INTERNET-DRAFT Kathy Dally Informational Draft The MITRE Corp. Expires 22 March 2001 22 September 2000 ACP 133 Common Content and LDAP <draft-dally-acp133-and-ldap-01.txt> STATUS OF THIS MEMO This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC 2026 except that the right to produce derivative works is not granted. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. ABSTRACT In Allied Communications Publication (ACP) 133 [1], an X.500 directory user schema, called Common Content, is specified for the Allied Directory. In order to enable Lightweight Directory Access Protocol (LDAP) access to the Allied Directory and to enable the general use by others of elements from the Common Content, this document specifies the encoding of the Common Content using the LDAP notation from Request for Comments (RFC) 2252 [2]. DALLY Expires 22 March 2001 [Page 1]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 TABLE OF CONTENTS STATUS OF THIS MEMO....................................................1 ABSTRACT...............................................................1 TABLE OF CONTENTS......................................................2 1. INTRODUCTION.......................................................8 1.1 Background........................................................8 1.2 Purpose...........................................................8 2. OBJECT CLASSES.....................................................9 2.1 aCPNetworkEdB Object Class........................................9 2.2 aCPNetworkInstructionsEdB Object Class............................9 2.3 addressList Object Class..........................................9 2.4 aliasCommonName Object Class.....................................10 2.5 aliasOrganizationalUnit Object Class.............................10 2.6 altSpellingACP127 Object Class...................................10 2.7 cadACP127 Object Class...........................................11 2.8 distributionCodeDescription Object Class.........................11 2.9 distributionCodesHandled Object Class............................11 2.10 dSSCSPLA Object Class............................................11 2.11 messagingGateway Object Class....................................12 2.12 mhs-distribution-list Object Class...............................12 2.13 mhs-message-store Object Class...................................13 2.14 mhs-message-transfer-agent Object Class..........................13 2.15 mhs-user Object Class............................................14 2.16 mhs-user-agent Object Class......................................14 2.17 mLA Object Class.................................................14 2.18 mLAgent Object Class.............................................15 2.19 orgACP127 Object Class...........................................15 2.20 otherContactInformation Object Class.............................16 2.21 pkiCA Object Class...............................................16 2.22 pkiUser Object Class.............................................16 2.23 plaACP127 Object Class...........................................16 2.24 plaCollectiveACP127 Object Class.................................17 2.25 plaData Object Class.............................................17 2.26 plaUser Object Class.............................................17 2.27 releaseAuthorityPerson Object Class..............................18 2.28 releaseAuthorityPersonA Object Class.............................18 2.29 routingIndicator Object Class....................................18 2.30 secure-user Object Class.........................................18 2.31 securePkiUser Object Class.......................................19 2.32 sigintPLA Object Class...........................................19 2.33 sIPLA Object Class...............................................19 2.34 spotPLA Object Class.............................................20 2.35 taskForceACP127 Object Class.....................................20 2.36 tenantACP127 Object Class........................................20 2.37 ukms Object Class................................................21 3. ATTRIBUTE TYPES...................................................22 3.1 accessCodes Attribute............................................22 3.2 accountingCode Attribute.........................................22 3.3 aCPLegacyFormat Attribute........................................22 3.4 aCPMobileTelephoneNumber Attribute...............................22 3.5 aCPNetwAccessSchemaEdB Attribute.................................22 DALLY Expires 22 March 2001 [Page 2]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.6 aCPNetworkSchemaEdB Attribute....................................23 3.7 aCPPagerTelephoneNumber Attribute................................23 3.8 aCPPreferredDelivery Attribute...................................23 3.9 aCPTelephoneFaxNumber............................................23 3.10 actionAddressees Attribute.......................................24 3.11 additionalAddressees Attribute...................................25 3.12 additionalSecondPartyAddressees Attribute........................25 3.13 adminConversion Attribute........................................25 3.14 administrator Attribute..........................................25 3.15 aigsExpanded Attribute...........................................25 3.16 aLExemptedAddressProcessor Attribute.............................26 3.17 aliasPointer Attribute...........................................26 3.18 alid Attribute...................................................26 3.19 allowableOriginators Attribute...................................26 3.20 aLReceiptPolicy Attribute........................................26 3.21 alternateRecipient Attribute.....................................27 3.22 aLType Attribute.................................................27 3.23 aprUKMs Attribute................................................27 3.24 associatedAL Attribute...........................................27 3.25 associatedOrganization Attribute.................................27 3.26 associatedPLA Attribute..........................................28 3.27 augUKMs Attribute................................................28 3.28 buildingName Attribute...........................................28 3.29 cognizantAuthority Attribute.....................................28 3.30 collective-mhs-or-addresses Attribute............................29 3.31 collectiveMilitaryFacsimileNumber Attribute......................29 3.32 collectiveMilitaryTelephoneNumber Attribute......................29 3.33 collectiveNationality Attribute..................................29 3.34 collectiveSecureFacsimileNumber Attribute........................29 3.35 collectiveSecureTelephoneNumber Attribute........................29 3.36 community Attribute..............................................29 3.37 copyMember.......................................................30 3.38 decUKMs Attribute................................................30 3.39 deployed Attribute...............................................30 3.40 distributionCodeAction Attribute.................................30 3.41 distributionCodeInfo Attribute...................................31 3.42 dualRoute Attribute..............................................31 3.43 effectiveDate Attribute..........................................31 3.44 entryClassification Attribute....................................31 3.45 expirationDate Attribute.........................................31 3.46 febUKMs Attribute................................................32 3.47 garrison Attribute...............................................32 3.48 gatewayType Attribute............................................32 3.49 ghpType Attribute................................................32 3.50 guard Attribute..................................................33 3.51 host Attribute...................................................33 3.52 hostOrgACP127 Attribute..........................................33 3.53 infoAddressees Attribute.........................................33 3.54 janUKMs Attribute................................................33 3.55 julUKMs Attribute................................................34 3.56 junUKMs Attribute................................................34 3.57 lastRecapDate Attribute..........................................34 DALLY Expires 22 March 2001 [Page 3]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.58 listPointer Attribute............................................34 3.59 lmf Attribute....................................................34 3.60 longTitle Attribute..............................................35 3.61 mailDomains Attribute............................................35 3.62 marUKMs Attribute................................................35 3.63 mayUKMs Attribute................................................35 3.64 mhs-acceptable-eits Attribute....................................36 3.65 mhs-deliverable-classes Attribute................................36 3.66 mhs-deliverable-content-types Attribute..........................36 3.67 mhs-dl-archive-service Attribute.................................36 3.68 mhs-dl-members Attribute.........................................36 3.69 mhs-dl-policy Attribute..........................................37 3.70 mhs-dl-related-lists Attribute...................................37 3.71 mhs-dl-submit-permissions Attribute..............................37 3.72 mhs-dl-subscription-service Attribute............................37 3.73 mhs-exclusively-acceptable-eits Attribute........................37 3.74 mhs-maximum-content-length Attribute.............................38 3.75 mhs-message-store-dn Attribute...................................38 3.76 mhs-or-addresses Attribute.......................................38 3.77 mhs-or-addresses-with-capabilities Attribute.....................38 3.78 mhs-supported-attributes Attribute...............................39 3.79 mhs-supported-automatic-actions Attribute........................39 3.80 mhs-supported-content-types Attribute............................39 3.81 mhs-supported-matching-rules Attribute...........................40 3.82 mhs-unacceptable-eits Attribute..................................40 3.83 militaryFacsimileNumber Attribute................................40 3.84 militaryTelephoneNumber Attribute................................40 3.85 minimize Attribute...............................................41 3.86 minimizeOverride Attribute.......................................41 3.87 nameClassification Attribute.....................................41 3.88 nationality Attribute............................................41 3.89 networkDN Attribute..............................................41 3.90 novUKMs Attribute................................................42 3.91 octUKMs Attribute................................................42 3.92 onSupported Attribute............................................42 3.93 operationName Attribute..........................................42 3.94 plaAddressees Attribute..........................................43 3.95 plaNameACP127 Attribute..........................................43 3.96 plaReplace Attribute.............................................43 3.97 plasServed Attribute.............................................43 3.98 positionNumber Attribute.........................................44 3.99 primarySpellingACP127 Attribute..................................44 3.100 proprietaryMailboxes Attribute..................................44 3.101 publish Attribute...............................................44 3.102 rank Attribute..................................................44 3.103 recapDueDate Attribute..........................................45 3.104 releaseAuthorityName Attribute..................................45 3.105 remarks Attribute...............................................45 3.106 rfc822Mailbox Attribute.........................................45 3.107 rI Attribute....................................................45 3.108 rIClassification Attribute......................................46 3.109 rIInfo Attribute................................................46 DALLY Expires 22 March 2001 [Page 4]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.110 roomNumber Attribute............................................46 3.111 secondPartyAddressees Attribute.................................46 3.112 section Attribute...............................................47 3.113 secureFacsimileNumber Attribute.................................47 3.114 secureTelephoneNumber Attribute.................................47 3.115 sepUKMs Attribute...............................................47 3.116 serviceNumber Attribute.........................................47 3.117 serviceOrAgency Attribute.......................................48 3.118 sHD Attribute...................................................48 3.119 shortTitle Attribute............................................48 3.120 sigad Attribute.................................................48 3.121 spot Attribute..................................................49 3.122 tARE Attribute..................................................49 3.123 tCC Attribute...................................................49 3.124 tCCG Attribute..................................................49 3.125 transferStation Attribute.......................................49 3.126 tRC Attribute...................................................50 3.127 usdConversion Attribute.........................................50 4. NAME FORMS........................................................51 4.1 aCPNetworkEdBNameForm............................................51 4.2 aCPNetworkInstrEdBNameForm.......................................51 4.3 addressListNameForm..............................................51 4.4 aENameForm.......................................................51 4.5 aliasCNNameForm..................................................51 4.6 aliasOUNameForm..................................................51 4.7 applProcessNameForm..............................................51 4.8 alternateSpellingPLANameForm.....................................51 4.9 cadPLANameForm...................................................52 4.10 cRLDistPtNameForm................................................52 4.11 countryNameForm..................................................52 4.12 deviceNameForm...................................................52 4.13 distributionCodeDescriptionNameForm..............................52 4.14 dSANameForm......................................................52 4.15 dSSCSPLANameForm.................................................52 4.16 gONNameForm......................................................52 4.17 locNameForm......................................................53 4.18 messagingGatewayNameForm.........................................53 4.19 mhs-dLNameForm...................................................53 4.20 mLANameForm......................................................53 4.21 mLAgentNameForm..................................................53 4.22 mSNameForm.......................................................53 4.23 mTANameForm......................................................53 4.24 mUANameForm......................................................53 4.25 organizationalPLANameForm........................................54 4.26 organizationNameForm.............................................54 4.27 orgRNameForm.....................................................54 4.28 orgUNameForm.....................................................54 4.29 plaCollectiveNameForm............................................54 4.30 qualifiedOrgPersonNameForm.......................................54 4.31 releaseAuthorityPersonNameForm...................................54 4.32 