do not receive messages. 819 Note that this object class may become obsolete, depending on the 820 resolution of CMI issues. 822 ( 2.16.840.1.101.2.2.3.63 NAME 'releaseAuthorityPerson' 823 SUP.2.16.840.1.101.2.1.4.13 ; secure-user 824 MUST 2.16.840.1.101.2.2.1.45 ) ; releaseAuthorityName 826 2.28 releaseAuthorityPersonA Object Class 828 The releaseAuthorityPersonA object class is used to define the 829 entry for a role of release authority who releases organizational 830 messages on behalf of an organization. Whereas organizations 831 originate their organizational messages, it is the job of the 832 release authority to sign the messages. Release authorities do 833 not send individual messages and do not receive messages. 835 ( 2.16.840.1.101.2.2.3.65 NAME 'releaseAuthorityPersonA' 836 SUP.2.16.840.1.101.2.2.3.66 ; securePkiUser 837 MUST 2.16.840.1.101.2.2.1.45 ) ; releaseAuthorityName 839 2.29 routingIndicator Object Class 841 The routingIndicator object class is used to define an entry for 842 a RI and is a subclass of the plaData auxiliary object class. 844 ( 2.16.840.1.101.2.2.3.37 NAME 'routingIndicator' 845 SUP 2.16.840.1.101.2.2.3.26 ; plaData 846 MUST 2.16.840.1.101.2.2.1.77 ; rI 847 MAY ( 2.16.840.1.101.2.2.1.62 $ ; lmf 848 2.6.5.2.0 $ ; mhs-maximum-content-length 849 2.16.840.1.101.2.2.1.68 $ ; nationality 850 2.16.840.1.101.2.2.1.74 $ ; publish 851 2.16.840.1.101.2.2.1.78 $ ; rIClassification 852 2.16.840.1.101.2.2.1.83 $ ; sHD 853 2.16.840.1.101.2.2.1.96 $ ; tCC 854 2.16.840.1.101.2.2.1.69 $ ; transferStation 855 2.16.840.1.101.2.2.1.97 ) ) ; tRC 857 2.30 secure-user Object Class 859 The secure-user object class is used in defining directory entries 860 that include credentials for users. It is a subclass of the 861 strongAuthenticationUser object class, defined in X.521 [8], which 862 provides for a user certificate. 864 Note that this object class may become obsolete, depending on the 865 resolution of CMI issues. 867 ( 2.16.840.1.101.2.1.4.13 NAME 'secure-user' 868 SUP 2.5.6.15 ; strongAuthenticationUser 869 AUXILIARY 870 MAY ( 2.5.6.58 $ ; attributeCertificate 871 2.5.4.52 ) ) ; supportedAlgorithms 873 2.31 securePkiUser Object Class 875 The securePkiUser (Public Key Infrastructure) object class is used 876 in defining directory entries that include credentials for ACP 123 877 [6] users. It is a subclass of the pkiUser object class, defined 878 in RFC 2587 [9], which provides for a user certificate. 880 ( 2.16.840.1.101.2.2.3.66 NAME 'securePkiUser' 881 SUP 2.5.6.21 ; pkiUser 882 AUXILIARY 883 MAY ( 2.5.6.58 $ ; attributeCertificate 884 2.5.4.52 ) ) ; supportedAlgorithms 886 2.32 sigintPLA Object Class 888 The sigintPLA (Signal Intelligence) object class is used to 889 represent sensitive SI PLAs. This object class is a subclass of 890 the plaData auxiliary object class. 892 ( 2.16.840.1.101.2.2.3.38 NAME 'sigintPLA' 893 SUP 2.16.840.1.101.2.2.3.26 ; plaData 894 MUST 2.16.840.1.101.2.2.1.85 ; sigad 895 MAY ( 2.5.4.7 $ ; l 896 2.16.840.1.101.2.2.1.68 $ ; nationality 897 2.16.840.1.101.2.2.1.74 $ ; publish 898 2.16.840.1.101.2.2.1.76 $ ; remarks 899 2.16.840.1.101.2.2.1.77 $ ; rI 900 2.16.840.1.101.2.2.1.84 ) ) ; shortTitle 902 2.33 sIPLA Object Class 904 The sIPLA object class is used to define the entry for a single 905 Special Intelligence (SI) messaging user. This object class is a 906 subclass of the plaData auxiliary object class. 908 ( 2.16.840.1.101.2.2.3.39 NAME 'sIPLA' 909 SUP 2.16.840.1.101.2.2.3.26 ; plaData 910 MUST 2.16.840.1.101.2.2.1.63 ; longTitle 911 MAY ( 2.5.4.7 $ ; l 912 2.16.840.1.101.2.2.1.68 $ ; nationality 913 2.16.840.1.101.2.2.1.74 $ ; publish 914 2.16.840.1.101.2.2.1.76 $ ;remarks 915 2.16.840.1.101.2.2.1.77 $ ; rI 916 2.16.840.1.101.2.2.1.84 $ ; shortTitle 917 2.16.840.1.101.2.2.1.85 ) ) ; sigad 919 2.34 spotPLA Object Class 921 The spotPLA object class is used to define an entry for a special 922 products distribution list. This object class is a subclass of 923 the plaData auxiliary object class. 925 ( 2.16.840.1.101.2.2.3.40 NAME 'spotPLA' 926 SUP 2.16.840.1.101.2.2.3.26 ; plaData 927 MUST 2.16.840.1.101.2.2.1.86 ; spot 928 MAY ( 2.16.840.1.101.2.2.1.46 $ ; actionAddressees 929 2.16.840.1.101.2.2.1.47 $ ; additionalAddressees 930 2.16.840.1.101.2.2.1.48 $ ; additionalSecondPartyAddressees 931 2.6.5.2.4 $ ; mhs-dl-submit-permissions 932 2.16.840.1.101.2.2.1.76 $ ; remarks 933 2.16.840.1.101.2.2.1.80 ) ) ; secondPartyAddressees 935 2.35 taskForceACP127 Object Class 937 The taskForceACP127 object class is used to define a directory 938 entry for an ACP 127/JANAP 128 [4]/[5] task force distribution 939 list. This object class is a subclass of the plaACP127 auxiliary 940 object class. 942 ( 2.16.840.1.101.2.2.3.41 NAME 'taskForceACP127' 943 SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 944 MUST ( 2.16.840.1.101.2.2.1.51 $ ; cognizantAuthority 945 2.16.840.1.101.2.2.1.60 $ ; lastRecapDate 946 2.16.840.1.101.2.2.1.75 ; recapDueDate) 947 MAY ( 2.16.840.1.101.2.2.1.113 $ ; associatedAL 948 2.16.840.1.101.2.2.1.56 $ ; entryClassification 949 2.16.840.1.101.2.2.1.71 ) ) ; plaAddressees 951 2.36 tenantACP127 Object Class 953 The tenantACP127 object class is used to define a directory entry 954 that represents a tenant PLA. This object class is a subclass of 955 the plaACP127 auxiliary object class. 957 ( 2.16.840.1.101.2.2.3.42 NAME 'tenantACP127' 958 SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 959 MUST 2.16.840.1.101.2.2.1.58 ; hostOrgACP127 960 MAY ( 2.16.840.1.101.2.2.1.56 $ ; entryClassification 961 2.16.840.1.101.2.2.1.87 ) ) ; tARE 963 2.37 ukms Object Class 965 The ukms object class contains the monthly values of user keying 966 material (UKM) used in the construction of selected CCEB symmetric 967 confidentiality algorithms. 969 ( 2.16.840.1.101.2.1.4.16 NAME 'ukms' 970 SUP 2.5.6.0 ; top 971 AUXILIARY 972 MAY ( 2.16.840.1.101.2.1.5.20 $ ; janUKMs 973 2.16.840.1.101.2.1.5.21 $ ; febUKMs 974 2.16.840.1.101.2.1.5.22 $ ; marUKMs 975 2.16.840.1.101.2.1.5.23 $ ; aprUKMs 976 2.16.840.1.101.2.1.5.24 $ ; mayUKMs 977 2.16.840.1.101.2.1.5.25 $ ; junUKMs 978 2.16.840.1.101.2.1.5.26 $ ; julUKMs 979 2.16.840.1.101.2.1.5.27 $ ; augUKMs 980 2.16.840.1.101.2.1.5.28 $ ; sepUKMs 981 2.16.840.1.101.2.1.5.29 $ ; octUKMs 982 2.16.840.1.101.2.1.5.30 $ ; novUKMs 983 2.16.840.1.101.2.1.5.31 ) ) ; decUKMs 985 3. ATTRIBUTE TYPES 987 3.1 accessCodes Attribute 989 The accessCodes attribute value gives the coding of how to reach 990 one network from another. Additional instructions for the use of 991 this access code are contained in a description attribute in the 992 same entry. For example, in a private telephone network, the user 993 could be required to dial "8" to reach other users in a different 994 city or to dial "9" to exit the private network. 996 ( 2.16.840.1.101.2.2.1.106 NAME 'accessCodes' 997 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ; Printable String 999 3.2 accountingCode Attribute 1001 The accountingCode attribute value is a character string used in 1002 logistics applications to identify an organization uniquely. One 1003 example is the U.S. Department of Defense Activity Accounting Code 1004 (DODAAC). 1006 ( 2.16.840.1.101.2.2.1.53 NAME 'accountingCode' 1007 EQUALITY 2.5.13.2 ; caseIgnoreMatch 1008 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 1009 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{7} ) ; Printable String 1011 3.3 aCPLegacyFormat Attribute 1013 The aCPLegacyFormat provides the specific message format type used 1014 when the value of the aCPPreferredDelivery attribute is ACP127(1). 1016 ( 2.16.840.1.101.2.2.1.142 NAME 'aCPLegacyFormat' 1017 SYNTAX 2.16.840.1.101.2.2.2.17 ; ACPLegacyFormat 1018 SINGLE-VALUE ) 1020 3.4 aCPMobileTelephoneNumber Attribute 1022 The aCPMobileTelephoneNumber attribute value identifies a mobile 1023 telephone number for the object represented by the directory entry 1024 that contains this attribute. 1026 ( 2.16.840.1.101.2.2.1.94 NAME 'aCPMobileTelephoneNumber' 1027 SUP 2.5.4.20 ) ; telephoneNumber 1029 3.5 aCPNetwAccessSchemaEdB Attribute 1031 The aCPNetwAccessSchemaEdB attribute value is a schematic representation 1032 used to complete the access information from one network to 1033 another in the case of a complex connection. (Many connections 1034 are not complex enough to need such a description and in that case 1035 the attribute would not be populated.) 1036 ( 2.16.840.1.101.2.2.1.146 NAME 'aCPNetwAccessSchemaEdB' 1037 SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) ; JPEG 1039 3.6 aCPNetworkSchemaEdB Attribute 1041 The aCPNetworkSchemaEdB attribute value is a graphical 1042 representation of a network. It describes the structure of the 1043 network and details any rules associated with that network. 1045 ( 2.16.840.1.101.2.2.1.147 NAME 'aCPNetworkSchemaEdB' 1046 SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) ; JPEG 1048 3.7 aCPPagerTelephoneNumber Attribute 1050 The aCPPagerTelephoneNumber attribute identifies a telephone 1051 number for a pager associated with the object represented by the 1052 directory entry. 1054 ( 2.16.840.1.101.2.2.1.95 NAME 'aCPPagerTelephoneNumber' 1055 SUP 2.5.4.20 ) ; telephoneNumber 1057 3.8 aCPPreferredDelivery Attribute 1059 The aCPPreferredDelivery attribute value is used to determine the 1060 messaging system a user, represented by the directory entry, 1061 prefers for message delivery. The possible values are: 1062 "ACP 127", "SMTP" or "MHS". "MHS" signifies either standard X.400 1063 (1984 or 1988) or ACP 123-compliant X.400. 1065 ( 2.16.840.1.101.2.2.1.108 NAME 'aCPPreferredDelivery' 1066 SYNTAX 2.16.840.1.101.2.2.2.6 ; ACP Preferred Delivery syntax 1067 SINGLE-VALUE ) 1069 3.9 aCPTelephoneFaxNumber ATTRIBUTE 1071 The aCPTelephoneFaxNumber attribute is defined for use as a 1072 supertype in defining the attributes: 1074 militaryFacsimileNumber 1075 militaryTelephoneNumber 1076 secureFacsimileNumber 1077 secureTelephoneNumber 1079 A value of the aCPTelephoneFaxNumber attribute and the attributes 1080 defined as its subtypes is a telephone number that is used for 1081 military purposes and is associated with an object represented by 1082 the directory entry. For example, a person may have a telephone, 1083 equipped with a STU III (Secure Telephone Unit) device, on the 1084 Public Switched Telephone Network (PSTN). 1086 ( 2.16.840.1.101.2.2.1.109 NAME 'aCPTelephoneFaxNumber' 1087 EQUALITY 2.5.13.20 ; telephoneNumberMatch 1088 SUBSTR 2.5.13.21 ; telephoneNumberSubstringsMatch 1089 SYNTAX 2.16.840.1.101.2.2.2.1 ) ; ACPTelephoneFaxNumberSyntax 1091 The attribute value for an ACP telephone number contains the 1092 following substrings which are separated by commas (i.e., ","): 1094 network or site identifier 1095 telephone number 1096 security device identifier 1098 The maximum size of the network or site identifier substring is 1099 six characters. In the example, the string "PSTN" would be the 1100 value of this identifier. 1102 For the telephone number substring, if the network is the PSTN, 1103 then the format shall be as for a Telephone Number as defined in 1104 X.520 [10] (i.e., CCITT E.123). Extension numbers shall be 1105 preceded by "ext." or other nationally defined equivalent. The 1106 maximum length of this substring is 32 characters. In the 1107 example, the string "+1 555 222 ext. 34" could be the value of 1108 the telephone number. 1110 The maximum size of the security device identifier substring is 1111 eight characters. In the example, the string "STU III" would be 1112 the value of this identifier. 1114 The complete example value would be "PSTN, +1 555 222 ext. 34, 1115 STU III". 1117 The security device (and preceding substring separator ",") is 1118 present only if the military telephone number is secured (i.e., 1119 attribute subtypes secureTelephoneNumber or secureFacsimileNumber). 