idnits 2.17.1 draft-zeilenga-ldapbis-reorg-00.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) Miscellaneous warnings: ---------------------------------------------------------------------------- == Line 261 has weird spacing: '...for the purpo...' -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (17 November 2000) is 8561 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- -- Missing reference section? 'LDAPTS' on line 207 looks like a reference -- Missing reference section? 'RFC2251' on line 211 looks like a reference -- Missing reference section? 'RFC 2252' on line 49 looks like a reference -- Missing reference section? 'RFC2253' on line 218 looks like a reference -- Missing reference section? 'RFC2254' on line 222 looks like a reference -- Missing reference section? 'RFC2255' on line 225 looks like a reference -- Missing reference section? 'RFC2256' on line 228 looks like a reference -- Missing reference section? 'RFC2829' on line 231 looks like a reference -- Missing reference section? 'RFC2830' on line 234 looks like a reference -- Missing reference section? 'RFC2831' on line 238 looks like a reference -- Missing reference section? 'RFC2252' on line 214 looks like a reference -- Missing reference section? 'RFC2247' on line 241 looks like a reference Summary: 5 errors (**), 0 flaws (~~), 1 warning (==), 14 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 INTERNET-DRAFT Kurt D. Zeilenga 3 Intended Category: Informational OpenLDAP Foundation 4 Expires: 17 May 2001 17 November 2000 6 Reorganization of the LDAP Technical Specification 7 draft-zeilenga-ldapbis-reorg-00 9 This document is an Internet-Draft and is in full conformance with all 10 provisions of Section 10 of RFC2026. 12 This document is intended to be, after appropriate review and 13 revision, submitted to the RFC Editor as a Informational document. 14 Distribution of this memo is unlimited. Technical discussion of this 15 document will take place on the IETF LDAP Revision (Proposed) Working 16 Group (LDAPbis) mailing list . Please send 17 editorial comments directly to the author . 19 Internet-Drafts are working documents of the Internet Engineering Task 20 Force (IETF), its areas, and its working groups. Note that other 21 groups may also distribute working documents as Internet-Drafts. 22 Internet-Drafts are draft documents valid for a maximum of six months 23 and may be updated, replaced, or obsoleted by other documents at any 24 time. It is inappropriate to use Internet-Drafts as reference 25 material or to cite them other than as ``work in progress.'' 27 The list of current Internet-Drafts can be accessed at 28 http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft 29 Shadow Directories can be accessed at http://www.ietf.org/shadow.html. 31 Copyright 2000, The Internet Society. All Rights Reserved. 33 Please see the Copyright section near the end of this document for 34 more information. 36 1. Abstract 38 This document suggests one approach for reorganization of the LDAP 39 Technical Specification. 41 2. Current Organization 43 The LDAP "core" technical specification is currently described in the 44 following documents: 46 - Lightweight Directory Access Protocol (v3): Technical 47 Specification [LDAPTS], 48 - Lightweight Directory Access Protocol (v3) [RFC2251], 49 - LDAPv3: Attribute Syntax Definitions [RFC 2252], 50 - LDAPv3: UTF-8 String Representation of Distinguished Names 51 [RFC2253], 52 - The String Representation of LDAP Search Filters [RFC2254], 53 - The LDAP URL Format [RFC2255], 54 - A Summary of the X.500(96) User Schema for use with LDAPv3 55 [RFC2256], 56 - Authentication Methods for LDAP [RFC2829], 57 - LDAPv3: Extension for Transport Layer Security [RFC2830], and 58 - Using Digest Authentication as a SASL Mechanism [RFC2831]. 60 This section brief details which portions of the technical 61 specification each document contains. 63 2.1. Lightweight Directory Access Protocol (v3): Technical Specification 65 The primary purpose of this document is to detail which technical 66 specifications (which are detailed in other documents) define LDAP. 68 2.2. Lightweight Directory Access Protocol (v3) 70 The primary purpose of this document is to define the on-the-wire 71 protocol. The document also describes the LDAP protocol and data 72 models and the relationship to X.500. 74 2.3. LDAPv3: Attribute Syntax Definitions 76 The primary purpose of this document is to define attribute syntaxes 77 and matching rules used in LDAP. This document also details a number 78 of operational attribute. 80 2.4. LDAPv3: UTF-8 String Representation of Distinguished Names 82 The purpose of this document is to define the string representation of 83 Distinguished Names as used in LDAPv3. 85 2.5. String Representation of LDAP Search Filters 87 The purpose of this document is to define the string representation of 88 search filters. 90 2.6. The LDAP URL Format 92 The purpose of this document is to define the LDAP Uniform Resource 93 Locator scheme. 95 2.7. A Summary of the X.500(96) User Schema for use with LDAPv3 97 The primary purpose of this document is to define user schema, 98 including object classes and user attributes. 100 2.8. Authentication Methods for LDAP 102 The primary purpose of this document is to detail authentication 103 methods for LDAP including specification of the mandatory-to-implement 104 strong authentication method. 106 2.9. LDAPv3: Extension for Transport Layer Security 108 The primary purpose of this document is to detail the Start TLS 109 extended operation. 111 2.10. Using Digest Authentication as a SASL Mechanism 113 The primary purpose of this document is to detail the DIGEST-MD5 SASL 114 mechanism. Though this mechanism is not specific to LDAP, it is 115 currently viewed as part of the LDAP "core" specification. 