releaseAuthorityPersonANameForm..................................54 4.33 routingIndicatorNameForm.........................................55 DALLY Expires 22 March 2001 [Page 5]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 4.34 sigintNameForm...................................................55 4.35 sIPLANameForm....................................................55 4.36 sOPNameForm......................................................55 4.37 spotPLANameForm..................................................55 4.38 taskForcePLANameForm.............................................55 4.39 tenantPLANameForm................................................55 5. MATCHING RULES....................................................56 5.1 addressCapabilitiesMatch Matching Rule...........................56 5.2 capabilityMatch Matching Rule....................................56 5.3 oRAddressMatch Matching Rule.....................................56 5.4 oRNameExactMatch Matching Rule...................................56 5.5 caseIgnoreListSubstringsMatch Matching Rule......................56 5.6 booleanMatch Matching Rule.......................................56 6. ATTRIBUTE SYNTAXES................................................57 6.1 aCPLegacyFormat Attribute Syntax.................................57 6.2 aCPPreferredDelivery Attribute Syntax for the aCPPreferredDelivery Attribute...................................57 6.3 aCPTelephoneFaxNumber Attribute Syntax...........................57 6.4 AddressCapabilities Attribute Syntax from X.402..................58 6.5 addressees Attribute Syntax......................................58 6.6 addressListType Attribute Syntax for the aLType Attribute........58 6.7 Capability Attribute Syntax from X.402...........................59 6.8 Classification Attribute Syntax..................................59 6.9 Community Abstract Syntax for the community Attribute............60 6.10 DLPolicy Attribute Syntax from X.402.............................60 6.11 DLSubmitPermission Attribute Syntax from X.402...................62 6.12 MLReceiptPolicy Attribute Syntax.................................62 6.13 ORName Attribute Syntax from X.411...............................63 6.14 otherNotificationsSupported Abstract Syntax for the onSupported Attribute............................................63 6.15 Remarks Attribute Syntax.........................................63 6.16 RIParameters Attribute Syntax....................................64 7. EXAMPLE CONTENT RULES.............................................65 7.1 aCPApplicationEntityRuleEdA Content Rule.........................65 7.2 aCPCRLDistributionPointRule Content Rule.........................65 7.3 aCPDeviceRuleEdA Content Rule....................................65 7.4 aCPDSARuleEdA Content Rule.......................................65 7.5 aCPGroupOfNamesRule Content Rule.................................65 7.6 aCPLocalityRule Content Rule.....................................66 7.7 aCPMhs-distribution-listRule Content Rule........................66 7.8 aCPMhs-message-storeRuleEdA Content Rule.........................66 7.9 aCPMhs-message-transfer-agentRuleEdA Content Rule................66 7.10 aCPMhs-user-agentRule Content Rule...............................66 7.11 aCPOrganizationalPersonRuleEdB Content Rule......................66 7.12 aCPOrganizationalRoleRuleEdB Content Rule........................67 7.13 aCPOrganizationalUnitRuleEdB Content Rule........................67 7.14 aCPOrganizationRuleEdB Content Rule..............................68 7.15 aCPRoutingIndicatorEdB Content Rule..............................68 7.16 addressListRuleEdA Content Rule..................................68 7.17 aliasCommonNameRule Content Rule.................................69 7.18 aliasOrganizationalUnitRule Content Rule.........................69 7.19 distributionCodeDescriptionRule Content Rule.....................69 DALLY Expires 22 March 2001 [Page 6]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 7.20 messagingGatewayRuleEdA Content Rule.............................69 7.21 mLAgentRule Content Rule.........................................69 7.22 networkEdBRule Content Rule......................................69 7.23 networkInstructionsRuleEdB Content Rule..........................70 7.24 rAPersonRuleEdA Content Rule.....................................70 7.25 sigintPLARule Content Rule.......................................70 7.26 spotPLARule Content Rule.........................................70 8. STRUCTURE RULES...................................................71 9. SECURITY CONSIDERATIONS...........................................71 10. REFERENCES........................................................72 11. ABBREVIATIONS.....................................................74 12. ACKNOWLEDGEMENTS..................................................76 13. AUTHOR'S ADDRESS..................................................76 DALLY Expires 22 March 2001 [Page 7]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 1. INTRODUCTION 1.1 Background ACP 133(B) [1] is the specification, developed by the Combined Communications-Electronics Board (CCEB), of the X.500-based Allied Directory. One of the things specified in ACP 133(B) [1] is the directory user schema, which is called Common Content. In the Common Content are directory elements that support several communications applications including electronic mail (e-mail), Message Handling Systems (MHS), and telephony. The CCEB is a five nation joint military communications-electronics organization whose mission is the coordination of any military communications information systems matters among the members. The Member Nations of the CCEB are Australia, Canada, New Zealand, the United Kingdom, and the United States. ACP 133(B) [1] specifies access to the Allied Directory using the X.500 Directory Access Protocol (DAP). Also, within the CCEB, guidelines have been developed for the use of the Internet LDAP. 1.2 Purpose This document is meant to be informational. Its purpose is to record an LDAP encoding of the Common Content, so that: * elements from the Common Content can be applied generally to applications and environments other than the Allied Directory. For example, the name forms for components of X.400 MHS could be used in any X.400/X.500 system. Likewise, the addressList object class could be used in cases where lists of recipients are processed differently than X.400 distribution lists. * use of LDAP to access the Allied Directory is enabled Since the Common Content is based on X.500, this document refers to RFC 2252 [2] and RFC 2256 [3] for the X.500 schema elements (e.g., localityName attribute, country object class). The contents of this document are the specifications of all of the rest of the schema elements in the Common Content (e.g., mLAgentNameForm name form, otherContactInformation object class). For descriptions and procedures regarding the Common Content schema elements, consult ACP 133(B) [1]. DALLY Expires 22 March 2001 [Page 8]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 2. OBJECT CLASSES 2.1 aCPNetworkEdB Object Class The aCPNetworkEdB structural object class is used to define directory entries representing interconnected communications networks. A Network EdB entry can have subordinate entries that define the access and instructions for reaching other networks. ( 2.16.840.1.101.2.2.3.68 NAME 'aCPNetworkEdB' SUP 2.5.6.0 ; top MUST 2.5.4.3 ; cn MAY ( 2.5.4.13 $ ; description 2.16.840.1.101.2.2.1.147 $ ; aCPNetworkSchemaEdB 2.16.840.1.101.2.2.1.124 $ ; operationName 2.5.4.34 ) ) ; seeAlso 2.2 aCPNetworkInstructionsEdB Object Class The aCPNetworkInstructionsEdB structural object class is used to define a directory entry that provides the description of how to reach the subject network from another network. ( 2.16.840.1.101.2.2.3.69 NAME 'aCPNetworkInstructionsEdB' SUP 2.5.6.0 ; top MUST 2.5.4.3 ; cn MAY ( 2.16.840.1.101.2.2.1.106 $ ; accessCodes 2.16.840.1.101.2.2.1.146 $ ; aCPNetwAccessSchemaEdB 2.5.4.13 $ ; description 2.16.840.1.101.2.2.1.121 ) ) ; networkDN 2.3 addressList Object Class The addressList (aL) object class is used to define directory entries that represent address lists, in particular, the members of the list. The sender of a message uses the address list name to send to all of the members in the list. The replacement of the address list name by the members of the list is performed by the sending User Agent (UA) or a Mailing List Agent (MLA), instead of the Message Transfer System (MTS). ( 2.16.840.1.101.2.2.3.57 NAME 'addressList' SUP 2.5.6.0 ; top MUST ( 2.5.4.3 $ ; cn 2.6.5.2.4 ) ; mhs-dl-submit-permissions MAY ( 2.16.840.1.101.2.1.5.47 $ ; aLExemptedAddressProcessor 2.16.840.1.101.2.1.5.14 $ ; alid 2.16.840.1.101.2.2.1.135 $ ; aLReceiptPolicy 2.16.840.1.101.2.2.1.112 $ ; aLType 2.5.4.15 $ ; businessCategory 2.16.840.1.101.2.2.1.114 $ ; copyMember 2.5.4.13 $ ; description 2.5.4.31 $ ; member DALLY Expires 22 March 2001 [Page 9]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 2.6.5.2.12 $ ; mhs-dl-archive-service 2.6.5.2.13 $ ; mhs-dl-policy 2.6.5.2.14 $ ; mhs-dl-related-lists 2.6.5.2.15 $ ; mhs-dl-subscription-service 2.5.4.11 $ ; ou 2.5.4.10 $ ; o 2.5.4.32 $ ; owner 2.16.840.1.101.2.2.1.76 $ ; remarks 2.5.4.34 ) ) ; seeAlso 2.4 aliasCommonName Object Class The aliasCommonName object class is a subclass of alias where an alias entry is named by commonName. It is useful when different attributes are used for the Relative Distinguished Names (RDNs) of aliases to different types of entries (e.g., commonName as alias to a person entry and organizationalUnitName as alias to a corporate department entry). See the aliasOrganizationalUnit object class. ( 2.16.840.1.101.2.2.3.52 NAME 'aliasCommonName' SUP 2.5.6.1 ; alias MUST 2.5.4.3 ) ; cn 2.5 aliasOrganizationalUnit Object Class The aliasOrganizationalUnit object class is a subclass of alias where an alias entry is named by organizationalUnitName. It is useful when different attributes are used for the RDNs of aliases to different types of entries. See the aliasCommonName object class definition and example. ( 2.16.840.1.101.2.2.3.53 NAME 'aliasOrganizationalUnit' SUP 2.5.6.1 ; alias MUST 2.5.4.11 ) ; ou 2.6 altSpellingACP127 Object Class The altSpellingACP127 object class is used to represent a Plain Language Address (PLA) that is an alternative spelling of another PLA. An object from this class always contains a reference to the PLA for which it provides the alternative spelling. This object class is a subclass of the plaACP127 auxiliary object class. ( 2.16.840.1.101.2.2.3.58 NAME 'altSpellingACP127' SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 MUST ( 2.16.840.1.101.2.2.1.72 $ ; plaReplace 2.16.840.1.101.2.2.1.73 ) ) ; primarySpellingACP127 DALLY Expires 22 March 2001 [Page 10]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 2.7 cadACP127 Object Class The cadACP127 (Collective Address Designator) object class is used to represent an ACP 127/JANAP 128 (Joint Army, Navy, Air Force Procedure) [4]/[5] distribution list. It is a subclass of the plaACP127 auxiliary object class. ( 2.16.840.1.101.2.2.3.28 NAME 'cadACP127' SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 MUST 2.16.840.1.101.2.2.1.51 ; cognizantAuthority MAY ( 2.16.840.1.101.2.2.1.113 $ ; associatedAL 2.16.840.1.101.2.2.1.56 $ ; entryClassification 2.16.840.1.101.2.2.1.75 $ ; recapDueDate 2.16.840.1.101.2.2.1.79 ) ) ; rIInfo 2.8 distributionCodeDescription Object Class The distributionCodeDescription object class is used to define a directory entry that represents a registered Distribution Code in the directory and describes its meaning. See ACP 123 [6] for specification of distribution codes. The distribution code is held in the commonName attribute. ( 2.16.840.1.101.2.2.3.55 NAME 'distributionCodeDescription' SUP 2.5.6.0 ; top MUST 2.5.4.3 ; cn MAY 2.5.4.13 ) ; description 2.9 distributionCodesHandled Object Class The distributionCodesHandled object class provides for identifying the distribution codes (e.g., Subject Indicator Codes (SIC) as defined in NATO Subject Indicator System (NASIS) - publication 3 (NATO APP-3) [7] and supplements) which are handled, either for action or information, by the object (e.g., organizational role, organizational person, or organizational unit) represented by the directory entry in which this auxiliary is included. ( 2.16.840.1.101.2.2.3.54 NAME 'distributionCodesHandled' SUP 2.5.6.0 ; top AUXILIARY MAY ( 2.16.840.1.101.2.2.1.104 $ ; distributionCodeAction 2.16.840.1.101.2.2.1.105 ) ) ; distributionCodeInfo 2.10 dSSCSPLA Object Class The dSSCSPLA object class is used to represent an Intelligence Community (IC) Plain Language Address (PLA) organization that, in the directory, is named using the plaNameACP127 attribute. DALLY Expires 22 March 2001 [Page 11]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 ( 2.16.840.1.101.2.2.3.67 NAME 'dSSCSPLA' SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 MUST ( 2.16.840.1.101.2.2.1.77 ; rI ) MAY ( 2.16.840.1.101.2.2.1.143 $ ; adminConversion 2.16.840.1.101.2.2.1.4 $ ; associatedOrganization 2.5.4.7 $ ; localityName 2.16.840.1.101.2.2.1.85 $ ; sigad 2.16.840.1.101.2.2.1.145 ) ) ; usdConversion 2.11 messagingGateway Object Class The messagingGateway object class is used to store information about an application entity which serves as an application layer gateway between two mail systems. When a gateway performs translation services, a messagingGateway object provides a mechanism to address these translation services directly. ( 2.16.840.1.101.2.2.3.59 NAME 'messagingGateway' SUP 2.6.5.1.2 ; mhs-message-transfer-agent MAY ( 2.16.840.1.101.2.2.1.110 $ ; administrator 2.16.840.1.101.2.2.1.111 $ ; aigsExpanded 2.16.840.1.101.2.2.1.115 $ ; gatewayType 2.16.840.1.101.2.2.1.116 $ ; ghpType 0.9.2342.19200300.100.1.9 $ ; host 2.16.840.1.101.2.2.1.118 $ ; mailDomains 2.6.5.2.17 $ ; mhs-acceptable-eits 2.6.5.2.1 $ ; mhs-deliverable-content-types 2.6.5.2.2 $ ; mhs-exclusively-acceptable-eits 2.6.5.2.5 $ ; mhs-message-store-dn 2.6.5.2.6 $ ; mhs-or-addresses 2.6.5.2.16 $ ; mhs-or-addresses-with-capabilities 2.6.5.2.18 $ ; mhs-unacceptable-eits 2.16.840.1.101.2.2.1.123 $ ; onSupported 2.16.840.1.101.2.2.1.70 $ ; plaNameACP127 2.16.840.1.101.2.2.1.79 ) ) ; rIInfo 2.12 mhs-distribution-list Object Class The mhs-distribution-list object class is used to define a directory entry that represents a distribution list (DL), that is, an address list that is expanded by the MTS. The attributes in the entry identify the distribution list name, submit permissions, and OR-addresses and, to the extent that the relevant attributes are present, describe the DL, identify its organization, organizational units, and owner; cite related objects; identify its maximum content length, deliverable content types, and acceptable, exclusively acceptable, and unacceptable encoded information types (EITs); and identify its expansion policy, subscription addresses, archive addresses, related lists, and members. DALLY Expires 22 March 2001 [Page 12]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 ( 2.6.5.1.0 NAME 'mhs-distribution-list' SUP 2.5.6.0 ; top MUST ( 2.5.4.3 $ ; cn 2.6.5.2.4 $ ; mhs-dl-submit-permissions 2.6.5.2.6 ) ; mhs-or-addresses MAY ( 2.5.4.13 $ ; description 2.5.4.10 $ ; o 2.5.4.11 $ ; ou 2.5.4.32 $ ; owner 2.5.4.34 $ ; seeAlso 2.6.5.2.0 $ ; mhs-maximum-content-length 2.6.5.2.1 $ ; mhs-deliverable-content-types 2.6.5.2.17 $ ; mhs-acceptable-eits 2.6.5.2.2 $ ; mhs-exclusively-acceptable-eits 2.6.5.2.18 $ ; mhs-unacceptable-eits 2.6.5.2.13 $ ; mhs-dl-policy 2.6.5.2.15 $ ; mhs-dl-subscription-service 2.6.5.2.12 $ ; mhs-dl-archive-service 2.6.5.2.14 $ ; mhs-dl-related-lists 2.6.5.2.3 ) ) ; mhs-dl-members 2.13 mhs-message-store Object Class The mhs-message-store object class is used to define directory entries that represent application entities that implement the MHS Message Store (MS) functionality. The attributes in an entry, to the extent that they are present, describe