1121 Note that the equality and substring matching rule for this 1122 attribute is not case sensitive and the substring matching rule is 1123 case sensitive. Thus, it is recommended that the network/site 1124 identifier and security device identifier are in upper case. 1126 3.10 actionAddressees Attribute 1128 An actionAddressees attribute value is the list of action 1129 addressees of an ACP 127/JANAP 128 [4]/[5] collective, for 1130 example, an AIG. An action addressee is expected to take action 1131 appropriate on the message content, whereas an information 1132 addressee receives the message for informational purposes only. 1134 ( 2.16.840.1.101.2.2.1.46 NAME 'actionAddressees' 1135 EQUALITY 2.5.13.11 ; caseIgnoreListMatch 1136 SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch 1137 SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax 1139 3.11 additionalAddressees Attribute 1141 The additionalAddressees attribute value is a list of addressees 1142 to be added to the actionAddressees list (value of the 1143 actionAddressees attribute) under circumstances identified in the 1144 remarks attribute in the same directory entry. 1146 ( 2.16.840.1.101.2.2.1.47 NAME 'additionalAddressees' 1147 EQUALITY 2.5.13.11 ; caseIgnoreListMatch 1148 SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch 1149 SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax 1151 3.12 additionalSecondPartyAddressees Attribute 1153 The additionalSecondPartyAddressees attribute value is a list of 1154 addressees to be added to the secondPartyAddressees list (value 1155 of the secondPartyAddressees attribute) under circumstances 1156 identified in the remarks attribute in the same directory entry. 1158 ( 2.16.840.1.101.2.2.1.48 NAME 'additionalSecondPartyAddressees' 1159 EQUALITY 2.5.13.11 ; caseIgnoreListMatch 1160 SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch 1161 SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax 1163 3.13 adminConversion ATTRIBUTE 1165 The adminConversion attribute provides for using an abbreviation 1166 of the organization's administrative title as an administrative 1167 message address. 1169 ( 2.16.840.1.101.2.2.1.143 NAME 'adminConversion' 1170 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ; DirectoryString 1171 EQUALITY 2.5.13.2 ; caseIgnoreMatch 1172 SUBSTR 2.5.13.4 ) ; caseIgnoreSubstringsMatch 1174 3.14 administrator Attribute 1176 The administrator attribute value represents the entity 1177 responsible for the operation of a component when it is different 1178 from the owner of the component. For example, the owner may be 1179 a domain. 1181 ( 2.16.840.1.101.2.2.1.110 NAME 'administrator' 1182 SUP 2.5.4.49 ) ; distinguishedName 1184 3.15 aigsExpanded Attribute 1186 The aigsExpanded attribute values are the names of the AIGs 1187 expanded by a messaging gateway. 1189 ( 2.16.840.1.101.2.2.1.111 NAME 'aigsExpanded' 1190 SUP 2.5.4.49 ) ; distinguishedName 1192 3.16 aLExemptedAddressProcessor Attribute 1194 The aLExemptedAddressProcessor attribute value is the ORName of 1195 the address list processor for the address list where exempted 1196 addresses are removed. 1198 ( 2.16.840.1.101.2.1.5.47 'aLExemptedAddressProcessor' 1199 SYNTAX 2.16.840.1.101.2.2.2.10 ; O/R Name syntax 1200 SINGLE-VALUE ) 1202 3.17 aliasPointer Attribute 1204 The aliasPointer attribute type value points to alias directory 1205 entries which might have to be modified if the directory entry 1206 containing this attribute is modified. It is intended to be used 1207 to maintain data consistency in the Directory Information 1208 Base (DIB). 1210 ( 2.16.840.1.101.2.2.1.49 NAME 'aliasPointer' 1211 EQUALITY 2.5.13.1 ; distinguishedNameMatch 1212 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ; DN 1214 3.18 alid Attribute 1216 The alid attribute value is the AL key material identifier. 1218 ( 2.16.840.1.101.2.1.5.14 NAME 'alid' 1219 EQUALITY 2.5.13.17 ; octetStringMatch 1220 SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) ; Kmid = Octet String 1222 3.19 allowableOriginators Attribute 1224 The allowableOriginators attribute value is the name of an 1225 ACP 127/JANAP 128 [4]/[5] collective that contains the list of 1226 PLAs that are allowed to originate messages to this list. 1228 ( 2.16.840.1.101.2.2.1.50 NAME 'allowableOriginators' 1229 EQUALITY 2.5.13.11 ; caseIgnoreListMatch 1230 SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch 1231 SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax 1233 3.20 aLReceiptPolicy Attribute 1235 The aLReceiptPolicy attribute value indicates address list's 1236 signed receipt policy. This receipt policy supersedes the 1237 originator's request for signed receipts (see ACP 120 [11]). 1239 ( 2.16.840.1.101.2.2.1.135 NAME 'aLReceiptPolicy' 1240 SYNTAX 2.16.840.1.101.2.2.2.9 ; MLReceiptPolicy 1241 SINGLE-VALUE ) 1243 3.21 alternateRecipient Attribute 1245 The alternateRecipient attribute is used to designate an X.400 1246 alternate recipient for a messaging user. It could be used by an 1247 X.400 message originator to create an originator-assigned alternate 1248 recipient address to be used by the MTS, if delivery to the 1249 addressed recipient fails. 1251 ( 2.16.840.1.101.2.2.1.3 NAME 'alternateRecipient' 1252 EQUALITY 2.5.13.1 ; distinguishedNameMatch 1253 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) 1255 3.22 aLType Attribute 1257 The aLType attribute value indicates the type of an address list 1258 from these possibilities: AIG (Address Indicator Group), Type 1259 Organization Collective, CAD (Collective Address Designator), and 1260 Task Force. 1262 ( 2.16.840.1.101.2.2.1.112 NAME 'aLType' 1263 EQUALITY 2.5.13.14 ; integerMatch 1264 SYNTAX 2.16.840.1.101.2.2.2.8 ; Address List Type syntax 1265 SINGLE-VALUE ) 1267 3.23 aprUKMs Attribute 1269 The aprUKMs (User Key Materials) attribute value is used in the 1270 construction of selected symmetric confidentiality algorithms 1271 for the month of April. 1273 ( 2.16.840.1.101.2.1.5.23 NAME 'aprUKMs' 1274 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax 1275 ; encapsulating 1276 ; MonthlyUKMs 1277 SINGLE-VALUE ) 1279 3.24 associatedAL Attribute 1281 The associatedAL attribute value points to the address list object 1282 which replaces the ACP 127/JANAP 128 [4]/[5] task force PLA. It 1283 assists in the transition from ACP 127/JANAP 128 [4]/[5] to X.400 1284 addressing and the associated transition from the use of ACP 127/ 1285 JANAP 128 [4]/[5] collectives to the use of address lists. 1287 ( 2.16.840.1.101.2.2.1.113 NAME 'associatedAL' 1288 EQUALITY 2.5.13.1 ; distinguishedNameMatch 1289 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) 1291 3.25 associatedOrganization Attribute 1293 The associatedOrganization attribute value points to the 1294 organizationalUnit directory entry which represents the same 1295 organizational messaging entity as the PLA directory entry 1296 containing this attribute. 1298 ( 2.16.840.1.101.2.2.1.4 NAME 'associatedOrganization' 1299 EQUALITY 2.5.13.1 ; distinguishedNameMatch 1300 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) 1302 3.26 associatedPLA Attribute 1304 The associatedPLA attribute value points to the ACP 127/JANAP 128 1305 [4]/[5] directory entry for the same messaging entity as 1306 represented by the Organizational Unit directory entry containing 1307 this attribute. 1309 ( 2.16.840.1.101.2.2.1.6 NAME 'associatedPLA' 1310 EQUALITY 2.5.13.1 ; distinguishedNameMatch 1311 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) 1313 3.27 augUKMs Attribute 1315 The augUKMs attribute value is used in the construction of selected 1316 symmetric confidentiality algorithms for the month of August. 1318 ( 2.16.840.1.101.2.1.5.27 NAME 'augUKMs' 1319 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax 1320 ; encapsulating 1321 ; MonthlyUKMs 1322 SINGLE-VALUE ) 1324 3.28 buildingName Attribute 1326 A buildingName attribute value specifies the name of the building 1327 where an organization or organizational unit is based. This 1328 attribute was originally defined in RFC 1274 [13]. 1330 ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' 1331 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} 1332 ; directoryString, minimum length is one. 1333 EQUALITY 2.5.13.2 ; caseIgnoreMatch 1334 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch ) 1336 3.29 cognizantAuthority Attribute 1338 The cognizantAuthority attribute value indicates the administrator 1339 for an ACP 127/JANAP 128 [4]/[5] collective. 1341 ( 2.16.840.1.101.2.2.1.51 NAME 'cognizantAuthority' 1342 EQUALITY 2.5.13.2 ; caseIgnoreMatch 1343 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 1344 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55} ; Printable String 1345 SINGLE-VALUE ) 1347 3.30 collective-mhs-or-addresses Attribute 1349 The collective-mhs-or-addresses attribute value is a value of 1350 mhs-or-addresses that is applied at an administrative point. 1352 ( 2.16.840.1.101.2.2.1.134.1 NAME 'collective-mhs-or-addresses' 1353 SUP 2.6.5.2.6 ) ; mhs-or-addresses 1355 3.31 collectiveMilitaryFacsimileNumber Attribute 1357 The collectiveMilitaryFacsimileNumber attribute value is a value of 1358 militaryFacsimileNumber that is applied at an administrative point. 1360 ( 2.16.840.1.101.2.2.1.119.1 NAME 'collectiveMilitaryFacsimileNumber' 1361 SUP 2.16.840.1.101.2.2.1.119 ) ; militaryFacsimileNumber 1363 3.32 collectiveMilitaryTelephoneNumber Attribute 1365 The collectiveMilitaryTelephoneNumber attribute value is a value of 1366 militaryTelephoneNumber that is applied at an administrative point. 1368 ( 2.16.840.1.101.2.2.1.120.1 NAME 'collectiveMilitaryTelephoneNumber' 1369 SUP 2.16.840.1.101.2.2.1.120 ) ; militaryTelephoneNumber 1371 3.33 collectiveNationality Attribute 1373 The collectiveNationality attribute value is a value of nationality 1374 that is applied at an administrative point. 1376 ( 2.16.840.1.101.2.2.1.68.1 NAME 'collectiveNationality' 1377 SUP 2.16.840.1.101.2.2.1.68 ) ; nationality 1379 3.34 collectiveSecureFacsimileNumber Attribute 1381 The collectiveSecureFacsimileNumber attribute value is a value of 1382 secureFacsimileNumber that is applied at an administrative point. 1384 ( 2.16.840.1.101.2.2.1.127.1 NAME 'collectiveSecureFacsimileNumber' 1385 SUP 2.16.840.1.101.2.2.1.127 ) ; secureFacsimileNumber 1387 3.35 collectiveSecureTelephoneNumber ATTRIBUTE 1389 The collectiveSecureTelephoneNumber attribute value is a value of 1390 secureTelephoneNumber that is applied at an administrative point. 1392 ( 2.16.840.1.101.2.2.1.128.1 NAME 'collectiveSecureTelephoneNumber' 1393 SUP 2.16.840.1.101.2.2.1.128 ) ; secureTelephoneNumber 1395 3.36 community Attribute 1397 The community attribute value indicates whether an object belongs 1398 to the GENSER (R) or SI (Y) community or both (R/Y). 1400 ( 2.16.840.1.101.2.2.1.52 NAME 'community' 1401 SYNTAX 2.16.840.1.101.2.2.2.5 ; Community syntax 1402 SINGLE-VALUE ) 1404 3.37 copyMember Attribute 1406 The copyMember attribute value specifies a group of names 1407 associated with the object represented by the directory entry. 1408 In an address list directory entry, this attribute indicates the 1409 "copy" or "info" members of the list as opposed to "primary" or 1410 "action" members. 1412 ( 2.16.840.1.101.2.2.1.114 NAME 'copyMember' 1413 SUP 2.5.4.31 ) ; member 1415 3.38 decUKMs Attribute 1417 The decUKMs attribute value is used in the construction of 1418 selected CCEB symmetric confidentiality algorithms for the month 1419 of December. 1421 ( 2.16.840.1.101.2.1.5.31 NAME 'decUKMs' 1422 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax 1423 ; encapsulating 1424 ; MonthlyUKMs 1425 SINGLE-VALUE) 1427 3.39 deployed ATTRIBUTE 1429 The deployed attribute value contains distinguished names of other 1430 directory entries that represent the same real world object in the 1431 field. See the garrison attribute. 1433 ( 2.16.840.1.101.2.2.1.139 NAME 'deployed' 1434 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ; DistinguishedName 1435 EQUALITY 2.5.13.1 ) ; distinguishedNameMatch 1437 3.40 distributionCodeAction Attribute 1439 The distributionCodeAction attribute values identify the 1440 distribution codes (including Subject Indicator Codes (SICs)) for 1441 which an organization, person, or role handles messages for action. 1443 ( 2.16.840.1.101.2.2.1.104 NAME 'distributionCodeAction' 1444 EQUALITY 2.5.13.2 ; caseIgnoreMatch 1445 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 1446 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ; DistributionCode = 1447 ; PrintableString 1449 3.41 distributionCodeInfo Attribute 1451 The distributionCodeInfo attribute values identify the 1452 distribution codes (including SICs) for which an organization, 1453 person, or role handles messages for information. 