idnits 2.17.1 draft-smith-ldap-inetorgperson-01.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 1) being 60 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** There are 6 instances of too long lines in the document, the longest one being 3 characters in excess of 72. ** The abstract seems to contain references ([X500]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. == There are 31 instances of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 155: '...s attribute type MUST conform to the d...' RFC 2119 keyword, line 203: '... MAY (...' RFC 2119 keyword, line 218: '... MUST (...' RFC 2119 keyword, line 221: '... MAY (...' Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 293 has weird spacing: '...for the purpo...' -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (17 November 1998) is 9291 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- -- Missing reference section? 'X500' on line 41 looks like a reference -- Missing reference section? 'RFC2251' on line 339 looks like a reference -- Missing reference section? 'RFC2252' on line 343 looks like a reference -- Missing reference section? 'RFC1274' on line 321 looks like a reference -- Missing reference section? 'RFC2079' on line 334 looks like a reference -- Missing reference section? 'RFC2256' on line 348 looks like a reference -- Missing reference section? 'JFIF' on line 143 looks like a reference -- Missing reference section? 'RFC2068' on line 330 looks like a reference -- Missing reference section? 'RFC1847' on line 325 looks like a reference -- Missing reference section? 'PKCS12' on line 317 looks like a reference -- Missing reference section? 'X521' on line 198 looks like a reference -- Missing reference section? 'LDIF' on line 233 looks like a reference Summary: 10 errors (**), 0 flaws (~~), 4 warnings (==), 14 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 The LDAP inetOrgPerson Object Class Mark Smith 3 INTERNET-DRAFT Netscape Communications 4 Intended Category: Informational 17 November 1998 5 Expires: 17 May 1999 7 Definition of the inetOrgPerson LDAP Object Class 8 Filename: draft-smith-ldap-inetorgperson-01.txt 10 1. Status of this Memo 12 This draft document will be submitted to the RFC Editor as an Informa- 13 tional document. Distribution of this memo is unlimited. Please send 14 comments to the author . 16 This document is an Internet-Draft. Internet-Drafts are working docu- 17 ments of the Internet Engineering Task Force (IETF), its areas, and its 18 working groups. Note that other groups may also distribute working 19 documents as Internet-Drafts. 21 Internet-Drafts are draft documents valid for a maximum of six months 22 and may be updated, replaced, or obsoleted by other documents at any 23 time. It is inappropriate to use Internet-Drafts as reference material 24 or to cite them other than as "work in progress." 26 To view the entire list of current Internet-Drafts, please check the 27 "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow 28 Directories on ftp.is.co.za (Africa), nic.nordu.net (Northern Europe), 29 ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific Rim), or 30 ftp.isi.edu (US West Coast). 32 Copyright (C) The Internet Society (1998). All Rights Reserved. 34 Please see the Copyright section near the end of this document for more 35 information. 37 This Internet Draft expires on 17 May 1999. 39 2. Abstract 41 While the X.500 standards [X500] define many useful attribute types and 42 object classes, they do not define a person object class that meets the 43 requirements found in today's Internet and Intranet directory service 44 deployments. We define a new object class called inetOrgPerson for use 45 in LDAP and X.500 directory services that extends the X.521 standard 46 organizationalPerson class to meet these needs. 