the MS, identify its owner, and enumerate the attributes, automatic actions, matching rules, content types, and network protocols the MS supports. ( 2.6.5.1.1 NAME 'mhs-message-store' SUP 2.5.6.12 ; applicationEntity MAY (2.5.4.32 $ ; owner $ 2.6.5.2.10 $ ; mhs-supported-attributes $ 2.6.5.2.8 $ ; mhs-supported-automatic-actions $ 2.6.5.2.11 $ ; mhs-supported-matching-rules $ 2.6.5.2.9 $ ; mhs-supported-content-types $ 2.5.4.48 ) ) ; protocolInformation 2.14 mhs-message-transfer-agent Object Class The mhs-message-transfer-agent object class is used to define directory entries that represent application entities that implement the MHS Message Transfer Agent (MTA) functionality. The attributes in an entry, to the extent that they are present, describe the MTA and identify its owner, the maximum content length it can handle, and its supported network protocols. ( 2.6.5.1.2 NAME 'mhs-message-transfer-agent' SUP 2.5.6.12 ; applicationEntity MAY ( 2.5.4.32 $ ; owner 2.6.5.2.0 $ ; mhs-maximum-content-length 2.5.4.48 ) ) ; protocolInformation DALLY Expires 22 March 2001 [Page 13]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 2.15 mhs-user Object Class The mhs-user object class is used in defining directory entries representing MHS users. The attributes in an entry identify the MHS user's OR-address and, to the extent that the relevant attributes are present, identify the maximum content length, content types, and EITs that can be handled by the user; its MS; and its preferred delivery methods. ( 2.6.5.1.3 NAME 'mhs-user' SUP 2.5.6.0 ; top AUXILIARY MUST 2.6.5.2.6 ; mhs-or-addresses MAY ( 2.6.5.2.0 $ ; mhs-maximum-content-length 2.6.5.2.1 $ ; mhs-deliverable-content-types 2.6.5.2.17 $ ; mhs-acceptable-eits 2.6.5.2.2 $ ; mhs-exclusively-acceptable-eits 2.6.5.2.18 $ ; mhs-unacceptable-eits 2.6.5.2.16 $ ; mhs-or-addresses-with-capabilities 2.6.5.2.5 ) ) ; mhs-message-store-dn 2.16 mhs-user-agent Object Class The mhs-message-transfer-agent object class is used to define directory entries that represent application entities that implement the MHS MTA functionality. The attributes in an entry, to the extent that they are present, describe the MTA and identify its owner, the maximum content length it can handle, and its supported network protocols. ( 2.6.5.1.4 NAME 'mhs-user-agent' SUP 2.5.6.12 ; applicationEntity MAY ( 2.5.4.32 $ ; owner 2.6.5.2.0 $ ; mhs-maximum-content-length 2.6.5.2.1 $ ; mhs-deliverable-content-types 2.6.5.2.17 $ ; mhs-acceptable-eits 2.6.5.2.2 $ ; mhs-exclusively-acceptable-eits 2.6.5.2.18 $ ; mhs-unacceptable-eits 2.6.5.2.19 $ ; mhs-deliverable-classes 2.6.5.2.6 $ ; mhs-or-addresses 2.5.4.48 ) ) ; protocolInformation 2.17 mLA Object Class The mLA object class is used to represent an application entity that performs the functions of a Mail List Agent (MLA). This object class is a subclass of applicationEntity and strong-authentication-user. Note that this object class may become obsolete, depending on the resolution of Certificate Management Infrastructure (CMI) issues. DALLY Expires 22 March 2001 [Page 14]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 ( 2.16.840.1.101.2.2.3.31 NAME 'mLA' SUP ( 2.5.6.12 $ ; applicationEntity 2.5.6.15 ) ; strongAuthenticationUser MAY 2.5.4.52 ) ; supportedAlgorithms 2.18 mLAgent Object Class The mLAgent object class is used to represent an application entity that performs the functions of a MLA. This object class is a subclass of applicationEntity and pkiUser. ( 2.16.840.1.101.2.2.3.64 NAME 'mLAgent' SUP ( 2.5.6.12 $ ; applicationEntity 2.5.6.21 ; pkiUser ) MAY 2.5.4.52 ) ; supportedAlgorithms 2.19 orgACP127 Object Class The orgACP127 object class is used to define the entry for a single ACP 127/JANAP 128 [4]/[5] messaging user. This object class is a subclass of the plaACP127 auxiliary object class. ( 2.16.840.1.101.2.2.3.34 NAME 'orgACP127' SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 MAY ( 2.16.840.1.101.2.2.1.53 $ ; accountingCode 2.16.840.1.101.2.2.1.4 $ ; associatedOrganization 2.5.4.6 $ ; c 2.16.840.1.101.2.2.1.54 $ ; dualRoute 2.16.840.1.101.2.2.1.56 $ ; entryClassification 2.5.4.7 $ ; l 2.16.840.1.101.2.2.1.63 $ ; longTitle 2.16.840.1.101.2.2.1.64 $ ; minimize 2.16.840.1.101.2.2.1.65 $ ; minimizeOverride 2.16.840.1.101.2.2.1.67 $ ; nameClassification 2.16.840.1.101.2.2.1.77 $ ; rI 2.16.840.1.101.2.2.1.79 $ ; rIInfo 2.16.840.1.101.2.2.1.81 $ ; section 2.5.4.8 $ ; st 2.16.840.1.101.2.2.1.87 ) ) ; tARE 2.20 otherContactInformation Object Class The otherContactInformation object class provides for additional telephone, location, and mailbox information in directory entries. ( 2.16.840.1.101.2.2.3.62 NAME 'otherContactInformation' SUP 2.5.6.0 ; top AUXILIARY MAY ( 2.16.840.1.101.2.2.1.94 $ ; aCPMobileTelephoneNumber 2.16.840.1.101.2.2.1.95 $ ; aCPPagerTelephoneNumber 2.16.840.1.101.2.2.1.108 $ ; aCPPreferredDelivery 2.16.840.1.101.2.2.1.118 $ ; mailDomains DALLY Expires 22 March 2001 [Page 15]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 2.16.840.1.101.2.2.1.119 $ ; militaryFacsimileNumber 2.16.840.1.101.2.2.1.120 $ ; militaryTelephoneNumber 2.16.840.1.101.2.2.1.126 $ ; proprietaryMailboxes 0.9.2342.19200300.100.1.6 $ ; roomNumber 2.16.840.1.101.2.2.1.127 $ ; secureFacsimileNumber 2.16.840.1.101.2.2.1.128 ) ) ; secureTelephoneNumber 2.21 pkiCA Object Class The pkiCA object class is used to represent Certification Authorities. ( 2.5.6.22 NAME 'pkiCA' SUP 2.5.6.0 ; top AUXILIARY MAY ( 2.5.4.37 $ ; cACertificate 2.5.4.39 $ ; certificateRevocationList 2.5.4.38 $ ; authorityRevocationList 2.5.4.40 ) ) ; crossCertificatePair 2.22 pkiUser Object Class The pkiUser object class is used to represent certificate subjects. A certificate subject is a human or other type of directory user to which a certificate has been issued. ( 2.5.6.21 NAME 'pkiUser' SUP 2.5.6.0 ; top AUXILIARY MAY 2.5.4.36 ) ; userCertificate 2.23 plaACP127 Object Class The plaACP127 object class provides for the general PLA attributes common to general service (GENSER) PLA entries, all of which inherit this class. ( 2.16.840.1.101.2.2.3.47 NAME 'plaACP127' SUP 2.5.6.0 ; top AUXILIARY MUST 2.16.840.1.101.2.2.1.70 ; plaNameACP127 MAY ( 2.16.840.1.101.2.2.1.52 $ ; community 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 $ ; expirationDate 2.16.840.1.101.2.2.1.68 $ ; nationality 2.16.840.1.101.2.2.1.74 $ ; publish 2.16.840.1.101.2.2.1.76 $ ; remarks 2.16.840.1.101.2.2.1.82 ) ) ; serviceOrAgency DALLY Expires 22 March 2001 [Page 16]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 2.24 plaCollectiveACP127 Object Class The plaCollectiveACP127 object class is used to define the entry for an ACP 127/JANAP 128 [4]/[5] Address Indicator Group (AIG) distribution list or Type distribution list. This object class is a subclass of the plaACP127 auxiliary object class. ( 2.16.840.1.101.2.2.3.35 NAME 'plaCollectiveACP127' SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 MUST 2.16.840.1.101.2.2.1.51 ; cognizantAuthority MAY ( 2.16.840.1.101.2.2.1.46 $ ; actionAddressees 2.16.840.1.101.2.2.1.50 $ ; allowableOriginators 2.16.840.1.101.2.2.1.113 $ ; associatedAL 2.5.4.13 $ ; description 2.16.840.1.101.2.2.1.56 $ ; entryClassification 2.16.840.1.101.2.2.1.59 $ ; infoAddressees 2.16.840.1.101.2.2.1.60 $ ; lastRecapDate 2.16.840.1.101.2.2.1.75 ) ) ; recapDueDate 2.25 plaData Object Class The plaData object class contains attributes common to Special Intelligence (SI) PLAs. ( 2.16.840.1.101.2.2.3.26 NAME 'plaData' SUP 2.5.6.0 ; top AUXILIARY MAY ( 2.16.840.1.101.2.2.1.52 $ ; community 2.5.4.13 $ ; description 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 2.26 plaUser Object Class The plaUser object class contains the name of a PLA's directory entry and, optionally, Routing Indicator (RI) for addressing that PLA. ( 2.16.840.1.101.2.2.3.56 NAME 'plaUser' SUP 2.5.6.0 ; top AUXILIARY MUST 2.16.840.1.101.2.2.1.70 ; plaNameACP127 MAY 2.16.840.1.101.2.2.1.79 ) ; rIInfo 2.27 releaseAuthorityPerson Object Class The releaseAuthorityPerson object class is used to define the entry for a role of release authority who releases organizational messages on behalf of an organization. Whereas organizations originate their organizational messages, it is the job of the release authority to sign the messages. Release authorities do not send individual messages and do not receive messages. DALLY Expires 22 March 2001 [Page 17]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 Note that this object class may become obsolete, depending on the resolution of CMI issues. ( 2.16.840.1.101.2.2.3.63 NAME 'releaseAuthorityPerson' SUP.2.16.840.1.101.2.1.4.13 ; secure-user MUST 2.16.840.1.101.2.2.1.45 ) ; releaseAuthorityName 2.28 releaseAuthorityPersonA Object Class The releaseAuthorityPersonA object class is used to define the entry for a role of release authority who releases organizational messages on behalf of an organization. Whereas organizations originate their organizational messages, it is the job of the release authority to sign the messages. Release authorities do not send individual messages and do not receive messages. ( 2.16.840.1.101.2.2.3.65 NAME 'releaseAuthorityPersonA' SUP.2.16.840.1.101.2.2.3.66 ; securePkiUser MUST 2.16.840.1.101.2.2.1.45 ) ; releaseAuthorityName 2.29 routingIndicator Object Class The routingIndicator object class is used to define an entry for a RI and is a subclass of the plaData auxiliary object class. ( 2.16.840.1.101.2.2.3.37 NAME 'routingIndicator' SUP 2.16.840.1.101.2.2.3.26 ; plaData MUST 2.16.840.1.101.2.2.1.77 ; rI MAY ( 2.16.840.1.101.2.2.1.62 $ ; lmf 2.6.5.2.0 $ ; mhs-maximum-content-length 2.16.840.1.101.2.2.1.68 $ ; nationality 2.16.840.1.101.2.2.1.74 $ ; publish 2.16.840.1.101.2.2.1.78 $ ; rIClassification 2.16.840.1.101.2.2.1.83 $ ; sHD 2.16.840.1.101.2.2.1.96 $ ; tCC 2.16.840.1.101.2.2.1.69 $ ; transferStation 2.16.840.1.101.2.2.1.97 ) ) ; tRC 2.30 secure-user Object Class The secure-user object class is used in defining directory entries that include credentials for users. It is a subclass of the strongAuthenticationUser object class, defined in X.521 [8], which provides for a user certificate. Note that this object class may become obsolete, depending on the resolution of CMI issues. ( 2.16.840.1.101.2.1.4.13 NAME 'secure-user' SUP 2.5.6.15 ; strongAuthenticationUser AUXILIARY DALLY Expires 22 March 2001 [Page 18]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 MAY ( 2.5.6.58 $ ; attributeCertificate 2.5.4.52 ) ) ; supportedAlgorithms 2.31 securePkiUser Object Class The securePkiUser (Public Key Infrastructure) object class is used in defining directory entries that include credentials for ACP 123 [6] users. It is a subclass of the pkiUser object class, defined in RFC 2587 [9], which provides for a user certificate. ( 2.16.840.1.101.2.2.3.66 NAME 'securePkiUser' SUP 2.5.6.21 ; pkiUser AUXILIARY MAY ( 2.5.6.58 $ ; attributeCertificate 2.5.4.52 ) ) ; supportedAlgorithms 2.32 sigintPLA Object Class The sigintPLA (Signal Intelligence) object class is used to represent sensitive SI PLAs. This object class is a subclass of the plaData auxiliary object class. ( 2.16.840.1.101.2.2.3.38 NAME 'sigintPLA' SUP 2.16.840.1.101.2.2.3.26 ; plaData MUST 2.16.840.1.101.2.2.1.85 ; sigad MAY ( 2.5.4.7 $ ; l 2.16.840.1.101.2.2.1.68 $ ; nationality 2.16.840.1.101.2.2.1.74 $ ; publish 2.16.840.1.101.2.2.1.76 $ ; remarks 2.16.840.1.101.2.2.1.77 $ ; rI 2.16.840.1.101.2.2.1.84 ) ) ; shortTitle 2.33 sIPLA Object Class The sIPLA object class is used to define the entry for a single Special Intelligence (SI) messaging user. This object class is a subclass of the plaData auxiliary object class. ( 2.16.840.1.101.2.2.3.39 NAME 'sIPLA' SUP 2.16.840.1.101.2.2.3.26 ; plaData MUST 2.16.840.1.101.2.2.1.63 ; longTitle MAY ( 2.5.4.7 $ ; l 2.16.840.1.101.2.2.1.68 $ ; nationality 2.16.840.1.101.2.2.1.74 $ ; publish 2.16.840.1.101.2.2.1.76 $ ;remarks 2.16.840.1.101.2.2.1.77 $ ; rI 2.16.840.1.101.2.2.1.84 $ ; shortTitle 2.16.840.1.101.2.2.1.85 ) ) ; sigad DALLY Expires 22 March 2001 [Page 19]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 2.34 spotPLA Object Class The spotPLA object class is used to define an entry for a special products distribution list. This object class is a subclass of the plaData auxiliary object class. ( 2.16.840.1.101.2.2.3.40 NAME 'spotPLA' SUP 2.16.840.1.101.2.2.3.26 ; plaData MUST 2.16.840.1.101.2.2.1.86 ; spot MAY ( 2.16.840.1.101.2.2.1.46 $ ; actionAddressees 2.16.840.1.101.2.2.1.47 $ ; additionalAddressees 2.16.840.1.101.2.2.1.48 $ ; additionalSecondPartyAddressees 2.6.5.2.4 $ ; mhs-dl-submit-permissions 2.16.840.1.101.2.2.1.76 $ ; remarks 2.16.840.1.101.2.2.1.80 ) ) ; secondPartyAddressees 2.35 taskForceACP127 Object Class The taskForceACP127 object class is used to define a directory entry for an ACP 127/JANAP 128 [4]/[5] task force distribution list. This object class is a subclass of the plaACP127 auxiliary object class. ( 2.16.840.1.101.2.2.3.41 NAME 'taskForceACP127' SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 MUST ( 2.16.840.1.101.2.2.1.51 $ ; cognizantAuthority 2.16.840.1.101.2.2.1.60 $ ; lastRecapDate 2.16.840.1.101.2.2.1.75 ; recapDueDate) MAY ( 2.16.840.1.101.2.2.1.113 $ ; associatedAL 2.16.840.1.101.2.2.1.56 $ ; entryClassification 2.16.840.1.101.2.2.1.71 ) ) ; plaAddressees 2.36 tenantACP127 Object Class The tenantACP127 object class is used to define a directory entry that represents a tenant PLA. This object class is a subclass of the plaACP127 auxiliary object class. ( 2.16.840.1.101.2.2.3.42 NAME 'tenantACP127' SUP 2.16.840.1.101.2.2.3.47 ; plaACP127 MUST 2.16.840.1.101.2.2.1.58 ; hostOrgACP127 MAY ( 2.16.840.1.101.2.2.1.56 $ ; entryClassification 2.16.840.1.101.2.2.1.87 ) ) ; tARE 2.37 ukms Object Class The ukms object class contains the monthly values of user keying material (UKM) used in the construction of selected CCEB symmetric confidentiality algorithms. DALLY Expires 22 March 2001 [Page 20]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 ( 2.16.840.1.101.2.1.4.16 NAME 'ukms' SUP 2.5.6.0 ; top AUXILIARY MAY ( 2.16.840.1.101.2.1.5.20 $ ; janUKMs 2.16.840.1.101.2.1.5.21 $ ; febUKMs 2.16.840.1.101.2.1.5.22 $ ; marUKMs 2.16.840.1.101.2.1.5.23 $ ; aprUKMs 2.16.840.1.101.2.1.5.24 $ ; mayUKMs 2.16.840.1.101.2.1.5.25 $ ; junUKMs 2.16.840.1.101.2.1.5.26 $ ; julUKMs 2.16.840.1.101.2.1.5.27 $ ; augUKMs 2.16.840.1.101.2.1.5.28 $ ; sepUKMs 2.16.840.1.101.2.1.5.29 $ ; octUKMs 2.16.840.1.101.2.1.5.30 $ ; novUKMs 2.16.840.1.101.2.1.5.31 ) ) ; decUKMs DALLY Expires 22 March 2001 [Page 21]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3. ATTRIBUTE TYPES 3.1 accessCodes Attribute The accessCodes attribute value gives the coding of how to reach one network from another. Additional instructions for the use of this access code are contained in a description attribute in the same entry. For example, in a private telephone network, the user could be required to dial "8" to reach other users in a different city or to dial "9" to exit the private network. ( 2.16.840.1.101.2.2.1.106 NAME 'accessCodes' SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ; Printable String 3.2 accountingCode Attribute The accountingCode attribute value is a character string used in logistics applications to identify an organization uniquely. One example is the U.S. Department of Defense Activity Accounting Code (DODAAC). ( 2.16.840.1.101.2.2.1.53 NAME 'accountingCode' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{7} ) ; Printable String 3.3 aCPLegacyFormat Attribute The aCPLegacyFormat provides the specific message format type used when the value of the aCPPreferredDelivery attribute is ACP127(1). ( 2.16.840.1.101.2.2.1.142 NAME 'aCPLegacyFormat' SYNTAX 2.16.840.1.101.2.2.2.17 ; ACPLegacyFormat SINGLE-VALUE ) 3.4 aCPMobileTelephoneNumber Attribute The aCPMobileTelephoneNumber attribute value identifies a mobile telephone number for the object represented by the directory entry that contains this attribute. ( 2.16.840.1.101.2.2.1.94 NAME 'aCPMobileTelephoneNumber' SUP 2.5.4.20 ) ; telephoneNumber 3.5 