1455 ( 2.16.840.1.101.2.2.1.105 NAME 'distributionCodeInfo' 1456 EQUALITY 2.5.13.2 ; caseIgnoreMatch 1457 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 1458 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ; DistributionCode = 1459 ; PrintableString 1461 3.42 dualRoute Attribute 1463 The dualRoute attribute value indicates whether delivery of 1464 messages for an organization to both the home and deployed sites 1465 is required. If set to TRUE, dual delivery is required. 1467 ( 2.16.840.1.101.2.2.1.54 NAME 'dualRoute' 1468 EQUALITY 2.5.13.13 ; booleanMatch 1469 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; 1470 SINGLE-VALUE ) 1472 3.43 effectiveDate Attribute 1474 The effectiveDate attribute value indicates when the directory 1475 entry is to become valid. 1477 ( 2.16.840.1.101.2.2.1.55 NAME 'effectiveDate' 1478 EQUALITY 2.5.13.27 ; generalizedTimeMatch 1479 SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ; GeneralizedTime 1480 SINGLE-VALUE ) 1482 3.44 entryClassification Attribute 1484 The entryClassification attribute value indicates the 1485 classification of the directory entry that contains this 1486 attribute. The possible values are: unmarked, unclassified, 1487 restricted, confidential, secret, and top secret. 1489 ( 2.16.840.1.101.2.2.1.56 NAME 'entryClassification' 1490 SYNTAX 2.16.840.1.101.2.2.2.4) ; Classification syntax 1492 3.45 expirationDate Attribute 1494 The expirationDate attribute value indicates the time at which the 1495 directory entry becomes invalid. 1497 ( 2.16.840.1.101.2.2.1.57 NAME 'expirationDate' 1498 EQUALITY 2.5.13.27 ; generalizedTimeMatch 1499 SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ; GeneralizedTime 1500 SINGLE-VALUE ) 1502 3.46 febUKMs Attribute 1504 The febUKMs attribute value is used in the construction of 1505 selected CCEB symmetric confidentiality algorithms for the month 1506 of February. 1508 ( 2.16.840.1.101.2.1.5.21 NAME 'febUKMs' 1509 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax 1510 ; encapsulating 1511 ; MonthlyUKMs 1512 SINGLE-VALUE ) 1514 3.47 garrison ATTRIBUTE 1516 The garrison attribute value contains distinguished names of other 1517 directory entries that represent the same real world object in 1518 garrison. See the deployed attribute. 1520 ( 2.16.840.1.101.2.2.1.140 NAME 'garrison' 1521 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ; DistinguishedName 1522 EQUALITY 2.5.13.1 ) ; distinguishedNameMatch 1524 3.48 gatewayType Attribute 1526 The gatewayType attribute value is used to indicate the 1527 translations a messaging gateway is capable of performing. The 1528 translations that can be indicated are: 1530 acp120-acp127-gateway 1531 acp120-janap128-gateway 1532 acp120-mhs-gateway 1533 acp120-mmhs-gateway 1534 acp120-rfc822-gateway 1535 boundary MTA 1536 mmhs-mhs-gateway 1537 mmhs-rfc822-gateway 1538 mta-acp127-gateway 1540 ( 2.16.840.1.101.2.2.1.115 NAME 'gatewayType' 1541 EQUALITY 2.5.13.0 ; objectIdentifierMatch 1542 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID 1544 3.49 ghpType Attribute 1546 The ghpType attribute value is used to indicate the gateway 1547 handling policy of an mta-acp127-gateway defined in 1548 STANAG 4406 [12]. 1550 ( 2.16.840.1.101.2.2.1.116 NAME 'ghpType' 1551 EQUALITY 2.5.13.0 ; objectIdentifierMatch 1552 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID 1554 3.50 guard Attribute 1556 The guard attribute value indicates the Name(s) of the 1557 Guard Gateway. 1559 ( 2.16.840.1.101.2.2.1.117 NAME 'guard' 1560 SUP 2.5.4.49 ) ; distinguishedName 1562 3.51 host Attribute 1564 The host attribute value gives an identifier for a host computer, 1565 as defined in the COSINE and Internet X.500 Schema, RFC 1274 [13]. 1566 ( 0.9.2342.19200300.100.1.9 NAME 'host' 1567 EQUALITY 2.5.13.2 ; caseIgnoreMatch 1568 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 1569 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ; DirectoryString 1570 ; limited to TeletexString or PrintableString 1572 3.52 hostOrgACP127 Attribute 1574 The hostOrgACP127 attribute value of a tenant PLA identifies the 1575 PLA for the organization which accepts traffic for a tenant. 1577 ( 2.16.840.1.101.2.2.1.58 NAME 'hostOrgACP127' 1578 EQUALITY 2.5.13.2 ; caseIgnoreMatch 1579 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 1580 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55} ; PrintableString 1581 SINGLE-VALUE ) 1583 3.53 infoAddressees Attribute 1585 The infoAddressees attribute value of an ACP 127/JANAP 128 [4]/[5] 1586 collective contains the list of information addressees of 1587 the collective. 1589 ( 2.16.840.1.101.2.2.1.59 NAME 'infoAddressees' 1590 EQUALITY 2.5.13.11 ; caseIgnoreListMatch 1591 SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch 1592 SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax 1594 3.54 janUKMs Attribute 1596 The janUKMs attribute value is used in the construction of 1597 selected CCEB symmetric confidentiality algorithms for the month 1598 of January. 1600 ( 2.16.840.1.101.2.1.5.20 NAME 'janUKMs' 1601 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax 1602 ; encapsulating 1603 ; MonthlyUKMs 1604 SINGLE-VALUE ) 1606 3.55 julUKMs Attribute 1608 The julUKMs attribute value is used in the construction of 1609 selected CCEB symmetric confidentiality algorithms for the month 1610 of July. 1612 ( 2.16.840.1.101.2.1.5.26 NAME 'julUKMs' 1613 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax 1614 ; encapsulating 1615 ; MonthlyUKMs 1616 SINGLE-VALUE ) 1618 3.56 junUKMs ATTRIBUTE 1620 The junUKMs attribute value is used in the construction of 1621 selected CCEB symmetric confidentiality algorithms for the month 1622 of June. 1624 ( 2.16.840.1.101.2.1.5.25 NAME 'junUKMs' 1625 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax 1626 ; encapsulating 1627 ; MonthlyUKMs 1628 SINGLE-VALUE ) 1630 3.57 lastRecapDate Attribute 1632 The lastRecapDate attribute value indicates when a list was last 1633 recapped or validated. 1635 ( 2.16.840.1.101.2.2.1.60 NAME 'lastRecapDate' 1636 EQUALITY 2.5.13.27 ; generalizedTimeMatch 1637 SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ; GeneralizedTime 1638 SINGLE-VALUE ) 1640 3.58 listPointer Attribute 1642 The listPointer attribute value is used to point to address list 1643 directory entries which might have to be modified if the entry 1644 containing this attribute is modified. It is intended to be used 1645 to maintain data consistency in the DIB. 1647 ( 2.16.840.1.101.2.2.1.61 NAME 'listPointer' 1648 EQUALITY 2.5.13.1 ; distinguishedNameMatch 1649 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ; DistinguishedName 1651 3.59 lmf Attribute 1653 The lmf (Language and Media Format) attribute value indicates the 1654 language and media format that can be accepted between the two 1655 communicating end-systems. Possible values include: 1657 T tape 1658 A ASCII (American Standard Code for Information 1659 Interchange) 1660 C card, etc. 1662 ( 2.16.840.1.101.2.2.1.62 NAME 'lmf' 1663 EQUALITY 2.5.13.2 ; caseIgnoreMatch 1664 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{1} 1665 SINGLE-VALUE ) 1667 3.60 longTitle Attribute 1669 The longTitle attribute value is the expanded form of an 1670 organization's PLA. 1672 ( 2.16.840.1.101.2.2.1.63 NAME 'longTitle' 1673 EQUALITY 2.5.13.2 ; caseIgnoreMatch 1674 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 1675 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{255} ; PrintableString 1676 SINGLE-VALUE ) 1678 3.61 mailDomains Attribute 1680 The mailDomains attribute value is a string, which provides 1681 information on the domains that the messaging gateway will bridge. 1683 ( 2.16.840.1.101.2.2.1.118 NAME 'mailDomains' 1684 EQUALITY 2.5.13.2 ; caseIgnoreMatch 1685 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 1686 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ; DirectoryString 1688 3.62 marUKMs Attribute 1690 The marUKMs attribute value is used in the construction of 1691 selected CCEB symmetric confidentiality algorithms for the month 1692 of May. 1694 ( 2.16.840.1.101.2.1.5.22 NAME 'marUKMs' 1695 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax 1696 ; encapsulating 1697 ; MonthlyUKMs 1698 SINGLE-VALUE ) 1700 3.63 mayUKMs Attribute 1702 The mayUKMs attribute value is used in the construction of 1703 selected CCEB symmetric confidentiality algorithms for the month 1704 of May. 1706 ( 2.16.840.1.101.2.1.5.24 NAME 'mayUKMs' 1707 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax 1708 ; encapsulating 1709 ; MonthlyUKMs 1710 SINGLE-VALUE ) 1712 3.64 mhs-acceptable-eits Attribute 1714 The mhs-acceptable-eits attribute value identifies a set of EITs 1715 for messages. The user or distribution list, represented by the 1716 directory entry, will accept delivery of or expand a message in 1717 which any one of these eits is present. 1719 ( 2.6.5.2.17 NAME 'mhs-acceptable-eits' 1720 EQUALITY 2.5.13.0 ; objectIdentifierMatch 1721 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID 1722 ; ExtendedEncodedInformationType = object identifier 1724 3.65 mhs-deliverable-classes Attribute 1726 The mhs-deliverable-classes attribute value identifies the classes 1727 of messages whose delivery a UA, represented by the directory 1728 entry, will accept. 1730 ( 2.6.5.2.19 NAME 'mhs-deliverable-classes' 1731 EQUALITY 2.6.5.4.2 ; capabilityMatch 1732 SYNTAX 2.16.840.1.101.2.2.2.13 ) ; Capability syntax 1734 3.66 mhs-deliverable-content-types Attribute 1736 The mhs-deliverable-content-types attribute values identify the 1737 content types of the messages whose delivery the user, represented 1738 by the directory entry, will accept. 1740 ( 2.6.5.2.1 NAME 'mhs-deliverable-content-types' 1741 EQUALITY 2.5.13.0 ; objectIdentifierMatch 1742 SYNTAX 1.3.4.1.4.1.1466.115.121.1.38 ) ; ExtendedContentType 1743 ; = object identifier 1745 3.67 mhs-dl-archive-service Attribute 1747 The mhs-dl-archive-service attribute value identifies a service 1748 from which a user may request copies of messages previously 1749 distributed by the address list represented by the directory entry. 1751 ( 2.6.5.2.12 NAME 'mhs-dl-archive-service' 1752 EQUALITY 2.6.5.4.0 ; oRNameExactMatch 1753 SYNTAX 2.16.840.1.101.2.2.2.10 ) ; O/R Name syntax 1755 3.68 mhs-dl-members Attribute 1757 The mhs-dl-members attribute value is an OR-name which identifies 1758 a member of the DL. This attribute may have multiple values each 1759 of which identifies one member of the DL. When a DL is expanded, 1760 each of the values of this attribute becomes a recipient of 1761 the message. 1763 ( 2.6.5.2.3 NAME 'mhs-dl-members' 1764 EQUALITY 2.6.5.4.0 ; oRNameExactMatch 1765 SYNTAX 2.16.840.1.101.2.2.2.10 ) ; O/R Name syntax 1767 3.69 mhs-dl-policy Attribute 1769 The mhs-dl-policy attribute value identifies the choice of policy 1770 options to be applied when expanding the address list represented 1771 by the directory entry. 1773 ( 2.6.5.2.13 NAME 'mhs-dl-policy' 1774 SYNTAX 2.16.840.1.101.2.2.2.14 ; DLPolicy syntax 1775 SINGLE-VALUE ) 1777 3.70 mhs-dl-related-lists Attribute 1779 The mhs-dl-related-lists attribute value identifies other address 1780 lists which are, in some unspecified way, related to the address 1781 list represented by the directory entry. 1783 ( 2.6.5.2.14 NAME 'mhs-dl-related-lists' 1784 SUP 2.5.4.49 ; DistinguishedName 1785 EQUALITY 2.5.13.1 ; distinguishedNameMatch ) 1787 3.71 mhs-dl-submit-permissions Attribute 1789 The mhs-dl-submit-permissions attribute values identify the users 1790 and address lists that may submit messages to the address list 1791 represented by the directory entry. 1793 ( 2.6.5.2.4 NAME 'mhs-dl-submit-permissions' 1794 SYNTAX 2.16.840.1.101.2.2.2.15 ) ; DLSubmitPermission syntax 1796 3.72 mhs-dl-subscription-service Attribute 1798 The mhs-dl-subscription-service attribute value identifies a 1799 service of which a user may request changes to the membership of 1800 the address list represented by the directory entry, (e.g., for a 1801 user to request to be added to the address list). 