fixeria
/
pycrate
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
pycrate/pycrate_asn1dir/ITUT_X520_2016-10/SelectedAttributeTypes.asn

2066 lines
83 KiB
Groff
Raw Blame History

SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1) selectedAttributeTypes(5) 8}
DEFINITIONS ::=
BEGIN
-- EXPORTS All
-- The types and values defined in this module are exported for use in the other ASN.1
-- modules contained within the Directory Specifications, and for the use of other
-- applications which will use them to access Directory services. Other applications
-- may use them for their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Directory service.
IMPORTS
-- from Rec. ITU-T X.501 | ISO/IEC 9594-2
authenticationFramework, certificateExtensions,
directoryAbstractService, id-at, id-avc, id, id-asx, id-cat, id-coat, id-lmr, id-lsx,
id-mr, id-not, id-pr, informationFramework, pkiPmiExternalDataTypes,
schemaAdministration, serviceAdministration, passwordPolicy
FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) usefulDefinitions(0) 8}
Attribute{}, ATTRIBUTE, AttributeType, AttributeValueAssertion, CONTEXT,
ContextAssertion, DistinguishedName, distinguishedNameMatch,
MAPPING-BASED-MATCHING{}, MATCHING-RULE, OBJECT-CLASS,
objectIdentifierMatch, SubtreeSpecification, SupportedAttributes, SYNTAX-NAME
FROM InformationFramework informationFramework
AttributeCombination, ContextCombination, MRMapping
FROM ServiceAdministration serviceAdministration
AttributeTypeDescription, DITContentRuleDescription, DITStructureRuleDescription,
MatchingRuleDescription, MatchingRuleUseDescription, NameFormDescription,
ObjectClassDescription
FROM SchemaAdministration schemaAdministration
-- from Rec. ITU-T X.509 | ISO/IEC 9594-8
AlgorithmIdentifier{}, Certificate, CertificateList, CertificatePair,
SupportedAlgorithm, SupportedAlgorithms
FROM AuthenticationFramework authenticationFramework
G3FacsimileNonBasicParameters
FROM PkiPmiExternalDataTypes pkiPmiExternalDataTypes
-- from Rec. ITU-T X.511 | ISO/IEC 9594-3
FilterItem, HierarchySelections, SearchControlOptions, ServiceControlOptions
FROM DirectoryAbstractService directoryAbstractService
PwdAlphabet, PwdVocabulary, UserPwd
FROM PasswordPolicy passwordPolicy ;
--/*from IETF RFC 3727
-- The following import is provided for information only (see clause 7.2.16), it is not
-- referenced by any ASN.1 construct within these Directory Specifications. Note that
-- the ASN.1 module in RFC 3727 imports from the InformationFramework module of edition
-- 4 of Rec. ITU-T X.501 | ISO/IEC 9594-2. A specification importing from both these
-- Directory Specifications and from RFC 3727 should take corrective actions, e.g.,
-- by making a copy of the ASN.1 module of RFC 3727 and then update the IMPORT statement.
-- allComponentsMatch, componentFilterMatch, directoryComponentsMatch, presentMatch, rdnMatch
-- FROM ComponentMatching {iso(1) 2 36 79672281 xed(3) module (0) component-matching(4)} */
-- Directory string type
UnboundedDirectoryString ::= CHOICE {
teletexString TeletexString(SIZE (1..MAX)),
printableString PrintableString(SIZE (1..MAX)),
bmpString BMPString(SIZE (1..MAX)),
universalString UniversalString(SIZE (1..MAX)),
uTF8String UTF8String(SIZE (1..MAX)) }
DirectoryString{INTEGER:maxSize} ::= CHOICE {
teletexString TeletexString(SIZE (1..maxSize,...)),
printableString PrintableString(SIZE (1..maxSize,...)),
bmpString BMPString(SIZE (1..maxSize,...)),
universalString UniversalString(SIZE (1..maxSize,...)),
uTF8String UTF8String(SIZE (1..maxSize,...)) }
-- Attribute types
knowledgeInformation ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
OBSOLETE TRUE
ID id-at-knowledgeInformation }
name ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"name"}
ID id-at-name }
commonName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"cn", "commonName"}
ID id-at-commonName }
surname ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"sn"}
ID id-at-surname }
givenName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"givenName"}
ID id-at-givenName }
initials ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"initials"}
ID id-at-initials }
generationQualifier ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"generationQualifier"}
ID id-at-generationQualifier }
uniqueIdentifier ATTRIBUTE ::= {
WITH SYNTAX UniqueIdentifier
EQUALITY MATCHING RULE bitStringMatch
LDAP-SYNTAX bitString.&id
LDAP-NAME {"x500UniqueIdentifier"}
ID id-at-uniqueIdentifier }
UniqueIdentifier ::= BIT STRING
dnQualifier ATTRIBUTE ::= {
WITH SYNTAX PrintableString
EQUALITY MATCHING RULE caseIgnoreMatch
ORDERING MATCHING RULE caseIgnoreOrderingMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX printableString.&id
LDAP-NAME {"dnQualifier"}
ID id-at-dnQualifier }
serialNumber ATTRIBUTE ::= {
WITH SYNTAX PrintableString(SIZE (1..MAX))
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX printableString.&id
LDAP-NAME {"serialNumber"}
ID id-at-serialNumber }
pseudonym ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
ID id-at-pseudonym }
uUIDPair ATTRIBUTE ::= {
WITH SYNTAX UUIDPair
EQUALITY MATCHING RULE uUIDPairMatch
ID id-at-uuidpair }
UUIDPair ::= SEQUENCE {
issuerUUID UUID,
subjectUUID UUID,
... }
UUID ::= OCTET STRING(SIZE (16)) -- UUID format only
uri ATTRIBUTE ::= {
WITH SYNTAX URI
EQUALITY MATCHING RULE uriMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"uri"}
ID id-at-uri }
URI ::= UTF8String
urn ATTRIBUTE ::= {
SUBTYPE OF uri
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"urn"}
ID id-at-urn }
url ATTRIBUTE ::= {
SUBTYPE OF uri
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"url"}
ID id-at-url }
dnsName ATTRIBUTE ::= {
WITH SYNTAX DomainName
EQUALITY MATCHING RULE dnsNameMatch
LDAP-SYNTAX dnsString.&id
LDAP-NAME {"DNS name"}
ID id-at-dnsName }
DomainName ::= UTF8String (CONSTRAINED BY { -- Conforms to the format of a domain name. -- })
countryName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX CountryName
SINGLE VALUE TRUE
LDAP-SYNTAX countryString.&id
LDAP-NAME {"c"}
ID id-at-countryName }
CountryName ::= PrintableString(SIZE (2)) (CONSTRAINED BY { -- ISO 3166 alpha-2 codes only -- })
countryCode3c ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX CountryCode3c
SINGLE VALUE TRUE
LDAP-SYNTAX countryString3c.&id
LDAP-NAME {"c3"}
ID id-at-countryCode3c }
CountryCode3c ::= PrintableString(SIZE (3)) (CONSTRAINED BY { -- ISO 3166 alpha-3 codes only -- })
countryCode3n ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX CountryCode3n
SINGLE VALUE TRUE
LDAP-SYNTAX countryString3n.&id
LDAP-NAME {"n3"}
ID id-at-countryCode3n }
CountryCode3n ::= NumericString(SIZE (3)) (CONSTRAINED BY { -- ISO 3166 numeric-3 codes only -- })
localityName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"l"}
ID id-at-localityName }
collectiveLocalityName ATTRIBUTE ::= {
SUBTYPE OF localityName
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-l"}
ID id-at-collectiveLocalityName }
stateOrProvinceName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"st"}
ID id-at-stateOrProvinceName }
collectiveStateOrProvinceName ATTRIBUTE ::= {
SUBTYPE OF stateOrProvinceName
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-st"}
ID id-at-collectiveStateOrProvinceName }
streetAddress ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"street"}
ID id-at-streetAddress }
collectiveStreetAddress ATTRIBUTE ::= {
SUBTYPE OF streetAddress
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-street"}
ID id-at-collectiveStreetAddress }
houseIdentifier ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"houseIdentifier"}
ID id-at-houseIdentifier }
utmCoordinates ATTRIBUTE ::= {
WITH SYNTAX UtmCoordinates
SINGLE VALUE TRUE
LDAP-SYNTAX utmCoords.&id
LDAP-NAME {"utmCoordinates"}
ID id-at-utmCoordinates }
UtmCoordinates ::= SEQUENCE {
zone PrintableString,
easting NumericString,
northing NumericString }
organizationName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"o"}
ID id-at-organizationName }
