Supported Standards

X.500 Directory Schema, or Naming Architecture, for use in the COSINE and Internet X.500 pilots.

MD5 message-digest algorithm that takes as input a message of arbitrary length, and produces a 128-bit "fingerprint" or "message digest" of the input.

Provide access to the X.500 Directory while not incurring the resource requirements of the Directory Access Protocol.

Defines the requirements that must be satisfied by encoding rules, used to render X.500 Directory attribute syntaxes into a form suitable for use in LDAP. Defines the encoding rules for the standard set of attribute syntaxes.

Defines a string format for representing names, which is designed to give a clean representation of commonly used names, while being able to represent any distinguished name.

Defines a new attribute type and an auxiliary object class to store URIs, including URLs, in directory entries.

Describes a method for adding authentication support to connection-based protocols.

Specifies Version 1.0 of the Transport Layer Security protocol.

Defines an algorithm by which a name registered with the Internet Domain Name Service can be represented as an LDAP distinguished name.

Describes a directory access protocol designed to provide access to directories supporting the X.500 models, while not incurring the resource requirements of the X.500 Directory Access Protocol.

Defines a set of syntaxes for LDAPv3, and the rules by which attribute values of these syntaxes are represented as octet strings for transmission in the LDAP protocol.

Defines a common UTF-8 format to represent distinguished names unambiguously.

Defines the string format for representing names, which is designed to give a clean representation of commonly used distinguished names, while being able to represent any distinguished name.

Describes a format for an LDAP URL.

Provides an overview of the attribute types and object classes defined by the ISO and ITU-T committees in the X.500 documents, in particular those intended for use by directory clients.

Describes an experimental mechanism for mapping entities related to TCP/IP and the UNIX system into X.500 entries so that they may be resolved with LDAP.

Proposes a new directory naming plan that leverages the strengths of the most popular and successful Internet naming schemes for naming objects in a hierarchical directory.

Lets a client control the rate at which an LDAP server returns the results of an LDAP search operation.

Defines a common way for applications to store and retrieve Java objects from the directory.

Define a common way for applications to store and retrieve CORBA object references from the directory.

Defines a mechanism to locate a user calendar and free/busy time using the LDAP protocol.

Defines an object class called inetOrgPerson for use in LDAP and X.500 directory services that extends the X.521 standard organizationalPerson class.

Specifies particular combinations of security mechanisms which are required and recommended in LDAP implementations.

Defines the Start Transport Layer Security (TLS) operation for LDAP.

Describes a file format suitable for describing directory information or modifications made to directory information.

Describes two LDAPv3 control extensions for server-side sorting of search results.

Describes a procedure for mapping between Service Location Protocol service advertisements and LDAP descriptions of services.

Specifies two LDAP attributes, vendorName and vendorVersion that may be included in the root DSA-specific Entry (DSE) to advertise vendor-specific information.

Describes an LDAP extended operation to allow modification of user passwords, which does not depend on the authentication identity or the password storage mechanism.

Describes LDAP schema for user/password authentication including the authPassword attribute type. This attribute type holds values derived from the user’s password(s) (commonly using cryptographic strength one-way hash).

Details schema and protocol elements for representing and managing named subordinate references in LDAP directories.

Specifies the set of RFCs comprising LDAPv3, and addresses the "IESG Note" attached to RFCs 2251 through 2256.

Provides procedures for registering extensible elements of LDAP.

Describes extensions that may be used to add functionality to Transport Layer Security.

Summarizes the X.500 information model for collective attributes and describes use of collective attributes in LDAP.

Adapts the X.500 subentry mechanisms for use with LDAP.

Describes an LDAP extension which clients may use to request the return of all operational attributes.

Introduces a general mechanism for discovery of elective features and extensions, which cannot be discovered using existing mechanisms.

Defines a schema, object classes and attributes, for printers and printer services, for use with LDAP directories.

Defines and describes the IntermediateResponse message, a general mechanism for defining single-request/multiple-response operations in LDAP.

Extends the LDAP bind operation with a mechanism for requesting and returning the authorization identity it establishes.

Describes a control for LDAPv3 that is used to return a subset of attribute values from an entry.

Describes an LDAP extended operation to cancel (or abandon) an outstanding operation, with a response to indicate the outcome of the operation.

Specifies Version 1.1 of the Transport Layer Security protocol.

Defines the Proxy Authorization Control, which lets a client request that an operation be processed under a provided authorization identity instead of under the current authorization identity associated with the connection.

Defines the LDAP schema for representing UDDIv3 data types in an LDAP directory.

Describes a framework for providing authentication and data security services in connection-oriented protocols via replaceable mechanisms.

Describes a new way to provide anonymous login needed within the context of the SASL framework.

Provides a road map of the LDAP Technical Specification.

Describes LDAP protocol elements, and their semantics and encodings.

Describes the X.500 Directory Information Models as used in LDAP.

Describes LDAP authentication methods and security mechanisms.

Defines the string representation used in LDAP to transfer distinguished names.

Defines a human-readable string representation of LDAP search filters that is appropriate for use in LDAP URLs and in other applications.

Describes a format for an LDAP URL.

Defines a base set of syntaxes and matching rules for use in defining attributes for LDAP directories.

Defines string preparation algorithms for character-based matching rules defined for use in LDAP.

Provides a technical specification of attribute types and object classes intended for use by LDAP directory clients for many directory services, such as white pages.

Describes schema for representing X.509 certificates, X.521 security information, and related elements in LDAP directories.

Provides a collection of LDAP schema elements from the COSINE and Internet X.500 pilot projects.

Describes an LDAP extension to the LDAP modify operation that supports an increment capability.

Extends LDAP to support absolute True and False filters based upon similar capabilities found in X.500 directory systems.

Specifies an LDAP extension to let the client read the target entry of an update operation.

Defines the LDAP Assertion Control, which lets a client specify that a directory operation should only be processed if an assertion applied to the target entry of the operation is true.

Extends LDAP to support a mechanism that lets LDAP clients request the return of all attributes of an object class.

Describes the LDAP/X.500 entryUUID operational attribute and associated matching rules and syntax.

Provides an LDAP mechanism for clients to obtain the authorization identity that the server has associated with the user or application entity.

Defines a simple plaintext user/password SASL mechanism called the PLAIN mechanism.

Specifies Secure Hash Algorithms, SHA-256, SHA-384, and SHA-512, for computing a condensed representation of a message or a data file.

Describes the method for using the GSS-API Kerberos V5 in SASL, called the GSSAPI mechanism.

Defines a schema for storing a profile for agents that use LDAP.

Describes the LDAP/X.500 entryDN operational attribute, which provides a copy of the entry’s DN for use in attribute value assertions.

Describes SASL SCRAM.

Describes how an LDAP directory server stores passwords for use in SCRAM SASL binds.

Registers mechanisms for SASL SCRAM, updating RFC 5802.

Specifies a Secure Hash Algorithm, SHA-1, for computing a condensed representation of a message or a data file.

Specifies four Secure Hash Algorithms for computing a condensed representation of electronic data.

Provides a method for expressing directory queries and updates as XML documents.

A data-interchange format that aims to be both "easy for humans to read and write," and "easy for machines to parse and generate."

Platform neutral schema and extension model for representing users and groups in JSON and XML formats. DS supports the JSON format.

Experimental LDAP control allowing a directory client application to request temporary relaxation of data and service model rules.