1803 ( 2.6.5.2.15 NAME 'mhs-dl-subscription-service' 1804 EQUALITY 2.6.5.4.0 ; oRNameExactMatch 1805 SYNTAX 2.16.840.1.101.2.2.2.10 ) ; O/R Name syntax 1807 3.73 mhs-exclusively-acceptable-eits Attribute 1809 The mhs-exclusively-acceptable-eits attribute value identifies a 1810 set of EITs for messages. The user or distribution list, 1811 represented by the directory entry, will accept delivery of or 1812 expand a message in which all of these EITs 1813 are present. 1815 ( 2.6.5.2.2 NAME 'mhs-exclusively-acceptable-eits' 1816 EQUALITY 2.5.13.0 ; objectIdentifierMatch 1817 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID 1818 ; ExtendedEncodedInformationType = object identifier 1820 3.74 mhs-maximum-content-length Attribute 1822 The mhs-maximum-content-length attribute value identifies the 1823 maximum content length of the messages that can be handled by the 1824 object represented by the directory entry. The object is a user 1825 to whom the message would be delivered, an address list for which 1826 expansion would be performed on the message, or an MTA to which 1827 the message would be acceptable. 1829 ( 2.6.5.2.0 NAME 'mhs-maximum-content-length' 1830 EQUALITY 2.5.13.14 ; integerMatch 1831 SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ; ContentLength = INTEGER 1832 SINGLE-VALUE ) 1834 3.75 mhs-message-store-dn Attribute 1836 The mhs-message-store-dn attribute value identifies by directory 1837 name the message store of the user represented by the 1838 directory entry. 1840 ( 2.6.5.2.5 NAME 'mhs-message-store-dn' 1841 SUP 2.5.4.49 ; distinguishedName 1842 EQUALITY 2.5.13.1 ; distinguishedNameMatch 1843 SINGLE-VALUE ) 1845 3.76 mhs-or-addresses Attribute 1847 The mhs-or-addresses attribute values specify the O/R addresses of 1848 the user or address list represented by the directory entry. 1850 ( 2.6.5.2.6 NAME 'mhs-or-addresses' 1851 EQUALITY 2.6.4.8.14 ; oRAddressMatch 1852 SYNTAX 1.3.6.1.4.1.1466.115.121.1.33 ) ; MHS OR Address syntax 1854 3.77 mhs-or-addresses-with-capabilities Attribute 1856 The mhs-or-addresses-with-capabilities attribute values specify 1857 the O/R addresses and the messaging capabilities associated with 1858 each address of the user or address list represented by the 1859 directory entry. 1861 Recognized security labels are identified in ACP 123 [6]. 1863 Information about availability and nationality will be included 1864 in the description. 1866 If the address is served by a foreign nation, the International 1867 Standard Organization 3166 [14] code of the country shall be 1868 entered first. 1870 If an OR-address is not operational on a 24 by 7 basis, the normal 1871 daily schedule shall be given in start and stop times for each day 1872 of operation. Planned down time also shall be given in start and 1873 stop time. 1875 ( 2.6.5.2.16 NAME 'mhs-or-addresses-with-capabilities' 1876 EQUALITY 2.6.5.4.1 ; addressCapabilitiesMatch 1877 SYNTAX 2.16.840.1.101.2.2.2.16 ) ; AddressCapabilities syntax 1879 3.78 mhs-supported-attributes Attribute 1881 The mhs-supported-attributes attribute values identify the 1882 attributes that the message store, represented by the directory 1883 entry, fully supports. 1885 ( 2.6.5.2.10 NAME 'mhs-supported-attributes' 1886 EQUALITY 2.5.13.0 ; objectIdentifierMatch 1887 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID 1888 ; MS-ATTRIBUTE.&id ({AttributeTable}) = object identifier 1890 3.79 mhs-supported-automatic-actions Attribute 1892 The mhs-supported-automatic-actions attribute values identify the 1893 automatic actions that the message store, represented by the 1894 directory entry, supports. 1896 ( 2.6.5.2.8 NAME 'mhs-supported-automatic-actions' 1897 EQUALITY 2.5.13.0 ; objectIdentifierMatch 1898 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID 1899 ; AUTO-ACTION.&id ({AutoActionTable}) = object identifier 1901 3.80 mhs-supported-content-types Attribute 1903 The mhs-supported-content-types attribute values identify the 1904 content types of the messages whose syntax and semantics the 1905 message store, represented by the directory entry, supports. 1907 ( 2.6.5.2.9 NAME 'mhs-supported-content-types' 1908 EQUALITY 2.5.13.0 ; objectIdentifierMatch 1909 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID 1910 ; ExtendedContentType = object identifier 1912 3.81 mhs-supported-matching-rules Attribute 1914 The mhs-supported-matching-rules attribute values identify the 1915 matching rules that the message store, represented by the 1916 directory entry, fully supports. 1918 ( 2.6.5.2.11 NAME 'mhs-supported-matching-rules' 1919 EQUALITY 2.5.13.0 ; objectIdentifierMatch 1920 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID 1921 ; MATCHING-RULE.&id ({MatchingRuleTable}) = object 1922 ; identifier 1924 3.82 mhs-unacceptable-eits Attribute 1926 The mhs-undeliverable-eits attribute value identifies the encoded 1927 information types of a message which would make a user not accept 1928 delivery, or which would prevent an address list from doing 1929 expansion on the message. The absence of this attribute indicates 1930 that there are no EITs which are unacceptable. The presence of 1931 the special value "id-eit-all" indicates that all EITs are 1932 unacceptable except for those EITs identified by the 1933 mhs-acceptable-eits or mhs-exclusively-acceptable-eits attributes. 1935 ( 2.6.5.2.18 NAME 'mhs-unacceptable-eits' 1936 EQUALITY 2.5.13.0 ; objectIdentifierMatch 1937 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID 1938 ; ExtendedEncodedInformationType = object identifier 1940 3.83 militaryFacsimileNumber Attribute 1942 The militaryFacsimileNumber attribute value identifies a military 1943 facsimile number, such as a Defense Switched Network (DSN) number 1944 or Defence Fixed Telecommunications Service (DFTS) number, which 1945 is associated with the object represented by the directory entry. 1946 This attribute is a subtype of aCPTelephoneFaxNumber. An example 1947 of a militaryFacsimileNumber value is "DFTS, 555 1111 ext 25". 1949 ( 2.16.840.1.101.2.2.1.119 NAME 'militaryFacsimileNumber' 1950 SUP 2.16.840.1.101.2.2.1.94 ) ; aCPTelephoneFaxNumber 1952 3.84 militaryTelephoneNumber Attribute 1954 The militaryTelephoneNumber attribute value identifies a military 1955 telephone number, such as a DSN number, which is associated with 1956 the object represented by the directory entry. 1958 This attribute is a subtype of aCPTelephoneFaxNumber. An example 1959 of a militaryTelephoneNumber value is "DSN, 555-333". 1961 ( 2.16.840.1.101.2.2.1.120 NAME 'militaryTelephoneNumber' 1962 SUP 2.16.840.1.101.2.2.1.94 ) ; aCPTelephoneFaxNumber 1964 3.85 minimize Attribute 1966 The minimize attribute value indicates whether an organization, 1967 person, or role, represented by the directory entry, is under the 1968 MINIMIZE condition. If so, the message originators are 1969 responsible for not sending unnecessary messages to the recipient. 1971 ( 2.16.840.1.101.2.2.1.64 NAME 'minimize' 1972 EQUALITY 2.5.13.13 ; booleanMatch 1973 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; BOOLEAN 1974 SINGLE-VALUE ) 1976 3.86 minimizeOverride Attribute 1978 The minimizeOverride attribute value is used by the Message 1979 Conversion System (MCS) to determine whether the MINIMIZE 1980 condition will be enforced when a message is originated by this 1981 PLA. If the value is FALSE, override does not occur and MINIMIZE 1982 is enforced. If the value is TRUE, MINIMIZE is not enforced. 1984 ( 2.16.840.1.101.2.2.1.65 NAME 'minimizeOverride' 1985 EQUALITY 2.5.13.13 ; booleanMatch 1986 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 1987 SINGLE-VALUE ) 1989 3.87 nameClassification Attribute 1991 The nameClassification attribute value indicates the security 1992 classification of the name of the directory entry itself. 1994 ( 2.16.840.1.101.2.2.1.67 NAME 'nameClassification' 1995 SYNTAX 2.16.840.1.101.2.2.2.4 ) ; Classification 1997 3.88 nationality Attribute 1999 The nationality attribute value names the country which "owns" an 2000 entity. For an individual, it would be the nationality of the 2001 person. The standard Country Name attribute is used to denote the 2002 location of the entity. 2004 ( 2.16.840.1.101.2.2.1.68 NAME 'nationality' 2005 SUP 2.5.4.41 ; name 2006 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{2} ; PrintableString 2007 ; exactly 2 characters 2008 SINGLE-VALUE ) 2010 3.89 networkDN Attribute 2012 The networkDN attribute value contains the full DN of a network 2013 and may be used to reference the entry for the network from 2014 another entry (e.g., used in the Network Instructions entry to 2015 reference the entry for the accessed network). 2017 ( 2.16.840.1.101.2.2.1.121 NAME 'networkDN' 2018 EQUALITY 2.5.13.1 ; distinguishedNameMatch 2019 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ; DistinguishedName 2021 3.90 novUKMs Attribute 2023 The novUKMs attribute value is used in the construction of 2024 selected CCEB symmetric confidentiality algorithms for the month 2025 of November. 2027 ( 2.16.840.1.101.2.1.5.30 NAME 'novUKMs' 2028 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax 2029 ; encapsulating 2030 ; MonthlyUKMs 2031 SINGLE-VALUE ) 2033 3.91 octUKMs Attribute 2035 The octUKMs attribute value is used in the construction of 2036 selected CCEB symmetric confidentiality algorithms for the month 2037 of October. 2039 ( 2.16.840.1.101.2.1.5.29 NAME 'octUKMs' 2040 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax 2041 ; encapsulating 2042 ; MonthlyUKMs 2043 SINGLE-VALUE ) 2045 3.92 onSupported Attribute 2047 The onSupported attribute value indicates the types of 2048 notifications, besides MHS notifications, generated by an 2049 mta-acp127-type of gateway. The gateway may generate all or none 2050 of the notifications. If the attribute is absent, the gateway 2051 does none of the notifications. 2053 ( 2.16.840.1.101.2.2.1.123 NAME 'onSupported' 2054 EQUALITY 2.5.13.16 ; bitStringMatch 2055 SYNTAX 2.16.840.1.101.2.2.2.3 ; otherNotificationsSupported 2056 SINGLE-VALUE ) 2058 3.93 operationName Attribute 2060 The operationName attribute value is the name of an official 2061 military operation. For example, when used in the definition of 2062 a network (i.e., in a Network directory entry), it could be the 2063 TURQUOISE operation which develops a RITA network. 2065 ( 2.16.840.1.101.2.2.1.124 NAME 'operationName' 2066 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2067 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2068 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ; DirectoryString 2070 3.94 plaAddressees Attribute 2072 The plaAddressees attribute value of an ACP 127/JANAP 128 [4]/[5] 2073 collective contains the list of action and information addressees 2074 of the collective. It is used for some types of collectives 2075 instead of separating action and information addressees. 2077 ( 2.16.840.1.101.2.2.1.71 NAME 'plaAddressees' 2078 EQUALITY 2.5.13.11 ; caseIgnoreListMatch 2079 SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch 2080 SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax 2082 3.95 plaNameACP127 Attribute 2084 The plaNameACP127 attribute value is the object's (represented by 2085 the directory entry) ACP 127/JANAP 128 [4]/[5] PLA. A PLA is 2086 sometimes called the Signal Message Address or registered PLA. 2087 The long form of the PLA name is represented in the ACP 133 [1] 2088 by the longTitle attribute. 2090 ( 2.16.840.1.101.2.2.1.70 NAME 'plaNameACP127' 2091 SUP 2.5.4.41 ; name 2092 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55} ; PrintableString 2093 SINGLE-VALUE ) 2095 3.96 plaReplace Attribute 2097 The plaReplace attribute value is used by ACP 127/JANAP 128 2098 [4]/[5]. When an "alternate spelling" PLA is addressed on a 2099 message, the MCS will look at the value of this attribute in the 2100 PLA's directory entry. If set, the alternate spelling on the 2101 message will be replaced with the "primary" or correct spelling. 2102 (Each alternate spelling has a pointer to the primary PLA.) 2104 ( 2.16.840.1.101.2.2.1.72 NAME 'plaReplace' 2105 EQUALITY 2.5.13.13 ; booleanMatch 2106 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; BOOLEAN 2107 SINGLE-VALUE ) 2109 3.97 plasServed Attribute 2111 The plasServed attribute value is a list of the PLAs accessible 2112 through a gateway. 