collectiveOrganizationName ATTRIBUTE ::= {
SUBTYPE OF organizationName
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-o"}
ID id-at-collectiveOrganizationName }
organizationalUnitName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"ou"}
ID id-at-organizationalUnitName }
collectiveOrganizationalUnitName ATTRIBUTE ::= {
SUBTYPE OF organizationalUnitName
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-ou"}
ID id-at-collectiveOrganizationalUnitName }
title ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"title"}
ID id-at-title }
organizationIdentifier ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
SINGLE VALUE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"organizationIdentifier"}
ID id-at-organizationIdentifier }
description ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"description"}
ID id-at-description }
searchGuide ATTRIBUTE ::= {
WITH SYNTAX Guide
LDAP-SYNTAX guide.&id
LDAP-NAME {"searchGuide"}
ID id-at-searchGuide }
Guide ::= SET {
objectClass [0] OBJECT-CLASS.&id OPTIONAL,
criteria [1] Criteria,
... }
Criteria ::= CHOICE {
type [0] CriteriaItem,
and [1] SET OF Criteria,
or [2] SET OF Criteria,
not [3] Criteria,
... }
CriteriaItem ::= CHOICE {
equality [0] AttributeType,
substrings [1] AttributeType,
greaterOrEqual [2] AttributeType,
lessOrEqual [3] AttributeType,
approximateMatch [4] AttributeType,
... }
enhancedSearchGuide ATTRIBUTE ::= {
WITH SYNTAX EnhancedGuide
LDAP-SYNTAX enhancedGuide.&id
LDAP-NAME {"enhancedSearchGuide"}
ID id-at-enhancedSearchGuide }
EnhancedGuide ::= SEQUENCE {
objectClass [0] OBJECT-CLASS.&id,
criteria [1] Criteria,
subset [2] INTEGER {
baseObject (0),
oneLevel (1),
wholeSubtree (2)} DEFAULT oneLevel,
... }
businessCategory ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"businessCategory"}
ID id-at-businessCategory }
postalAddress ATTRIBUTE ::= {
WITH SYNTAX PostalAddress
EQUALITY MATCHING RULE caseIgnoreListMatch
SUBSTRINGS MATCHING RULE caseIgnoreListSubstringsMatch
LDAP-SYNTAX postalAddr.&id
LDAP-NAME {"postalAddress"}
ID id-at-postalAddress }
PostalAddress ::= SEQUENCE SIZE (1..MAX) OF UnboundedDirectoryString
collectivePostalAddress ATTRIBUTE ::= {
SUBTYPE OF postalAddress
COLLECTIVE TRUE
LDAP-SYNTAX postalAddr.&id
LDAP-NAME {"c-PostalAddress"}
ID id-at-collectivePostalAddress }
postalCode ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"postalCode"}
ID id-at-postalCode }
collectivePostalCode ATTRIBUTE ::= {
SUBTYPE OF postalCode
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-PostalCode"}
ID id-at-collectivePostalCode }
postOfficeBox ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"postOfficeBox"}
ID id-at-postOfficeBox }
collectivePostOfficeBox ATTRIBUTE ::= {
SUBTYPE OF postOfficeBox
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-PostOfficeBox"}
ID id-at-collectivePostOfficeBox }
physicalDeliveryOfficeName ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"physicalDeliveryOfficeName"}
ID id-at-physicalDeliveryOfficeName }
collectivePhysicalDeliveryOfficeName ATTRIBUTE ::= {
SUBTYPE OF physicalDeliveryOfficeName
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-PhysicalDeliveryOfficeName"}
ID id-at-collectivePhysicalDeliveryOfficeName }
telephoneNumber ATTRIBUTE ::= {
WITH SYNTAX TelephoneNumber
EQUALITY MATCHING RULE telephoneNumberMatch
SUBSTRINGS MATCHING RULE telephoneNumberSubstringsMatch
LDAP-SYNTAX printableString.&id
LDAP-NAME {"telephoneNumber"}
ID id-at-telephoneNumber }
TelephoneNumber ::= PrintableString(SIZE (1..ub-telephone-number))
-- String complying with Rec. ITU-T E.123 only
ub-telephone-number INTEGER ::= 32
collectiveTelephoneNumber ATTRIBUTE ::= {
SUBTYPE OF telephoneNumber
COLLECTIVE TRUE
LDAP-SYNTAX printableString.&id
LDAP-NAME {"c-TelephoneNumber"}
ID id-at-collectiveTelephoneNumber }
telexNumber ATTRIBUTE ::= {
WITH SYNTAX TelexNumber
LDAP-SYNTAX telexNr.&id
LDAP-NAME {"telexNumber"}
ID id-at-telexNumber }
TelexNumber ::= SEQUENCE {
telexNumber PrintableString(SIZE (1..ub-telex-number)),
countryCode PrintableString(SIZE (1..ub-country-code)),
answerback PrintableString(SIZE (1..ub-answerback)),
... }
ub-telex-number INTEGER ::= 14
ub-country-code INTEGER ::= 4
ub-answerback INTEGER ::= 8
collectiveTelexNumber ATTRIBUTE ::= {
SUBTYPE OF telexNumber
COLLECTIVE TRUE
LDAP-SYNTAX telexNr.&id
LDAP-NAME {"c-TelexNumber"}
ID id-at-collectiveTelexNumber }
facsimileTelephoneNumber ATTRIBUTE ::= {
WITH SYNTAX FacsimileTelephoneNumber
EQUALITY MATCHING RULE facsimileNumberMatch
SUBSTRINGS MATCHING RULE facsimileNumberSubstringsMatch
LDAP-SYNTAX facsimileTelephoneNr.&id
LDAP-NAME {"facsimileTelephoneNumber"}
ID id-at-facsimileTelephoneNumber }
FacsimileTelephoneNumber ::= SEQUENCE {
telephoneNumber TelephoneNumber,
parameters G3FacsimileNonBasicParameters OPTIONAL,
... }
collectiveFacsimileTelephoneNumber ATTRIBUTE ::= {
SUBTYPE OF facsimileTelephoneNumber
COLLECTIVE TRUE
LDAP-SYNTAX facsimileTelephoneNr.&id
LDAP-NAME {"c-FacsimileTelephoneNumber"}
ID id-at-collectiveFacsimileTelephoneNumber }
x121Address ATTRIBUTE ::= {
WITH SYNTAX X121Address
EQUALITY MATCHING RULE numericStringMatch
SUBSTRINGS MATCHING RULE numericStringSubstringsMatch
LDAP-SYNTAX numericString.&id
LDAP-NAME {"x121Address"}
ID id-at-x121Address }
X121Address ::= NumericString(SIZE (1..ub-x121-address))
-- String as defined by Rec. ITU-T X.121
ub-x121-address INTEGER ::= 15
internationalISDNNumber ATTRIBUTE ::= {
WITH SYNTAX InternationalISDNNumber
EQUALITY MATCHING RULE numericStringMatch
SUBSTRINGS MATCHING RULE numericStringSubstringsMatch
LDAP-SYNTAX numericString.&id
LDAP-NAME {"internationalISDNNumber"}
ID id-at-internationalISDNNumber }
InternationalISDNNumber ::=
NumericString(SIZE (1..ub-international-isdn-number))
-- String complying with Rec. ITU-T E.164 only
ub-international-isdn-number INTEGER ::= 16
collectiveInternationalISDNNumber ATTRIBUTE ::= {
SUBTYPE OF internationalISDNNumber
COLLECTIVE TRUE
LDAP-SYNTAX numericString.&id
LDAP-NAME {"c-InternationalISDNNumber"}
ID id-at-collectiveInternationalISDNNumber }
registeredAddress ATTRIBUTE ::= {
SUBTYPE OF postalAddress
WITH SYNTAX PostalAddress
LDAP-SYNTAX postalAddr.&id
LDAP-NAME {"registeredAddress"}
ID id-at-registeredAddress }
destinationIndicator ATTRIBUTE ::= {
WITH SYNTAX DestinationIndicator
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX printableString.&id
LDAP-NAME {"destinationIndicator"}
ID id-at-destinationIndicator }
DestinationIndicator ::= PrintableString(SIZE (1..MAX))
-- alphabetical characters only
communicationsService ATTRIBUTE ::= {
WITH SYNTAX CommunicationsService
EQUALITY MATCHING RULE objectIdentifierMatch
LDAP-SYNTAX oid.&id
LDAP-NAME {"communicationsService"}
ID id-at-communicationsService }
CommunicationsService ::= OBJECT IDENTIFIER
communicationsNetwork ATTRIBUTE ::= {
WITH SYNTAX CommunicationsNetwork
EQUALITY MATCHING RULE objectIdentifierMatch
SINGLE VALUE TRUE
LDAP-SYNTAX oid.&id
LDAP-NAME {"communicationsNetwork"}
ID id-at-communicationsNetwork }
CommunicationsNetwork ::= OBJECT IDENTIFIER
preferredDeliveryMethod ATTRIBUTE ::= {
WITH SYNTAX PreferredDeliveryMethod
SINGLE VALUE TRUE
LDAP-SYNTAX deliveryMethod.&id
LDAP-NAME {"preferredDeliveryMethod"}
ID id-at-preferredDeliveryMethod }
PreferredDeliveryMethod ::= SEQUENCE OF INTEGER {
any-delivery-method (0),
mhs-delivery (1),
physical-delivery (2),
telex-delivery (3),
teletex-delivery (4),
g3-facsimile-delivery (5),
g4-facsimile-delivery (6),
ia5-terminal-delivery (7),
videotex-delivery (8),
telephone-delivery (9) }
presentationAddress ATTRIBUTE ::= {
WITH SYNTAX PresentationAddress
EQUALITY MATCHING RULE presentationAddressMatch
SINGLE VALUE TRUE
LDAP-SYNTAX presentationAddr.&id
LDAP-NAME {"presentationAddress"}
ID id-at-presentationAddress }
PresentationAddress ::= SEQUENCE {
pSelector [0] OCTET STRING OPTIONAL,
sSelector [1] OCTET STRING OPTIONAL,
tSelector [2] OCTET STRING OPTIONAL,
nAddresses [3] SET SIZE (1..MAX) OF OCTET STRING,
... }