48 3. Background and Intended Usage 50 The inetOrgPerson object class is a general purpose object class that 51 holds attributes about people. The attributes it holds were chosen to 52 accommodate information requirements found in typical Internet and 53 Intranet directory service deployments. The inetOrgPerson object class 54 is designed to be used within directory services based on the LDAP 55 [RFC2251] and the X.500 family of protocols, and it should be useful in 56 other contexts as well. There is no requirement for directory services 57 implementors to use the inetOrgPerson object class; it is simply 58 presented as well-documented class that implementors can choose to use 59 if they find it useful. 61 The attribute type and object class definitions in this document are 62 written using the BNF form of AttributeTypeDescription and 63 ObjectClassDescription given in [RFC2252]. In some cases lines have 64 been folded for readability. 66 Attributes that are referenced but not defined in this document are 67 included in one of the following documents: 69 The COSINE and Internet X.500 Schema [RFC1274] 71 Definition of an X.500 Attribute Type and an Object Class to Hold 72 Uniform Resource Identifiers (URIs) [RFC2079] 74 A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256] 76 See Appendix A for a detailed summary that shows where each attribute 77 type is defined. 79 4. New Attribute Types Used in the inetOrgPerson Object Class 81 4.1. Vehicle license or registration plate. 83 This multivalued field is used to record the values of the license or 84 registration plate associated with an individual. 86 ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' 87 DESC 'vehicle license or registration plate' 88 EQUALITY caseIgnoreMatch 89 SUBSTRINGS caseIgnoreSubstringsMatch 90 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 92 4.2. Department number 94 Code for department to which a person belongs. This can also be 95 strictly numeric (e.g., 1234) or alphanumeric (e.g., ABC/123). 96 ( 2.16.840.1.113730.3.1.2 97 NAME 'departmentNumber' 98 DESC 'identifies a department within an organization' 99 EQUALITY caseIgnoreMatch 100 SUBSTRINGS caseIgnoreSubstringsMatch 101 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 103 4.3. Display Name 105 When displaying an entry, especially within a one-line summary list, it 106 is useful to be able to identify a name to be used. Since other attri- 107 bute types such as 'cn' are multivalued, an additional attribute type is 108 needed. Display name is defined for this purpose. 109 ( 2.16.840.1.113730.3.1.241 110 NAME 'displayName' 111 DESC 'preferred name of a person to be used when displaying entries' 112 EQUALITY caseIgnoreMatch 113 SUBSTRINGS caseIgnoreSubstringsMatch 114 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 116 4.4. Employee Number 118 Numeric or alphanumeric identifier assigned to a person, typically based 119 on order of hire or association with an organization. Single valued. 120 ( 2.16.840.1.113730.3.1.3 121 NAME 'employeeNumber' 122 DESC 'numerically identifies an employee within an organization' 123 EQUALITY caseIgnoreMatch 124 SUBSTRINGS caseIgnoreSubstringsMatch 125 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 126 SINGLE-VALUE ) 128 4.5. Employee Type 130 Used to identify the employer to employee relationship. Typical values 131 used will be "Contractor", "Employee", "Intern", "Temp", "External", and 132 "Unknown" but any value may be used. 133 ( 2.16.840.1.113730.3.1.4 134 NAME 'employeeType' 135 DESC 'type of employment for a person' 136 EQUALITY caseIgnoreMatch 137 SUBSTRINGS caseIgnoreSubstringsMatch 138 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 140 4.6. JPEG Photograph 142 Used to store one or more images of a person using the JPEG File Inter- 143 change Format [JFIF]. 144 ( 0.9.2342.19200300.100.1.60 145 NAME 'jpegPhoto' 146 DESC 'a JPEG image' 147 SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) 148 Note that the jpegPhoto attribute type was defined for use in the Inter- 149 net X.500 pilots but no referencable definition for it could be located. 