aCPNetwAccessSchemaEdB Attribute The aCPNetwAccessSchemaEdB attribute value is a schematic representation used to complete the access information from one network to another in the case of a complex connection. (Many connections are not complex enough to need such a description and in that case the attribute would not be populated.) DALLY Expires 22 March 2001 [Page 22]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 ( 2.16.840.1.101.2.2.1.146 NAME 'aCPNetwAccessSchemaEdB' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) ; JPEG 3.6 aCPNetworkSchemaEdB Attribute The aCPNetworkSchemaEdB attribute value is a graphical representation of a network. It describes the structure of the network and details any rules associated with that network. ( 2.16.840.1.101.2.2.1.147 NAME 'aCPNetworkSchemaEdB' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) ; JPEG 3.7 aCPPagerTelephoneNumber Attribute The aCPPagerTelephoneNumber attribute identifies a telephone number for a pager associated with the object represented by the directory entry. ( 2.16.840.1.101.2.2.1.95 NAME 'aCPPagerTelephoneNumber' SUP 2.5.4.20 ) ; telephoneNumber 3.8 aCPPreferredDelivery Attribute The aCPPreferredDelivery attribute value is used to determine the messaging system a user, represented by the directory entry, prefers for message delivery. The possible values are: "ACP 127", "SMTP" or "MHS". "MHS" signifies either standard X.400 (1984 or 1988) or ACP 123-compliant X.400. ( 2.16.840.1.101.2.2.1.108 NAME 'aCPPreferredDelivery' SYNTAX 2.16.840.1.101.2.2.2.6 ; ACP Preferred Delivery syntax SINGLE-VALUE ) 3.9 aCPTelephoneFaxNumber ATTRIBUTE The aCPTelephoneFaxNumber attribute is defined for use as a supertype in defining the attributes: militaryFacsimileNumber militaryTelephoneNumber secureFacsimileNumber secureTelephoneNumber A value of the aCPTelephoneFaxNumber attribute and the attributes defined as its subtypes is a telephone number that is used for military purposes and is associated with an object represented by the directory entry. For example, a person may have a telephone, equipped with a STU III (Secure Telephone Unit) device, on the Public Switched Telephone Network (PSTN). DALLY Expires 22 March 2001 [Page 23]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 ( 2.16.840.1.101.2.2.1.109 NAME 'aCPTelephoneFaxNumber' EQUALITY 2.5.13.20 ; telephoneNumberMatch SUBSTR 2.5.13.21 ; telephoneNumberSubstringsMatch SYNTAX 2.16.840.1.101.2.2.2.1 ) ; ACPTelephoneFaxNumberSyntax The attribute value for an ACP telephone number contains the following substrings which are separated by commas (i.e., ","): network or site identifier telephone number security device identifier The maximum size of the network or site identifier substring is six characters. In the example, the string "PSTN" would be the value of this identifier. For the telephone number substring, if the network is the PSTN, then the format shall be as for a Telephone Number as defined in X.520 [10] (i.e., CCITT E.123). Extension numbers shall be preceded by "ext." or other nationally defined equivalent. The maximum length of this substring is 32 characters. In the example, the string "+1 555 222 ext. 34" could be the value of the telephone number. The maximum size of the security device identifier substring is eight characters. In the example, the string "STU III" would be the value of this identifier. The complete example value would be "PSTN, +1 555 222 ext. 34, STU III". The security device (and preceding substring separator ",") is present only if the military telephone number is secured (i.e., attribute subtypes secureTelephoneNumber or secureFacsimileNumber). Note that the equality and substring matching rule for this attribute is not case sensitive and the substring matching rule is case sensitive. Thus, it is recommended that the network/site identifier and security device identifier are in upper case. 3.10 actionAddressees Attribute An actionAddressees attribute value is the list of action addressees of an ACP 127/JANAP 128 [4]/[5] collective, for example, an AIG. An action addressee is expected to take action appropriate on the message content, whereas an information addressee receives the message for informational purposes only. ( 2.16.840.1.101.2.2.1.46 NAME 'actionAddressees' EQUALITY 2.5.13.11 ; caseIgnoreListMatch SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax DALLY Expires 22 March 2001 [Page 24]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.11 additionalAddressees Attribute The additionalAddressees attribute value is a list of addressees to be added to the actionAddressees list (value of the actionAddressees attribute) under circumstances identified in the remarks attribute in the same directory entry. ( 2.16.840.1.101.2.2.1.47 NAME 'additionalAddressees' EQUALITY 2.5.13.11 ; caseIgnoreListMatch SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax 3.12 additionalSecondPartyAddressees Attribute The additionalSecondPartyAddressees attribute value is a list of addressees to be added to the secondPartyAddressees list (value of the secondPartyAddressees attribute) under circumstances identified in the remarks attribute in the same directory entry. ( 2.16.840.1.101.2.2.1.48 NAME 'additionalSecondPartyAddressees' EQUALITY 2.5.13.11 ; caseIgnoreListMatch SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax 3.13 adminConversion ATTRIBUTE The adminConversion attribute provides for using an abbreviation of the organization's administrative title as an administrative message address. ( 2.16.840.1.101.2.2.1.143 NAME 'adminConversion' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ; DirectoryString EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ) ; caseIgnoreSubstringsMatch 3.14 administrator Attribute The administrator attribute value represents the entity responsible for the operation of a component when it is different from the owner of the component. For example, the owner may be a domain. ( 2.16.840.1.101.2.2.1.110 NAME 'administrator' SUP 2.5.4.49 ) ; distinguishedName 3.15 aigsExpanded Attribute The aigsExpanded attribute values are the names of the AIGs expanded by a messaging gateway. ( 2.16.840.1.101.2.2.1.111 NAME 'aigsExpanded' SUP 2.5.4.49 ) ; distinguishedName DALLY Expires 22 March 2001 [Page 25]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.16 aLExemptedAddressProcessor Attribute The aLExemptedAddressProcessor attribute value is the ORName of the address list processor for the address list where exempted addresses are removed. ( 2.16.840.1.101.2.1.5.47 'aLExemptedAddressProcessor' SYNTAX 2.16.840.1.101.2.2.2.10 ; O/R Name syntax SINGLE-VALUE ) 3.17 aliasPointer Attribute The aliasPointer attribute type value points to alias directory entries which might have to be modified if the directory entry containing this attribute is modified. It is intended to be used to maintain data consistency in the Directory Information Base (DIB). ( 2.16.840.1.101.2.2.1.49 NAME 'aliasPointer' EQUALITY 2.5.13.1 ; distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ; DN 3.18 alid Attribute The alid attribute value is the AL key material identifier. ( 2.16.840.1.101.2.1.5.14 NAME 'alid' EQUALITY 2.5.13.17 ; octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) ; Kmid = Octet String 3.19 allowableOriginators Attribute The allowableOriginators attribute value is the name of an ACP 127/JANAP 128 [4]/[5] collective that contains the list of PLAs that are allowed to originate messages to this list. ( 2.16.840.1.101.2.2.1.50 NAME 'allowableOriginators' EQUALITY 2.5.13.11 ; caseIgnoreListMatch SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax 3.20 aLReceiptPolicy Attribute The aLReceiptPolicy attribute value indicates address list's signed receipt policy. This receipt policy supersedes the originator's request for signed receipts (see ACP 120 [11]). ( 2.16.840.1.101.2.2.1.135 NAME 'aLReceiptPolicy' SYNTAX 2.16.840.1.101.2.2.2.9 ; MLReceiptPolicy SINGLE-VALUE ) DALLY Expires 22 March 2001 [Page 26]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.21 alternateRecipient Attribute The alternateRecipient attribute is used to designate an X.400 alternate recipient for a messaging user. It could be used by an X.400 message originator to create an originator-assigned alternate recipient address to be used by the MTS, if delivery to the addressed recipient fails. ( 2.16.840.1.101.2.2.1.3 NAME 'alternateRecipient' EQUALITY 2.5.13.1 ; distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) 3.22 aLType Attribute The aLType attribute value indicates the type of an address list from these possibilities: AIG (Address Indicator Group), Type Organization Collective, CAD (Collective Address Designator), and Task Force. ( 2.16.840.1.101.2.2.1.112 NAME 'aLType' EQUALITY 2.5.13.14 ; integerMatch SYNTAX 2.16.840.1.101.2.2.2.8 ; Address List Type syntax SINGLE-VALUE ) 3.23 aprUKMs Attribute The aprUKMs (User Key Materials) attribute value is used in the construction of selected symmetric confidentiality algorithms for the month of April. ( 2.16.840.1.101.2.1.5.23 NAME 'aprUKMs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax ; encapsulating ; MonthlyUKMs SINGLE-VALUE ) 3.24 associatedAL Attribute The associatedAL attribute value points to the address list object which replaces the ACP 127/JANAP 128 [4]/[5] task force PLA. It assists in the transition from ACP 127/JANAP 128 [4]/[5] to X.400 addressing and the associated transition from the use of ACP 127/ JANAP 128 [4]/[5] collectives to the use of address lists. ( 2.16.840.1.101.2.2.1.113 NAME 'associatedAL' EQUALITY 2.5.13.1 ; distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) 3.25 associatedOrganization Attribute The associatedOrganization attribute value points to the organizationalUnit directory entry which represents the same DALLY Expires 22 March 2001 [Page 27]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 organizational messaging entity as the PLA directory entry containing this attribute. ( 2.16.840.1.101.2.2.1.4 NAME 'associatedOrganization' EQUALITY 2.5.13.1 ; distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) 3.26 associatedPLA Attribute The associatedPLA attribute value points to the ACP 127/JANAP 128 [4]/[5] directory entry for the same messaging entity as represented by the Organizational Unit directory entry containing this attribute. ( 2.16.840.1.101.2.2.1.6 NAME 'associatedPLA' EQUALITY 2.5.13.1 ; distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) 3.27 augUKMs Attribute The augUKMs attribute value is used in the construction of selected symmetric confidentiality algorithms for the month of August. ( 2.16.840.1.101.2.1.5.27 NAME 'augUKMs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax ; encapsulating ; MonthlyUKMs SINGLE-VALUE ) 3.28 buildingName Attribute A buildingName attribute value specifies the name of the building where an organization or organizational unit is based. This attribute was originally defined in RFC 1274 [13]. ( 0.9.2342.19200300.100.1.48 NAME 'buildingName' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ; directoryString, minimum length is one. EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch ) 3.29 cognizantAuthority Attribute The cognizantAuthority attribute value indicates the administrator for an ACP 127/JANAP 128 [4]/[5] collective. ( 2.16.840.1.101.2.2.1.51 NAME 'cognizantAuthority' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55} ; Printable String SINGLE-VALUE ) DALLY Expires 22 March 2001 [Page 28]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.30 collective-mhs-or-addresses Attribute The collective-mhs-or-addresses attribute value is a value of mhs-or-addresses that is applied at an administrative point. ( 2.16.840.1.101.2.2.1.134.1 NAME 'collective-mhs-or-addresses' SUP 2.6.5.2.6 ) ; mhs-or-addresses 3.31 collectiveMilitaryFacsimileNumber Attribute The collectiveMilitaryFacsimileNumber attribute value is a value of militaryFacsimileNumber that is applied at an administrative point. ( 2.16.840.1.101.2.2.1.119.1 NAME 'collectiveMilitaryFacsimileNumber' SUP 2.16.840.1.101.2.2.1.119 ) ; militaryFacsimileNumber 3.32 collectiveMilitaryTelephoneNumber Attribute The collectiveMilitaryTelephoneNumber attribute value is a value of militaryTelephoneNumber that is applied at an administrative point. ( 2.16.840.1.101.2.2.1.120.1 NAME 'collectiveMilitaryTelephoneNumber' SUP 2.16.840.1.101.2.2.1.120 ) ; militaryTelephoneNumber 3.33 collectiveNationality Attribute The collectiveNationality attribute value is a value of nationality that is applied at an administrative point. ( 2.16.840.1.101.2.2.1.68.1 NAME 'collectiveNationality' SUP 2.16.840.1.101.2.2.1.68 ) ; nationality 3.34 collectiveSecureFacsimileNumber Attribute The collectiveSecureFacsimileNumber attribute value is a value of secureFacsimileNumber that is applied at an administrative point. ( 2.16.840.1.101.2.2.1.127.1 NAME 'collectiveSecureFacsimileNumber' SUP 2.16.840.1.101.2.2.1.127 ) ; secureFacsimileNumber 3.35 collectiveSecureTelephoneNumber ATTRIBUTE The collectiveSecureTelephoneNumber attribute value is a value of secureTelephoneNumber that is applied at an administrative point. ( 2.16.840.1.101.2.2.1.128.1 NAME 'collectiveSecureTelephoneNumber' SUP 2.16.840.1.101.2.2.1.128 ) ; secureTelephoneNumber 3.36 community Attribute The community attribute value indicates whether an object belongs to the GENSER (R) or SI (Y) community or both (R/Y). DALLY Expires 22 March 2001 [Page 29]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 ( 2.16.840.1.101.2.2.1.52 NAME 'community' SYNTAX 2.16.840.1.101.2.2.2.5 ; Community syntax SINGLE-VALUE ) 3.37 copyMember Attribute The copyMember attribute value specifies a group of names associated with the object represented by the directory entry. In an address list directory entry, this attribute indicates the "copy" or "info" members of the list as opposed to "primary" or "action" members. ( 2.16.840.1.101.2.2.1.114 NAME 'copyMember' SUP 2.5.4.31 ) ; member 3.38 decUKMs Attribute The decUKMs attribute value is used in the construction of selected CCEB symmetric confidentiality algorithms for the month of December. ( 2.16.840.1.101.2.1.5.31 NAME 'decUKMs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax ; encapsulating ; MonthlyUKMs SINGLE-VALUE) 3.39 deployed ATTRIBUTE The deployed attribute value contains distinguished names of other directory entries that represent the same real world object in the field. See the garrison attribute. ( 2.16.840.1.101.2.2.1.139 NAME 'deployed' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ; DistinguishedName EQUALITY 2.5.13.1 ) ; distinguishedNameMatch 3.40 distributionCodeAction Attribute The distributionCodeAction attribute values identify the distribution codes (including Subject Indicator Codes (SICs)) for which an organization, person, or role handles messages for action. ( 2.16.840.1.101.2.2.1.104 NAME 'distributionCodeAction' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ; DistributionCode = ; PrintableString DALLY Expires 22 March 2001 [Page 30]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.41 distributionCodeInfo Attribute The distributionCodeInfo attribute values identify the distribution codes (including SICs) for which an organization, person, or role handles messages for information. ( 2.16.840.1.101.2.2.1.105 NAME 'distributionCodeInfo' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ; DistributionCode = ; PrintableString 3.42 dualRoute Attribute The dualRoute attribute value indicates whether delivery of messages for an organization to both the home and deployed sites is required. If set to TRUE, dual delivery is required. ( 2.16.840.1.101.2.2.1.54 NAME 'dualRoute' EQUALITY 2.5.13.13 ; booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; SINGLE-VALUE ) 3.43 effectiveDate Attribute The effectiveDate attribute value indicates when the directory entry is to become valid. ( 2.16.840.1.101.2.2.1.55 NAME 'effectiveDate' EQUALITY 2.5.13.27 ; generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ; GeneralizedTime