supportedApplicationContext ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
LDAP-SYNTAX oid.&id
LDAP-NAME {"supportedApplicationContext"}
ID id-at-supportedApplicationContext }
protocolInformation ATTRIBUTE ::= {
WITH SYNTAX ProtocolInformation
EQUALITY MATCHING RULE protocolInformationMatch
ID id-at-protocolInformation }
ProtocolInformation ::= SEQUENCE {
nAddress OCTET STRING,
profiles SET OF OBJECT IDENTIFIER }
distinguishedName ATTRIBUTE ::= {
WITH SYNTAX DistinguishedName
EQUALITY MATCHING RULE distinguishedNameMatch
LDAP-SYNTAX dn.&id
LDAP-NAME {"distinguishedName"}
ID id-at-distinguishedName }
member ATTRIBUTE ::= {
SUBTYPE OF distinguishedName
LDAP-SYNTAX dn.&id
LDAP-NAME {"member"}
ID id-at-member }
uniqueMember ATTRIBUTE ::= {
WITH SYNTAX NameAndOptionalUID
EQUALITY MATCHING RULE uniqueMemberMatch
LDAP-SYNTAX nameAndOptionalUID.&id
LDAP-NAME {"uniqueMember"}
ID id-at-uniqueMember }
NameAndOptionalUID ::= SEQUENCE {
dn DistinguishedName,
uid UniqueIdentifier OPTIONAL,
... }
owner ATTRIBUTE ::= {
SUBTYPE OF distinguishedName
LDAP-SYNTAX dn.&id
LDAP-NAME {"owner"}
ID id-at-owner }
roleOccupant ATTRIBUTE ::= {
SUBTYPE OF distinguishedName
LDAP-SYNTAX dn.&id
LDAP-NAME {"roleOccupant"}
ID id-at-roleOccupant }
seeAlso ATTRIBUTE ::= {
SUBTYPE OF distinguishedName
LDAP-SYNTAX dn.&id
LDAP-NAME {"seeAlso"}
ID id-at-seeAlso }
dmdName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
ID id-at-dmdName }
-- Hierarchical attribute types
oidC1 ATTRIBUTE ::= {
WITH SYNTAX INTEGER
EQUALITY MATCHING RULE integerMatch
SINGLE VALUE TRUE
ID id-oidC1 }
oidC2 ATTRIBUTE ::= {
WITH SYNTAX INTEGER
EQUALITY MATCHING RULE integerMatch
SINGLE VALUE TRUE
ID id-oidC2 }
oidC ATTRIBUTE ::= {
WITH SYNTAX INTEGER
EQUALITY MATCHING RULE integerMatch
SINGLE VALUE TRUE
ID id-oidC }
urnC ATTRIBUTE ::= {
WITH SYNTAX PrintableString
EQUALITY MATCHING RULE caseExactMatch
SINGLE VALUE TRUE
LDAP-SYNTAX printableString.&id
LDAP-NAME {"urnC"}
ID id-at-urnC }
-- Attribute types for tag-based identification
tagOid ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
SINGLE VALUE TRUE
LDAP-SYNTAX oid.&id
LDAP-NAME {"tagOid"}
ID id-at-tagOid }
uiiFormat ATTRIBUTE ::= {
WITH SYNTAX UiiFormat
SINGLE VALUE TRUE
LDAP-SYNTAX uiiForm.&id
LDAP-NAME {"uiiFormat"}
ID id-at-uiiFormat }
UiiFormat ::= SEQUENCE {
baseObject URI OPTIONAL,
subset ENUMERATED {
baseObject (0),
oneLevel (1),
wholeSubtree (2) } DEFAULT baseObject,
next CHOICE {
length INTEGER,
filter UiiFilter } }
UiiFilter ::= CHOICE {
item [0] UiiItem,
and [1] SET OF UiiFilter,
or [2] SET OF UiiFilter,
not [3] UiiFilter }
UiiItem ::= SEQUENCE {
type ATTRIBUTE.&id,
length INTEGER OPTIONAL }
uiiInUrn ATTRIBUTE ::= {
WITH SYNTAX UTF8String
EQUALITY MATCHING RULE caseExactMatch
SINGLE VALUE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"uiiInUrn"}
ID id-at-uiiInUrn }
contentUrl ATTRIBUTE ::= {
SUBTYPE OF url
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"contentUrl"}
ID id-at-contentUrl }
uii ATTRIBUTE ::= {
WITH SYNTAX BIT STRING
EQUALITY MATCHING RULE bitStringMatch
LDAP-SYNTAX bitString.&id
LDAP-NAME {"uii"}
ID id-at-uii }
epc ATTRIBUTE ::= {
WITH SYNTAX BIT STRING
EQUALITY MATCHING RULE bitStringMatch
LDAP-SYNTAX bitString.&id
LDAP-NAME {"epc"}
ID id-at-epc }
tagAfi ATTRIBUTE ::= {
WITH SYNTAX OCTET STRING
EQUALITY MATCHING RULE octetStringMatch
LDAP-SYNTAX octetString.&id
LDAP-NAME {"tagAfi"}
ID id-at-tagAfi }
epcFormat ATTRIBUTE ::= {
WITH SYNTAX EpcFormat
SINGLE VALUE TRUE
LDAP-SYNTAX epcForm.&id
LDAP-NAME {"epcFormat"}
ID id-at-epcFormat }
EpcFormat ::= SEQUENCE {
fields SEQUENCE SIZE (1..MAX) OF SEQUENCE {
bits INTEGER,
charField CHOICE {
characters [0] INTEGER,
maxValue [1] INTEGER },
result ENUMERATED {
numericPad (0),
numeric (1),
alpha7bits (2) } DEFAULT numericPad },
digitShift [0] INTEGER OPTIONAL,
checkCalc [1] INTEGER OPTIONAL,
urnPrefix UTF8String OPTIONAL }
epcInUrn ATTRIBUTE ::= {
SUBTYPE OF urn
SINGLE VALUE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"epcInUrn"}
ID id-at-epcInUrn }
ldapUrl ATTRIBUTE ::= {
SUBTYPE OF url
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"ldapUrl"}
ID id-at-ldapUrl }
tagLocation ATTRIBUTE ::= {
SUBTYPE OF utmCoordinates
SINGLE VALUE TRUE
LDAP-SYNTAX utmCoords.&id
LDAP-NAME {"tagLocation"}
ID id-at-tagLocation }
-- Notification attributes
dSAProblem ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
ID id-not-dSAProblem }
searchServiceProblem ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
SINGLE VALUE TRUE
ID id-not-searchServiceProblem }
serviceType ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
SINGLE VALUE TRUE
ID id-not-serviceType }
attributeTypeList ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
ID id-not-attributeTypeList }
matchingRuleList ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
ID id-not-matchingRuleList }
filterItem ATTRIBUTE ::= {
WITH SYNTAX FilterItem
ID id-not-filterItem }
attributeCombinations ATTRIBUTE ::= {
WITH SYNTAX AttributeCombination
ID id-not-attributeCombinations }
contextTypeList ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
ID id-not-contextTypeList }
contextList ATTRIBUTE ::= {
WITH SYNTAX ContextAssertion
ID id-not-contextList }
contextCombinations ATTRIBUTE ::= {
WITH SYNTAX ContextCombination
ID id-not-contextCombinations }
hierarchySelectList ATTRIBUTE ::= {
WITH SYNTAX HierarchySelections
SINGLE VALUE TRUE
ID id-not-hierarchySelectList }
searchControlOptionsList ATTRIBUTE ::= {
WITH SYNTAX SearchControlOptions
SINGLE VALUE TRUE
ID id-not-searchControlOptionsList }
serviceControlOptionsList ATTRIBUTE ::= {
WITH SYNTAX ServiceControlOptions
SINGLE VALUE TRUE
ID id-not-serviceControlOptionsList }
multipleMatchingLocalities ATTRIBUTE ::= {
WITH SYNTAX MultipleMatchingLocalities
ID id-not-multipleMatchingLocalities }
MultipleMatchingLocalities ::= SEQUENCE {
matchingRuleUsed MATCHING-RULE.&id OPTIONAL,
attributeList SEQUENCE OF AttributeValueAssertion,
... }
proposedRelaxation ATTRIBUTE ::= {
WITH SYNTAX MRMappings
ID id-not-proposedRelaxation }
MRMappings ::= SEQUENCE OF MRMapping
appliedRelaxation ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
ID id-not-appliedRelaxation }
pwdResponseValue ATTRIBUTE ::= {
WITH SYNTAX PwdResponse
ID id-not-pwdResponse }
PwdResponse ::= SEQUENCE {
warning CHOICE {
timeleft [0] INTEGER(0..MAX),
graceRemaining [1] INTEGER(0..MAX),
... } OPTIONAL,
error ENUMERATED {
passwordExpired (0),
changeAfterReset (1),
... } OPTIONAL}
ldapDiagnosticMsg ATTRIBUTE ::= {
WITH SYNTAX UTF8String
SINGLE VALUE TRUE
ID id-not-ldapDiagnosticMsg }
-- LDAP defined attribute types
uid ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"uid"}
ID id-coat-uid }
dc ATTRIBUTE ::= {
WITH SYNTAX IA5String
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX ia5String.&id
LDAP-NAME {"dc"}
ID id-coat-dc }
-- Matching rules
caseExactMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"caseExactMatch"}
ID id-mr-caseExactMatch }
caseIgnoreMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"caseIgnoreMatch"}
ID id-mr-caseIgnoreMatch }
caseExactOrderingMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"caseExactOrderingMatch"}
ID id-mr-caseExactOrderingMatch }
caseIgnoreOrderingMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"caseIgnoreOrderingMatch"}
ID id-mr-caseIgnoreOrderingMatch }
caseExactSubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion -- only the PrintableString choice
LDAP-SYNTAX substringAssertion.&id
LDAP-NAME {"caseExactSubstringsMatch"}
ID id-mr-caseExactSubstringsMatch }
caseIgnoreSubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
LDAP-SYNTAX substringAssertion.&id
LDAP-NAME {"caseIgnoreSubstringsMatch"}
ID id-mr-caseIgnoreSubstringsMatch }
SubstringAssertion ::= SEQUENCE OF CHOICE {
initial [0] UnboundedDirectoryString,
any [1] UnboundedDirectoryString,
final [2] UnboundedDirectoryString,
-- at most one initial and one final component
control Attribute{{SupportedAttributes}},
-- Used to specify interpretation of the following items