151 4.7. Preferred Language 153 Used to indicate an individual's preferred written or spoken language. 154 This is useful for international correspondence or human-computer 155 interaction. Values for this attribute type MUST conform to the defini- 156 tion of the Accept-Language header field defined in [RFC2068] with one 157 exception: the sequence "Accept-Language" ":" should be omitted. This 158 is a single valued attribute type. 159 ( 2.16.840.1.113730.3.1.39 160 NAME 'preferredLanguage' 161 DESC 'preferred written or spoken language for a person' 162 EQUALITY caseIgnoreMatch 163 SUBSTRINGS caseIgnoreSubstringsMatch 164 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 165 SINGLE-VALUE ) 166 ) 168 4.8. User S/MIME Certificate 170 An S/MIME [RFC1847] signed message with a zero-length body. This attri- 171 bute is to be stored and requested in binary form, as 172 'userSMIMECertificate;binary'. It contains the person's entire certifi- 173 cate chain and the signed attribute that describes their algorithm capa- 174 bilities, stored as an octetString. If available, this attribute is 175 preferred over the userCertificate attribute for S/MIME applications. 176 ( 2.16.840.1.113730.3.1.40 177 NAME 'userSMIMECertificate' 178 DESC 'signed message used to support S/MIME' 179 SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) 181 4.9. User PKCS #12 183 PKCS #12 [PKCS12] provides a format for exchange of personal identity 184 information. When such information is stored in a directory service, 185 the userPKCS12 attribute should be used. This attribute is to be stored 186 and requested in binary form, as 'userPKCS12;binary'. The attribute 187 values are PFX PDUs stored as octetStrings. 188 ( 2.16.840.1.113730.3.1.216 189 NAME 'userPKCS12' 190 DESC 'PKCS #12 PFX PDU for exchange of personal identity information' 191 SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) 192 ) 194 5. Definition of the inetOrgPerson Object Class 196 The inetOrgPerson represents people who are associated with an organiza- 197 tion in some way. It is a structural class and is derived from the 198 organizationalPerson class which is defined in [X521]. 199 ( 2.16.840.1.113730.3.2.2 200 NAME 'inetOrgPerson' 201 SUP organizationalPerson 202 STRUCTURAL 203 MAY ( 204 audio $ businessCategory $ carLicense $ departmentNumber $ 205 employeeNumber $ employeeType $ givenName $ homePhone $ 206 homePostalAddress $ initials $ jpegPhoto $ labeledURI $ 207 mail $ manager $ mobile $ pager $ 208 photo $ roomNumber $ secretary $ uid $ userCertificate $ 209 x500uniqueIdentifier $ preferredLanguage $ userSMIMECertificate $ 210 userPKCS12 211 ) 212 ) 214 For reference, we list the following additional attribute types that are 215 part of the inetOrgPerson object class. These attribute types are 216 inherited from organizationalPerson (which in turn is derived from the 217 person object class): 218 MUST ( 219 cn $ objectClass $ sn 220 ) 221 MAY ( 222 description $ destinationIndicator $ facsimileTelephoneNumber $ 223 internationaliSDNNumber $ l $ ou $ physicalDeliveryOfficeName $ 224 postalAddress $ postalCode $ postOfficeBox $ 225 preferredDeliveryMethod $ registeredAddress $ seeAlso $ 226 st $ street $ telephoneNumber $ teletexTerminalIdentifier $ 227 telexNumber $ title $ userPassword $ x121Address 228 ) 230 6. Example of an inetOrgPerson Entry 232 The following example is expressed using the LDIF notation defined in 233 [LDIF]. 