SINGLE-VALUE ) 3.44 entryClassification Attribute The entryClassification attribute value indicates the classification of the directory entry that contains this attribute. The possible values are: unmarked, unclassified, restricted, confidential, secret, and top secret. ( 2.16.840.1.101.2.2.1.56 NAME 'entryClassification' SYNTAX 2.16.840.1.101.2.2.2.4) ; Classification syntax 3.45 expirationDate Attribute The expirationDate attribute value indicates the time at which the directory entry becomes invalid. ( 2.16.840.1.101.2.2.1.57 NAME 'expirationDate' EQUALITY 2.5.13.27 ; generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ; GeneralizedTime SINGLE-VALUE ) DALLY Expires 22 March 2001 [Page 31]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.46 febUKMs Attribute The febUKMs attribute value is used in the construction of selected CCEB symmetric confidentiality algorithms for the month of February. ( 2.16.840.1.101.2.1.5.21 NAME 'febUKMs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax ; encapsulating ; MonthlyUKMs SINGLE-VALUE ) 3.47 garrison ATTRIBUTE The garrison attribute value contains distinguished names of other directory entries that represent the same real world object in garrison. See the deployed attribute. ( 2.16.840.1.101.2.2.1.140 NAME 'garrison' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ; DistinguishedName EQUALITY 2.5.13.1 ) ; distinguishedNameMatch 3.48 gatewayType Attribute The gatewayType attribute value is used to indicate the translations a messaging gateway is capable of performing. The translations that can be indicated are: acp120-acp127-gateway acp120-janap128-gateway acp120-mhs-gateway acp120-mmhs-gateway acp120-rfc822-gateway boundary MTA mmhs-mhs-gateway mmhs-rfc822-gateway mta-acp127-gateway ( 2.16.840.1.101.2.2.1.115 NAME 'gatewayType' EQUALITY 2.5.13.0 ; objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID 3.49 ghpType Attribute The ghpType attribute value is used to indicate the gateway handling policy of an mta-acp127-gateway defined in STANAG 4406 [12]. ( 2.16.840.1.101.2.2.1.116 NAME 'ghpType' EQUALITY 2.5.13.0 ; objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID DALLY Expires 22 March 2001 [Page 32]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.50 guard Attribute The guard attribute value indicates the Name(s) of the Guard Gateway. ( 2.16.840.1.101.2.2.1.117 NAME 'guard' SUP 2.5.4.49 ) ; distinguishedName 3.51 host Attribute The host attribute value gives an identifier for a host computer, as defined in the COSINE and Internet X.500 Schema, RFC 1274 [13]. ( 0.9.2342.19200300.100.1.9 NAME 'host' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ; DirectoryString ; limited to TeletexString or PrintableString 3.52 hostOrgACP127 Attribute The hostOrgACP127 attribute value of a tenant PLA identifies the PLA for the organization which accepts traffic for a tenant. ( 2.16.840.1.101.2.2.1.58 NAME 'hostOrgACP127' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55} ; PrintableString SINGLE-VALUE ) 3.53 infoAddressees Attribute The infoAddressees attribute value of an ACP 127/JANAP 128 [4]/[5] collective contains the list of information addressees of the collective. ( 2.16.840.1.101.2.2.1.59 NAME 'infoAddressees' EQUALITY 2.5.13.11 ; caseIgnoreListMatch SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax 3.54 janUKMs Attribute The janUKMs attribute value is used in the construction of selected CCEB symmetric confidentiality algorithms for the month of January. ( 2.16.840.1.101.2.1.5.20 NAME 'janUKMs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax ; encapsulating ; MonthlyUKMs SINGLE-VALUE ) DALLY Expires 22 March 2001 [Page 33]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.55 julUKMs Attribute The julUKMs attribute value is used in the construction of selected CCEB symmetric confidentiality algorithms for the month of July. ( 2.16.840.1.101.2.1.5.26 NAME 'julUKMs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax ; encapsulating ; MonthlyUKMs SINGLE-VALUE ) 3.56 junUKMs ATTRIBUTE The junUKMs attribute value is used in the construction of selected CCEB symmetric confidentiality algorithms for the month of June. ( 2.16.840.1.101.2.1.5.25 NAME 'junUKMs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax ; encapsulating ; MonthlyUKMs SINGLE-VALUE ) 3.57 lastRecapDate Attribute The lastRecapDate attribute value indicates when a list was last recapped or validated. ( 2.16.840.1.101.2.2.1.60 NAME 'lastRecapDate' EQUALITY 2.5.13.27 ; generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ; GeneralizedTime SINGLE-VALUE ) 3.58 listPointer Attribute The listPointer attribute value is used to point to address list directory entries which might have to be modified if the entry containing this attribute is modified. It is intended to be used to maintain data consistency in the DIB. ( 2.16.840.1.101.2.2.1.61 NAME 'listPointer' EQUALITY 2.5.13.1 ; distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ; DistinguishedName 3.59 lmf Attribute The lmf (Language and Media Format) attribute value indicates the language and media format that can be accepted between the two communicating end-systems. Possible values include: DALLY Expires 22 March 2001 [Page 34]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 T tape A ASCII (American Standard Code for Information Interchange) C card, etc. ( 2.16.840.1.101.2.2.1.62 NAME 'lmf' EQUALITY 2.5.13.2 ; caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{1} SINGLE-VALUE ) 3.60 longTitle Attribute The longTitle attribute value is the expanded form of an organization's PLA. ( 2.16.840.1.101.2.2.1.63 NAME 'longTitle' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{255} ; PrintableString SINGLE-VALUE ) 3.61 mailDomains Attribute The mailDomains attribute value is a string, which provides information on the domains that the messaging gateway will bridge. ( 2.16.840.1.101.2.2.1.118 NAME 'mailDomains' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ; DirectoryString 3.62 marUKMs Attribute The marUKMs attribute value is used in the construction of selected CCEB symmetric confidentiality algorithms for the month of May. ( 2.16.840.1.101.2.1.5.22 NAME 'marUKMs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax ; encapsulating ; MonthlyUKMs SINGLE-VALUE ) 3.63 mayUKMs Attribute The mayUKMs attribute value is used in the construction of selected CCEB symmetric confidentiality algorithms for the month of May. ( 2.16.840.1.101.2.1.5.24 NAME 'mayUKMs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax ; encapsulating DALLY Expires 22 March 2001 [Page 35]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 ; MonthlyUKMs SINGLE-VALUE ) 3.64 mhs-acceptable-eits Attribute The mhs-acceptable-eits attribute value identifies a set of EITs for messages. The user or distribution list, represented by the directory entry, will accept delivery of or expand a message in which any one of these eits is present. ( 2.6.5.2.17 NAME 'mhs-acceptable-eits' EQUALITY 2.5.13.0 ; objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID ; ExtendedEncodedInformationType = object identifier 3.65 mhs-deliverable-classes Attribute The mhs-deliverable-classes attribute value identifies the classes of messages whose delivery a UA, represented by the directory entry, will accept. ( 2.6.5.2.19 NAME 'mhs-deliverable-classes' EQUALITY 2.6.5.4.2 ; capabilityMatch SYNTAX 2.16.840.1.101.2.2.2.13 ) ; Capability syntax 3.66 mhs-deliverable-content-types Attribute The mhs-deliverable-content-types attribute values identify the content types of the messages whose delivery the user, represented by the directory entry, will accept. ( 2.6.5.2.1 NAME 'mhs-deliverable-content-types' EQUALITY 2.5.13.0 ; objectIdentifierMatch SYNTAX 1.3.4.1.4.1.1466.115.121.1.38 ) ; ExtendedContentType ; = object identifier 3.67 mhs-dl-archive-service Attribute The mhs-dl-archive-service attribute value identifies a service from which a user may request copies of messages previously distributed by the address list represented by the directory entry. ( 2.6.5.2.12 NAME 'mhs-dl-archive-service' EQUALITY 2.6.5.4.0 ; oRNameExactMatch SYNTAX 2.16.840.1.101.2.2.2.10 ) ; O/R Name syntax 3.68 mhs-dl-members Attribute The mhs-dl-members attribute value is an OR-name which identifies a member of the DL. This attribute may have multiple values each of which identifies one member of the DL. When a DL is expanded, DALLY Expires 22 March 2001 [Page 36]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 each of the values of this attribute becomes a recipient of the message. ( 2.6.5.2.3 NAME 'mhs-dl-members' EQUALITY 2.6.5.4.0 ; oRNameExactMatch SYNTAX 2.16.840.1.101.2.2.2.10 ) ; O/R Name syntax 3.69 mhs-dl-policy Attribute The mhs-dl-policy attribute value identifies the choice of policy options to be applied when expanding the address list represented by the directory entry. ( 2.6.5.2.13 NAME 'mhs-dl-policy' SYNTAX 2.16.840.1.101.2.2.2.14 ; DLPolicy syntax SINGLE-VALUE ) 3.70 mhs-dl-related-lists Attribute The mhs-dl-related-lists attribute value identifies other address lists which are, in some unspecified way, related to the address list represented by the directory entry. ( 2.6.5.2.14 NAME 'mhs-dl-related-lists' SUP 2.5.4.49 ; DistinguishedName EQUALITY 2.5.13.1 ; distinguishedNameMatch ) 3.71 mhs-dl-submit-permissions Attribute The mhs-dl-submit-permissions attribute values identify the users and address lists that may submit messages to the address list represented by the directory entry. ( 2.6.5.2.4 NAME 'mhs-dl-submit-permissions' SYNTAX 2.16.840.1.101.2.2.2.15 ) ; DLSubmitPermission syntax 3.72 mhs-dl-subscription-service Attribute The mhs-dl-subscription-service attribute value identifies a service of which a user may request changes to the membership of the address list represented by the directory entry, (e.g., for a user to request to be added to the address list). ( 2.6.5.2.15 NAME 'mhs-dl-subscription-service' EQUALITY 2.6.5.4.0 ; oRNameExactMatch SYNTAX 2.16.840.1.101.2.2.2.10 ) ; O/R Name syntax 3.73 mhs-exclusively-acceptable-eits Attribute The mhs-exclusively-acceptable-eits attribute value identifies a set of EITs for messages. The user or distribution list, represented by the directory entry, will accept delivery of or DALLY Expires 22 March 2001 [Page 37]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 expand a message in which all of these EITs are present. ( 2.6.5.2.2 NAME 'mhs-exclusively-acceptable-eits' EQUALITY 2.5.13.0 ; objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID ; ExtendedEncodedInformationType = object identifier 3.74 mhs-maximum-content-length Attribute The mhs-maximum-content-length attribute value identifies the maximum content length of the messages that can be handled by the object represented by the directory entry. The object is a user to whom the message would be delivered, an address list for which expansion would be performed on the message, or an MTA to which the message would be acceptable. ( 2.6.5.2.0 NAME 'mhs-maximum-content-length' EQUALITY 2.5.13.14 ; integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ; ContentLength = INTEGER SINGLE-VALUE ) 3.75 mhs-message-store-dn Attribute The mhs-message-store-dn attribute value identifies by directory name the message store of the user represented by the directory entry. ( 2.6.5.2.5 NAME 'mhs-message-store-dn' SUP 2.5.4.49 ; distinguishedName EQUALITY 2.5.13.1 ; distinguishedNameMatch SINGLE-VALUE ) 3.76 mhs-or-addresses Attribute The mhs-or-addresses attribute values specify the O/R addresses of the user or address list represented by the directory entry. ( 2.6.5.2.6 NAME 'mhs-or-addresses' EQUALITY 2.6.4.8.14 ; oRAddressMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.33 ) ; MHS OR Address syntax 3.77 mhs-or-addresses-with-capabilities Attribute The mhs-or-addresses-with-capabilities attribute values specify the O/R addresses and the messaging capabilities associated with each address of the user or address list represented by the directory entry. Recognized security labels are identified in ACP 123 [6]. DALLY Expires 22 March 2001 [Page 38]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 Information about availability and nationality will be included in the description. If the address is served by a foreign nation, the International Standard Organization 3166 [14] code of the country shall be entered first. If an OR-address is not operational on a 24 by 7 basis, the normal daily schedule shall be given in start and stop times for each day of operation. Planned down time also shall be given in start and stop time. ( 2.6.5.2.16 NAME 'mhs-or-addresses-with-capabilities' EQUALITY 2.6.5.4.1 ; addressCapabilitiesMatch SYNTAX 2.16.840.1.101.2.2.2.16 ) ; AddressCapabilities syntax 3.78 mhs-supported-attributes Attribute The mhs-supported-attributes attribute values identify the attributes that the message store, represented by the directory entry, fully supports. ( 2.6.5.2.10 NAME 'mhs-supported-attributes' EQUALITY 2.5.13.0 ; objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID ; MS-ATTRIBUTE.&id ({AttributeTable}) = object identifier 3.79 mhs-supported-automatic-actions Attribute The mhs-supported-automatic-actions attribute values identify the automatic actions that the message store, represented by the directory entry, supports. ( 2.6.5.2.8 NAME 'mhs-supported-automatic-actions' EQUALITY 2.5.13.0 ; objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID ; AUTO-ACTION.&id ({AutoActionTable}) = object identifier 3.80 mhs-supported-content-types Attribute The mhs-supported-content-types attribute values identify the content types of the messages whose syntax and semantics the message store, represented by the directory entry, supports. ( 2.6.5.2.9 NAME 'mhs-supported-content-types' EQUALITY 2.5.13.0 ; objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID ; ExtendedContentType = object identifier DALLY Expires 22 March 2001 [Page 39]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.81 mhs-supported-matching-rules Attribute The mhs-supported-matching-rules attribute values identify the matching rules that the message store, represented by the directory entry, fully supports. ( 2.6.5.2.11 NAME 'mhs-supported-matching-rules' EQUALITY 2.5.13.0 ; objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID ; MATCHING-RULE.