... }
numericStringMatch MATCHING-RULE ::= {
SYNTAX NumericString
LDAP-SYNTAX numericString.&id
LDAP-NAME {"numericStringMatch"}
ID id-mr-numericStringMatch }
numericStringOrderingMatch MATCHING-RULE ::= {
SYNTAX NumericString
LDAP-SYNTAX numericString.&id
LDAP-NAME {"numericStringOrderingMatch"}
ID id-mr-numericStringOrderingMatch }
numericStringSubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
LDAP-SYNTAX substringAssertion.&id
LDAP-NAME {"numericStringSubstringsMatch"}
ID id-mr-numericStringSubstringsMatch }
caseIgnoreListMatch MATCHING-RULE ::= {
SYNTAX CaseIgnoreList
LDAP-SYNTAX postalAddr.&id
LDAP-NAME {"caseIgnoreListMatch"}
ID id-mr-caseIgnoreListMatch }
CaseIgnoreList ::= SEQUENCE OF UnboundedDirectoryString
caseIgnoreListSubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
LDAP-SYNTAX substringAssertion.&id
LDAP-NAME {"caseIgnoreListSubstringsMatch"}
ID id-mr-caseIgnoreListSubstringsMatch }
storedPrefixMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
ID id-mr-storedPrefixMatch }
booleanMatch MATCHING-RULE ::= {
SYNTAX BOOLEAN
LDAP-SYNTAX bitString.&id
LDAP-NAME {"booleanMatch"}
ID id-mr-booleanMatch }
integerMatch MATCHING-RULE ::= {
SYNTAX INTEGER
LDAP-SYNTAX integer.&id
LDAP-NAME {"integerMatch"}
ID id-mr-integerMatch }
integerOrderingMatch MATCHING-RULE ::= {
SYNTAX INTEGER
LDAP-SYNTAX integer.&id
LDAP-NAME {"integerOrderingMatch"}
ID id-mr-integerOrderingMatch }
bitStringMatch MATCHING-RULE ::= {
SYNTAX BIT STRING
LDAP-SYNTAX bitString.&id
LDAP-NAME {"bitStringMatch"}
ID id-mr-bitStringMatch }
octetStringMatch MATCHING-RULE ::= {
SYNTAX OCTET STRING
LDAP-SYNTAX octetString.&id
LDAP-NAME {"octetStringMatch"}
ID id-mr-octetStringMatch }
octetStringOrderingMatch MATCHING-RULE ::= {
SYNTAX OCTET STRING
LDAP-SYNTAX octetString.&id
LDAP-NAME {"octetStringOrderingMatch"}
ID id-mr-octetStringOrderingMatch }
octetStringSubstringsMatch MATCHING-RULE ::= {
SYNTAX OctetSubstringAssertion
ID id-mr-octetStringSubstringsMatch }
OctetSubstringAssertion ::= SEQUENCE OF CHOICE {
initial [0] OCTET STRING,
any [1] OCTET STRING,
final [2] OCTET STRING,
... } -- at most one initial and one final component
telephoneNumberMatch MATCHING-RULE ::= {
SYNTAX TelephoneNumber
LDAP-SYNTAX telephoneNr.&id
LDAP-NAME {"telephoneNumberMatch"}
ID id-mr-telephoneNumberMatch }
telephoneNumberSubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
LDAP-SYNTAX substringAssertion.&id
LDAP-NAME {"telephoneNumberSubstringsMatch"}
ID id-mr-telephoneNumberSubstringsMatch }
presentationAddressMatch MATCHING-RULE ::= {
SYNTAX PresentationAddress
ID id-mr-presentationAddressMatch }
uniqueMemberMatch MATCHING-RULE ::= {
SYNTAX NameAndOptionalUID
LDAP-SYNTAX nameAndOptionalUID.&id
LDAP-NAME {"uniqueMemberMatch"}
ID id-mr-uniqueMemberMatch }
protocolInformationMatch MATCHING-RULE ::= {
SYNTAX OCTET STRING
ID id-mr-protocolInformationMatch }
facsimileNumberMatch MATCHING-RULE ::= {
SYNTAX TelephoneNumber
ID id-mr-facsimileNumberMatch }
facsimileNumberSubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
ID id-mr-facsimileNumberSubstringsMatch }
uUIDPairMatch MATCHING-RULE ::= {
SYNTAX UUIDPair
ID id-mr-uuidpairmatch }
uTCTimeMatch MATCHING-RULE ::= {
SYNTAX UTCTime
ID id-mr-uTCTimeMatch }
uTCTimeOrderingMatch MATCHING-RULE ::= {
SYNTAX UTCTime
ID id-mr-uTCTimeOrderingMatch }
generalizedTimeMatch MATCHING-RULE ::= {
SYNTAX GeneralizedTime
-- as per 46.3 b) or c) of Rec. ITU-T X.680 | ISO/IEC 8824-1
LDAP-SYNTAX generalizedTime.&id
LDAP-NAME {"generalizedTimeMatch"}
ID id-mr-generalizedTimeMatch }
generalizedTimeOrderingMatch MATCHING-RULE ::= {
SYNTAX GeneralizedTime
-- as per 46.3 b) or c) of Rec. ITU-T X.680 | ISO/IEC 8824-1
LDAP-SYNTAX generalizedTime.&id
LDAP-NAME {"generalizedTimeOrderingMatch"}
ID id-mr-generalizedTimeOrderingMatch }
systemProposedMatch MATCHING-RULE ::= {
ID id-mr-systemProposedMatch }
integerFirstComponentMatch MATCHING-RULE ::= {
SYNTAX INTEGER
LDAP-SYNTAX integer.&id
LDAP-NAME {"integerFirstComponentMatch"}
ID id-mr-integerFirstComponentMatch }
objectIdentifierFirstComponentMatch MATCHING-RULE ::= {
SYNTAX OBJECT IDENTIFIER
LDAP-SYNTAX oid.&id
LDAP-NAME {"objectIdentifierFirstComponentMatch"}
ID id-mr-objectIdentifierFirstComponentMatch }
directoryStringFirstComponentMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"directoryStringFirstComponentMatch"}
ID id-mr-directoryStringFirstComponentMatch }
wordMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"wordMatch"}
ID id-mr-wordMatch }
keywordMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"keywordMatch"}
ID id-mr-keywordMatch }
generalWordMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
ID id-mr-generalWordMatch }
sequenceMatchType ATTRIBUTE ::= {
WITH SYNTAX SequenceMatchType
SINGLE VALUE TRUE
ID id-cat-sequenceMatchType } -- defaulting to sequenceExact
SequenceMatchType ::= ENUMERATED {
sequenceExact (0),
sequenceDeletion (1),
sequenceRestrictedDeletion (2),
sequencePermutation (3),
sequencePermutationAndDeletion (4),
sequenceProviderDefined (5),
... }
wordMatchTypes ATTRIBUTE ::= {
WITH SYNTAX WordMatchTypes
SINGLE VALUE TRUE
ID id-cat-wordMatchType } -- defaulting to wordExact
WordMatchTypes ::= ENUMERATED {
wordExact (0),
wordTruncated (1),
wordPhonetic (2),
wordProviderDefined (3),
... }
characterMatchTypes ATTRIBUTE ::= {
WITH SYNTAX CharacterMatchTypes
SINGLE VALUE TRUE
ID id-cat-characterMatchTypes }
CharacterMatchTypes ::= ENUMERATED {
characterExact (0),
characterCaseIgnore (1),
characterMapped (2),
... }
selectedContexts ATTRIBUTE ::= {
WITH SYNTAX ContextAssertion
ID id-cat-selectedContexts }
approximateStringMatch MATCHING-RULE ::= {
ID id-mr-approximateStringMatch }
ignoreIfAbsentMatch MATCHING-RULE ::= {
ID id-mr-ignoreIfAbsentMatch }
nullMatch MATCHING-RULE ::= {
ID id-mr-nullMatch }
ZONAL-MATCHING ::=
MAPPING-BASED-MATCHING{ZonalSelect, TRUE, ZonalResult, zonalMatch.&id}
ZonalSelect ::= SEQUENCE OF AttributeType
ZonalResult ::= ENUMERATED {
cannot-select-mapping (0),
zero-mappings (2),
multiple-mappings (3),
... }
zonalMatch MATCHING-RULE ::= {
UNIQUE-MATCH-INDICATOR multipleMatchingLocalities
ID id-mr-zonalMatch }
uriMatch MATCHING-RULE ::= {
SYNTAX UTF8String
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"uriMatch"}
ID id-mr-uriMatch }
dnsNameMatch MATCHING-RULE ::= {
SYNTAX DomainName
LDAP-SYNTAX dnsString.&id
LDAP-NAME {"dnsNameMatch"}
ID id-mr-dnsNameMatch }
-- LDAP defined matching rules
caseExactIA5Match MATCHING-RULE ::= {
SYNTAX IA5String
LDAP-SYNTAX ia5String.&id
LDAP-NAME {"caseExactIA5Match"}
ID id-lmr-caseExactIA5Match }
caseIgnoreIA5Match MATCHING-RULE ::= {
SYNTAX IA5String
LDAP-SYNTAX ia5String.&id
LDAP-NAME {"caseIgnoreIA5Match"}
ID id-lmr-caseIgnoreIA5Match }
caseIgnoreIA5SubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
LDAP-SYNTAX substringAssertion.&id
LDAP-NAME {"caseIgnoreIA5SubstringsMatch"}
ID id-lmr-caseIgnoreIA5Match }
-- Syntaxes defined by this Directory Specification
utmCoords SYNTAX-NAME ::= {
LDAP-DESC "UTM Coordinates"
DIRECTORY SYNTAX UtmCoordinates
ID id-asx-utmCoords }
uiiForm SYNTAX-NAME ::= {
LDAP-DESC "UII Format"
DIRECTORY SYNTAX UiiFormat
ID id-asx-uiiForm }
epcForm SYNTAX-NAME ::= {
LDAP-DESC "EPC Format"
DIRECTORY SYNTAX EpcFormat
ID id-asx-epcForm }
countryString3c SYNTAX-NAME ::= {
LDAP-DESC "Country String 3 characters"
DIRECTORY SYNTAX CountryCode3c
ID id-asx-countryString3c }
countryString3n SYNTAX-NAME ::= {
LDAP-DESC "Country String 3 numeric characters"
DIRECTORY SYNTAX CountryCode3n
ID id-asx-countryString3n }
dnsString SYNTAX-NAME ::= {
LDAP-DESC "DNS Name String"
DIRECTORY SYNTAX DomainName
ID id-asx-dnsString }
-- Syntaxes defined under the ldap-syntax OID arc
attributeTypeDescription SYNTAX-NAME ::= {
LDAP-DESC "Attribute Type Description"
DIRECTORY SYNTAX AttributeTypeDescription
ID id-lsx-attributeTypeDescription }
bitString SYNTAX-NAME ::= {
LDAP-DESC "Bit String"
DIRECTORY SYNTAX BIT STRING
ID id-lsx-bitString }
boolean SYNTAX-NAME ::= {