2114 ( 2.16.840.1.101.2.2.1.138 NAME 'plasServed' 2115 SUP 2.5.4.41 ) ; name 2117 3.98 positionNumber Attribute 2119 The position number attribute value is used by government and 2120 Defense agencies to identify uniquely each individual's position, 2121 and possibly role and duties, within the organization. 2123 ( 2.16.840.1.101.2.2.1.125 NAME 'positionNumber' 2124 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2125 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2126 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ; DirectoryString 2128 3.99 primarySpellingACP127 2130 The primarySpellingACP127 attribute value of an Alternate 2131 Spelling PLA directory entry is the object's correct PLA spelling. 2133 ( 2.16.840.1.101.2.2.1.73 NAME 'primarySpellingACP127' 2134 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2135 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2136 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55} ; PrintableString 2137 SINGLE-VALUE ) 2139 3.100 proprietaryMailboxes Attribute 2141 The proprietaryMailboxes attribute value identifies a mailbox 2142 identifier that can be used to address mail within the local 2143 proprietary domain, such as cc:mail. 2145 ( 2.16.840.1.101.2.2.1.126 NAME 'proprietaryMailboxes' 2146 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2147 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2148 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ; DirectoryString 2150 3.101 publish Attribute 2152 The publish attribute value indicates whether this PLA should be 2153 published in the Message Address Directory or the ACP 117 [15]. 2154 Access controls may be set based on this attribute. 2156 ( 2.16.840.1.101.2.2.1.74 NAME 'publish' 2157 EQUALITY 2.5.13.13 ; booleanMatch 2158 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; BOOLEAN 2159 SINGLE-VALUE ) 2161 3.102 rank Attribute 2163 The value of the rank attribute type contains the military or 2164 civilian rank of an individual such as Major or civilian grade. 2166 ( 2.16.840.1.101.2.2.1.133 NAME 'rank' 2167 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2168 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2169 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ; DirectoryString 2171 3.103 recapDueDate Attribute 2173 The recapDueDate attribute value indicates when a list is expected 2174 to be recapped or validated. 2176 ( 2.16.840.1.101.2.2.1.75 NAME 'recapDueDate' 2177 EQUALITY 2.5.13.27 ; generalizedTimeMatch 2178 SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ; GeneralizedTime 2179 SINGLE-VALUE ) 2181 3.104 releaseAuthorityName Attribute 2183 The releaseAuthorityName attribute value is a relative 2184 distinguished name of a release authority for an organization. 2186 ( 2.16.840.1.101.2.2.1.45 NAME 'releaseAuthorityName' 2187 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2188 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2189 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{64} ) ; DirectoryString 2191 3.105 remarks Attribute 2193 The remarks attribute value is textual information associated 2194 with a PLA's directory entry. These remarks may be instructions 2195 rather than a description of the entity. 2197 ( 2.16.840.1.101.2.2.1.76 NAME 'remarks' 2198 EQUALITY 2.5.13.11 ; caseIgnoreListMatch 2199 SYNTAX 2.16.840.1.101.2.2.2.11 ) ; Remarks 2201 3.106 rfc822Mailbox Attribute 2203 As defined in the COSINE/Internet schema, RFC 1274 [13], the 2204 rfc822Mailbox attribute value is an electronic mailbox identifier 2205 following the syntax in RFC 822 [16]. An example for a user on a 2206 military network is "user@host.Service.mil". This attribute and 2207 the caseIgnoreIA5SubstringsMatch are defined in RFC 2798 [19]. The 2208 attribute is included here for readability. 2210 ( 0.9.2342.19200300.100.1.3 NAME 'mail' 2211 EQUALITY 1.3.6.1.4.1.1466.109.114.2 ; caseIgnoreIA5Match 2212 SUBSTR 1.3.6.1.4.1.1466.109.114.3 2213 ; caseIgnoreIA5SubstringsMatch 2214 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) ; IA5String 2216 3.107 rI Attribute 2218 The rI (Routing Indicator) attribute value is the information 2219 mapped to in ACP 127/JANAP 128 [4]/[5] from a user's PLA name. 2221 Users are named by their PLA names and delivered to by their 2222 routing indicator values, analogous to Directory Names and O/R 2223 Addresses for X.400 users. 2225 ( 2.16.840.1.101.2.2.1.77 NAME 'rI' 2226 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2227 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2228 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ; PrintableString 2229 ; exactly 7 characters 2231 3.108 rIClassification Attribute 2233 The rIClassification attribute value indicates the highest 2234 classification of data allowed to be processed by a 2235 specified device. 2237 ( 2.16.840.1.101.2.2.1.78 NAME 'rIClassification' 2238 SYNTAX 2.16.840.1.101.2.2.2.4 ) ; Classification 2240 3.109 rIInfo Attribute 2242 The rIInfo attribute value is RI values with the associated 2243 properties of each RI. 2245 ( 2.16.840.1.101.2.2.1.79 NAME 'rIInfo' 2246 SYNTAX 2.16.840.1.101.2.2.2.12 ) ; RIParameters 2248 3.110 roomNumber Attribute 2250 The roomNumber attribute value identifies a room number, as 2251 defined in the COSINE/Internet schema, RFC 1274 [13]. 2253 ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' 2254 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2255 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2256 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ; DirectoryString 2257 ; limited to TeletexString or PrintableString 2259 3.111 secondPartyAddressees Attribute 2261 The secondPartyAddressees attribute value is a list of second 2262 party action PLAs. 2264 ( 2.16.840.1.101.2.2.1.80 NAME 'secondPartyAddressees' 2265 EQUALITY 2.5.13.11 ; caseIgnoreListMatch 2266 SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch 2267 SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees 2269 3.112 section Attribute 2271 The section attribute value is set to TRUE if the receiving PLA 2272 requires message sectioning to be performed. This is required to 2273 transition users with slow-speed terminals. 2275 ( 2.16.840.1.101.2.2.1.81 NAME 'section' 2276 EQUALITY 2.5.13.13 ; booleanMatch 2277 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; BOOLEAN 2278 SINGLE-VALUE ) 2280 3.113 secureFacsimileNumber Attribute 2282 The secureFacsimileNumber attribute value is a facsimile number 2283 that is used for secure communication with the object represented 2284 by the directory entry. 2286 This attribute is a subtype of aCPTelephoneFaxNumber. An example 2287 of a secureFacsimileNumber value is "DSN, 555-333". 2289 ( 2.16.840.1.101.2.2.1.127 NAME 'secureFacsimileNumber' 2290 SUP 2.16.840.1.101.2.2.1.94 ) ; aCPTelephoneFaxNumber 2292 3.114 secureTelephoneNumber Attribute 2294 The secureTelephoneNumber attribute value is a telephone number 2295 of a secure device, such as STU II or STU III, that is used for 2296 secure communication with the object represented by the directory 2297 entry. 2299 This attribute is a subtype of aCPTelephoneFaxNumber. An example 2300 of a secureTelephoneNumber value is "PSTN, +1 555 222, STU III". 2302 ( 2.16.840.1.101.2.2.1.128 NAME 'secureTelephoneNumber' 2303 SUP 2.16.840.1.101.2.2.1.94 ; aCPTelephoneFaxNumber ) 2305 3.115 sepUKMs Attribute 2307 The sepUKMs attribute value is used in the construction of 2308 selected CCEB symmetric confidentiality algorithms for the month 2309 of November. 2311 ( 2.16.840.1.101.2.1.5.28 NAME 'sepUKMs' 2312 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax 2313 ; encapsulating 2314 ; MonthlyUKMs 2315 SINGLE-VALUE ) 2317 3.116 serviceNumber Attribute 2319 The serviceNumber attribute value is the staff identifier number 2320 used by government and defense agencies for purposes such as 2321 payroll references, medical records, human resources, and 2322 duty rosters. 2324 ( 2.16.840.1.101.2.2.1.129 NAME 'serviceNumber' 2325 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2326 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2327 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ; DirectoryString 2329 3.117 serviceOrAgency Attribute 2331 The serviceOrAgency attribute value is an identifier of the 2332 Service or agency to which the PLA belongs. 2334 ( 2.16.840.1.101.2.2.1.82 NAME 'serviceOrAgency' 2335 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2336 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2337 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{4} ; PrintableString 2338 SINGLE-VALUE ) 2340 3.118 sHD Attribute 2342 The sHD (specialHandlingDesignator) attribute value is a string 2343 containing the special handling designator which an entity, 2344 address, or routing indicator can support. 2346 ( 2.16.840.1.101.2.2.1.83 NAME 'sHD' 2347 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2348 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2349 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ; PrintableString 2351 3.119 shortTitle Attribute 2353 The shortTitle attribute value is a PLA name used for Signal 2354 Intelligence (SIGINT) related communications. 2356 ( 2.16.840.1.101.2.2.1.84 NAME 'shortTitle' 2357 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2358 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2359 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55} ; PrintableString 2360 SINGLE-VALUE ) 2362 3.120 sigad Attribute 2364 The sigad (SIGINT Address) attribute value is a PLA name used for 2365 sensitive SIGINT related communications. 2367 ( 2.16.840.1.101.2.2.1.85 NAME 'sigad' 2368 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2369 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2370 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{8} ; PrintableString 2371 ; 5 - 8 characters 2372 SINGLE-VALUE ) 2374 3.121 spot Attribute 2376 The spot attribute value identifies a special project address 2377 list or collective. 2379 ( 2.16.840.1.101.2.2.1.86 NAME 'spot' 2380 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2381 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch 2382 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55} ; PrintableString 2383 SINGLE-VALUE ) 2385 3.122 tARE Attribute 2387 The tARE (Telegraph Automatic Relay Equipment) attribute value is 2388 a flag that specifies delivery responsibility for a message that 2389 is received by an intermediary. The flag is set in the directory 2390 entry for the intended recipient. 2392 ( 2.16.840.1.101.2.2.1.87 NAME 'tARE' 2393 EQUALITY 2.5.13.13 ; booleanMatch 2394 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; BOOLEAN 2395 SINGLE-VALUE ) 2397 3.123 tCC Attribute 2399 The tCC (Transmission Control Code) attribute value specifies a 2400 message handling instruction used in the RI. 2402 ( 2.16.840.1.101.2.2.1.96 NAME 'tCC' 2403 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2404 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ; PrintableString 2405 ; exactly 3 characters 2406 SINGLE-VALUE ) 2408 3.124 tCCG ATTRIBUTE 2410 The tCCG (Transmission Control Code Group) attribute value 2411 specifies a group of message handling instructions used in the 2412 routing indicator. 2414 ( 2.16.840.1.101.2.2.1.144 NAME 'tCCG' 2415 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ; PrintableString 2416 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2417 SUBSTR 2.5.13.4 ) ; caseIgnoreSubstringsMatch 2419 3.125 transferStation Attribute 2421 The transferStation attribute value indicates whether a message 2422 for the entity should be sent to a communications processing and 2423 routing system, called a transfer station. For example, a Naval 2424 Communications Processing and Routing System (NAVCOMPARS) is a 2425 transfer station. If this attribute is TRUE, traffic should be 2426 routed to a transfer station. 2428 ( 2.16.840.1.101.2.2.1.69 NAME 'transferStation' 2429 EQUALITY 2.5.13.13 ; booleanMatch 2430 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; BOOLEAN 2431 SINGLE-VALUE ) 2433 3.126 tRC Attribute 2435 The tRC (Transmission Release Code) attribute value is the 2436 classification of data used in the routing indicator. Possible 2437 values include: 2438 A Australia 2439 B British Commonwealth less Canada, Australia, and 2440 New Zealand 2441 C Canada 2442 U US 2443 X Belgium, Denmark, France, Germany, Greece, Italy, 2444 Netherlands, Norway, Portugal, Turkey, NATO 2445 Z New Zealand 2447 ( 2.16.840.1.101.2.2.1.97 NAME 'tRC' 2448 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2449 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ; PrintableString 2450 SINGLE-VALUE ) 2452 3.127 usdConversion ATTRIBUTE 2454 The usdConversion attribute value is an organizational address 2455 that is used when other types of address are not appropriate. 