&id ({MatchingRuleTable}) = object ; identifier 3.82 mhs-unacceptable-eits Attribute The mhs-undeliverable-eits attribute value identifies the encoded information types of a message which would make a user not accept delivery, or which would prevent an address list from doing expansion on the message. The absence of this attribute indicates that there are no EITs which are unacceptable. The presence of the special value "id-eit-all" indicates that all EITs are unacceptable except for those EITs identified by the mhs-acceptable-eits or mhs-exclusively-acceptable-eits attributes. ( 2.6.5.2.18 NAME 'mhs-unacceptable-eits' EQUALITY 2.5.13.0 ; objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; OID ; ExtendedEncodedInformationType = object identifier 3.83 militaryFacsimileNumber Attribute The militaryFacsimileNumber attribute value identifies a military facsimile number, such as a Defense Switched Network (DSN) number or Defence Fixed Telecommunications Service (DFTS) number, which is associated with the object represented by the directory entry. This attribute is a subtype of aCPTelephoneFaxNumber. An example of a militaryFacsimileNumber value is "DFTS, 555 1111 ext 25". ( 2.16.840.1.101.2.2.1.119 NAME 'militaryFacsimileNumber' SUP 2.16.840.1.101.2.2.1.94 ) ; aCPTelephoneFaxNumber 3.84 militaryTelephoneNumber Attribute The militaryTelephoneNumber attribute value identifies a military telephone number, such as a DSN number, which is associated with the object represented by the directory entry. This attribute is a subtype of aCPTelephoneFaxNumber. An example of a militaryTelephoneNumber value is "DSN, 555-333". ( 2.16.840.1.101.2.2.1.120 NAME 'militaryTelephoneNumber' SUP 2.16.840.1.101.2.2.1.94 ) ; aCPTelephoneFaxNumber DALLY Expires 22 March 2001 [Page 40]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.85 minimize Attribute The minimize attribute value indicates whether an organization, person, or role, represented by the directory entry, is under the MINIMIZE condition. If so, the message originators are responsible for not sending unnecessary messages to the recipient. ( 2.16.840.1.101.2.2.1.64 NAME 'minimize' EQUALITY 2.5.13.13 ; booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; BOOLEAN SINGLE-VALUE ) 3.86 minimizeOverride Attribute The minimizeOverride attribute value is used by the Message Conversion System (MCS) to determine whether the MINIMIZE condition will be enforced when a message is originated by this PLA. If the value is FALSE, override does not occur and MINIMIZE is enforced. If the value is TRUE, MINIMIZE is not enforced. ( 2.16.840.1.101.2.2.1.65 NAME 'minimizeOverride' EQUALITY 2.5.13.13 ; booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE ) 3.87 nameClassification Attribute The nameClassification attribute value indicates the security classification of the name of the directory entry itself. ( 2.16.840.1.101.2.2.1.67 NAME 'nameClassification' SYNTAX 2.16.840.1.101.2.2.2.4 ) ; Classification 3.88 nationality Attribute The nationality attribute value names the country which "owns" an entity. For an individual, it would be the nationality of the person. The standard Country Name attribute is used to denote the location of the entity. ( 2.16.840.1.101.2.2.1.68 NAME 'nationality' SUP 2.5.4.41 ; name SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{2} ; PrintableString ; exactly 2 characters SINGLE-VALUE ) 3.89 networkDN Attribute The networkDN attribute value contains the full DN of a network and may be used to reference the entry for the network from another entry (e.g., used in the Network Instructions entry to reference the entry for the accessed network). DALLY Expires 22 March 2001 [Page 41]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 ( 2.16.840.1.101.2.2.1.121 NAME 'networkDN' EQUALITY 2.5.13.1 ; distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ; DistinguishedName 3.90 novUKMs Attribute The novUKMs attribute value is used in the construction of selected CCEB symmetric confidentiality algorithms for the month of November. ( 2.16.840.1.101.2.1.5.30 NAME 'novUKMs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax ; encapsulating ; MonthlyUKMs SINGLE-VALUE ) 3.91 octUKMs Attribute The octUKMs attribute value is used in the construction of selected CCEB symmetric confidentiality algorithms for the month of October. ( 2.16.840.1.101.2.1.5.29 NAME 'octUKMs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax ; encapsulating ; MonthlyUKMs SINGLE-VALUE ) 3.92 onSupported Attribute The onSupported attribute value indicates the types of notifications, besides MHS notifications, generated by an mta-acp127-type of gateway. The gateway may generate all or none of the notifications. If the attribute is absent, the gateway does none of the notifications. ( 2.16.840.1.101.2.2.1.123 NAME 'onSupported' EQUALITY 2.5.13.16 ; bitStringMatch SYNTAX 2.16.840.1.101.2.2.2.3 ; otherNotificationsSupported SINGLE-VALUE ) 3.93 operationName Attribute The operationName attribute value is the name of an official military operation. For example, when used in the definition of a network (i.e., in a Network directory entry), it could be the TURQUOISE operation which develops a RITA network. DALLY Expires 22 March 2001 [Page 42]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 ( 2.16.840.1.101.2.2.1.124 NAME 'operationName' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ; DirectoryString 3.94 plaAddressees Attribute The plaAddressees attribute value of an ACP 127/JANAP 128 [4]/[5] collective contains the list of action and information addressees of the collective. It is used for some types of collectives instead of separating action and information addressees. ( 2.16.840.1.101.2.2.1.71 NAME 'plaAddressees' EQUALITY 2.5.13.11 ; caseIgnoreListMatch SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax 3.95 plaNameACP127 Attribute The plaNameACP127 attribute value is the object's (represented by the directory entry) ACP 127/JANAP 128 [4]/[5] PLA. A PLA is sometimes called the Signal Message Address or registered PLA. The long form of the PLA name is represented in the ACP 133 [1] by the longTitle attribute. ( 2.16.840.1.101.2.2.1.70 NAME 'plaNameACP127' SUP 2.5.4.41 ; name SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55} ; PrintableString SINGLE-VALUE ) 3.96 plaReplace Attribute The plaReplace attribute value is used by ACP 127/JANAP 128 [4]/[5]. When an "alternate spelling" PLA is addressed on a message, the MCS will look at the value of this attribute in the PLA's directory entry. If set, the alternate spelling on the message will be replaced with the "primary" or correct spelling. (Each alternate spelling has a pointer to the primary PLA.) ( 2.16.840.1.101.2.2.1.72 NAME 'plaReplace' EQUALITY 2.5.13.13 ; booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; BOOLEAN SINGLE-VALUE ) 3.97 plasServed Attribute The plasServed attribute value is a list of the PLAs accessible through a gateway. ( 2.16.840.1.101.2.2.1.138 NAME 'plasServed' SUP 2.5.4.41 ) ; name DALLY Expires 22 March 2001 [Page 43]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.98 positionNumber Attribute The position number attribute value is used by government and Defense agencies to identify uniquely each individual's position, and possibly role and duties, within the organization. ( 2.16.840.1.101.2.2.1.125 NAME 'positionNumber' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ; DirectoryString 3.99 primarySpellingACP127 The primarySpellingACP127 attribute value of an Alternate Spelling PLA directory entry is the object's correct PLA spelling. ( 2.16.840.1.101.2.2.1.73 NAME 'primarySpellingACP127' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55} ; PrintableString SINGLE-VALUE ) 3.100 proprietaryMailboxes Attribute The proprietaryMailboxes attribute value identifies a mailbox identifier that can be used to address mail within the local proprietary domain, such as cc:mail. ( 2.16.840.1.101.2.2.1.126 NAME 'proprietaryMailboxes' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ; DirectoryString 3.101 publish Attribute The publish attribute value indicates whether this PLA should be published in the Message Address Directory or the ACP 117 [15]. Access controls may be set based on this attribute. ( 2.16.840.1.101.2.2.1.74 NAME 'publish' EQUALITY 2.5.13.13 ; booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; BOOLEAN SINGLE-VALUE ) 3.102 rank Attribute The value of the rank attribute type contains the military or civilian rank of an individual such as Major or civilian grade. ( 2.16.840.1.101.2.2.1.133 NAME 'rank' EQUALITY 2.5.13.2 ; caseIgnoreMatch DALLY Expires 22 March 2001 [Page 44]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ; DirectoryString 3.103 recapDueDate Attribute The recapDueDate attribute value indicates when a list is expected to be recapped or validated. ( 2.16.840.1.101.2.2.1.75 NAME 'recapDueDate' EQUALITY 2.5.13.27 ; generalizedTimeMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 ; GeneralizedTime SINGLE-VALUE ) 3.104 releaseAuthorityName Attribute The releaseAuthorityName attribute value is a relative distinguished name of a release authority for an organization. ( 2.16.840.1.101.2.2.1.45 NAME 'releaseAuthorityName' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{64} ) ; DirectoryString 3.105 remarks Attribute The remarks attribute value is textual information associated with a PLA's directory entry. These remarks may be instructions rather than a description of the entity. ( 2.16.840.1.101.2.2.1.76 NAME 'remarks' EQUALITY 2.5.13.11 ; caseIgnoreListMatch SYNTAX 2.16.840.1.101.2.2.2.11 ) ; Remarks 3.106 rfc822Mailbox Attribute As defined in the COSINE/Internet schema, RFC 1274 [13], the rfc822Mailbox attribute value is an electronic mailbox identifier following the syntax in RFC 822 [16]. An example for a user on a military network is "user@host.Service.mil". This attribute and the caseIgnoreIA5SubstringsMatch are defined in RFC 2798 [19]. The attribute is included here for readability. ( 0.9.2342.19200300.100.1.3 NAME 'mail' EQUALITY 1.3.6.1.4.1.1466.109.114.2 ; caseIgnoreIA5Match SUBSTR 1.3.6.1.4.1.1466.109.114.3 ; caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) ; IA5String 3.107 rI Attribute The rI (Routing Indicator) attribute value is the information mapped to in ACP 127/JANAP 128 [4]/[5] from a user's PLA name. DALLY Expires 22 March 2001 [Page 45]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 Users are named by their PLA names and delivered to by their routing indicator values, analogous to Directory Names and O/R Addresses for X.400 users. ( 2.16.840.1.101.2.2.1.77 NAME 'rI' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ; PrintableString ; exactly 7 characters 3.108 rIClassification Attribute The rIClassification attribute value indicates the highest classification of data allowed to be processed by a specified device. ( 2.16.840.1.101.2.2.1.78 NAME 'rIClassification' SYNTAX 2.16.840.1.101.2.2.2.4 ) ; Classification 3.109 rIInfo Attribute The rIInfo attribute value is RI values with the associated properties of each RI. ( 2.16.840.1.101.2.2.1.79 NAME 'rIInfo' SYNTAX 2.16.840.1.101.2.2.2.12 ) ; RIParameters 3.110 roomNumber Attribute The roomNumber attribute value identifies a room number, as defined in the COSINE/Internet schema, RFC 1274 [13]. ( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ; DirectoryString ; limited to TeletexString or PrintableString 3.111 secondPartyAddressees Attribute The secondPartyAddressees attribute value is a list of second party action PLAs. ( 2.16.840.1.101.2.2.1.80 NAME 'secondPartyAddressees' EQUALITY 2.5.13.11 ; caseIgnoreListMatch SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees DALLY Expires 22 March 2001 [Page 46]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.112 section Attribute The section attribute value is set to TRUE if the receiving PLA requires message sectioning to be performed. This is required to transition users with slow-speed terminals. ( 2.16.840.1.101.2.2.1.81 NAME 'section' EQUALITY 2.5.13.13 ; booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; BOOLEAN SINGLE-VALUE ) 3.113 secureFacsimileNumber Attribute The secureFacsimileNumber attribute value is a facsimile number that is used for secure communication with the object represented by the directory entry. This attribute is a subtype of aCPTelephoneFaxNumber. An example of a secureFacsimileNumber value is "DSN, 555-333". ( 2.16.840.1.101.2.2.1.127 NAME 'secureFacsimileNumber' SUP 2.16.840.1.101.2.2.1.94 ) ; aCPTelephoneFaxNumber 3.114 secureTelephoneNumber Attribute The secureTelephoneNumber attribute value is a telephone number of a secure device, such as STU II or STU III, that is used for secure communication with the object represented by the directory entry. This attribute is a subtype of aCPTelephoneFaxNumber. An example of a secureTelephoneNumber value is "PSTN, +1 555 222, STU III". ( 2.16.840.1.101.2.2.1.128 NAME 'secureTelephoneNumber' SUP 2.16.840.1.101.2.2.1.94 ; aCPTelephoneFaxNumber ) 3.115 sepUKMs Attribute The sepUKMs attribute value is used in the construction of selected CCEB symmetric confidentiality algorithms for the month of November. ( 2.16.840.1.101.2.1.5.28 NAME 'sepUKMs' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax ; encapsulating ; MonthlyUKMs SINGLE-VALUE ) 3.116 serviceNumber Attribute The serviceNumber attribute value is the staff identifier number used by government and defense agencies for purposes such as DALLY Expires 22 March 2001 [Page 47]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 payroll references, medical records, human resources, and duty rosters. ( 2.16.840.1.101.2.2.1.129 NAME 'serviceNumber' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ; DirectoryString 3.117 serviceOrAgency Attribute The serviceOrAgency attribute value is an identifier of the Service or agency to which the PLA belongs. ( 2.16.840.1.101.2.2.1.82 NAME 'serviceOrAgency' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{4} ; PrintableString SINGLE-VALUE ) 3.118 sHD Attribute The sHD (specialHandlingDesignator) attribute value is a string containing the special handling designator which an entity, address, or routing indicator can support. ( 2.16.840.1.101.2.2.1.83 NAME 'sHD' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ; PrintableString 3.119 shortTitle Attribute The shortTitle attribute value is a PLA name used for Signal Intelligence (SIGINT) related communications. ( 2.16.840.1.101.2.2.1.84 NAME 'shortTitle' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55} ; PrintableString SINGLE-VALUE ) 3.120 sigad Attribute The sigad (SIGINT Address) attribute value is a PLA name used for sensitive SIGINT related communications. ( 2.16.840.1.101.2.2.1.85 NAME 'sigad' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{8} ; PrintableString ; 5 - 8 characters SINGLE-VALUE ) DALLY Expires 22 March 2001 [Page 48]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 3.121 spot Attribute The spot attribute value identifies a special project address list or collective. ( 2.16.840.1.101.2.2.1.86 NAME 'spot' EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55} ; PrintableString SINGLE-VALUE ) 3.122 tARE Attribute The tARE (Telegraph Automatic Relay Equipment) attribute value is a flag that specifies delivery responsibility for a message that is received by an intermediary. The flag is set in the directory entry for the intended recipient. ( 2.16.840.1.101.2.2.1.87 NAME 'tARE' EQUALITY 2.5.13.13 ; booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; BOOLEAN SINGLE-VALUE ) 3.123 tCC Attribute The tCC (Transmission Control Code) attribute value specifies a message handling instruction used in the RI. ( 2.16.840.1.101.2.2.1.96 NAME 'tCC' EQUALITY 2.5.13.2 ; caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ; PrintableString ; exactly 3 characters SINGLE-VALUE ) 3.124 tCCG ATTRIBUTE The tCCG (Transmission Control Code Group) attribute value specifies a group of message handling instructions used in the routing indicator. ( 2.16.840.1.101.2.2.1.144 NAME 'tCCG' SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ; PrintableString EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ) ; caseIgnoreSubstringsMatch 3.125 transferStation Attribute The transferStation attribute value indicates whether a message for the entity should be sent to a communications processing and routing system, called a transfer station. For example, a Naval Communications Processing and Routing System (NAVCOMPARS) is a DALLY Expires 22 March 2001 [Page 49]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 transfer station. If this attribute is TRUE, traffic should be routed to a transfer station. ( 2.16.840.1.101.2.2.1.69 NAME 'transferStation' EQUALITY 2.5.13.13 ; booleanMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ; BOOLEAN SINGLE-VALUE ) 3.126 tRC Attribute The tRC (Transmission Release Code) attribute value is the classification of data used in the routing indicator. Possible values include: A Australia B British Commonwealth less Canada, Australia, and New Zealand C Canada U US X Belgium, Denmark, France, Germany, Greece, Italy, Netherlands, Norway, Portugal, Turkey, NATO Z New Zealand ( 2.16.840.1.101.2.2.1.97 NAME 'tRC' EQUALITY 2.5.13.2 ; caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ; PrintableString SINGLE-VALUE ) 3.127 usdConversion ATTRIBUTE The usdConversion attribute value is an organizational address that is used when other types of address are not appropriate. ( 2.16.840.1.101.2.2.1.145 NAME 'usdConversion' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ; DirectoryString EQUALITY 2.5.13.2 ; caseIgnoreMatch SUBSTR 2.5.13.4 ) ; caseIgnoreSubstringsMatch DALLY