LDAP-DESC "Boolean"
DIRECTORY SYNTAX BOOLEAN
ID id-lsx-boolean }
countryString SYNTAX-NAME ::= {
LDAP-DESC "Country String"
DIRECTORY SYNTAX CountryName
ID id-lsx-countryString }
dn SYNTAX-NAME ::= {
LDAP-DESC "DN"
DIRECTORY SYNTAX DistinguishedName
ID id-lsx-dn }
deliveryMethod SYNTAX-NAME ::= {
LDAP-DESC "Delevery Method"
DIRECTORY SYNTAX PreferredDeliveryMethod
ID id-lsx-deliveryMethod }
directoryString SYNTAX-NAME ::= {
LDAP-DESC "Directory String"
DIRECTORY SYNTAX UnboundedDirectoryString
ID id-lsx-directoryString }
dITContentRuleDescription SYNTAX-NAME ::= {
LDAP-DESC "DIT Content Rule Description"
DIRECTORY SYNTAX DITContentRuleDescription
ID id-lsx-dITContentRuleDescription }
dITStructureRuleDescription SYNTAX-NAME ::= {
LDAP-DESC "DIT StructureRule Description"
DIRECTORY SYNTAX DITStructureRuleDescription
ID id-lsx-dITStructureRuleDescription }
enhancedGuide SYNTAX-NAME ::= {
LDAP-DESC "Enhanced Guide"
DIRECTORY SYNTAX EnhancedGuide
ID id-lsx-enhancedGuide }
facsimileTelephoneNr SYNTAX-NAME ::= {
LDAP-DESC "Facsimile Telephone Number"
DIRECTORY SYNTAX FacsimileTelephoneNumber
ID id-lsx-facsimileTelephoneNr }
fax SYNTAX-NAME ::= {
LDAP-DESC "Fax"
DIRECTORY SYNTAX NULL
ID id-lsx-fax }
generalizedTime SYNTAX-NAME ::= {
LDAP-DESC "Generalized Time"
DIRECTORY SYNTAX GeneralizedTime
ID id-lsx-generalizedTime }
guide SYNTAX-NAME ::= {
LDAP-DESC "Guide"
DIRECTORY SYNTAX Guide
ID id-lsx-guide }
ia5String SYNTAX-NAME ::= {
LDAP-DESC "IA5 String"
DIRECTORY SYNTAX IA5String
ID id-lsx-ia5String }
integer SYNTAX-NAME ::= {
LDAP-DESC "INTEGER"
DIRECTORY SYNTAX INTEGER
ID id-lsx-integer }
jpeg SYNTAX-NAME ::= {
LDAP-DESC "JPEG"
DIRECTORY SYNTAX NULL
ID id-lsx-jpeg }
matchingRuleDescription SYNTAX-NAME ::= {
LDAP-DESC "Matching Rule Description"
DIRECTORY SYNTAX MatchingRuleDescription
ID id-lsx-matchingRuleDescription }
matchingRuleUseDescription SYNTAX-NAME ::= {
LDAP-DESC "Matching Rule Use Description"
DIRECTORY SYNTAX MatchingRuleUseDescription
ID id-lsx-matchingRuleUseDescription }
nameAndOptionalUID SYNTAX-NAME ::= {
LDAP-DESC "Name And Optional UID"
DIRECTORY SYNTAX NameAndOptionalUID
ID id-lsx-nameAndOptionalUID }
nameFormDescription SYNTAX-NAME ::= {
LDAP-DESC "Name Form Description"
DIRECTORY SYNTAX NameFormDescription
ID id-lsx-nameFormDescription }
numericString SYNTAX-NAME ::= {
LDAP-DESC "Numeric String"
DIRECTORY SYNTAX NumericString
ID id-lsx-numericString }
objectClassDescription SYNTAX-NAME ::= {
LDAP-DESC "Object Class Description"
DIRECTORY SYNTAX ObjectClassDescription
ID id-lsx-objectClassDescription }
oid SYNTAX-NAME ::= {
LDAP-DESC "OID"
DIRECTORY SYNTAX OBJECT IDENTIFIER
ID id-lsx-oid }
otherMailbox SYNTAX-NAME ::= {
LDAP-DESC "Other Mailbox"
DIRECTORY SYNTAX NULL
ID id-lsx-otherMailbox }
octetString SYNTAX-NAME ::= {
LDAP-DESC "Octet String"
DIRECTORY SYNTAX OCTET STRING
ID id-lsx-octetString }
postalAddr SYNTAX-NAME ::= {
LDAP-DESC "Postal Address"
DIRECTORY SYNTAX PostalAddress
ID id-lsx-postalAddr }
presentationAddr SYNTAX-NAME ::= {
LDAP-DESC "Presentation Address"
DIRECTORY SYNTAX PresentationAddress
ID id-lsx-presentationAddr }
printableString SYNTAX-NAME ::= {
LDAP-DESC "Printable String"
DIRECTORY SYNTAX PrintableString
ID id-lsx-printableString }
subtreeSpec SYNTAX-NAME ::= {
LDAP-DESC "SubtreeSpecification"
DIRECTORY SYNTAX SubtreeSpecification
ID id-lsx-subtreeSpec }
telephoneNr SYNTAX-NAME ::= {
LDAP-DESC "Telephone Number"
DIRECTORY SYNTAX TelephoneNumber
ID id-lsx-telephoneNr }
telexNr SYNTAX-NAME ::= {
LDAP-DESC "Telex Number"
DIRECTORY SYNTAX TelexNumber
ID id-lsx-telexNr }
utcTime SYNTAX-NAME ::= {
LDAP-DESC "UTC Time"
DIRECTORY SYNTAX UTCTime
ID id-lsx-utcTime }
ldapSyntaxDescription SYNTAX-NAME ::= {
LDAP-DESC "LDAP Syntax Description"
DIRECTORY SYNTAX NULL
ID id-lsx-ldapSyntaxDescription }
substringAssertion SYNTAX-NAME ::= {
LDAP-DESC "Substring Assertion"
DIRECTORY SYNTAX SubstringAssertion
ID id-lsx-substringAssertion }
-- Contexts
languageContext CONTEXT ::= {
WITH SYNTAX LanguageContextSyntax
ID id-avc-language }
LanguageContextSyntax ::= PrintableString(SIZE (2..3)) -- ISO 639-2 codes only
temporalContext CONTEXT ::= {
WITH SYNTAX TimeSpecification
ASSERTED AS TimeAssertion
ID id-avc-temporal }
TimeSpecification ::= SEQUENCE {
time CHOICE {
absolute SEQUENCE {
startTime [0] GeneralizedTime OPTIONAL,
endTime [1] GeneralizedTime OPTIONAL,
... },
periodic SET SIZE (1..MAX) OF Period},
notThisTime BOOLEAN DEFAULT FALSE,
timeZone TimeZone OPTIONAL,
... }
Period ::= SEQUENCE {
timesOfDay [0] SET SIZE (1..MAX) OF DayTimeBand OPTIONAL,
days [1] CHOICE {
intDay SET OF INTEGER,
bitDay BIT STRING {
sunday (0),
monday (1),
tuesday (2),
wednesday (3),
thursday (4),
friday (5),
saturday (6)},
dayOf XDayOf,
...} OPTIONAL,
weeks [2] CHOICE {
allWeeks NULL,
intWeek SET OF INTEGER,
bitWeek BIT STRING {
week1 (0),
week2 (1),
week3 (2),
week4 (3),
week5 (4)},
... } OPTIONAL,
months [3] CHOICE {
allMonths NULL,
intMonth SET OF INTEGER,
bitMonth BIT STRING {
january (0),
february (1),
march (2),
april (3),
may (4),
june (5),
july (6),
august (7),
september (8),
october (9),
november (10),
december (11)},
...} OPTIONAL,
years [4] SET OF INTEGER(1000..MAX) OPTIONAL,
... }
XDayOf ::= CHOICE {
first [1] NamedDay,
second [2] NamedDay,
third [3] NamedDay,
fourth [4] NamedDay,
fifth [5] NamedDay }
NamedDay ::= CHOICE {
intNamedDays ENUMERATED {
sunday (1),
monday (2),
tuesday (3),
wednesday (4),
thursday (5),
friday (6),
saturday (7)},
bitNamedDays BIT STRING {
sunday (0),
monday (1),
tuesday (2),
wednesday (3),
thursday (4),
friday (5),
saturday (6)} }
DayTimeBand ::= SEQUENCE {
startDayTime [0] DayTime DEFAULT {hour 0},
endDayTime [1] DayTime DEFAULT {hour 23, minute 59, second 59},
... }
DayTime ::= SEQUENCE {
hour [0] INTEGER(0..23),
minute [1] INTEGER(0..59) DEFAULT 0,
second [2] INTEGER(0..59) DEFAULT 0,
... }
TimeZone ::= INTEGER(-12..12)
TimeAssertion ::= CHOICE {
now NULL,
at GeneralizedTime,
between SEQUENCE {
startTime [0] GeneralizedTime,
endTime [1] GeneralizedTime OPTIONAL,
entirely BOOLEAN DEFAULT FALSE,
...},
... }
localeContext CONTEXT ::= {
WITH SYNTAX LocaleContextSyntax
ID id-avc-locale }
LocaleContextSyntax ::= CHOICE {
localeID1 OBJECT IDENTIFIER,
localeID2 UnboundedDirectoryString,
... }
ldapAttributeOptionContext CONTEXT ::= {
WITH SYNTAX AttributeOptionList
ASSERTED AS AttributeOptionList
ABSENT-MATCH FALSE
ID id-avc-ldapAttributeOption }
AttributeOptionList ::= SEQUENCE OF UTF8String
-- Object identifier assignments
-- object identifiers assigned in other modules are shown in comments
-- Attributes
-- id-at-objectClass OBJECT IDENTIFIER ::= {id-at 0}
-- id-at-aliasedEntryName OBJECT IDENTIFIER ::= {id-at 1}
-- id-at-encryptedAliasedEntryName OBJECT IDENTIFIER ::= {id-at 1 2}
id-at-knowledgeInformation OBJECT IDENTIFIER ::= {id-at 2}
id-at-commonName OBJECT IDENTIFIER ::= {id-at 3}
-- id-at-encryptedCommonName OBJECT IDENTIFIER ::= {id-at 3 2}
id-at-surname OBJECT IDENTIFIER ::= {id-at 4}
-- id-at-encryptedSurname OBJECT IDENTIFIER ::= {id-at 4 2}
id-at-serialNumber OBJECT IDENTIFIER ::= {id-at 5}
-- id-at-encryptedSerialNumber OBJECT IDENTIFIER ::= {id-at 5 2}
id-at-countryName OBJECT IDENTIFIER ::= {id-at 6}
-- id-at-encryptedCountryName OBJECT IDENTIFIER ::= {id-at 6 2}
id-at-localityName OBJECT IDENTIFIER ::= {id-at 7}
-- id-at-encryptedLocalityName OBJECT IDENTIFIER ::= {id-at 7 2}
id-at-collectiveLocalityName OBJECT IDENTIFIER ::= {id-at 7 1}
-- id-at-encryptedCollectiveLocalityName OBJECT IDENTIFIER ::= {id-at 7 1 2}
id-at-stateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8}
-- id-at-encryptedStateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8 2}
id-at-collectiveStateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8 1}
-- id-at-encryptedCollectiveStateOrProvinceName
-- OBJECT IDENTIFIER ::= {id-at 8 1 2}
id-at-streetAddress OBJECT IDENTIFIER ::= {id-at 9}
-- id-at-encryptedStreetAddress OBJECT IDENTIFIER ::= {id-at 9 2}