2457 ( 2.16.840.1.101.2.2.1.145 NAME 'usdConversion' 2458 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ; DirectoryString 2459 EQUALITY 2.5.13.2 ; caseIgnoreMatch 2460 SUBSTR 2.5.13.4 ) ; caseIgnoreSubstringsMatch 2462 4. NAME FORMS 2464 4.1 aCPNetworkEdBNameForm 2466 ( 2.16.840.1.101.2.2.4.42 NAME 'aCPNetworkEdBNameForm' 2467 OC 2.16.840.1.101.2.2.3.68 ; aCPNetworkEdB 2468 MUST 2.5.4.3 ) ; cn 2470 4.2 aCPNetworkInstrEdBNameForm 2472 ( 2.16.840.1.101.2.2.4.43 NAME 'aCPNetworkInstrEdBNameForm' 2473 OC 2. ; aCPNetworkInstructionsEdB 2474 MUST 2.5.4.3 ) ; cn 2476 4.3 addressListNameForm 2478 ( 2.16.840.1.101.2.2.4.27 NAME 'addressListNameForm' 2479 OC 2.16.840.1.101.2.2.3.57 ; addressList 2480 MUST 2.5.4.3 ) ; cn 2482 4.4 aENameForm 2484 ( 2.16.840.1.101.2.2.4.34 NAME 'aENameForm' 2485 OC 2.5.6.12 ; applicationEntity 2486 MUST 2.5.4.3 ; cn 2487 MAY 2.5.4.46 ) ; dnQualifier 2489 4.5 aliasCNNameForm 2491 ( 2.16.840.1.101.2.2.4.21 NAME 'aliasCNNameForm' 2492 OC 2.16.840.1.101.2.2.3.52 ; aliasCommonName 2493 MUST 2.5.4.3 ) ; cn 2495 4.6 aliasOUNameForm 2497 ( 2.16.840.1.101.2.2.4.22 NAME 'aliasOUNameForm' 2498 OC 2.16.840.1.101.2.2.3.53 ; aliasOrganizationalUnit 2499 MUST 2.5.4.11 ) ; ou 2501 4.7 applProcessNameForm 2503 ( 2.5.15.10 NAME 'applProcessNameForm' 2504 OC 2.5.6.11 ; applicationProcess 2505 MUST 2.5.4.3 ) ; cn 2507 4.8 alternateSpellingPLANameForm 2509 ( 2.16.840.1.101.2.2.4.4 NAME 'alternateSpellingPLANameForm' 2510 OC 2.16.840.1.101.2.2.3.58 ; altSpellingACP127 2511 MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 2513 4.9 cadPLANameForm 2515 ( 2.16.840.1.101.2.2.4.6 NAME 'cadPLANameForm' 2516 OC 2.16.840.1.101.2.2.3.28 ; cadACP127 2517 MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 2519 4.10 cRLDistPtNameForm 2521 ( 2.5.15.14 NAME 'cRLDistPtNameForm' 2522 OC 2.5.6.19 ; cRLDistributionPoint 2523 MUST 2.5.4.3 ) ; cn 2525 4.11 countryNameForm 2527 ( 2.5.15.0 NAME 'countryNameForm' 2528 OC 2.5.6.2 ; country 2529 MUST 2.5.4.6 ) ; countryName 2531 4.12 deviceNameForm 2533 ( 2.5.15.13 NAME 'deviceNameForm' 2534 OC 2.5.6.14 ; device 2535 MUST 2.5.4.3 ) ; cn 2537 4.13 distributionCodeDescriptionNameForm 2539 ( 2.16.840.1.101.2.2.4.23 NAME 'distributionCodeDescriptionNameForm' 2540 OC 2.16.840.1.101.2.2.3.55 ; distributionCodeDescription 2541 MUST 2.5.4.3 ) ; cn 2543 4.14 dSANameForm 2545 ( 2.5.15.12 NAME 'dSANameForm' 2546 OC 2.5.6.13 ; dSA 2547 MUST 2.5.4.3 ) ; cn 2549 4.15 dSSCSPLANameForm 2551 ( 2.16.840.1.101.2.2.4.41 NAME 'dSSCSPLANameForm' 2552 OC 2.16.840.1.101.2.2.3.67 ; dSSCSPLA 2553 MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 2555 4.16 gONNameForm 2557 ( 2.5.15.8 NAME 'gONNameForm' 2558 OC 2.5.6.9 ; groupOfNames 2559 MUST 2.5.4.3 ) ; cn 2561 4.17 locNameForm 2563 ( 2.5.15.1 NAME 'locNameForm' 2564 OC 2.5.6.3 ; locality 2565 MUST 2.5.4.7 ) ; localityName 2567 4.18 messagingGatewayNameForm 2569 ( 2.16.840.1.101.2.2.4.28 NAME 'messagingGatewayNameForm' 2570 OC 2.16.840.1.101.2.2.4.59 ; messagingGateway 2571 MUST 2.5.4.3 ) ; cn 2573 4.19 mhs-dLNameForm 2575 ( 2.16.840.1.101.2.2.4.29 NAME 'mhs-dLNameForm' 2576 OC 2.6.5.1.0 ; mhs-distribution-list 2577 MUST 2.5.4.3 ) ; cn 2579 4.20 mLANameForm 2581 ( 2.16.840.1.101.2.2.4.9 NAME 'mLANameForm' 2582 OC 2.16.840.1.101.2.2.3.31 ; mLA 2583 MUST 2.5.4.3 ) ; cn 2585 4.21 mLAgentNameForm 2587 ( 2.16.840.1.101.2.2.4.40 NAME 'mLAgentNameForm' 2588 OC 2.16.840.1.101.2.2.3.64 ; mLAgent 2589 MUST 2.5.4.3 ) ; cn 2591 4.22 mSNameForm 2593 ( 2.16.840.1.101.2.2.4.24 NAME 'mSNameForm' 2594 OC 2.6.5.1.1 ; mhs-message-store 2595 MUST 2.5.4.3 ) ; cn 2597 4.23 mTANameForm 2599 ( 2.16.840.1.101.2.2.4.25 NAME 'mTANameForm' 2600 OC 2.6.5.1.2 ; mhs-message-transfer-agent 2601 MUST 2.5.4.3 ) ; cn 2603 4.24 mUANameForm 2605 ( 2.16.840.1.101.2.2.4.26 NAME 'mUANameForm' 2606 OC 2.6.5.1.4 ; mhs-user-agent 2607 MUST 2.5.4.3 ) ; cn 2609 4.25 organizationalPLANameForm 2611 ( 2.16.840.1.101.2.2.4.12 NAME 'organizationalPLANameForm' 2612 OC 2.16.840.1.101.2.2.3.34 ; orgACP127 2613 MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 2615 4.26 organizationNameForm 2617 ( 2.16.840.1.101.2.2.4.35 NAME 'organizationNameForm' 2618 OC 2.5.6.4 ; organization 2619 MUST 2.5.4.10 ; organizationName 2620 MAY 2.5.4.46 ) ; dnQualifier 2622 4.27 orgRNameForm 2624 ( 2.16.840.1.101.2.2.4.37 NAME 'orgRNameForm' 2625 OC 2.5.6.8 ; organizationalRole 2626 MUST 2.5.4.3 ; cn 2627 MAY 2.5.4.46 ) ; dnQualifier 2629 4.28 orgUNameForm 2631 ( 2.16.840.1.101.2.2.4.38 NAME 'orgUNameForm' 2632 OC 2.5.6.5 ; organizationalUnit 2633 MUST 2.5.4.11 ; organizationalUnitName 2634 MAY 2.5.4.46 ) ; dnQualifier 2636 4.29 plaCollectiveNameForm 2638 ( 2.16.840.1.101.2.2.4.13 NAME 'plaCollectiveNameForm' 2639 OC 2.16.840.1.101.2.2.3.35 ; plaCollectiveACP127 2640 MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 2642 4.30 qualifiedOrgPersonNameForm 2644 ( 2.16.840.1.101.2.2.4.36 NAME 'qualifiedOrgPersonNameForm' 2645 OC 2.5.6.7 ; organizationalPerson 2646 MUST 2.5.4.3 ; cn 2647 MAY ( 2.5.4.46 ; dnQualifier 2648 $ 2.5.4.11 ) ; organizationalUnitName 2650 4.31 releaseAuthorityPersonNameForm 2651 ( 2.16.840.1.101.2.2.4.32 NAME 'releaseAuthorityPersonNameForm' 2652 OC 2.16.840.1.101.2.2.3.63 ; releaseAuthorityPerson 2653 MUST 2.16.840.1.101.2.2.1.45 ) ; releaseAuthorityName 2655 4.32 releaseAuthorityPersonANameForm 2657 ( 2.16.840.1.101.2.2.4.39 NAME 'releaseAuthorityPersonANameForm' 2658 OC 2.16.840.1.101.2.2.3.65 ; releaseAuthorityPersonA 2659 MUST 2.16.840.1.101.2.2.1.45 ) ; releaseAuthorityName 2661 4.33 routingIndicatorNameForm 2663 ( 2.16.840.1.101.2.2.4.15 NAME 'routingIndicatorNameForm' 2664 OC 2.16.840.1.101.2.2.3.37 ; routingIndicator 2665 MUST 2.16.840.1.101.2.2.1.77 ) ; rI 2667 4.34 sigintPLANameForm 2669 ( 2.16.840.1.101.2.2.4.16 NAME 'sigintPLANameForm' 2670 OC 2.16.840.1.101.2.2.3.38 ; sigintPLA 2671 MUST 2.16.840.1.101.2.2.1.85 ) ; sigad 2673 4.35 sIPLANameForm 2675 ( 2.16.840.1.101.2.2.4.17 NAME 'sIPLANameForm' 2676 OC 2.16.840.1.101.2.2.3.39 ; sIPLA 2677 MUST 2.16.840.1.101.2.2.1.63 ) ; longTitle 2679 4.36 sOPNameForm 2681 ( 2.5.15.2 NAME 'sOPNameForm' 2682 OC 2.5.6.3 ; locality 2683 MUST 2.5.4.8 ) ; stateOrProvinceName 2685 4.37 spotPLANameForm 2687 ( 2.16.840.1.101.2.2.4.18 NAME 'spotPLANameForm' 2688 OC 2.16.840.1.101.2.2.3.40 ; spotPLA 2689 MUST 2.16.840.1.101.2.2.1.86 ) ; spot 2691 4.38 taskForcePLANameForm 2693 ( 2.16.840.1.101.2.2.4.19 NAME 'taskForcePLANameForm' 2694 OC 2.16.840.1.101.2.2.3.41 ; taskForceACP127 2695 MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 2697 4.39 tenantPLANameForm 2699 ( 2.16.840.1.101.2.2.4.20 NAME 'tenantPLANameForm' 2700 OC 2.16.840.1.101.2.2.3.42 ; tenantACP127 2701 MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 2703 5. MATCHING RULES 2705 5.1 addressCapabilitiesMatch Matching Rule 2707 ( 2.6.5.4.1 NAME 'addressCapabilitiesMatch' 2708 SYNTAX 2.16.840.1.101.2.2.2.16 ) ; Address Capabilities syntax 2710 5.2 capabilityMatch Matching Rule 2712 ( 2.6.5.4.2 NAME 'capabilityMatch' 2713 SYNTAX 2.16.840.1.101.2.2.2.13 ) ; Capability syntax 2715 5.3 oRAddressMatch Matching Rule 2717 ( 2.6.4.8.14 NAME 'oRAddressMatch' 2718 SYNTAX 1.3.6.1.4.1.1466.115.121.1.33 ) 2720 5.4 oRNameExactMatch Matching Rule 2722 ( 2.6.5.4.0 NAME 'oRNameExactMatch' 2723 SYNTAX 2.16.840.1.101.2.2.2.10 ) ; O/R Name syntax 2725 5.5 caseIgnoreListSubstringsMatch Matching Rule 2727 ( 2.5.13.12 NAME 'caseIgnoreListSubstringsMatch' 2728 SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 ) ; Substring Assertion 2730 5.6 booleanMatch Matching Rule 2732 ( 2.5.13.13 NAME 'booleanMatch' 2733 SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) ; BOOLEAN 2735 6. ATTRIBUTE SYNTAXES 2737 6.1 aCPLegacyFormat Attribute Syntax 2739 ( 2.16.840.1.101.2.2.2.17 DESC 'aCPLegacyFormat syntax' ) 2741 The encoding of a value in this syntax is any one of the INTEGER 2742 values: 0 - 15 or 32 - 48 where: 2744 0 means JANAP128, 2745 1 means ACP126, 2746 2 means DOI103, 2747 3 means DOI103Special, 2748 4 means ACP127, 2749 5 means ACP127Converted, 2750 (6 means Reserved1), 2751 7 means ACP127State, 2752 8 means ACP127Modified, 2753 9 means SOCOMMSpecial, 2754 10 means SOCOMMNarrative, 2755 (11 means Reserved2), 2756 12 means SOCOMMNarrativeSpecial, 2757 13 means SOCOMMData, 2758 14 means SOCOMMInternal, 2759 15 means SOCOMMExternal, and 2760 32 - 48 means national or bilateral use. 2762 6.2 aCPPreferredDelivery Attribute Syntax for the 2763 aCPPreferredDelivery Attribute 2765 ( 2.16.840.1.101.2.2.2.6 DESC 'aCPPreferredDelivery syntax' ) 2767 The encoding of a value in this syntax is any one of the INTEGER 2768 values: 0, 1, or 2, where: 2770 0 means SMTP, 2771 1 means ACP 127, and 2772 2 means MHS 2774 6.3 aCPTelephoneFaxNumber Attribute Syntax 2776 ( 2.16.840.1.101.2.2.2.1 DESC 'aCPTelephoneFaxNumber syntax' ) 2778 Values in this syntax are encoded according to the following BNF: 2780 aCPTelephoneFaxNumber = netid ", " telephonenum [ ", " 2781 securedevid ] 2783 nocommap = a /d / """ / "(" / ")" / "+" / "-" / "." / "/" / 2784 ":" / "?" / " " 2786 netid = 1*6nocommap 2787 telephonenum = 1*32nocommap 2789 securdevid = 1*8p 2791 For more information, see ACP 133 [1], Annex B, clause 24. 2793 6.4 AddressCapabilities Attribute Syntax from X.402 [17] 2795 ( 2.16.840.1.101.2.2.2.16 DESC 'AddressCapabilities' ) 2797 Values in this syntax are encoded according to the following BNF: 2799 addresscapabilities = [ "description=" generalstring ] 2800 "address=" oraddress 2801 "capabilities=" [ capability *( "$"capability ) ] 2803 generalstring = ; The encoding of a value in this element 2804 ; of the syntax is the string value itself. 2806 oraddress = ; MHS OR Address syntax 2807 ; 1.3.6.1.4.1.1466.115.121.1.33 2809 capability = ; capability syntax 2.16.840.1.101.2.2.2.13 2811 6.5 Addressees Attribute Syntax 2813 ( 2.16.840.1.101.2.2.2.2 DESC 'Addressees' ) 2815 Values in this syntax are encoded according to the following BNF: 2816 addressees = [ 1*55p *( "$" 1*55p ) ] 2818 That is, if the Addressees value is an empty sequence, the result 2819 is the empty or zero length string. Otherwise, the output consists 2820 of the PrintableString encoding of each element in the sequence, 2821 in the same order as in the sequence with "$" between the elements. 