117 2.11. Normative References 119 Like many technical specifications, LDAP relies heavily on technical 120 specifications defined in other documents. As some of these documents 121 are not likely to be progressed independently to Draft Standard or are 122 documents in which the LDAP TS shall obsolete, some reorganization of 123 materials contained in these documents may be necessary. This 124 document does not (yet) discuss the particulars of reorganization due 125 to these normative references. 127 3. A Proposed Organization 129 This section proposed that LDAP technical specification be reorganized 130 as follows: 132 3.1 LDAP Overview / Data Model 134 This document would provide an overview of LDAP, detail the LDAP Data 135 Model, the relationship to X.500, as well as define which other 136 technical specifications comprise LDAP. This document would be based 137 upon the [LDAPTS] and select sections (e.g. 3.2-3.4) of [RFC2251] 139 3.2 LDAP Protocol Specification 141 This document would detail the LDAP protocol. This document would be 142 based upon [RFC2251] and select sections of [RFC2829]. 144 3.3 LDAP SASL Profile 146 This document would detail the LDAP SASL profile. This document would 147 be based [RFC2829] and select sections of [RFC2251]. 149 3.4 LDAP Extension for TLS 151 This document would detail Start TLS extended operation. This 152 document would be based upon [RFC2830]. 154 3.5 LDAP Syntaxes and Matching Rules 156 This document would detail LDAP syntaxes and matching rules. This 157 document would be based upon [RFC2252]. 159 3.6 LDAP System Schema 161 This document would detail system schema including specification of 162 operational attributes and select user attributes (e.g. objectclass). 163 This document would be based upon select sections of [RFC2252] and 164 [RFC2256]. 166 3.7 LDAP User Schema 167 This document would detail user schema. This document would be based 168 upon [RFC2256]. 170 3.8 LDAP Distinguished DN 172 This document would detail the DN string representation. This 173 document would be based upon [RFC2253]. 175 3.9 LDAP Search Filter 177 This document would detail the search filter string representation. 178 This document would be based upon [RFC2254]. 180 3.10 LDAP URL 182 This document would detail the LDAP Uniform Resource Locator scheme. 183 This document would be based upon [RFC2255]. 185 3.11. Using Digest Authentication as a SASL Mechanism 187 This document would detail the DIGEST-MD5 SASL mechanism. This 188 document would be based upon [RFC2831]. 190 4. Security Considerations 192 This document proposes a reorganization which is intended to improve 193 the readibility of the specification including security consideration 194 detailed within these specifications. It is hoped that this 195 reorganization will improve the readability of these security 196 considerations. 198 5. Acknowledgements 200 This document is a based the input of members of the IETF LDAP 201 Revision (proposed) and LDAP Extensions working groups. The 202 contributions of individuals in these groups is gratefully 203 acknowledged. 205 6. Bibliography 207 [LDAPTS] J. Hodges, R. Morgan, "Lightweight Directory Access Protocol 208 (v3): Technical Specification", a work in progress, October 209 2000. 211 [RFC2251] M. Wahl, T. Howes, S. Kille, "Lightweight Directory Access 212 Protocol (v3)", RFC 2251, December 1997. 214 [RFC2252] M. Wahl, A. Coulbeck, T. Howes, S. Kille, "Lightweight 215 Directory Access Protocol (v3): Attribute Syntax 216 Definitions", RFC 2252, December 1997. 218 [RFC2253] S. Kille, M. Wahl, T. Howes, "Lightweight Directory Access 219 Protocol (v3): UTF-8 String Representation of Distinguished 220 Names", RFC 2253, December 1997. 222 [RFC2254] T. Howes, "A String Representation of LDAP Search Filters", 223 RFC 2254, December 1997. 225 [RFC2255] T. Howes, M. Smith, "The LDAP URL Format", RFC 2255, 226 December 1997. 228 [RFC2256] M. Wahl, "A Summary of the X.500(96) User Schema for use 229 with LDAPv3", RFC 2256, December 1997. 231 [RFC2829] M. Wahl, H. Alvestrand, J. Hodges, RL "Bob" Morgan, 232 "Authentication Methods for LDAP", RFC 2829, June 2000. 234 [RFC2830] J. Hodges, R. Morgan, M. Wahl, "Lightweight Directory Access 235 Protocol (v3): Extension for Transport Layer Security", RFC 236 2830, May 2000. 238 [RFC2831] P. Leach, C. Newman, "Using Digest Authentication as a SASL 239 Mechanism", RFC 2831, June 2000. 241 [RFC2247] S. Kille, M. Wahl, A. Grimstad, R. Huber, S. Sataluri, 242 "Using Domains in LDAP/X.500 Distinguished Names", RFC 2247, 243 January 1998. 245 7. Authors' Addresses 247 Kurt Zeilenga 248 OpenLDAP Foundation 249 251 Copyright 2000, The Internet Society. All Rights Reserved. 253 This document and translations of it may be copied and furnished to 254 others, and derivative works that comment on or otherwise explain it 255 or assist in its implementation may be prepared, copied, published and 256 distributed, in whole or in part, without restriction of any kind, 257 provided that the above copyright notice and this paragraph are 258 included on all such copies and derivative works. However, this 259 document itself may not be modified in any way, such as by removing 260 the copyright notice or references to the Internet Society or other 261 Internet organizations, except as needed for the purpose of 262 developing Internet standards in which case the procedures for 263 copyrights defined in the Internet Standards process must be followed, 264 or as required to translate it into languages other than English. 266 The limited permissions granted above are perpetual and will not be 267 revoked by the Internet Society or its successors or assigns. 269 This document and the information contained herein is provided on an 270 "AS IS" basis and THE AUTHORS, THE INTERNET SOCIETY, AND THE INTERNET 271 ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, 272 INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE 273 INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 274 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.