idnits 2.17.1 

draft-zeilenga-ldap-t-f-04.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** Looks like you're using RFC 2026 boilerplate.  This must be updated to
     follow RFC 3978/3979, as updated by RFC 4748.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  ** The document seems to lack a 1id_guidelines paragraph about 6 months
     document validity -- however, there's a paragraph with a matching
     beginning. Boilerplate error?

  ** The document seems to lack a 1id_guidelines paragraph about the list of
     current Internet-Drafts -- however, there's a paragraph with a matching
     beginning. Boilerplate error?

  ** The document seems to lack a 1id_guidelines paragraph about the list of
     Shadow Directories. 


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

     No issues found here.

  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == Line 180 has weird spacing: '...for the  purpo...'

  == The document seems to lack the recommended RFC 2119 boilerplate, even if
     it appears to use RFC 2119 keywords -- however, there's a paragraph with
     a matching beginning. Boilerplate error?

     (The document does seem to have the reference to RFC 2119 which the
     ID-Checklist requires).
  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (4 November 2002) is 7843 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  ** Obsolete normative reference: RFC 2251 (Obsoleted by RFC 4510, RFC 4511,
     RFC 4512, RFC 4513)

  ** Obsolete normative reference: RFC 2254 (Obsoleted by RFC 4510, RFC 4515)

  ** Obsolete normative reference: RFC 3377 (Obsoleted by RFC 4510)

  -- No information found for draft-zeilenga-ldap-features-xx - is the name
     correct?

  -- Possible downref: Normative reference to a draft: ref. 'FEATURES' 

  -- Obsolete informational reference (is this intentional?): RFC 1777
     (Obsoleted by RFC 3494)

  -- Obsolete informational reference (is this intentional?): RFC 1960
     (Obsoleted by RFC 2254)

  -- Obsolete informational reference (is this intentional?): RFC 3383
     (Obsoleted by RFC 4520)


     Summary: 7 errors (**), 0 flaws (~~), 2 warnings (==), 7 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	INTERNET-DRAFT                                      Kurt D. Zeilenga
3	Intended Category: Standard Track                OpenLDAP Foundation
4	Expires in six months                                4 November 2002

6	                     LDAP Absolute True/False Filters
7	                     <draft-zeilenga-ldap-t-f-04.txt>

9	Status of this Memo

11	  This document is an Internet-Draft and is in full conformance with all
12	  provisions of Section 10 of RFC2026.

14	  This document is intended to be, after appropriate review and
15	  revision, submitted to the RFC Editor as a Standard Track document.
16	  Distribution of this memo is unlimited.  Technical discussion of this
17	  document will take place on the IETF LDAP Extensions Working Group
18	  mailing list <ldapext@ietf.org>.  Please send editorial comments
19	  directly to the author <Kurt@OpenLDAP.org>.

21	  Internet-Drafts are working documents of the Internet Engineering Task
22	  Force (IETF), its areas, and its working groups.  Note that other
23	  groups may also distribute working documents as Internet-Drafts.
24	  Internet-Drafts are draft documents valid for a maximum of six months
25	  and may be updated, replaced, or obsoleted by other documents at any
26	  time.  It is inappropriate to use Internet-Drafts as reference
27	  material or to cite them other than as ``work in progress.''

29	  The list of current Internet-Drafts can be accessed at
30	  <http://www.ietf.org/ietf/1id-abstracts.txt>. The list of
31	  Internet-Draft Shadow Directories can be accessed at
32	  <http://www.ietf.org/shadow.html>.

34	  Copyright 2002, The Internet Society.  All Rights Reserved.

36	  Please see the Copyright section near the end of this document for
37	  more information.

39	Abstract

41	  This document extends the Lightweight Directory Access Protocol (LDAP)
42	  to support absolute True and False filters based upon similar
43	  capabilities found in X.500 directory systems.  The document also
44	  extends the String Representation of LDAP Search Filters to support
45	  these filters.

47	1.  Background and Intended Use

49	  The X.500 Directory Access Protocol (DAP) [X.511] supports absolute
50	  True and False assertions.  An 'and' filter with zero elements always
51	  evaluates to True.  An 'or' filter with zero elements always evaluates
52	  to False.  These filters are commonly used when requesting DSA-
53	  specific Entries (DSEs) which do not necessarily have 'objectClass'
54	  attributes.  That is, where "(objectClass=*)" may evaluate to False.

56	  While LDAPv2 [RFC1777] placed no restriction on the number of elements
57	  in 'and' and 'or' filter sets, the LDAPv2 string representation
58	  [RFC1960] could not represent empty 'and' and 'or' filter sets.  Due
59	  to this, absolute True or False filters were (unfortunately)
60	  eliminated from LDAPv3 [RFC3377].

62	  This documents extends LDAPv3 to support absolute True and False
63	  matches by allowing empty 'and' and 'or' in Search filters [RFC2251]
64	  and extends the filter string representation [RFC2254] to allow empty
65	  filter lists.