2823 6.6 addressListType Attribute Syntax for the aLType Attribute 2825 ( 2.16.840.1.101.2.2.2.8 DESC 'addressListType' ) 2827 Values in this syntax are encoded according to the following BNF: 2829 addressListType = [ "-" ] numericstring ; an INTEGER, where: 2830 ; 0 means AIG, 2831 ; 1 means TYPE, 2832 ; 2 means CAD, and 2833 ; 3 means TASKFORCE 2835 Note that future definitions of this syntax may assign a standard 2836 meaning to another integer value, e.g., 4 means XXX. 2838 6.7 Capability Attribute Syntax from X.402 [17] 2840 ( 2.16.840.1.101.2.2.2.13 DESC 'Capability' ) 2842 Values in this syntax are encoded according to the following BNF: 2844 capability = [ "content-types=" 2845 [numericoid *( ", " numericoid) ] ] 2846 [ "maximum-content-length=" numericstring ] 2847 ; an INTEGER in the range 0 - 2147483647 2848 [ "encoded-information-types-constraints=" 2849 [ "unaccept eits" unacceptable-eits ] 2850 [ "accept eits" acceptable-eits ] 2851 [ "only eits" 2852 exclusively-acceptable-eits ] ] 2853 [ "security-labels=" securitycontext ] 2855 unacceptable-eits = extendedencodedeits 2857 acceptable-eits = extendedencodedeits 2859 exclusively-acceptable-eits = extendedencodedeits 2861 extendedencodedeits = numericoid *1023( ", "numericoid ) 2863 securitycontext = securitylabel *255securitylabel 2865 securitylabel = [ "security-policy-id=" numericoid ] 2866 [ "security-classification=" numericstring ] 2867 ; an INTEGER in the range 0 - 256, where 2868 ; 0 means Unmarked, 2869 ; 1 means Unclassified, 2870 ; 2 means Restricted, 2871 ; 3 means Confidential, 2872 ; 4 means Secret, and 2873 ; 5 means Top Secret 2874 [ "privacy-mark=" 1*128p ] 2875 [ "security-categories=" securitycategories ] 2877 securitycategories = ; the BER encoding of the set of type 2878 ; and value pairs for the instances of any 2879 ; data types that are specified to be 2880 ; SECURITY-CATEGORY types 2882 6.8 Classification Attribute Syntax 2884 ( 2.16.840.1.101.2.2.2.4 DESC 'Classification' ) 2885 The encoding of a value in this syntax is any one of the INTEGER 2886 values: 0, 1, 2, 3, 4, or 5, where: 2888 0 means unmarked, 2889 1 means unclassified, 2890 2 means restricted, 2891 3 means confidential, 2892 4 means secret, and 2893 5 means top secret 2895 6.9 Community Abstract Syntax for the community Attribute 2897 ( 2.16.840.1.101.2.2.2.5 DESC 'Community syntax' ) 2899 The encoding of a value in this syntax is any one of the INTEGER 2900 values: 0, 1, or 2, where: 2902 0 means GENSER, 2903 1 means SI, and 2904 2 means both 2906 6.10 DLPolicy Attribute Syntax from X.402 [17] 2908 ( 2.16.840.1.101.2.2.2.14 DESC 'DLPolicy' ) 2910 Values in this syntax are encoded according to the following BNF: 2912 dlpolicy = [ "report-propagation=" [ "-" ] numericstring ] 2913 ; where 0 means previous-dl-or-originator, 2914 ; 1 means dl-owner, and 2915 ; 2 means both 2916 [ "report-from-dl=" [ "-" ] numericstring ] 2917 ; where 0 means whenever-requested and 2918 ; 1 means when-no-propagation 2919 [ "originating-MTA-report=" [ "-" ] numericstring ] 2920 ; where 0 means unchanged, 2921 ; 2 means report, 2922 ; 3 means non-delivery-report, and 2923 ; 4 means audited-report 2924 [ "originator-report=" [ "-" ] numericstring ] 2925 ; where 0 means unchanged, 2926 ; 1 means no-report, 2927 ; 2 means report, and 2928 ; 3 means non-delivery-report 2929 [ "return-of-content=" numericstring ] 2930 ; an INTEGER in the range 0 - 2, where 2931 ; 0 means unchanged, 2932 ; 1 means content-return-not-requested, 2933 ; and 2 means content-return-requested 2934 [ "priority=" [ "-" ] numericstring ] ; where 2935 ; 0 means unchanged, 2936 ; 1 means normal, 2937 ; 2 means non-urgent, and 2938 ; 3 means urgent 2939 [ "disclosure-of-other-recipients=" numericstring ] 2940 ; an INTEGER in the range 0 - 2, where 2941 ; 0 means unchanged, 2942 ; 1 means disclosure-of-other-recipients-prohibited, 2943 ; and 2 means disclosure-of-other-recipients-allowed 2944 [ "implicit-conversion-prohibited=" numericstring ] 2945 ; an INTEGER in the range 0 - 2, where 2946 ; 0 means unchanged, 2947 ; 1 means implicit-conversion-allowed, and 2948 ; 2 means implicit-conversion-prohibited 2949 [ "conversion-with-loss-prohibited=" numericstring ] 2950 ; an INTEGER in the range 0 - 2, where 2951 ; 0 means unchanged, 2952 ; 1 means conversion-with-loss-allowed, and 2953 ; 2 means conversion-with-loss-prohibited 2954 [ "further-dl-expansion-allowed=" ( "TRUE" / 2955 "FALSE") ] 2956 [ "originator-requested-alternate-recipient-removed=" 2957 ( "TRUE" / "FALSE" ) ] 2958 [ "proof-of-delivery=" [ "-" ] numericstring ] 2959 ; where 0 means dl-expansion-point, 2960 ; 1 means dl-members, 2961 ; 2 means both, and 2962 ; 3 means neither 2963 [ "requested-delivery-method=" ( "unchanged" / 2964 "removed" / 2965 ( "replaced: " requested-delivery-method ) ) ] 2967 requested-delivery-method = [ delivery-methods 2968 *( ", " delivery-methods ) ] 2970 delivery-methods = numericstring ; an INTEGER in the range 2971 ; 0 - 256, where 2972 ; 0 means any-delivery-method, 1 means 2973 ; mhs-delivery, 2 means physical-delivery, 2974 ; 3 means telex-delivery, 2975 ; 4 means teletex-delivery, 2976 ; 5 means g3-facsimile-delivery, 2977 ; 6 means g4-facsimile-delivery, 2978 ; 7 means ia5-terminal-delivery, 2979 ; 8 means videotex-delivery, and 2980 ; 9 means telephone-delivery 2982 6.11 DLSubmitPermission Attribute Syntax from X.402 [17] 2984 ( 2.16.840.1.101.2.2.2.15 DESC 'DLSubmitPermission' ) 2986 Values in this syntax are encoded according to the following BNF: 2988 dlsubmitpermission = ( "individual=" orname ) / 2989 ("member-of-dl=" orname ) / 2990 ("pattern-match=" orname ) / 2991 ( "member-of-group=" name ) 2993 orname = ; O/R Name syntax 2.16.840.1.101.2.2.2.10 2995 name = ; DN syntax 1.3.6.1.4.1.1466.115.121.1.12 2997 6.12 MLReceiptPolicy Attribute Syntax 2999 ( 2.16.840.1.101.2.2.2.9 DESC 'MLReceiptPolicy' ) 3001 Values in this syntax are encoded according to the following BNF: 3003 mLReceiptPolicy = none / insteadof / inadditionto 3005 none = "none" 3007 insteadof = "instead of" generalnames *15( "$" generalnames ) 3009 inadditionto = "in addition to" generalnames 3010 *15( "$" generalnames ) 3012 generalnames = generalname *( "%" generalname ) 3014 generalname = ( "otherName = " othername ) / 3015 ( "rfc822Name = " ia5string ) / 3016 ( "dNSName = " ia5string ) / 3017 ( "x400Address = " oraddress ) / 3018 ( "directoryName = " name ) / 3019 ( "ediPartyName = " 3020 [ "nameAssigner:" directorystring ] 3021 "partyName:" directorystring ) / 3022 ( "uniformResourceIdentifier = " ia5string ) / 3023 ( "iPAddress = " octetstring ) / 3024 ( "registeredID = " numericoid ) 3026 othername = ; the BER encoding of the type and value pair 3027 ; for an instance of any data type that is 3028 ; specified to be an OTHER-NAME type. 3030 ia5string = ; IA5 String syntax 1.3.6.1.4.1.1466.115.121.1.26 3032 oraddress = ; MHS OR Address syntax 3033 ; 1.3.6.1.4.1.1466.115.121.1.33 3035 name = ; DN syntax 1.3.6.1.4.1.1466.115.121.1.12 3037 directorystring = ; Directory String syntax 3038 ; 1.3.6.1.4.1.1466.115.121.1.15 3040 octetstring = ; Octet String syntax 3041 ; 1.3.6.1.4.1.1466.115.121.1.40 3043 6.13 ORName Attribute Syntax from X.411 [18] 3045 ( 2.16.840.1.101.2.2.2.10 DESC 'ORName' ) 3047 Values in this syntax are encoded according to the following BNF: 3049 oRName = oraddress [ "|" name ] 3051 oraddress = ; MHS OR Address syntax 3052 ; 1.3.6.1.4.1.1466.115.121.1.33 3054 name = ; DN syntax 1.3.6.1.4.1.1466.115.121.1.12 3056 6.14 otherNotificationsSupported Abstract Syntax for the onSupported 3057 Attribute 3059 ( 2.16.840.1.101.2.2.2.3 DESC 'otherNotificationsSupported' ) 3061 Values in this syntax are encoded according to the following BNF: 3063 otherNotificationsSupported = namedbits / bitstring 3065 namedbits = "{" [ namedbit *( "," namedbit ) ] "}" 3067 namedbit = "acp127-nn" / "acp127-pn" / "acp127-tn" 3069 bitstring = "'" *binary-digit "'B" 3071 binary-digit = "0" / "1" 3073 The presence of the name of a namedbit in the namedbits 3074 alternative means that the value of the bit is 1. The value of 3075 an absent namedbit is 0. 3077 6.15 Remarks Attribute Syntax 3079 ( 2.16.840.1.101.2.2.2.11 DESC 'Remarks syntax' ) 3081 Values in this syntax are encoded according to the following BNF: 3083 remarks = [ *p *( "$" *p ) ] 3085 6.16 RIParameters Attribute Syntax 3087 ( 2.16.840.1.101.2.2.2.12 DESC 'RIParameters' ) 3089 Values in this syntax are encoded according to the following BNF: 3091 rIParameters = "rI=" *p whsp 3092 "rIType=" numericstring whsp ; an INTEGER in 3093 ; the range 0 - 2, where 3094 ; 0 means normal, 3095 ; 1 means off-line, and 3096 ; 2 means partTimeTerminal 3097 "minimize=FALSE" whsp ; not used anymore 3098 "sHD=" *p whsp 3099 "classification=" numericstring ; an INTEGER 3100 ; in the range 0 - 5, where 3101 ; 0 means unmarked, 3102 ; 1 means unclassified, 3103 ; 2 means restricted, 3104 ; 3 means confidential, 3105 ; 4 means secret, and 3106 ; 5 means top secret 3108 7. EXAMPLE CONTENT RULES 3110 The content rules given in ACP 133(B) [1] are examples, not 3111 requirements. The rules included in this document are examples 3112 to aid in the specification of similar content rules, especially 3113 those derived from these examples. 3115 7.1 aCPApplicationEntityRuleEdA Content Rule 3117 ( 2.5.6.12 NAME 'aCPApplicationEntityRuleEdA' 3118 ; applicationEntity object class 3119 AUX ( 2.5.6.22 $ ; pkiCA 3120 2.16.840.1.101.2.2.3.66 ) ; securePkiUser 3121 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3122 2.5.4.46 $ ; dnQualifier 3123 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3124 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3126 7.2 aCPCRLDistributionPointRule Content Rule 3128 ( 2.5.6.19 NAME 'aCPCRLDistributionPointRule' 3129 ; cRLDistributionPoint object class 3130 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3131 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3132 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3134 7.3 aCPDeviceRuleEdA Content Rule 3136 ( 2.5.6.14 NAME 'aCPDeviceRuleEdA' ; device object class 3137 AUX 2.16.840.1.101.2.2.3.66 ; securePkiUser 3138 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3139 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3140 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3142 7.4 aCPDSARuleEdA Content Rule 3144 ( 2.5.6.13 NAME 'aCPDSARuleEdA' ; dSA object class 3145 AUX 2.16.840.1.101.2.2.3.66 ; securePkiUser 3146 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3147 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3148 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3150 7.5 aCPGroupOfNamesRule Content Rule 3152 ( 2.5.6.9 NAME 'aCPGroupOfNamesRule' 3153 ; groupOfNames object class 3154 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3155 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3156 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3158 7.6 aCPLocalityRule Content Rule 3160 ( 2.5.6.3 NAME 'aCPLocalityRule' 3161 ; locality object class 3162 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3163 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3164 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3166 7.7 aCPMhs-distribution-listRule Content Rule 3168 ( 2.6.5.1.0 NAME 'aCPMhs-distribution-listRule' 3169 ; mhs-distribution-list object class 3170 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3171 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3172 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3174 7.8 aCPMhs-message-storeRuleEdA Content Rule 3176 ( 2.6.5.1.1 NAME 'aCPMhs-message-storeRuleEdA' 3177 ; mhs-message-store object class 3178 AUX 2.16.840.1.101.2.2.3.66 ; securePkiUser 3179 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3180 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3181 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3183 7.9 aCPMhs-message-transfer-agentRuleEdA Content Rule 3185 ( 2.6.5.1.2 NAME 'aCPMhs-message-transfer-agentRuleEdA' 3186 ; mhs-message-transfer-agent object class 3187 AUX 2.16.840.1.101.2.2.3.66 ; securePkiUser 3188 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3189 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3190 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3192 7.10 aCPMhs-user-agentRule Content Rule 3194 ( 2.6.5.1.4 NAME 'aCPMhs-user-agentRule' 3195 ; mhs-user-agent object class 3196 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3197 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3198 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3200 7.11 aCPOrganizationalPersonRuleEdB Content Rule 3202 ( 2.5.6.7 NAME 'aCPOrganizationalPersonRuleEdB' 3203 ; organizationalPerson object class 3204 AUX ( 2.16.840.1.101.2.2.3.54 $ ; distributionCodesHandled 3205 2.6.5.1.3 $ ; mhs-user 3206 2.16.840.1.101.2.2.3.62 $ ; otherContactInformation 3207 2.16.840.1.101.2.2.3.66 $ ; securePkiUser 3208 2.16.840.1.101.2.1.4.16 ) ; ukms 3210 MAY ( 2.16.840.1.101.2.2.1.142 $ ; aCPLegacyFormat 3211 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3212 2.16.840.1.101.2.2.1.3 $ ; alternateRecipient 3213 2.5.4.15 $ ; businessCategory 3214 2.16.840.1.101.2.2.1.139 $ ; deployed 3215 2.5.4.46 $ ; dnQualifier 3216 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3217 2.16.840.1.101.2.2.1.57 $ ; expirationDate 3218 2.16.840.1.101.2.2.1.140 $ ; garrison 3219 2.16.840.1.101.2.2.1.117 $ ; guard 3220 2.16.840.1.101.2.2.1.61 $ ; listPointer 3221 2.16.840.1.101.2.2.1.68 $ ; nationality 3222 2.16.840.1.101.2.2.1.125 $ ; positionNumber 3223 2.16.840.1.101.2.2.1.133 $ ; rank 3224 0.9.2342.19200300.100.1.3 $ ; rfc822Mailbox 3225 2.16.840.1.101.2.2.1.129 ) ) ; serviceNumber 3227 7.12 aCPOrganizationalRoleRuleEdB Content Rule 3229 ( 2.5.6.8 NAME 'aCPOrganizationalRoleRuleEdB' 3230 ; organizationalRole object class 3231 AUX ( 2.5.6.22 $ ; pkiCA 3232 2.16.840.1.101.2.2.3.54 $ ; distributionCodesHandled 3233 