id-at-collectiveStreetAddress OBJECT IDENTIFIER ::= {id-at 9 1}
-- id-at-encryptedCollectiveStreetAddress OBJECT IDENTIFIER ::= {id-at 9 1 2}
id-at-organizationName OBJECT IDENTIFIER ::= {id-at 10}
-- id-at-encryptedOrganizationName OBJECT IDENTIFIER ::= {id-at 10 2}
id-at-collectiveOrganizationName OBJECT IDENTIFIER ::= {id-at 10 1}
-- id-at-encryptedCollectiveOrganizationName
-- OBJECT IDENTIFIER ::= {id-at 10 1 2}
id-at-organizationalUnitName OBJECT IDENTIFIER ::= {id-at 11}
-- id-at-encryptedOrganizationalUnitName OBJECT IDENTIFIER ::= {id-at 11 2}
id-at-collectiveOrganizationalUnitName OBJECT IDENTIFIER ::= {id-at 11 1}
-- id-at-encryptedCollectiveOrganizationalUnitNam
-- OBJECT IDENTIFIER ::= {id-at 11 1 2}
id-at-title OBJECT IDENTIFIER ::= {id-at 12}
-- id-at-encryptedTitle OBJECT IDENTIFIER ::= {id-at 12 2}
id-at-description OBJECT IDENTIFIER ::= {id-at 13}
-- id-at-encryptedDescription OBJECT IDENTIFIER ::= {id-at 13 2}
id-at-searchGuide OBJECT IDENTIFIER ::= {id-at 14}
-- id-at-encryptedSearchGuide OBJECT IDENTIFIER ::= {id-at 14 2}
id-at-businessCategory OBJECT IDENTIFIER ::= {id-at 15}
-- id-at-encryptedBusinessCategory OBJECT IDENTIFIER ::= {id-at 15 2}
id-at-postalAddress OBJECT IDENTIFIER ::= {id-at 16}
-- id-at-encryptedPostalAddress OBJECT IDENTIFIER ::= {id-at 16 2}
id-at-collectivePostalAddress OBJECT IDENTIFIER ::= {id-at 16 1}
-- id-at-encryptedCollectivePostalAddress OBJECT IDENTIFIER ::= {id-at 16 1 2}
id-at-postalCode OBJECT IDENTIFIER ::= {id-at 17}
-- id-at-encryptedPostalCode OBJECT IDENTIFIER ::= {id-at 17 2}
id-at-collectivePostalCode OBJECT IDENTIFIER ::= {id-at 17 1}
-- id-at-encryptedCollectivePostalCode OBJECT IDENTIFIER ::= {id-at 17 1 2}
id-at-postOfficeBox OBJECT IDENTIFIER ::= {id-at 18}
id-at-collectivePostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 1}
-- id-at-encryptedPostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 2}
-- id-at-encryptedCollectivePostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 1 2}
id-at-physicalDeliveryOfficeName OBJECT IDENTIFIER ::= {id-at 19}
id-at-collectivePhysicalDeliveryOfficeName OBJECT IDENTIFIER ::= {id-at 19 1}
-- id-at-encryptedPhysicalDeliveryOfficeName
-- OBJECT IDENTIFIER ::= {id-at 19 2}
-- id-at-encryptedCollectivePhysicalDeliveryOfficeName
-- OBJECT IDENTIFIER ::= {id-at 19 1 2}
id-at-telephoneNumber OBJECT IDENTIFIER ::= {id-at 20}
-- id-at-encryptedTelephoneNumber OBJECT IDENTIFIER ::= {id-at 20 2}
id-at-collectiveTelephoneNumber OBJECT IDENTIFIER ::= {id-at 20 1}
-- id-at-encryptedCollectiveTelephoneNumber
-- OBJECT IDENTIFIER ::= {id-at 20 1 2}
id-at-telexNumber OBJECT IDENTIFIER ::= {id-at 21}
-- id-at-encryptedTelexNumber OBJECT IDENTIFIER ::= {id-at 21 2}
id-at-collectiveTelexNumber OBJECT IDENTIFIER ::= {id-at 21 1}
-- id-at-encryptedCollectiveTelexNumber OBJECT IDENTIFIER ::= {id-at 21 1 2}
-- id-at-teletexTerminalIdentifier OBJECT IDENTIFIER ::= {id-at 22}
-- id-at-encryptedTeletexTerminalIdentifier
-- OBJECT IDENTIFIER ::= {id-at 22 2}
-- id-at-collectiveTeletexTerminalIdentifier
-- OBJECT IDENTIFIER ::= {id-at 22 1}
-- id-at-encryptedCollectiveTeletexTerminalIdentifier
-- OBJECT IDENTIFIER ::= {id-at 22 1 2}
id-at-facsimileTelephoneNumber OBJECT IDENTIFIER ::= {id-at 23}
-- id-at-encryptedFacsimileTelephoneNumber
-- OBJECT IDENTIFIER ::= {id-at 23 2}
id-at-collectiveFacsimileTelephoneNumber OBJECT IDENTIFIER ::= {id-at 23 1}
-- id-at-encryptedCollectiveFacsimileTelephoneNumber
-- OBJECT IDENTIFIER ::= {id-at 23 1 2}
id-at-x121Address OBJECT IDENTIFIER ::= {id-at 24}
-- id-at-encryptedX121Address OBJECT IDENTIFIER ::= {id-at 24 2}
id-at-internationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25}
-- id-at-encryptedInternationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25 2}
id-at-collectiveInternationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25 1}
-- id-at-encryptedCollectiveInternationalISDNNumber
-- OBJECT IDENTIFIER ::= {id-at 25 1 2}
id-at-registeredAddress OBJECT IDENTIFIER ::= {id-at 26}
-- id-at-encryptedRegisteredAddress OBJECT IDENTIFIER ::= {id-at 26 2}
id-at-destinationIndicator OBJECT IDENTIFIER ::= {id-at 27}
-- id-at-encryptedDestinationIndicator OBJECT IDENTIFIER ::= {id-at 27 2}
id-at-preferredDeliveryMethod OBJECT IDENTIFIER ::= {id-at 28}
-- id-at-encryptedPreferredDeliveryMethod OBJECT IDENTIFIER ::= {id-at 28 2}
id-at-presentationAddress OBJECT IDENTIFIER ::= {id-at 29}
-- id-at-encryptedPresentationAddress OBJECT IDENTIFIER ::= {id-at 29 2}
id-at-supportedApplicationContext OBJECT IDENTIFIER ::= {id-at 30}
-- id-at-encryptedSupportedApplicationContext
-- OBJECT IDENTIFIER ::= {id-at 30 2}
id-at-member OBJECT IDENTIFIER ::= {id-at 31}
-- id-at-encryptedMember OBJECT IDENTIFIER ::= {id-at 31 2}
id-at-owner OBJECT IDENTIFIER ::= {id-at 32}
-- id-at-encryptedOwner OBJECT IDENTIFIER ::= {id-at 32 2}
id-at-roleOccupant OBJECT IDENTIFIER ::= {id-at 33}
-- id-at-encryptedRoleOccupant OBJECT IDENTIFIER ::= {id-at 33 2}
id-at-seeAlso OBJECT IDENTIFIER ::= {id-at 34}
-- id-at-encryptedSeeAlso OBJECT IDENTIFIER ::= {id-at 34 2}
-- id-at-userPassword OBJECT IDENTIFIER ::= {id-at 35} X.509|Part 8
-- id-at-encryptedUserPassword OBJECT IDENTIFIER ::= {id-at 35 2}
-- id-at-userCertificate OBJECT IDENTIFIER ::= {id-at 36} X.509|Part 8
-- id-at-encryptedUserCertificate OBJECT IDENTIFIER ::= {id-at 36 2}
-- id-at-cACertificate OBJECT IDENTIFIER ::= {id-at 37} X.509|Part 8
-- id-at-encryptedCACertificate OBJECT IDENTIFIER ::= {id-at 37 2}
-- id-at-authorityRevocationList OBJECT IDENTIFIER ::= {id-at 38} X.509|Part 8
-- id-at-encryptedAuthorityRevocationList OBJECT IDENTIFIER ::= {id-at 38 2}
-- id-at-certificateRevocationList OBJECT IDENTIFIER ::= {id-at 39} X.509|Part 8
-- id-at-encryptedCertificateRevocationList
-- OBJECT IDENTIFIER ::= {id-at 39 2}
-- id-at-crossCertificatePair OBJECT IDENTIFIER ::= {id-at 40} X.509|Part 8
-- id-at-encryptedCrossCertificatePair OBJECT IDENTIFIER ::= {id-at 40 2}
id-at-name OBJECT IDENTIFIER ::= {id-at 41}
id-at-givenName OBJECT IDENTIFIER ::= {id-at 42}
-- id-at-encryptedGivenName OBJECT IDENTIFIER ::= {id-at 42 2}
id-at-initials OBJECT IDENTIFIER ::= {id-at 43}
-- id-at-encryptedInitials OBJECT IDENTIFIER ::= {id-at 43 2}
id-at-generationQualifier OBJECT IDENTIFIER ::= {id-at 44}
-- id-at-encryptedGenerationQualifier OBJECT IDENTIFIER ::= {id-at 44 2}
id-at-uniqueIdentifier OBJECT IDENTIFIER ::= {id-at 45}
-- id-at-encryptedUniqueIdentifier OBJECT IDENTIFIER ::= {id-at 45 2}
id-at-dnQualifier OBJECT IDENTIFIER ::= {id-at 46}
-- id-at-encryptedDnQualifier OBJECT IDENTIFIER ::= {id-at 46 2}
id-at-enhancedSearchGuide OBJECT IDENTIFIER ::= {id-at 47}
-- id-at-encryptedEnhancedSearchGuide OBJECT IDENTIFIER ::= {id-at 47 2}
id-at-protocolInformation OBJECT IDENTIFIER ::= {id-at 48}
-- id-at-encryptedProtocolInformation OBJECT IDENTIFIER ::= {id-at 48 2}
id-at-distinguishedName OBJECT IDENTIFIER ::= {id-at 49}
-- id-at-encryptedDistinguishedName OBJECT IDENTIFIER ::= {id-at 49 2}
id-at-uniqueMember OBJECT IDENTIFIER ::= {id-at 50}
-- id-at-encryptedUniqueMember OBJECT IDENTIFIER ::= {id-at 50 2}
id-at-houseIdentifier OBJECT IDENTIFIER ::= {id-at 51}
-- id-at-encryptedHouseIdentifier OBJECT IDENTIFIER ::= {id-at 51 2}
-- id-at-supportedAlgorithms OBJECT IDENTIFIER ::= {id-at 52} X.509|Part 8
-- id-at-encryptedSupportedAlgorithms OBJECT IDENTIFIER ::= {id-at 52 2}
-- id-at-deltaRevocationList OBJECT IDENTIFIER ::= {id-at 53} X.509|Part 8
-- id-at-encryptedDeltaRevocationList OBJECT IDENTIFIER ::= {id-at 53 2}
id-at-dmdName OBJECT IDENTIFIER ::= {id-at 54}
-- id-at-encryptedDmdName OBJECT IDENTIFIER ::= {id-at 54 2}
-- id-at-clearance OBJECT IDENTIFIER ::= {id-at 55}
-- id-at-encryptedClearance OBJECT IDENTIFIER ::= {id-at 55 2}
-- id-at-defaultDirQop OBJECT IDENTIFIER ::= {id-at 56}
-- id-at-encryptedDefaultDirQop OBJECT IDENTIFIER ::= {id-at 56 2}
-- id-at-attributeIntegrityInfo OBJECT IDENTIFIER ::= {id-at 57}
-- id-at-encryptedAttributeIntegrityInfo OBJECT IDENTIFIER ::= {id-at 57 2}