Expires 22 March 2001 [Page 50]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 4. NAME FORMS 4.1 aCPNetworkEdBNameForm ( 2.16.840.1.101.2.2.4.42 NAME 'aCPNetworkEdBNameForm' OC 2.16.840.1.101.2.2.3.68 ; aCPNetworkEdB MUST 2.5.4.3 ) ; cn 4.2 aCPNetworkInstrEdBNameForm ( 2.16.840.1.101.2.2.4.43 NAME 'aCPNetworkInstrEdBNameForm' OC 2. ; aCPNetworkInstructionsEdB MUST 2.5.4.3 ) ; cn 4.3 addressListNameForm ( 2.16.840.1.101.2.2.4.27 NAME 'addressListNameForm' OC 2.16.840.1.101.2.2.3.57 ; addressList MUST 2.5.4.3 ) ; cn 4.4 aENameForm ( 2.16.840.1.101.2.2.4.34 NAME 'aENameForm' OC 2.5.6.12 ; applicationEntity MUST 2.5.4.3 ; cn MAY 2.5.4.46 ) ; dnQualifier 4.5 aliasCNNameForm ( 2.16.840.1.101.2.2.4.21 NAME 'aliasCNNameForm' OC 2.16.840.1.101.2.2.3.52 ; aliasCommonName MUST 2.5.4.3 ) ; cn 4.6 aliasOUNameForm ( 2.16.840.1.101.2.2.4.22 NAME 'aliasOUNameForm' OC 2.16.840.1.101.2.2.3.53 ; aliasOrganizationalUnit MUST 2.5.4.11 ) ; ou 4.7 applProcessNameForm ( 2.5.15.10 NAME 'applProcessNameForm' OC 2.5.6.11 ; applicationProcess MUST 2.5.4.3 ) ; cn 4.8 alternateSpellingPLANameForm ( 2.16.840.1.101.2.2.4.4 NAME 'alternateSpellingPLANameForm' OC 2.16.840.1.101.2.2.3.58 ; altSpellingACP127 MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 DALLY Expires 22 March 2001 [Page 51]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 4.9 cadPLANameForm ( 2.16.840.1.101.2.2.4.6 NAME 'cadPLANameForm' OC 2.16.840.1.101.2.2.3.28 ; cadACP127 MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 4.10 cRLDistPtNameForm ( 2.5.15.14 NAME 'cRLDistPtNameForm' OC 2.5.6.19 ; cRLDistributionPoint MUST 2.5.4.3 ) ; cn 4.11 countryNameForm ( 2.5.15.0 NAME 'countryNameForm' OC 2.5.6.2 ; country MUST 2.5.4.6 ) ; countryName 4.12 deviceNameForm ( 2.5.15.13 NAME 'deviceNameForm' OC 2.5.6.14 ; device MUST 2.5.4.3 ) ; cn 4.13 distributionCodeDescriptionNameForm ( 2.16.840.1.101.2.2.4.23 NAME 'distributionCodeDescriptionNameForm' OC 2.16.840.1.101.2.2.3.55 ; distributionCodeDescription MUST 2.5.4.3 ) ; cn 4.14 dSANameForm ( 2.5.15.12 NAME 'dSANameForm' OC 2.5.6.13 ; dSA MUST 2.5.4.3 ) ; cn 4.15 dSSCSPLANameForm ( 2.16.840.1.101.2.2.4.41 NAME 'dSSCSPLANameForm' OC 2.16.840.1.101.2.2.3.67 ; dSSCSPLA MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 4.16 gONNameForm ( 2.5.15.8 NAME 'gONNameForm' OC 2.5.6.9 ; groupOfNames MUST 2.5.4.3 ) ; cn DALLY Expires 22 March 2001 [Page 52]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 4.17 locNameForm ( 2.5.15.1 NAME 'locNameForm' OC 2.5.6.3 ; locality MUST 2.5.4.7 ) ; localityName 4.18 messagingGatewayNameForm ( 2.16.840.1.101.2.2.4.28 NAME 'messagingGatewayNameForm' OC 2.16.840.1.101.2.2.4.59 ; messagingGateway MUST 2.5.4.3 ) ; cn 4.19 mhs-dLNameForm ( 2.16.840.1.101.2.2.4.29 NAME 'mhs-dLNameForm' OC 2.6.5.1.0 ; mhs-distribution-list MUST 2.5.4.3 ) ; cn 4.20 mLANameForm ( 2.16.840.1.101.2.2.4.9 NAME 'mLANameForm' OC 2.16.840.1.101.2.2.3.31 ; mLA MUST 2.5.4.3 ) ; cn 4.21 mLAgentNameForm ( 2.16.840.1.101.2.2.4.40 NAME 'mLAgentNameForm' OC 2.16.840.1.101.2.2.3.64 ; mLAgent MUST 2.5.4.3 ) ; cn 4.22 mSNameForm ( 2.16.840.1.101.2.2.4.24 NAME 'mSNameForm' OC 2.6.5.1.1 ; mhs-message-store MUST 2.5.4.3 ) ; cn 4.23 mTANameForm ( 2.16.840.1.101.2.2.4.25 NAME 'mTANameForm' OC 2.6.5.1.2 ; mhs-message-transfer-agent MUST 2.5.4.3 ) ; cn 4.24 mUANameForm ( 2.16.840.1.101.2.2.4.26 NAME 'mUANameForm' OC 2.6.5.1.4 ; mhs-user-agent MUST 2.5.4.3 ) ; cn DALLY Expires 22 March 2001 [Page 53]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 4.25 organizationalPLANameForm ( 2.16.840.1.101.2.2.4.12 NAME 'organizationalPLANameForm' OC 2.16.840.1.101.2.2.3.34 ; orgACP127 MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 4.26 organizationNameForm ( 2.16.840.1.101.2.2.4.35 NAME 'organizationNameForm' OC 2.5.6.4 ; organization MUST 2.5.4.10 ; organizationName MAY 2.5.4.46 ) ; dnQualifier 4.27 orgRNameForm ( 2.16.840.1.101.2.2.4.37 NAME 'orgRNameForm' OC 2.5.6.8 ; organizationalRole MUST 2.5.4.3 ; cn MAY 2.5.4.46 ) ; dnQualifier 4.28 orgUNameForm ( 2.16.840.1.101.2.2.4.38 NAME 'orgUNameForm' OC 2.5.6.5 ; organizationalUnit MUST 2.5.4.11 ; organizationalUnitName MAY 2.5.4.46 ) ; dnQualifier 4.29 plaCollectiveNameForm ( 2.16.840.1.101.2.2.4.13 NAME 'plaCollectiveNameForm' OC 2.16.840.1.101.2.2.3.35 ; plaCollectiveACP127 MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 4.30 qualifiedOrgPersonNameForm ( 2.16.840.1.101.2.2.4.36 NAME 'qualifiedOrgPersonNameForm' OC 2.5.6.7 ; organizationalPerson MUST 2.5.4.3 ; cn MAY ( 2.5.4.46 ; dnQualifier $ 2.5.4.11 ) ; organizationalUnitName 4.31 releaseAuthorityPersonNameForm ( 2.16.840.1.101.2.2.4.32 NAME 'releaseAuthorityPersonNameForm' OC 2.16.840.1.101.2.2.3.63 ; releaseAuthorityPerson MUST 2.16.840.1.101.2.2.1.45 ) ; releaseAuthorityName 4.32 releaseAuthorityPersonANameForm ( 2.16.840.1.101.2.2.4.39 NAME 'releaseAuthorityPersonANameForm' OC 2.16.840.1.101.2.2.3.65 ; releaseAuthorityPersonA MUST 2.16.840.1.101.2.2.1.45 ) ; releaseAuthorityName DALLY Expires 22 March 2001 [Page 54]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 4.33 routingIndicatorNameForm ( 2.16.840.1.101.2.2.4.15 NAME 'routingIndicatorNameForm' OC 2.16.840.1.101.2.2.3.37 ; routingIndicator MUST 2.16.840.1.101.2.2.1.77 ) ; rI 4.34 sigintPLANameForm ( 2.16.840.1.101.2.2.4.16 NAME 'sigintPLANameForm' OC 2.16.840.1.101.2.2.3.38 ; sigintPLA MUST 2.16.840.1.101.2.2.1.85 ) ; sigad 4.35 sIPLANameForm ( 2.16.840.1.101.2.2.4.17 NAME 'sIPLANameForm' OC 2.16.840.1.101.2.2.3.39 ; sIPLA MUST 2.16.840.1.101.2.2.1.63 ) ; longTitle 4.36 sOPNameForm ( 2.5.15.2 NAME 'sOPNameForm' OC 2.5.6.3 ; locality MUST 2.5.4.8 ) ; stateOrProvinceName 4.37 spotPLANameForm ( 2.16.840.1.101.2.2.4.18 NAME 'spotPLANameForm' OC 2.16.840.1.101.2.2.3.40 ; spotPLA MUST 2.16.840.1.101.2.2.1.86 ) ; spot 4.38 taskForcePLANameForm ( 2.16.840.1.101.2.2.4.19 NAME 'taskForcePLANameForm' OC 2.16.840.1.101.2.2.3.41 ; taskForceACP127 MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 4.39 tenantPLANameForm ( 2.16.840.1.101.2.2.4.20 NAME 'tenantPLANameForm' OC 2.16.840.1.101.2.2.3.42 ; tenantACP127 MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127 DALLY Expires 22 March 2001 [Page 55]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 5. MATCHING RULES 5.1 addressCapabilitiesMatch Matching Rule ( 2.6.5.4.1 NAME 'addressCapabilitiesMatch' SYNTAX 2.16.840.1.101.2.2.2.16 ) ; Address Capabilities syntax 5.2 capabilityMatch Matching Rule ( 2.6.5.4.2 NAME 'capabilityMatch' SYNTAX 2.16.840.1.101.2.2.2.13 ) ; Capability syntax 5.3 oRAddressMatch Matching Rule ( 2.6.4.8.14 NAME 'oRAddressMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.33 ) 5.4 oRNameExactMatch Matching Rule ( 2.6.5.4.0 NAME 'oRNameExactMatch' SYNTAX 2.16.840.1.101.2.2.2.10 ) ; O/R Name syntax 5.5 caseIgnoreListSubstringsMatch Matching Rule ( 2.5.13.12 NAME 'caseIgnoreListSubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 ) ; Substring Assertion 5.6 booleanMatch Matching Rule ( 2.5.13.13 NAME 'booleanMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) ; BOOLEAN DALLY Expires 22 March 2001 [Page 56]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 6. ATTRIBUTE SYNTAXES 6.1 aCPLegacyFormat Attribute Syntax ( 2.16.840.1.101.2.2.2.17 DESC 'aCPLegacyFormat syntax' ) The encoding of a value in this syntax is any one of the INTEGER values: 0 - 15 or 32 - 48 where: 0 means JANAP128, 1 means ACP126, 2 means DOI103, 3 means DOI103Special, 4 means ACP127, 5 means ACP127Converted, (6 means Reserved1), 7 means ACP127State, 8 means ACP127Modified, 9 means SOCOMMSpecial, 10 means SOCOMMNarrative, (11 means Reserved2), 12 means SOCOMMNarrativeSpecial, 13 means SOCOMMData, 14 means SOCOMMInternal, 15 means SOCOMMExternal, and 32 - 48 means national or bilateral use. 6.2 aCPPreferredDelivery Attribute Syntax for the aCPPreferredDelivery Attribute ( 2.16.840.1.101.2.2.2.6 DESC 'aCPPreferredDelivery syntax' ) The encoding of a value in this syntax is any one of the INTEGER values: 0, 1, or 2, where: 0 means SMTP, 1 means ACP 127, and 2 means MHS 6.3 aCPTelephoneFaxNumber Attribute Syntax ( 2.16.840.1.101.2.2.2.1 DESC 'aCPTelephoneFaxNumber syntax' ) Values in this syntax are encoded according to the following BNF: aCPTelephoneFaxNumber = netid ", " telephonenum [ ", " securedevid ] nocommap = a /d / """ / "(" / ")" / "+" / "-" / "." / "/" / ":" / "?" / " " netid = 1*6nocommap DALLY Expires 22 March 2001 [Page 57]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 telephonenum = 1*32nocommap securdevid = 1*8p For more information, see ACP 133 [1], Annex B, clause 24. 6.4 AddressCapabilities Attribute Syntax from X.402 [17] ( 2.16.840.1.101.2.2.2.16 DESC 'AddressCapabilities' ) Values in this syntax are encoded according to the following BNF: addresscapabilities = [ "description=" generalstring ] "address=" oraddress "capabilities=" [ capability *( "$"capability ) ] generalstring = ; The encoding of a value in this element ; of the syntax is the string value itself. oraddress = ; MHS OR Address syntax ; 1.3.6.1.4.1.1466.115.121.1.33 capability = ; capability syntax 2.16.840.1.101.2.2.2.13 6.5 Addressees Attribute Syntax ( 2.16.840.1.101.2.2.2.2 DESC 'Addressees' ) Values in this syntax are encoded according to the following BNF: addressees = [ 1*55p *( "$" 1*55p ) ] That is, if the Addressees value is an empty sequence, the result is the empty or zero length string. Otherwise, the output consists of the PrintableString encoding of each element in the sequence, in the same order as in the sequence with "$" between the elements. 6.6 addressListType Attribute Syntax for the aLType Attribute ( 2.16.840.1.101.2.2.2.8 DESC 'addressListType' ) Values in this syntax are encoded according to the following BNF: addressListType = [ "-" ] numericstring ; an INTEGER, where: ; 0 means AIG, ; 1 means TYPE, ; 2 means CAD, and ; 3 means TASKFORCE Note that future definitions of this syntax may assign a standard meaning to another integer value, e.g., 4 means XXX. DALLY Expires 22 March 2001 [Page 58]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 6.7 Capability Attribute Syntax from X.402 [17] ( 2.16.840.1.101.2.2.2.13 DESC 'Capability' ) Values in this syntax are encoded according to the following BNF: capability = [ "content-types=" [numericoid *( ", " numericoid) ] ] [ "maximum-content-length=" numericstring ] ; an INTEGER in the range 0 - 2147483647 [ "encoded-information-types-constraints=" [ "unaccept eits" unacceptable-eits ] [ "accept eits" acceptable-eits ] [ "only eits" exclusively-acceptable-eits ] ] [ "security-labels=" securitycontext ] unacceptable-eits = extendedencodedeits acceptable-eits = extendedencodedeits exclusively-acceptable-eits = extendedencodedeits extendedencodedeits = numericoid *1023( ", "numericoid ) securitycontext = securitylabel *255securitylabel securitylabel = [ "security-policy-id=" numericoid ] [ "security-classification=" numericstring ] ; an INTEGER in the range 0 - 256, where ; 0 means Unmarked, ; 1 means Unclassified, ; 2 means Restricted, ; 3 means Confidential, ; 4 means Secret, and ; 5 means Top Secret [ "privacy-mark=" 1*128p ] [ "security-categories=" securitycategories ] securitycategories = ; the BER encoding of the set of type ; and value pairs for the instances of any ; data types that are specified to be ; SECURITY-CATEGORY types 6.8 Classification Attribute Syntax ( 2.16.840.1.101.2.2.2.4 DESC 'Classification' ) DALLY Expires 22 March 2001 [Page 59]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 The encoding of a value in this syntax is any one of the INTEGER values: 0, 1, 2, 3, 4, or 5, where: 0 means unmarked, 1 means unclassified, 2 means restricted, 3 means confidential, 4 means secret, and 5 means top secret 6.9 Community Abstract Syntax for the community Attribute ( 2.16.840.1.101.2.2.2.5 DESC 'Community syntax' ) The encoding of a value in this syntax is any one of the INTEGER values: 0, 1, or 2, where: 0 means GENSER, 1 means SI, and 2 means both 6.10 DLPolicy Attribute Syntax from X.402 [17] ( 2.16.840.1.101.2.2.2.14 DESC 'DLPolicy' ) Values in this syntax are encoded according to the following BNF: dlpolicy = [ "report-propagation=" [ "-" ] numericstring ] ; where 0 means previous-dl-or-originator, ; 1 means dl-owner, and ; 2 means both [ "report-from-dl=" [ "-" ] numericstring ] ; where 0 means whenever-requested and ; 1 means when-no-propagation [ "originating-MTA-report=" [ "-" ] numericstring ] ; where 0 means unchanged, ; 2 means report, ; 3 means non-delivery-report, and ; 4 means audited-report [ "originator-report=" [ "-" ] numericstring ] ; where 0 means unchanged, ; 1 means no-report, ; 2 means report, and ; 3 means non-delivery-report [ "return-of-content=" numericstring ] ; an INTEGER in the range 0 - 2, where ; 0 means unchanged, ; 1 means content-return-not-requested, ; and 2 means content-return-requested [ "priority=" [ "-" ] numericstring ] ; where ; 0 means unchanged, ; 1 means normal, DALLY Expires 22 March 2001 [Page 60]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 ; 2 means non-urgent, and ; 3 means urgent [ "disclosure-of-other-recipients=" numericstring ] ; an INTEGER in the range 0 - 2, where ; 0 means unchanged, ; 1 means disclosure-of-other-recipients-prohibited, ; and 2 means disclosure-of-other-recipients-allowed [ "implicit-conversion-prohibited=" numericstring ] ; an INTEGER in the range 0 - 2, where ; 0 means unchanged, ; 1 means implicit-conversion-allowed, and ; 2 means implicit-conversion-prohibited [ "conversion-with-loss-prohibited=" numericstring ] ; an INTEGER in the range 0 - 2, where ; 0 means unchanged, ; 1 means conversion-with-loss-allowed, and ; 2 means conversion-with-loss-prohibited [ "further-dl-expansion-allowed=" ( "TRUE" / "FALSE") ] [ "originator-requested-alternate-recipient-removed=" ( "TRUE" / "FALSE" ) ] [ "proof-of-delivery=" [ "-" ] numericstring ] ; where 0 means dl-expansion-point, ; 1 means dl-members, ; 2 means both, and ; 3 means neither [ "requested-delivery-method=" ( "unchanged" / "removed" / ( "replaced: " requested-delivery-method ) ) ] requested-delivery-method = [ delivery-methods *( ", " delivery-methods ) ] delivery-methods = numericstring ; an INTEGER in the range ; 0 - 256, where ; 0 means any-delivery-method, 1 means ; mhs-delivery, 2 means physical-delivery, ; 3 means telex-delivery, ; 4 means teletex-delivery, ; 5 means g3-facsimile-delivery, ; 6 means g4-facsimile-delivery, ; 7 means ia5-terminal-delivery, ; 8 means videotex-delivery, and ; 9 means telephone-delivery DALLY Expires 22 March 2001 [Page 61]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 6.11 DLSubmitPermission Attribute Syntax from X.402 [17] ( 2.16.840.1.101.2.2.2.15 DESC 'DLSubmitPermission' ) Values in this syntax are encoded according to the following BNF: dlsubmitpermission = ( "individual=" orname ) / ("member-of-dl=" orname ) / ("pattern-match=" orname ) / ( "member-of-group=" name ) orname = ; O/R Name syntax 2.16.840.1.101.2.2.2.10 name = ; DN syntax 1.3.6.1.4.1.1466.115.121.1.12 6.12 MLReceiptPolicy Attribute Syntax ( 2.16.840.1.101.2.2.2.9 DESC 'MLReceiptPolicy' ) Values in this syntax are encoded according to the following BNF: mLReceiptPolicy = none / insteadof / inadditionto none = "none" insteadof = "instead of" generalnames *15( "$" generalnames ) inadditionto = "in addition to" generalnames *15( "$" generalnames ) generalnames = generalname *( "%" generalname ) generalname = ( "otherName = " othername ) / ( "rfc822Name = " ia5string ) / ( "dNSName = " ia5string ) / ( "x400Address = " oraddress ) / ( "directoryName = " name ) / ( "ediPartyName = " [ "nameAssigner:" directorystring ] "partyName:" directorystring ) / ( "uniformResourceIdentifier = " ia5string ) / ( "iPAddress = " octetstring ) / ( "registeredID = " numericoid ) othername = ; the BER encoding of the type and value pair ; for an instance of any data type that is ; specified to be an OTHER-NAME type. ia5string = ; IA5 String syntax 1.3.6.1.4.1.1466.115.121.1.26 oraddress = ; MHS OR Address syntax ; 1.3.6.1.4.1.1466.115.121.1.33 DALLY Expires 22 March 2001 [Page 62]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 name = ; DN syntax 1.3.6.1.4.1.1466.115.121.1.12 directorystring = ; Directory String syntax ; 1.3.6.1.4.1.1466.115.121.1.15 octetstring = ; Octet String syntax ; 1.3.6.1.4.1.1466.115.121.1.40 6.13 ORName Attribute Syntax from X.411 [18] ( 2.16.840.1.101.2.2.2.10 DESC 'ORName' ) Values in this syntax are encoded according to the following BNF: oRName = oraddress [ "|" name ] oraddress = ; MHS OR Address syntax ; 1.3.6.1.4.1.1466.115.121.1.33 name = ; DN syntax 1.3.6.1.4.1.1466.115.121.1.12 6.14 otherNotificationsSupported Abstract Syntax for the onSupported Attribute ( 2.16.840.1.101.2.2.2.3 DESC 'otherNotificationsSupported' ) Values in this syntax are encoded according to the following BNF: otherNotificationsSupported = namedbits / bitstring namedbits = "{" [ namedbit *( "," namedbit ) ] "}" namedbit = "acp127-nn" / "acp127-pn" / "acp127-tn" bitstring = "'" *binary-digit "'B" binary-digit = "0" / "1" The presence of the name of a namedbit in the namedbits alternative means that the value of the bit is 1. The value of an absent namedbit is 0. 