2.6.5.1.3 $ ; mhs-user 3234 2.16.840.1.101.2.2.3.62 $ ; otherContactInformation 3235 2.16.840.1.101.2.2.3.66 $ ; securePkiUser 3236 2.16.840.1.101.2.1.4.16 ) ; ukms 3237 MAY ( 2.16.840.1.101.2.2.1.142 $ ; aCPLegacyFormat 3238 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3239 2.16.840.1.101.2.2.1.3 $ ; alternateRecipient 3240 2.5.4.15 $ ; businessCategory 3241 2.16.840.1.101.2.2.1.139 $ ; deployed 3242 2.5.4.46 $ ; dnQualifier 3243 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3244 2.16.840.1.101.2.2.1.57 $ ; expirationDate 3245 2.16.840.1.101.2.2.1.140 $ ; garrison 3246 2.16.840.1.101.2.2.1.117 $ ; guard 3247 2.16.840.1.101.2.2.1.61 $ ; listPointer 3248 2.16.840.1.101.2.2.1.68 $ ; nationality 3249 0.9.2342.19200300.100.1.3 ) ) ; rfc822Mailbox 3251 7.13 aCPOrganizationalUnitRuleEdB Content Rule 3253 ( 2.5.6.5 NAME 'aCPOrganizationalUnitRuleEdB' 3254 ; organizationalUnit object class 3255 AUX ( 2.5.6.22 $ ; pkiCA 3256 2.16.840.1.101.2.2.3.54 $ ; distributionCodesHandled 3257 2.6.5.1.3 $ ; mhs-user 3258 2.16.840.1.101.2.2.3.62 $ ; otherContactInformation 3259 2.16.840.1.101.2.2.3.56 $ ; plaUser 3260 2.16.840.1.101.2.2.3.66 $ ; securePkiUser 3261 2.16.840.1.101.2.1.4.16 ) ; ukms 3263 MAY ( 2.16.840.1.101.2.2.1.142 $ ; aCPLegacyFormat 3264 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3265 2.16.840.1.101.2.2.1.3 $ ; alternateRecipient 3266 2.16.840.1.101.2.2.1.6 $ ; associatedPLA 3267 2.16.840.1.101.2.2.1.139 $ ; deployed 3268 2.5.4.46 $ ; dnQualifier 3269 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3270 2.16.840.1.101.2.2.1.57 $ ; expirationDate 3271 2.16.840.1.101.2.2.1.140 $ ; garrison 3272 2.16.840.1.101.2.2.1.117 $ ; guard 3273 2.16.840.1.101.2.2.1.61 $ ; listPointer 3274 2.16.840.1.101.2.2.1.68 $ ; nationality 3275 0.9.2342.19200300.100.1.3 ) ) ; rfc822Mailbox 3277 7.14 aCPOrganizationRuleEdB Content Rule 3279 ( 2.5.6.4 NAME 'aCPOrganizationRuleEdB' 3280 ; organization object class 3281 AUX ( 2.5.6.22 $ ; pkiCA 3282 2.16.840.1.101.2.2.3.62 ) ; otherContactInformation 3283 MAY ( 2.16.840.1.101.2.2.1.142 $ ; aCPLegacyFormat 3284 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3285 2.5.4.46 $ ; dnQualifier 3286 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3287 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3289 7.15 aCPRoutingIndicatorRuleEdB Content Rule 3291 ( 2.16.840.1.101.2.2.3.37 NAME 'aCPRoutingIndicatorRuleEdB' 3292 ; routingIndicator 3293 MAY ( 2.16.840.1.101.2.2.1.144 $ ; tCCG 3294 2.16.840.1.101.2.2.1.76 ) ) ; remarks 3296 7.16 addressListRuleEdA Content Rule 3298 ( 2.16.840.1.101.2.2.3.57 NAME 'addressListRuleEdA' 3299 ; addressList object class 3300 AUX ( 2.16.840.1.101.2.2.3.54 $ ; distributionCodesHandled 3301 2.6.5.1.3 $ ; mhs-user 3302 2.16.840.1.101.2.2.3.56 $ ; plaUser 3303 2.16.840.1.101.2.2.3.66 $ ; securePkiUser 3304 2.16.840.1.101.2.1.4.16 ) ; ukms 3305 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3306 2.16.840.1.101.2.2.1.3 $ ; alternateRecipient 3307 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3308 2.16.840.1.101.2.2.1.57 $ ; expirationDate 3309 2.16.840.1.101.2.2.1.117 $ ; guard 3310 2.16.840.1.101.2.2.1.61 $ ; listPointer 3311 0.9.2342.19200300.100.1.3 ) ) ; rfc822Mailbox 3313 7.17 aliasCommonNameRule Content Rule 3315 ( 2.16.840.1.101.2.2.3.52 NAME 'aliasCommonNameRule' 3316 ; aliasCommonName object class 3317 MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3318 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3320 7.18 aliasOrganizationalUnitRule Content Rule 3322 ( 2.16.840.1.101.2.2.3.53 NAME 'aliasOrganizationalUnitRule' 3323 ; aliasOrganizationalUnit object class 3324 MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3325 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3327 7.19 distributionCodeDescriptionRule Content Rule 3329 ( 2.16.840.1.101.2.2.3.55 NAME 'distributionCodeDescriptionRule' 3330 ; distributionCodeDescription object class 3331 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3332 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3333 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3335 7.20 messagingGatewayRuleEdA Content Rule 3337 ( 2.16.840.1.101.2.2.3.59 NAME 'messagingGatewayRuleEdA' 3338 ; messagingGateway object class 3339 AUX ( 2.16.840.1.101.2.2.3.66 $ ; securePkiUser 3340 2.16.840.1.101.2.1.4.16 ) ; ukms 3341 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3342 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3343 2.16.840.1.101.2.2.1.57 $ ; expirationDate 3344 2.16.840.1.101.2.2.1.117 $ ; guard 3345 2.16.840.1.101.2.2.1.138 $ ; plasServed 3346 0.9.2342.19200300.100.1.3 ) ) ; rfc822Mailbox 3348 7.21 mLAgentRule Content Rule 3350 ( 2.16.840.1.101.2.2.3.64 NAME 'mLAgentRule' 3351 ; mLAgent object class 3352 MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 3353 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3354 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3356 7.22 networkEdBRule Content Rule 3358 ( 2.16.840.1.101.2.2.3.68 NAME 'networkEdBRule' 3359 ; aCPNetworkEdB object class 3360 MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3361 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3363 7.23 networkInstructionsEdBRule Content Rule 3365 ( 2.16.840.1.101.2.2.3.69 NAME 'networkInstructionsEdBRule' 3366 ; aCPNetworkInstructionsEdB object class 3367 MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3368 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3370 7.24 rAPersonRuleEdA Content Rule 3372 ( 2.16.840.1.101.2.2.3.65 NAME 'rAPersonRuleEdA' 3373 ; releaseAuthorityPersonA object class 3374 MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 3375 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 3377 7.25 sigintPLARule Content Rule 3379 ( 2.16.840.1.101.2.2.3.38 NAME 'sigintPLARule' 3380 ; sigintPLA object class 3381 MAY 2.16.840.1.101.2.2.1.4 ) ; associatedOrganization 3383 7.26 spotPLARule Content Rule 3385 ( 2.16.840.1.101.2.2.3.40 NAME 'spotPLARule' 3386 ; spotPLA object class 3387 MAY 2.16.840.1.101.2.2.1.113 ) ; associatedAL 3389 8. STRUCTURE RULES 3391 There are no structure rules defined in ACP 133(B) [1] 3393 9. SECURITY CONSIDERATIONS 3395 Attributes of directory entries are used to provide descriptive 3396 information about the real-world objects they represent, which can 3397 be people, organizations or devices. Most countries have privacy 3398 laws regarding the publication of information about people. 3400 Some of the object classes and attributes in this document support 3401 the use of a directory as part of a PKI. This schema also holds 3402 information so that components of a variety of network 3403 applications, including the directory service, can be strongly 3404 authenticated to one another and with users. 3406 10. REFERENCES 3408 [1] Common Directory Services and Procedures, ACP 133 Edition B, 3409 March 2000 3411 [2] Wahl, M., Coulbeck, A., Howes, T., and S. Kille, "Lightweight 3412 X.500 Directory Access Protocol (v3): Attribute Syntax 3413 Definitions", RFC 2252, December 1997 3415 [3] Wahl, M., "A Summary of the X.500(96) User Schema for use 3416 with LDAPv3", RFC 2256, December 1997 3418 [4] ACP 127, "Communications Instructions - Tape Relay Procedures" 3420 [5] JANAP 128(I), Joint Chiefs of Staff, May 1983, Automatic 3421 Digital Network (AUTODIN) Operating Procedures 3423 [6] ACP 123, "Common Messaging Strategy and Procedures", 3424 November, 1994 3426 [7] NATO APP-3, "NATO Subject Indicator System (NASIS) - 3427 publication 3", Oct. 1982 3429 [8] ITU-T Recommendation X.521 (1993 & 1997) | ISO/IEC 9594-7: 3430 1995 & 1997, "Information technology - Open Systems 3431 Interconnection - The Directory: Selected object classes" 3433 [9] RFC 2587, "Internet X.509 Public Key Infrastructure 3434 LDAPv2 Schema", June 1999 3436 [10] ITU-T Recommendation X.520 (1993 & 1997) | ISO/IEC 9594-6: 3437 1995 & 1997, "Information technology - Open Systems 3438 Interconnection - The Directory: Selected attribute types" 3440 [11] ACP 120, "Common Security Protocol (CSP)", final draft 3442 [12] STANAG 4406, "NATO Reference Model for Open Systems 3443 Interconnection -Military Message Handling Systems" 3445 [13] Barker, P. and Kille, S., "The COSINE and Internet X.500 3446 Schema", RFC 1274, November 1991 3448 [14] ISO 3166-1: 1997, "Codes for the representation of names of 3449 countries and their subdivsions - part 1: Country codes" 3451 [15] ACP 117, "Allied Routing Indicator Book" 3453 [16] RFC 822, "STANDARD FOR THE FORMAT OF ARPA INTERNET TEXT 3454 MESSAGES", August 13, 1982 3456 [17] ITU-T Recommendation X.402 (1995)/ISO/IEC 10021-2: 1996, 3457 "Information Technology - Message Handling Systems (MHS) - 3458 Overall Architecture" 3460 [18] ITU-T Recommendation X.411 (1995)/ISO/IEC 10021-4: 1996, 3461 "Information Technology - Message Handling Systems (MHS) - 3462 Message Transfer System: Abstract Service Definition 3463 and Procedure" 3465 [19] Smith, M., "Definition of the inetOrgPerson LDAP Object 3466 Class", RFC 2798, April 2000 3468 11. ABBREVIATIONS 3470 ACP Allied Communications Publication 3471 AE Application Entity 3472 AIG Address Indicator Group 3473 AL Address List 3474 ALID AL Identifier 3475 ASN.1 Abstract Syntax Notation One 3476 AUTODIN Automatic Digital Network 3477 BER Basic Encoding Rules 3478 BNF Backus-Naur Form 3479 C Country 3480 CA Certification Authority 3481 CAD Collective Address Designator 3482 CCEB Combined Communications Electronics Board 3483 CCITT The International Telegraph and Telephone 3484 Consultative Committee 3485 CMI Certificate Management Infrastructure 3486 CN Common Name 3487 CRL Certificate Revocation List 3488 DAP Directory Access Protocol 3489 DFTS Defence Fixed Telecommunications Service 3490 DIB Directory Information Base 3491 DL Distribution List 3492 DN Distinguished Name 3493 DODAAC Department of Defense Activity Accounting Code 3494 DSA Directory System Agent 3495 DSN Defense Switched Network (DSN) 3496 EIT Encoded Information Type 3497 FAX Facsimile 3498 GENSER General Service 3499 GHP Gateway Handling Policy 3500 GON Group of Names 3501 IA5 International Alphabet Number 5 3502 IEC International Electrotechnical Commission 3503 IETF Internet Engineering Task Force 3504 ISDN Integrated Services Digital Network 3505 ISO International Organization for Standardization 3506 ITU-T International Telecommunication Union- 3507 Telecommunication Standardization Sector 3508 JANAP Joint Army, Navy, Air Force Procedure 3509 L Locality 3510 LDAP Lightweight Directory Access Protocol 3511 LMF Language and Media Format 3512 LOC Locality 3513 MCS Message Conversion System 3514 MHS Message Handling System 3515 ML Mail List 3516 MLA Mail List Agent 3517 MMHS Military Message Handling System 3518 MS Message Store 3519 MTA Message Transfer Agent 3520 MTS Message Transfer System 3521 MUA Messaging User Agent 3522 NASIS NATO Subject Indicator System 3523 NAVCOMPARS Naval Communications Processing and Routing System 3524 O Organization 3525 ON Other Notification 3526 O/R, OR Originator/Recipient 3527 ORG Organizational 3528 OU Organizational Unit 3529 PKI Public Key Infrastructure 3530 PLA Plain Language Address 3531 PSTN Public Switched Telephone Network 3532 R Role 3533 RA Release Authority 3534 RAN Release Authority Name 3535 RDN Relative Distinguished Name 3536 RFC Request for Comments 3537 RI Routing Indicator 3538 SHD Special Handling Designator 3539 SI Special Intelligence 3540 SIC Subject Indicator Code 3541 SIGAD SIGINT Address 3542 SIGINT Signal Intelligence 3543 SMTP Simple Mail Transfer Protocol 3544 SOP State or Province 3545 ST State or Province Name 3546 STU Secure Telephone Unit 3547 TARE Telegraph Automatic Relay Equipment 3548 TCC Transmission Control Code 3549 TRC Transmission Release Code 3550 U Unit 3551 UA User Agent 3552 UKM User Key Material 3554 12. ACKNOWLEDGEMENTS 3555 This document was prepared with the help and advice of 3556 two organizations: 3558 CCEB ACP 133 Task Force 3559 IETF LDAP Extensions Working Group 3561 Thanks to thanks to the members of these groups for their 3562 criticism, corrections, and feedback. 3564 13. AUTHOR'S ADDRESS 3566 Kathy Dally 3567 The MITRE Corp. 3568 1820 Dolley Madison Blvd. 3569 McLean, VA 22102 3570 USA 3572 e-mail: kdally@mitre.org 3573 telephone: +1 703 883 6058 3574 fax: +1 703 883 7142