67	  The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
68	  "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
69	  document are to be interpreted as described in BCP 14 [RFC2119].

71	2.  Absolute True and False Filters

73	  Implementations of this extension SHALL allow 'and' and 'or' choices
74	  with zero filter elements.

76	  An 'and' filter consisting of an empty set of filters SHALL evaluate
77	  to True.  This filter is represented by the string "(&)".

79	  An 'or' filter consisting of an empty set of filters SHALL evaluate to
80	  False.  This filter is represented by the string "(|)".

82	  Servers supporting this feature SHOULD publish the Object Identifier
83	  1.3.6.1.4.1.4203.1.5.3 as a value of the supportedFeatures [FEATURES]
84	  attribute in the root DSE.

86	  Clients supporting this feature SHOULD NOT use the feature unless they
87	  have knowledge the server supports it.

89	3.  Security Considerations

91	  The (re)introduction of absolute True and False filters is not
92	  believed to raise any new security considerations.

94	  Implementors of this (or any) LDAPv3 extension should be familiar with
95	  general LDAPv3 security considerations [RFC3377].

97	4.  IANA Considerations

99	  The OID 1.3.6.1.4.1.4203.1.5.3 identifies the feature described above.
100	  This OID was assigned [ASSIGN] by OpenLDAP Foundation, under its
101	  IANA-assigned private enterprise allocation [PRIVATE], for use in this
102	  specification.

104	  Registration of this feature is requested [FEATURES][RFC3383].

106	  Subject: Request for LDAP Protocol Mechanism Registration

108	  Object Identifier: 1.3.6.1.4.1.4203.1.5.3

110	  Description: T/F Filters

112	  Person & email address to contact for further information:
113	       Kurt Zeilenga <kurt@openldap.org>

115	  Usage: Feature

117	  Specification: RFCxxxx

119	  Author/Change Controller: IESG

121	  Comments: none

123	5.  Author's Address

125	  Kurt D. Zeilenga
126	  OpenLDAP Foundation
127	  <Kurt@OpenLDAP.org>

129	6. Normative References

131	  [RFC2119]  S. Bradner, "Key words for use in RFCs to Indicate
132	             Requirement Levels", BCP 14 (also RFC 2119), March 1997.

134	  [RFC2251]  M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access
135	             Protocol (v3)", RFC 2251, December 1997.

137	  [RFC2254]  T. Howes, "A String Representation of LDAP Search Filters",
138	             RFC 2254, December 1997.

140	  [RFC3377]  J. Hodges, R. Morgan, "Lightweight Directory Access
141	             Protocol (v3): Technical Specification", RFC 3377,
142	             September 2002.

144	  [FEATURES] K. Zeilenga, "Feature Discovery in LDAP",
145	             draft-zeilenga-ldap-features-xx.txt (a work in progress).

147	7. Informative References

149	  [RFC1777]  Yeong, W., Howes, T., and S. Kille, "Lightweight Directory
150	             Access Protocol", RFC 1777, March 1995.

152	  [RFC1960]  T. Howes, "A String Representation of LDAP Search Filters",
153	             RFC 1960, June 1996.

155	  [RFC3383]  K. Zeilenga, "IANA Considerations for LDAP", BCP 64 (also
156	             RFC 3383), September 2002.

158	  [X.500]    ITU-T Rec. X.500, "The Directory: Overview of Concepts,
159	             Models and Service", 1993.

161	  [X.511]    ITU-T Rec. X.511, "The Directory: Abstract Service
162	             Definition", 1993.

164	  [ASSIGN]   OpenLDAP Foundation, "OpenLDAP OID Delegations",
165	             http://www.openldap.org/foundation/oid-delegate.txt.

167	  [PRIVATE]  IANA, "Private Enterprise Numbers",
168	             http://www.iana.org/assignments/enterprise-numbers.

170	Copyright 2002, The Internet Society.  All Rights Reserved.

172	  This document and translations of it may be copied and furnished to
173	  others, and derivative works that comment on or otherwise explain it
174	  or assist in its implementation may be prepared, copied, published and
175	  distributed, in whole or in part, without restriction of any kind,
176	  provided that the above copyright notice and this paragraph are
177	  included on all such copies and derivative works.  However, this
178	  document itself may not be modified in any way, such as by removing
179	  the copyright notice or references to the Internet Society or other
180	  Internet organizations, except as needed for the  purpose of
181	  developing Internet standards in which case the procedures for
182	  copyrights defined in the Internet Standards process must be followed,
183	  or as required to translate it into languages other than English.

185	  The limited permissions granted above are perpetual and will not be
186	  revoked by the Internet Society or its successors or assigns.

188	  This document and the information contained herein is provided on an
189	  "AS IS" basis and THE AUTHORS, THE INTERNET SOCIETY, AND THE INTERNET
190	  ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED,
191	  INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
192	  INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
193	  WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.