235 dn: cn=Barbara Jensen, ou=Product Development, o=Ace Industry, c=US 236 objectClass: top 237 objectClass: person 238 objectClass: organizationalPerson 239 objectClass: inetOrgPerson 240 cn: Barbara Jensen 241 cn: Babs Jensen 242 sn: Jensen 243 givenName: Barbara 244 initials: BJJ 245 title: manager, product development 246 uid: bjensen 247 mail: bjensen@aceindustry.com 248 telephoneNumber: +1 408 555 1862 249 facsimileTelephoneNumber: +1 408 555 1992 250 mobile: +1 408 555 1941 251 roomNumber: 0209 252 carLicense: 6ABC246 253 departmentNumber: 2604 254 employeeNumber: 42 255 employeeType: full time 256 preferredLanguage: fr, en-gb;q=0.8, en;q=0.7 257 labeledURI: http://www.aceindustry.com/users/bjensen My Home Page 259 7. Security Considerations 261 Attributes of directory entries are used to provide descriptive informa- 262 tion about the real-world objects they represent, which can be people, 263 organizations or devices. Most countries have privacy laws regarding 264 the publication of information about people. 266 Transfer of cleartext passwords are strongly discouraged where the 267 underlying transport service cannot guarantee confidentiality and may 268 result in disclosure of the password to unauthorized parties. 270 8. Acknowledgments 272 The Netscape Directory Server team created the inetOrgPerson object 273 class based on experience and customer requirements. Anil Bhavnani and 274 John Kristian in particular deserve credit for all of the early design 275 work. 277 Many members of the Internet community, in particular those in the IETF 278 ASID and LDAPEXT groups, also contributed to the design of this object 279 class. 281 9. Copyright 283 Copyright (C) The Internet Society (1998). All Rights Reserved. 285 This document and translations of it may be copied and furnished to oth- 286 ers, and derivative works that comment on or otherwise explain it or 287 assist in its implementation may be prepared, copied, published and dis- 288 tributed, in whole or in part, without restriction of any kind, provided 289 that the above copyright notice and this paragraph are included on all 290 such copies and derivative works. However, this document itself may not 291 be modified in any way, such as by removing the copyright notice or 292 references to the Internet Society or other Internet organizations, 293 except as needed for the purpose of developing Internet standards in 294 which case the procedures for copyrights defined in the Internet Stan- 295 dards process must be followed, or as required to translate it into 296 languages other than English. 298 The limited permissions granted above are perpetual and will not be 299 revoked by the Internet Society or its successors or assigns. 301 This document and the information contained herein is provided on an "AS 302 IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK 303 FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT 304 LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT 305 INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FIT- 306 NESS FOR A PARTICULAR PURPOSE. 308 10. Bibliography 310 [JFIF]E. Hamilton, "JPEG File Interchange Format (Version 1.02)", C-Cube 311 Microsystems, Milpitas, CA, September 1, 1992. 313 [LDIF]G. Good, "The LDAP Data Interchange Format (LDIF) - Technical 314 Specification" "The LDAP Data Interchange Format (LDIF)", 315 INTERNET-DRAFT , 2 November 1998. 317 [PKCS12] 318 "PKCS #12: Personal Information Exchange Standard", Version 1.0 319 DRAFT, 30 April 1997. 321 [RFC1274] 322 P. Barker, S. Kille, "The COSINE and Internet X.500 Schema", RFC 323 1274, November 1991. 325 [RFC1847] 326 J. Galvin, S. Murphy, S. Crocker, N. Freed, "Security Multiparts 327 for MIME: Multipart/Signed and Multipart/Encrypted", RFC 1847, 328 October 1995. 330 [RFC2068] 331 R. Fielding, J. Gettys, J. Mogul, H. Frystyk, T. Berners-Lee, 332 "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2068, January 1997. 334 [RFC2079] 335 M. Smith, "Definition of an X.500 Attribute Type and an Object 336 Class to Hold Uniform Resource Identifiers (URIs)", RFC 2079, Janu- 337 ary 1997. 339 [RFC2251] 340 M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access Protocol 341 (v3)", RFC 2251, December 1997. 343 [RFC2252] 344 M. Wahl, A. Coulbeck, T. Howes, S. Kille, W. Yeong, C. Robbins, 345 "Lightweight Directory Access Protocol (v3): Attribute Syntax 346 Definitions", RFC 2252, December 1997. 