-- id-at-attributeCertificate OBJECT IDENTIFIER ::= {id-at 58} X.509|Part 8
-- id-at-encryptedAttributeCertificate OBJECT IDENTIFIER ::= {id-at 58 2}
-- id-at-attributeCertificateRevocationList
-- OBJECT IDENTIFIER ::= {id-at 59} X.509|Part 8
-- id-at-encryptedAttributeCertificateRevocationList
-- OBJECT IDENTIFIER ::= {id-at 59 2}
-- id-at-confKeyInfo OBJECT IDENTIFIER ::= {id-at 60}
-- id-at-encryptedConfKeyInfo OBJECT IDENTIFIER ::= {id-at 60 2}
-- id-at-aACertificate OBJECT IDENTIFIER ::= {id-at 61} X.509|Part 8
-- id-at-attributeDescriptorCertificate OBJECT IDENTIFIER ::= {id-at 62} X.509|Part 8
-- id-at-attributeAuthorityRevocationList OBJECT IDENTIFIER ::= {id-at 63} X.509|Part 8
-- id-at-family-information OBJECT IDENTIFIER ::= {id-at 64}
id-at-pseudonym OBJECT IDENTIFIER ::= {id-at 65}
id-at-communicationsService OBJECT IDENTIFIER ::= {id-at 66}
id-at-communicationsNetwork OBJECT IDENTIFIER ::= {id-at 67}
-- id-at-certificationPracticeStmt OBJECT IDENTIFIER ::= {id-at 68} X.509|Part 8
-- id-at-certificatePolicy OBJECT IDENTIFIER ::= {id-at 69} X.509|Part 8
-- id-at-pkiPath OBJECT IDENTIFIER ::= {id-at 70} X.509|Part 8
-- id-at-privPolicy OBJECT IDENTIFIER ::= {id-at 71} X.509|Part 8
-- id-at-role OBJECT IDENTIFIER ::= {id-at 72} X.509|Part 8
-- id-at-delegationPath OBJECT IDENTIFIER ::= {id-at 73} X.509|Part 8
-- id-at-protPrivPolicy OBJECT IDENTIFIER ::= {id-at 74} X.509|Part 8
-- id-at-xMLPrivilegeInfo OBJECT IDENTIFIER ::= {id-at 75} X.509|Part 8
-- id-at-xmlPrivPolicy OBJECT IDENTIFIER ::= {id-at 76} X.509|Part 8
id-at-uuidpair OBJECT IDENTIFIER ::= {id-at 77}
id-at-tagOid OBJECT IDENTIFIER ::= {id-at 78}
id-at-uiiFormat OBJECT IDENTIFIER ::= {id-at 79}
id-at-uiiInUrn OBJECT IDENTIFIER ::= {id-at 80}
id-at-contentUrl OBJECT IDENTIFIER ::= {id-at 81}
-- id-at-permission OBJECT IDENTIFIER ::= {id-at 82} X.509|Part 8
id-at-uri OBJECT IDENTIFIER ::= {id-at 83}
-- id-at-pwdAttribute OBJECT IDENTIFIER ::= {id-at 84} X.501|Part 2
-- id-at-userPwd OBJECT IDENTIFIER ::= {id-at 85} Annex B
id-at-urn OBJECT IDENTIFIER ::= {id-at 86}
id-at-url OBJECT IDENTIFIER ::= {id-at 87}
id-at-utmCoordinates OBJECT IDENTIFIER ::= {id-at 88}
id-at-urnC OBJECT IDENTIFIER ::= {id-at 89}
id-at-uii OBJECT IDENTIFIER ::= {id-at 90}
id-at-epc OBJECT IDENTIFIER ::= {id-at 91}
id-at-tagAfi OBJECT IDENTIFIER ::= {id-at 92}
id-at-epcFormat OBJECT IDENTIFIER ::= {id-at 93}
id-at-epcInUrn OBJECT IDENTIFIER ::= {id-at 94}
id-at-ldapUrl OBJECT IDENTIFIER ::= {id-at 95}
id-at-tagLocation OBJECT IDENTIFIER ::= {id-at 96}
id-at-organizationIdentifier OBJECT IDENTIFIER ::= {id-at 97}
id-at-countryCode3c OBJECT IDENTIFIER ::= {id-at 98}
id-at-countryCode3n OBJECT IDENTIFIER ::= {id-at 99}
id-at-dnsName OBJECT IDENTIFIER ::= {id-at 100}
--id-at-eepkCertificatRevocationList OBJECT IDENTIFIER ::= {id-at 101} X.509|Part 8
--id-at-eeAttrCertificateRevocationList OBJECT IDENTIFIER ::= {id-at 102} X.509|Part 8
-- id-asx-userPwdDescription OBJECT IDENTIFIER ::= {id-asx 0}
-- id-asx-pwdVocabularyDescription OBJECT IDENTIFIER ::= {id-asx 1}
-- id-asx-pwdAlphabetDescription OBJECT IDENTIFIER ::= {id-asx 2}
-- id-asx-pwdEncAlgDescription OBJECT IDENTIFIER ::= {id-asx 3}
id-asx-utmCoords OBJECT IDENTIFIER ::= {id-asx 4}
id-asx-uiiForm OBJECT IDENTIFIER ::= {id-asx 5}
id-asx-epcForm OBJECT IDENTIFIER ::= {id-asx 6}
id-asx-countryString3c OBJECT IDENTIFIER ::= {id-asx 7}
id-asx-countryString3n OBJECT IDENTIFIER ::= {id-asx 8}
id-asx-dnsString OBJECT IDENTIFIER ::= {id-asx 9}
id-lsx-attributeTypeDescription OBJECT IDENTIFIER ::= {id-lsx 3}
id-lsx-bitString OBJECT IDENTIFIER ::= {id-lsx 6}
id-lsx-boolean OBJECT IDENTIFIER ::= {id-lsx 7}
-- id-lsx-x509Certificate OBJECT IDENTIFIER ::= {id-lsx 8} X.509|Part 8
-- id-lsx-x509CertificateList OBJECT IDENTIFIER ::= {id-lsx 9} X.509|Part 8
-- id-lsx-x509CertificatePair OBJECT IDENTIFIER ::= {id-lsx 10} X.509|Part 8
id-lsx-countryString OBJECT IDENTIFIER ::= {id-lsx 11}
id-lsx-dn OBJECT IDENTIFIER ::= {id-lsx 12}
id-lsx-deliveryMethod OBJECT IDENTIFIER ::= {id-lsx 14}
id-lsx-directoryString OBJECT IDENTIFIER ::= {id-lsx 15}
id-lsx-dITContentRuleDescription OBJECT IDENTIFIER ::= {id-lsx 16}
id-lsx-dITStructureRuleDescription OBJECT IDENTIFIER ::= {id-lsx 17}
id-lsx-enhancedGuide OBJECT IDENTIFIER ::= {id-lsx 21}
id-lsx-facsimileTelephoneNr OBJECT IDENTIFIER ::= {id-lsx 22}
id-lsx-fax OBJECT IDENTIFIER ::= {id-lsx 23}
id-lsx-generalizedTime OBJECT IDENTIFIER ::= {id-lsx 24}
id-lsx-guide OBJECT IDENTIFIER ::= {id-lsx 25}
id-lsx-ia5String OBJECT IDENTIFIER ::= {id-lsx 26}
id-lsx-integer OBJECT IDENTIFIER ::= {id-lsx 27}
id-lsx-jpeg OBJECT IDENTIFIER ::= {id-lsx 28}
id-lsx-matchingRuleDescription OBJECT IDENTIFIER ::= {id-lsx 30}
id-lsx-matchingRuleUseDescription OBJECT IDENTIFIER ::= {id-lsx 31}
id-lsx-nameAndOptionalUID OBJECT IDENTIFIER ::= {id-lsx 34}
id-lsx-nameFormDescription OBJECT IDENTIFIER ::= {id-lsx 35}
id-lsx-numericString OBJECT IDENTIFIER ::= {id-lsx 36}
id-lsx-objectClassDescription OBJECT IDENTIFIER ::= {id-lsx 37}
id-lsx-oid OBJECT IDENTIFIER ::= {id-lsx 38}
id-lsx-otherMailbox OBJECT IDENTIFIER ::= {id-lsx 39}
id-lsx-octetString OBJECT IDENTIFIER ::= {id-lsx 40}
id-lsx-postalAddr OBJECT IDENTIFIER ::= {id-lsx 41}
id-lsx-presentationAddr OBJECT IDENTIFIER ::= {id-lsx 43}
id-lsx-printableString OBJECT IDENTIFIER ::= {id-lsx 44}
id-lsx-subtreeSpec OBJECT IDENTIFIER ::= {id-lsx 45}
-- id-lsx-x509SupportedAlgorithm OBJECT IDENTIFIER ::= {id-lsx 49} X.509|Part 8
id-lsx-telephoneNr OBJECT IDENTIFIER ::= {id-lsx 50}
id-lsx-telexNr OBJECT IDENTIFIER ::= {id-lsx 52}
id-lsx-utcTime OBJECT IDENTIFIER ::= {id-lsx 53}
id-lsx-ldapSyntaxDescription OBJECT IDENTIFIER ::= {id-lsx 54}
id-lsx-substringAssertion OBJECT IDENTIFIER ::= {id-lsx 58}
-- Object identifiers for LDAP X.509 assertion syntaxes
-- id-ldx-certExactAssertion OBJECT IDENTIFIER ::= {id-ldx 1} X.509|Part 8
-- id-ldx-certAssertion OBJECT IDENTIFIER ::= {id-ldx 2} X.509|Part 8
-- id-ldx-certPairExactAssertion OBJECT IDENTIFIER ::= {id-ldx 3} X.509|Part 8
-- id-ldx-certPairAssertion OBJECT IDENTIFIER ::= {id-ldx 4} X.509|Part 8
-- id-ldx-certListExactAssertion OBJECT IDENTIFIER ::= {id-ldx 5} X.509|Part 8
-- id-ldx-certListAssertion OBJECT IDENTIFIER ::= {id-ldx 6} X.509|Part 8
-- id-ldx-algorithmIdentifier OBJECT IDENTIFIER ::= {id-ldx 7} X.509|Part 8
id-oidC1 OBJECT IDENTIFIER ::= {id 0}
id-oidC2 OBJECT IDENTIFIER ::= {id 1}
id-oidC OBJECT IDENTIFIER ::= {id 2}
-- Control attributes
id-cat-sequenceMatchType OBJECT IDENTIFIER ::= {id-cat 1}
id-cat-wordMatchType OBJECT IDENTIFIER ::= {id-cat 2}
id-cat-characterMatchTypes OBJECT IDENTIFIER ::= {id-cat 3}
id-cat-selectedContexts OBJECT IDENTIFIER ::= {id-cat 4}
-- Notification attributes
id-not-dSAProblem OBJECT IDENTIFIER ::= {id-not 0}
id-not-searchServiceProblem OBJECT IDENTIFIER ::= {id-not 1}
id-not-serviceType OBJECT IDENTIFIER ::= {id-not 2}
id-not-attributeTypeList OBJECT IDENTIFIER ::= {id-not 3}
id-not-matchingRuleList OBJECT IDENTIFIER ::= {id-not 4}
id-not-filterItem OBJECT IDENTIFIER ::= {id-not 5}
id-not-attributeCombinations OBJECT IDENTIFIER ::= {id-not 6}
id-not-contextTypeList OBJECT IDENTIFIER ::= {id-not 7}
id-not-contextList OBJECT IDENTIFIER ::= {id-not 8}
id-not-contextCombinations OBJECT IDENTIFIER ::= {id-not 9}
id-not-hierarchySelectList OBJECT IDENTIFIER ::= {id-not 10}
id-not-searchControlOptionsList OBJECT IDENTIFIER ::= {id-not 11}
id-not-serviceControlOptionsList OBJECT IDENTIFIER ::= {id-not 12}
id-not-multipleMatchingLocalities OBJECT IDENTIFIER ::= {id-not 13}
id-not-proposedRelaxation OBJECT IDENTIFIER ::= {id-not 14}
id-not-appliedRelaxation OBJECT IDENTIFIER ::= {id-not 15}
id-not-pwdResponse OBJECT IDENTIFIER ::= {id-not 16}
id-not-ldapDiagnosticMsg OBJECT IDENTIFIER ::= {id-not 17}
-- Problem definitions
id-pr-targetDsaUnavailable OBJECT IDENTIFIER ::= {id-pr 1}
id-pr-dataSourceUnavailable OBJECT IDENTIFIER ::= {id-pr 2}