348 [RFC2256] 349 M. Wahl, "A Summary of the X.500(96) User Schema for use with 350 LDAPv3", RFC 2256, December 1997. 352 [X500]ITU-T Rec. X.500, "The Directory: Overview of Concepts, Models and 353 Service", 1993. 355 [X520]ITU-T Rec. X.520, "The Directory: Selected Attribute Types", 1993. 357 [X521]ITU-T Rec. X.521, "The Directory: Selected Object Classes", 1993. 359 11. Author's Address 361 Mark Smith 362 Netscape Communications Corp. 363 501 E. Middlefield Rd., Mailstop MV068 364 Mountain View, CA 94043, USA 365 Phone: +1 650 937-3477 366 EMail: mcs@netscape.com 368 12. Appendix A - Summary of Attribute Types Included in inetOrgPerson 370 This appendix provides definitions of all the attribute types included 371 in the inetOrgPerson object class. 373 12.1. Attribute types defined in this document 374 ( 2.16.840.1.113730.3.1.1 NAME 'carLicense' 375 DESC 'vehicle license or registration plate' 376 EQUALITY caseIgnoreMatch 377 SUBSTRINGS caseIgnoreSubstringsMatch 378 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 380 ( 2.16.840.1.113730.3.1.2 381 NAME 'departmentNumber' 382 DESC 'identifies a department within an organization' 383 EQUALITY caseIgnoreMatch 384 SUBSTRINGS caseIgnoreSubstringsMatch 385 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 387 ( 2.16.840.1.113730.3.1.241 388 NAME 'displayName' 389 DESC 'preferred name of a person to be used when displaying entries' 390 EQUALITY caseIgnoreMatch 391 SUBSTRINGS caseIgnoreSubstringsMatch 392 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 394 ( 2.16.840.1.113730.3.1.3 395 NAME 'employeeNumber' 396 DESC 'numerically identifies an employee within an organization' 397 EQUALITY caseIgnoreMatch 398 SUBSTRINGS caseIgnoreSubstringsMatch 399 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 400 SINGLE-VALUE ) 402 ( 2.16.840.1.113730.3.1.4 403 NAME 'employeeType' 404 DESC 'type of employment for a person' 405 EQUALITY caseIgnoreMatch 406 SUBSTRINGS caseIgnoreSubstringsMatch 407 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 409 ( 0.9.2342.19200300.100.1.60 410 NAME 'jpegPhoto' 411 DESC 'a JPEG image' 412 SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) 413 Note: The jpegPhoto attribute type was defined for use in the 414 Internet X.500 pilots but no referencable definition for it 415 could be located. 417 ( 2.16.840.1.113730.3.1.39 418 NAME 'preferredLanguage' 419 DESC 'preferred written or spoken language for a person' 420 EQUALITY caseIgnoreMatch 421 SUBSTRINGS caseIgnoreSubstringsMatch 422 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 423 SINGLE-VALUE ) 425 ( 2.16.840.1.113730.3.1.40 426 NAME 'userSMIMECertificate' 427 DESC 'signed message used to support S/MIME' 428 SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) 430 ( 2.16.840.1.113730.3.1.216 431 NAME 'userPKCS12' 432 DESC 'PKCS #12 PFX PDU for exchange of personal identity information' 433 SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) 435 12.2. Attribute types defined in the X.500 series of documents 437 Note that these attribute types are also documented in RFC 2256. 439 ( 2.5.4.15 440 NAME 'businessCategory' 441 EQUALITY caseIgnoreMatch 442 SUBSTR caseIgnoreSubstringsMatch 443 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) 445 ( 2.5.4.3 446 NAME 'cn' 447 SUP name ) 449 ( 2.5.4.13 450 NAME 'description' 451 EQUALITY caseIgnoreMatch 452 SUBSTR caseIgnoreSubstringsMatch 453 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} ) 455 ( 2.5.4.27 456 NAME 'destinationIndicator' 457 EQUALITY caseIgnoreMatch 458 SUBSTR caseIgnoreSubstringsMatch 459 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} ) 461 ( 2.5.4.23 462 NAME 'facsimileTelephoneNumber' 463 SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 ) 465 ( 2.5.4.42 466 NAME 'givenName' 467 SUP name ) 469 ( 2.5.4.43 470 NAME 'initials' 471 SUP name ) 473 ( 2.5.4.25 474 NAME 'internationaliSDNNumber' 475 EQUALITY numericStringMatch 476 SUBSTR numericStringSubstringsMatch 