id-pr-unidentifiedOperation OBJECT IDENTIFIER ::= {id-pr 3}
id-pr-unavailableOperation OBJECT IDENTIFIER ::= {id-pr 4}
id-pr-searchAttributeViolation OBJECT IDENTIFIER ::= {id-pr 5}
id-pr-searchAttributeCombinationViolation OBJECT IDENTIFIER ::= {id-pr 6}
id-pr-searchValueNotAllowed OBJECT IDENTIFIER ::= {id-pr 7}
id-pr-missingSearchAttribute OBJECT IDENTIFIER ::= {id-pr 8}
id-pr-searchValueViolation OBJECT IDENTIFIER ::= {id-pr 9}
id-pr-attributeNegationViolation OBJECT IDENTIFIER ::= {id-pr 10}
id-pr-searchValueRequired OBJECT IDENTIFIER ::= {id-pr 11}
id-pr-invalidSearchValue OBJECT IDENTIFIER ::= {id-pr 12}
id-pr-searchContextViolation OBJECT IDENTIFIER ::= {id-pr 13}
id-pr-searchContextCombinationViolation OBJECT IDENTIFIER ::= {id-pr 14}
id-pr-missingSearchContext OBJECT IDENTIFIER ::= {id-pr 15}
id-pr-searchContextValueViolation OBJECT IDENTIFIER ::= {id-pr 16}
id-pr-searchContextValueRequired OBJECT IDENTIFIER ::= {id-pr 17}
id-pr-invalidContextSearchValue OBJECT IDENTIFIER ::= {id-pr 18}
id-pr-unsupportedMatchingRule OBJECT IDENTIFIER ::= {id-pr 19}
id-pr-attributeMatchingViolation OBJECT IDENTIFIER ::= {id-pr 20}
id-pr-unsupportedMatchingUse OBJECT IDENTIFIER ::= {id-pr 21}
id-pr-matchingUseViolation OBJECT IDENTIFIER ::= {id-pr 22}
id-pr-hierarchySelectForbidden OBJECT IDENTIFIER ::= {id-pr 23}
id-pr-invalidHierarchySelect OBJECT IDENTIFIER ::= {id-pr 24}
id-pr-unavailableHierarchySelect OBJECT IDENTIFIER ::= {id-pr 25}
id-pr-invalidSearchControlOptions OBJECT IDENTIFIER ::= {id-pr 26}
id-pr-invalidServiceControlOptions OBJECT IDENTIFIER ::= {id-pr 27}
id-pr-searchSubsetViolation OBJECT IDENTIFIER ::= {id-pr 28}
id-pr-unmatchedKeyAttributes OBJECT IDENTIFIER ::= {id-pr 29}
id-pr-ambiguousKeyAttributes OBJECT IDENTIFIER ::= {id-pr 30}
id-pr-unavailableRelaxationLevel OBJECT IDENTIFIER ::= {id-pr 31}
id-pr-emptyHierarchySelection OBJECT IDENTIFIER ::= {id-pr 32}
id-pr-administratorImposedLimit OBJECT IDENTIFIER ::= {id-pr 33}
id-pr-permanentRestriction OBJECT IDENTIFIER ::= {id-pr 34}
id-pr-temporaryRestriction OBJECT IDENTIFIER ::= {id-pr 35}
id-pr-relaxationNotSupported OBJECT IDENTIFIER ::= {id-pr 36}
id-coat-uid OBJECT IDENTIFIER ::= {id-coat 1}
id-coat-dc OBJECT IDENTIFIER ::= {id-coat 25}
-- Matching rules
-- id-mr-objectIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 0} X.501|Part2
-- id-mr-distinguishedNameMatch OBJECT IDENTIFIER ::= {id-mr 1} X.501|Part2
id-mr-caseIgnoreMatch OBJECT IDENTIFIER ::= {id-mr 2}
id-mr-caseIgnoreOrderingMatch OBJECT IDENTIFIER ::= {id-mr 3}
id-mr-caseIgnoreSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 4}
id-mr-caseExactMatch OBJECT IDENTIFIER ::= {id-mr 5}
id-mr-caseExactOrderingMatch OBJECT IDENTIFIER ::= {id-mr 6}
id-mr-caseExactSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 7}
id-mr-numericStringMatch OBJECT IDENTIFIER ::= {id-mr 8}
id-mr-numericStringOrderingMatch OBJECT IDENTIFIER ::= {id-mr 9}
id-mr-numericStringSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 10}
id-mr-caseIgnoreListMatch OBJECT IDENTIFIER ::= {id-mr 11}
id-mr-caseIgnoreListSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 12}
id-mr-booleanMatch OBJECT IDENTIFIER ::= {id-mr 13}
id-mr-integerMatch OBJECT IDENTIFIER ::= {id-mr 14}
id-mr-integerOrderingMatch OBJECT IDENTIFIER ::= {id-mr 15}
id-mr-bitStringMatch OBJECT IDENTIFIER ::= {id-mr 16}
id-mr-octetStringMatch OBJECT IDENTIFIER ::= {id-mr 17}
id-mr-octetStringOrderingMatch OBJECT IDENTIFIER ::= {id-mr 18}
id-mr-octetStringSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 19}
id-mr-telephoneNumberMatch OBJECT IDENTIFIER ::= {id-mr 20}
id-mr-telephoneNumberSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 21}
id-mr-presentationAddressMatch OBJECT IDENTIFIER ::= {id-mr 22}
id-mr-uniqueMemberMatch OBJECT IDENTIFIER ::= {id-mr 23}
id-mr-protocolInformationMatch OBJECT IDENTIFIER ::= {id-mr 24}
id-mr-uTCTimeMatch OBJECT IDENTIFIER ::= {id-mr 25}
id-mr-uTCTimeOrderingMatch OBJECT IDENTIFIER ::= {id-mr 26}
id-mr-generalizedTimeMatch OBJECT IDENTIFIER ::= {id-mr 27}
id-mr-generalizedTimeOrderingMatch OBJECT IDENTIFIER ::= {id-mr 28}
id-mr-integerFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 29}
id-mr-objectIdentifierFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 30}
id-mr-directoryStringFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 31}
id-mr-wordMatch OBJECT IDENTIFIER ::= {id-mr 32}
id-mr-keywordMatch OBJECT IDENTIFIER ::= {id-mr 33}
-- id-mr-certificateExactMatch OBJECT IDENTIFIER ::= {id-mr 34} X.509|Part8
-- id-mr-certificateMatch OBJECT IDENTIFIER ::= {id-mr 35} X.509|Part8
-- id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= {id-mr 36} X.509|Part8
-- id-mr-certificatePairMatch OBJECT IDENTIFIER ::= {id-mr 37} X.509|Part8
-- id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= {id-mr 38} X.509|Part8
-- id-mr-certificateListMatch OBJECT IDENTIFIER ::= {id-mr 39} X.509|Part8
-- id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 40} X.509|Part8
id-mr-storedPrefixMatch OBJECT IDENTIFIER ::= {id-mr 41}
-- id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::= {id-mr 42} X.509|Part8
-- id-mr-readerAndKeyIDMatch OBJECT IDENTIFIER ::= {id-mr 43}
-- id-mr-attributeIntegrityMatch OBJECT IDENTIFIER ::= {id-mr 44}
-- id-mr-attributeCertificateExactMatch OBJECT IDENTIFIER ::= {id-mr 45} X.509|Part8
-- id-mr-holderIssuerMatch OBJECT IDENTIFIER ::= {id-mr 46} X.509|Part8
id-mr-systemProposedMatch OBJECT IDENTIFIER ::= {id-mr 47}
id-mr-generalWordMatch OBJECT IDENTIFIER ::= {id-mr 48}
id-mr-approximateStringMatch OBJECT IDENTIFIER ::= {id-mr 49}
id-mr-ignoreIfAbsentMatch OBJECT IDENTIFIER ::= {id-mr 50}
id-mr-nullMatch OBJECT IDENTIFIER ::= {id-mr 51}
id-mr-zonalMatch OBJECT IDENTIFIER ::= {id-mr 52}
-- id-mr-authAttIdMatch OBJECT IDENTIFIER ::= {id-mr 53} X.509|Part8
-- id-mr-roleSpecCertIdMatch OBJECT IDENTIFIER ::= {id-mr 54} X.509|Part8
-- id-mr-basicAttConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 55} X.509|Part8
-- id-mr-delegatedNameConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 56} X.509|Part8
-- id-mr-timeSpecMatch OBJECT IDENTIFIER ::= {id-mr 57} X.509|Part8
-- id-mr-attDescriptorMatch OBJECT IDENTIFIER ::= {id-mr 58} X.509|Part8
-- id-mr-acceptableCertPoliciesMatch OBJECT IDENTIFIER ::= {id-mr 59} X.509|Part8
-- id-mr-policyMatch OBJECT IDENTIFIER ::= {id-mr 60} X.509|Part8
-- id-mr-delegationPathMatch OBJECT IDENTIFIER ::= {id-mr 61} X.509|Part8
-- id-mr-pkiPathMatch OBJECT IDENTIFIER ::= {id-mr 62} X.509|Part8
id-mr-facsimileNumberMatch OBJECT IDENTIFIER ::= {id-mr 63}
id-mr-facsimileNumberSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 64}
-- id-mr-enhancedCertificateMatch OBJECT IDENTIFIER ::= {id-mr 65} X.509|Part8
-- id-mr-sOAIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 66} X.509|Part8
-- id-mr-extensionPresenceMatch OBJECT IDENTIFIER ::= {id-mr 67} X.509|Part8
id-mr-uuidpairmatch OBJECT IDENTIFIER ::= {id-mr 68}
-- id-mr-dualStringMatch OBJECT IDENTIFIER ::= {id-mr 69} X.509|Part8
id-mr-uriMatch OBJECT IDENTIFIER ::= {id-mr 70}
-- id-mr-userPwdMatch OBJECT IDENTIFIER ::= {id-mr 71} Annex B
-- id-mr-pwdEncAlgMatch OBJECT IDENTIFIER ::= {id-mr 72} Annex B
-- id-mr-userPwdHistoryMatch OBJECT IDENTIFIER ::= {id-mr 73} Annex B
id-mr-dnsNameMatch OBJECT IDENTIFIER ::= {id-mr 74}
-- LDAP defined matching rules
id-lmr-caseExactIA5Match OBJECT IDENTIFIER ::= {id-lmr 1}
id-lmr-caseIgnoreIA5Match OBJECT IDENTIFIER ::= {id-lmr 2}
id-lmr-caseIgnoreIA5SubstringsMatch OBJECT IDENTIFIER ::= {id-lmr 3}
-- contexts
id-avc-language OBJECT IDENTIFIER ::= {id-avc 0}
id-avc-temporal OBJECT IDENTIFIER ::= {id-avc 1}
id-avc-locale OBJECT IDENTIFIER ::= {id-avc 2}
-- id-avc-attributeValueSecurityLabelContext
-- OBJECT IDENTIFIER ::= {id-avc 3}
-- id-avc-attributeValueIntegrityInfoContext
-- OBJECT IDENTIFIER ::= {id-avc 4}
id-avc-ldapAttributeOption OBJECT IDENTIFIER ::= {id-avc 5}
END -- SelectedAttributeTypes
Reference in New Issue View Git Blame Copy Permalink