477 SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} ) 479 ( 2.5.4.7 480 NAME 'l' 481 SUP name ) 483 ( 2.5.4.0 484 NAME 'objectClass' 485 EQUALITY objectIdentifierMatch 486 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) 488 ( 2.5.4.11 489 NAME 'ou' 490 SUP name ) 492 ( 2.5.4.19 493 NAME 'physicalDeliveryOfficeName' 494 EQUALITY caseIgnoreMatch 495 SUBSTR caseIgnoreSubstringsMatch 496 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) 498 ( 2.5.4.18 499 NAME 'postOfficeBox' 500 EQUALITY caseIgnoreMatch 501 SUBSTR caseIgnoreSubstringsMatch 502 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) 504 ( 2.5.4.16 505 NAME 'postalAddress' 506 EQUALITY caseIgnoreListMatch 507 SUBSTR caseIgnoreListSubstringsMatch 508 SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) 510 ( 2.5.4.17 511 NAME 'postalCode' 512 EQUALITY caseIgnoreMatch 513 SUBSTR caseIgnoreSubstringsMatch 514 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} ) 516 ( 2.5.4.28 517 NAME 'preferredDeliveryMethod' 518 SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 519 SINGLE-VALUE ) 521 ( 2.5.4.26 522 NAME 'registeredAddress' 523 SUP postalAddress 524 SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) 526 ( 2.5.4.34 527 NAME 'seeAlso' 528 SUP distinguishedName ) 530 ( 2.5.4.4 531 NAME 'sn' 532 SUP name ) 534 ( 2.5.4.8 535 NAME 'st' 536 SUP name ) 538 ( 2.5.4.9 539 NAME 'street' 540 EQUALITY caseIgnoreMatch 541 SUBSTR caseIgnoreSubstringsMatch 542 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} ) 544 ( 2.5.4.20 545 NAME 'telephoneNumber' 546 EQUALITY telephoneNumberMatch 547 SUBSTR telephoneNumberSubstringsMatch 548 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} ) 550 ( 2.5.4.22 551 NAME 'teletexTerminalIdentifier' 552 SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 ) 554 ( 2.5.4.21 555 NAME 'telexNumber' 556 SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 ) 558 ( 2.5.4.12 559 NAME 'title' 560 SUP name ) 562 ( 2.5.4.36 563 NAME 'userCertificate' 564 SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 ) 566 ( 2.5.4.35 567 NAME 'userPassword' 568 EQUALITY octetStringMatch 569 SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} ) 571 ( 2.5.4.24 572 NAME 'x121Address' 573 EQUALITY numericStringMatch 574 SUBSTR numericStringSubstringsMatch 575 SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} ) 577 ( 2.5.4.45 578 NAME 'x500UniqueIdentifier' 579 EQUALITY bitStringMatch 580 SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 ) 582 Some attribute types included in inetOrgPerson are derived from the 583 'name' and 'distinguishedName' attribute supertypes: 584 ( 2.5.4.41 585 NAME 'name' 586 EQUALITY caseIgnoreMatch 587 SUBSTR caseIgnoreSubstringsMatch 588 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} ) 590 ( 2.5.4.49 591 NAME 'distinguishedName' 592 EQUALITY distinguishedNameMatch 593 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) 595 12.3. Attribute types defined in RFC 1274 596 ( 0.9.2342.19200300.100.1.55 597 NAME 'audio' 598 EQUALITY octetStringMatch 599 SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{250000} ) 600 Note: The syntax used here for the audio attribute type is Octet 601 String. RFC 1274 uses a syntax called audio which is not defined 602 in RFC 1274. 604 ( 0.9.2342.19200300.100.1.20 605 NAME 'homePhone' 606 EQUALITY telephoneNumberMatch 607 SUBSTR telephoneNumberSubstringsMatch 608 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) 609 Note: RFC 1274 uses the longer name 'homeTelephoneNumber'. 611 ( 0.9.2342.19200300.100.1.39 612 NAME 'homePostalAddress' 613 EQUALITY caseIgnoreListMatch 614 SUBSTR caseIgnoreListSubstringsMatch 615 SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 ) 617 ( 0.9.2342.19200300.100.1.3 618 NAME 'mail' 619 EQUALITY caseIgnoreIA5Match 620 SUBSTR caseIgnoreIA5SubstringsMatch 621 SYNTAX 0.9.2342.19200300.100.3.5{256} ) 622 Note: RFC 1274 uses the longer name 'rfc822Mailbox'. 624 ( 0.9.2342.19200300.100.1.10 625 NAME 'manager' 626 EQUALITY distinguishedNameMatch 627 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) 629 ( 0.9.2342.19200300.100.1.41 630 NAME 'mobile' 631 EQUALITY telephoneNumberMatch 632 SUBSTR telephoneNumberSubstringsMatch 633 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) 634 Note: RFC 1274 uses the longer name 'mobileTelephoneNumber'. 636 ( 0.9.2342.19200300.100.1.42 637 NAME 'pager' 638 EQUALITY telephoneNumberMatch 639 SUBSTR telephoneNumberSubstringsMatch 640 SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) 641 Note: RFC 1274 uses the longer name 'pagerTelephoneNumber'. 643 ( 0.9.2342.19200300.100.1.7 644 NAME 'photo' ) 645 Note: Photo attribute values are encoded in G3 fax format with an 646 ASN.1 wrapper. Please refer to RFC 1274 section 9.3.7 for 647 detailed syntax information for this attribute. 649 ( 0.9.2342.19200300.100.1.6 650 NAME 'roomNumber' 651 EQUALITY caseIgnoreMatch 652 SUBSTR caseIgnoreSubstringsMatch 653 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) 655 ( 0.9.2342.19200300.100.1.21 656 NAME 'secretary' 657 EQUALITY distinguishedNameMatch 658 SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) 660 ( 0.9.2342.19200300.100.1.1 661 NAME 'uid' 662 EQUALITY caseIgnoreMatch 663 SUBSTR caseIgnoreSubstringsMatch 664 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) 665 Note: RFC 1274 uses the longer name 'userid'. 667 12.4. Attribute types defined in RFC 2079 668 ( 1.3.6.1.4.1.250.1.57 669 NAME 'labeledURI' 670 EQUALITY caseExactMatch 671 SUBSTR caseExactSubstringsMatch 672 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) 674 13. Appendix B - Change History 676 Changes since draft-smith-ldap-inetorgperson-00.txt: 678 Added a new attribute called displayName. 680 Added a definition for jpegPhoto (could not find a suitable defini- 681 tion elsewhere). 683 Added Appendix A (Summary of Attribute Types Included in inetOrgPer- 684 son) 686 Added a table of contents. 688 Cleaned up some of the text and the bibliography. 690 This Internet Draft expires on 17 May 1999. 692 1. Status of this Memo............................................1 693 2. Abstract.......................................................1 694 3. Background and Intended Usage..................................2 695 4. New Attribute Types Used in the inetOrgPerson Object Class.....2 696 4.1. Vehicle license or registration plate.......................2 697 4.2. Department number...........................................3 698 4.3. Display Name................................................3 699 4.4. Employee Number.............................................3 700 4.5. Employee Type...............................................3 701 4.6. JPEG Photograph.............................................4 702 4.7. Preferred Language..........................................4 703 4.8. User S/MIME Certificate.....................................4 704 4.9. User PKCS #12...............................................5 705 5. Definition of the inetOrgPerson Object Class...................5 706 6. Example of an inetOrgPerson Entry..............................6 707 7. Security Considerations........................................6 708 8. Acknowledgments................................................7 709 9. Copyright......................................................7 710 10. Bibliography...................................................7 711 11. Author's Address...............................................9 712 12. Appendix A - Summary of Attribute Types Included in inetOrgPerson9 713 12.1. Attribute types defined in this document....................9 714 12.2. Attribute types defined in the X.500 series of documents....10 715 12.3. Attribute types defined in RFC 1274.........................14 716 12.4. Attribute types defined in RFC 2079.........................15 717 13. Appendix B - Change History....................................15