6.15 Remarks Attribute Syntax ( 2.16.840.1.101.2.2.2.11 DESC 'Remarks syntax' ) Values in this syntax are encoded according to the following BNF: remarks = [ *p *( "$" *p ) ] DALLY Expires 22 March 2001 [Page 63]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 6.16 RIParameters Attribute Syntax ( 2.16.840.1.101.2.2.2.12 DESC 'RIParameters' ) Values in this syntax are encoded according to the following BNF: rIParameters = "rI=" *p whsp "rIType=" numericstring whsp ; an INTEGER in ; the range 0 - 2, where ; 0 means normal, ; 1 means off-line, and ; 2 means partTimeTerminal "minimize=FALSE" whsp ; not used anymore "sHD=" *p whsp "classification=" numericstring ; an INTEGER ; in the range 0 - 5, where ; 0 means unmarked, ; 1 means unclassified, ; 2 means restricted, ; 3 means confidential, ; 4 means secret, and ; 5 means top secret DALLY Expires 22 March 2001 [Page 64]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 7. EXAMPLE CONTENT RULES The content rules given in ACP 133(B) [1] are examples, not requirements. The rules included in this document are examples to aid in the specification of similar content rules, especially those derived from these examples. 7.1 aCPApplicationEntityRuleEdA Content Rule ( 2.5.6.12 NAME 'aCPApplicationEntityRuleEdA' ; applicationEntity object class AUX ( 2.5.6.22 $ ; pkiCA 2.16.840.1.101.2.2.3.66 ) ; securePkiUser MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.5.4.46 $ ; dnQualifier 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.2 aCPCRLDistributionPointRule Content Rule ( 2.5.6.19 NAME 'aCPCRLDistributionPointRule' ; cRLDistributionPoint object class MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.3 aCPDeviceRuleEdA Content Rule ( 2.5.6.14 NAME 'aCPDeviceRuleEdA' ; device object class AUX 2.16.840.1.101.2.2.3.66 ; securePkiUser MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.4 aCPDSARuleEdA Content Rule ( 2.5.6.13 NAME 'aCPDSARuleEdA' ; dSA object class AUX 2.16.840.1.101.2.2.3.66 ; securePkiUser MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.5 aCPGroupOfNamesRule Content Rule ( 2.5.6.9 NAME 'aCPGroupOfNamesRule' ; groupOfNames object class MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate DALLY Expires 22 March 2001 [Page 65]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 7.6 aCPLocalityRule Content Rule ( 2.5.6.3 NAME 'aCPLocalityRule' ; locality object class MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.7 aCPMhs-distribution-listRule Content Rule ( 2.6.5.1.0 NAME 'aCPMhs-distribution-listRule' ; mhs-distribution-list object class MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.8 aCPMhs-message-storeRuleEdA Content Rule ( 2.6.5.1.1 NAME 'aCPMhs-message-storeRuleEdA' ; mhs-message-store object class AUX 2.16.840.1.101.2.2.3.66 ; securePkiUser MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.9 aCPMhs-message-transfer-agentRuleEdA Content Rule ( 2.6.5.1.2 NAME 'aCPMhs-message-transfer-agentRuleEdA' ; mhs-message-transfer-agent object class AUX 2.16.840.1.101.2.2.3.66 ; securePkiUser MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.10 aCPMhs-user-agentRule Content Rule ( 2.6.5.1.4 NAME 'aCPMhs-user-agentRule' ; mhs-user-agent object class MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.11 aCPOrganizationalPersonRuleEdB Content Rule ( 2.5.6.7 NAME 'aCPOrganizationalPersonRuleEdB' ; organizationalPerson object class AUX ( 2.16.840.1.101.2.2.3.54 $ ; distributionCodesHandled 2.6.5.1.3 $ ; mhs-user 2.16.840.1.101.2.2.3.62 $ ; otherContactInformation 2.16.840.1.101.2.2.3.66 $ ; securePkiUser 2.16.840.1.101.2.1.4.16 ) ; ukms DALLY Expires 22 March 2001 [Page 66]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 MAY ( 2.16.840.1.101.2.2.1.142 $ ; aCPLegacyFormat 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.3 $ ; alternateRecipient 2.5.4.15 $ ; businessCategory 2.16.840.1.101.2.2.1.139 $ ; deployed 2.5.4.46 $ ; dnQualifier 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 $ ; expirationDate 2.16.840.1.101.2.2.1.140 $ ; garrison 2.16.840.1.101.2.2.1.117 $ ; guard 2.16.840.1.101.2.2.1.61 $ ; listPointer 2.16.840.1.101.2.2.1.68 $ ; nationality 2.16.840.1.101.2.2.1.125 $ ; positionNumber 2.16.840.1.101.2.2.1.133 $ ; rank 0.9.2342.19200300.100.1.3 $ ; rfc822Mailbox 2.16.840.1.101.2.2.1.129 ) ) ; serviceNumber 7.12 aCPOrganizationalRoleRuleEdB Content Rule ( 2.5.6.8 NAME 'aCPOrganizationalRoleRuleEdB' ; organizationalRole object class AUX ( 2.5.6.22 $ ; pkiCA 2.16.840.1.101.2.2.3.54 $ ; distributionCodesHandled 2.6.5.1.3 $ ; mhs-user 2.16.840.1.101.2.2.3.62 $ ; otherContactInformation 2.16.840.1.101.2.2.3.66 $ ; securePkiUser 2.16.840.1.101.2.1.4.16 ) ; ukms MAY ( 2.16.840.1.101.2.2.1.142 $ ; aCPLegacyFormat 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.3 $ ; alternateRecipient 2.5.4.15 $ ; businessCategory 2.16.840.1.101.2.2.1.139 $ ; deployed 2.5.4.46 $ ; dnQualifier 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 $ ; expirationDate 2.16.840.1.101.2.2.1.140 $ ; garrison 2.16.840.1.101.2.2.1.117 $ ; guard 2.16.840.1.101.2.2.1.61 $ ; listPointer 2.16.840.1.101.2.2.1.68 $ ; nationality 0.9.2342.19200300.100.1.3 ) ) ; rfc822Mailbox 7.13 aCPOrganizationalUnitRuleEdB Content Rule ( 2.5.6.5 NAME 'aCPOrganizationalUnitRuleEdB' ; organizationalUnit object class AUX ( 2.5.6.22 $ ; pkiCA 2.16.840.1.101.2.2.3.54 $ ; distributionCodesHandled 2.6.5.1.3 $ ; mhs-user 2.16.840.1.101.2.2.3.62 $ ; otherContactInformation 2.16.840.1.101.2.2.3.56 $ ; plaUser 2.16.840.1.101.2.2.3.66 $ ; securePkiUser 2.16.840.1.101.2.1.4.16 ) ; ukms DALLY Expires 22 March 2001 [Page 67]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 MAY ( 2.16.840.1.101.2.2.1.142 $ ; aCPLegacyFormat 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.3 $ ; alternateRecipient 2.16.840.1.101.2.2.1.6 $ ; associatedPLA 2.16.840.1.101.2.2.1.139 $ ; deployed 2.5.4.46 $ ; dnQualifier 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 $ ; expirationDate 2.16.840.1.101.2.2.1.140 $ ; garrison 2.16.840.1.101.2.2.1.117 $ ; guard 2.16.840.1.101.2.2.1.61 $ ; listPointer 2.16.840.1.101.2.2.1.68 $ ; nationality 0.9.2342.19200300.100.1.3 ) ) ; rfc822Mailbox 7.14 aCPOrganizationRuleEdB Content Rule ( 2.5.6.4 NAME 'aCPOrganizationRuleEdB' ; organization object class AUX ( 2.5.6.22 $ ; pkiCA 2.16.840.1.101.2.2.3.62 ) ; otherContactInformation MAY ( 2.16.840.1.101.2.2.1.142 $ ; aCPLegacyFormat 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.5.4.46 $ ; dnQualifier 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.15 aCPRoutingIndicatorRuleEdB Content Rule ( 2.16.840.1.101.2.2.3.37 NAME 'aCPRoutingIndicatorRuleEdB' ; routingIndicator MAY ( 2.16.840.1.101.2.2.1.144 $ ; tCCG 2.16.840.1.101.2.2.1.76 ) ) ; remarks 7.16 addressListRuleEdA Content Rule ( 2.16.840.1.101.2.2.3.57 NAME 'addressListRuleEdA' ; addressList object class AUX ( 2.16.840.1.101.2.2.3.54 $ ; distributionCodesHandled 2.6.5.1.3 $ ; mhs-user 2.16.840.1.101.2.2.3.56 $ ; plaUser 2.16.840.1.101.2.2.3.66 $ ; securePkiUser 2.16.840.1.101.2.1.4.16 ) ; ukms MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.3 $ ; alternateRecipient 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 $ ; expirationDate 2.16.840.1.101.2.2.1.117 $ ; guard 2.16.840.1.101.2.2.1.61 $ ; listPointer 0.9.2342.19200300.100.1.3 ) ) ; rfc822Mailbox DALLY Expires 22 March 2001 [Page 68]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 7.17 aliasCommonNameRule Content Rule ( 2.16.840.1.101.2.2.3.52 NAME 'aliasCommonNameRule' ; aliasCommonName object class MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.18 aliasOrganizationalUnitRule Content Rule ( 2.16.840.1.101.2.2.3.53 NAME 'aliasOrganizationalUnitRule' ; aliasOrganizationalUnit object class MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.19 distributionCodeDescriptionRule Content Rule ( 2.16.840.1.101.2.2.3.55 NAME 'distributionCodeDescriptionRule' ; distributionCodeDescription object class MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.20 messagingGatewayRuleEdA Content Rule ( 2.16.840.1.101.2.2.3.59 NAME 'messagingGatewayRuleEdA' ; messagingGateway object class AUX ( 2.16.840.1.101.2.2.3.66 $ ; securePkiUser 2.16.840.1.101.2.1.4.16 ) ; ukms MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 $ ; expirationDate 2.16.840.1.101.2.2.1.117 $ ; guard 2.16.840.1.101.2.2.1.138 $ ; plasServed 0.9.2342.19200300.100.1.3 ) ) ; rfc822Mailbox 7.21 mLAgentRule Content Rule ( 2.16.840.1.101.2.2.3.64 NAME 'mLAgentRule' ; mLAgent object class MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.22 networkEdBRule Content Rule ( 2.16.840.1.101.2.2.3.68 NAME 'networkEdBRule' ; aCPNetworkEdB object class MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate DALLY Expires 22 March 2001 [Page 69]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 7.23 networkInstructionsEdBRule Content Rule ( 2.16.840.1.101.2.2.3.69 NAME 'networkInstructionsEdBRule' ; aCPNetworkInstructionsEdB object class MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.24 rAPersonRuleEdA Content Rule ( 2.16.840.1.101.2.2.3.65 NAME 'rAPersonRuleEdA' ; releaseAuthorityPersonA object class MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate 2.16.840.1.101.2.2.1.57 ) ) ; expirationDate 7.25 sigintPLARule Content Rule ( 2.16.840.1.101.2.2.3.38 NAME 'sigintPLARule' ; sigintPLA object class MAY 2.16.840.1.101.2.2.1.4 ) ; associatedOrganization 7.26 spotPLARule Content Rule ( 2.16.840.1.101.2.2.3.40 NAME 'spotPLARule' ; spotPLA object class MAY 2.16.840.1.101.2.2.1.113 ) ; associatedAL DALLY Expires 22 March 2001 [Page 70]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 8. STRUCTURE RULES There are no structure rules defined in ACP 133(B) [1] 9. SECURITY CONSIDERATIONS Attributes of directory entries are used to provide descriptive information about the real-world objects they represent, which can be people, organizations or devices. Most countries have privacy laws regarding the publication of information about people. Some of the object classes and attributes in this document support the use of a directory as part of a PKI. This schema also holds information so that components of a variety of network applications, including the directory service, can be strongly authenticated to one another and with users. DALLY Expires 22 March 2001 [Page 71]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 10. REFERENCES [1] Common Directory Services and Procedures, ACP 133 Edition B, March 2000 [2] Wahl, M., Coulbeck, A., Howes, T., and S. Kille, "Lightweight X.500 Directory Access Protocol (v3): Attribute Syntax Definitions", RFC 2252, December 1997 [3] Wahl, M., "A Summary of the X.500(96) User Schema for use with LDAPv3", RFC 2256, December 1997 [4] ACP 127, "Communications Instructions - Tape Relay Procedures" [5] JANAP 128(I), Joint Chiefs of Staff, May 1983, Automatic Digital Network (AUTODIN) Operating Procedures [6] ACP 123, "Common Messaging Strategy and Procedures", November, 1994 [7] NATO APP-3, "NATO Subject Indicator System (NASIS) - publication 3", Oct. 1982 [8] ITU-T Recommendation X.521 (1993 & 1997) | ISO/IEC 9594-7: 1995 & 1997, "Information technology - Open Systems Interconnection - The Directory: Selected object classes" [9] RFC 2587, "Internet X.509 Public Key Infrastructure LDAPv2 Schema", June 1999 [10] ITU-T Recommendation X.520 (1993 & 1997) | ISO/IEC 9594-6: 1995 & 1997, "Information technology - Open Systems Interconnection - The Directory: Selected attribute types" [11] ACP 120, "Common Security Protocol (CSP)", final draft [12] STANAG 4406, "NATO Reference Model for Open Systems Interconnection -Military Message Handling Systems" [13] Barker, P. and Kille, S., "The COSINE and Internet X.500 Schema", RFC 1274, November 1991 [14] ISO 3166-1: 1997, "Codes for the representation of names of countries and their subdivsions - part 1: Country codes" [15] ACP 117, "Allied Routing Indicator Book" [16] RFC 822, "STANDARD FOR THE FORMAT OF ARPA INTERNET TEXT MESSAGES", August 13, 1982 DALLY Expires 22 March 2001 [Page 72]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 [17] ITU-T Recommendation X.402 (1995)/ISO/IEC 10021-2: 1996, "Information Technology - Message Handling Systems (MHS) - Overall Architecture" [18] ITU-T Recommendation X.411 (1995)/ISO/IEC 10021-4: 1996, "Information Technology - Message Handling Systems (MHS) - Message Transfer System: Abstract Service Definition and Procedure" [19] Smith, M., "Definition of the inetOrgPerson LDAP Object Class", RFC 2798, April 2000 DALLY Expires 22 March 2001 [Page 73]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 11. ABBREVIATIONS ACP Allied Communications Publication AE Application Entity AIG Address Indicator Group AL Address List ALID AL Identifier ASN.1 Abstract Syntax Notation One AUTODIN Automatic Digital Network BER Basic Encoding Rules BNF Backus-Naur Form C Country CA Certification Authority CAD Collective Address Designator CCEB Combined Communications Electronics Board CCITT The International Telegraph and Telephone Consultative Committee CMI Certificate Management Infrastructure CN Common Name CRL Certificate Revocation List DAP Directory Access Protocol DFTS Defence Fixed Telecommunications Service DIB Directory Information Base DL Distribution List DN Distinguished Name DODAAC Department of Defense Activity Accounting Code DSA Directory System Agent DSN Defense Switched Network (DSN) EIT Encoded Information Type FAX Facsimile GENSER General Service GHP Gateway Handling Policy GON Group of Names IA5 International Alphabet Number 5 IEC International Electrotechnical Commission IETF Internet Engineering Task Force ISDN Integrated Services Digital Network ISO International Organization for Standardization ITU-T International Telecommunication Union- Telecommunication Standardization Sector JANAP Joint Army, Navy, Air Force Procedure L Locality LDAP Lightweight Directory Access Protocol LMF Language and Media Format LOC Locality MCS Message Conversion System MHS Message Handling System ML Mail List MLA Mail List Agent MMHS Military Message Handling System MS Message Store MTA Message Transfer Agent DALLY Expires 22 March 2001 [Page 74]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 MTS Message Transfer System MUA Messaging User Agent NASIS NATO Subject Indicator System NAVCOMPARS Naval Communications Processing and Routing System O Organization ON Other Notification O/R, OR Originator/Recipient ORG Organizational OU Organizational Unit PKI Public Key Infrastructure PLA Plain Language Address PSTN Public Switched Telephone Network R Role RA Release Authority RAN Release Authority Name RDN Relative Distinguished Name RFC Request for Comments RI Routing Indicator SHD Special Handling Designator SI Special Intelligence SIC Subject Indicator Code SIGAD SIGINT Address SIGINT Signal Intelligence SMTP Simple Mail Transfer Protocol SOP State or Province ST State or Province Name STU Secure Telephone Unit TARE Telegraph Automatic Relay Equipment TCC Transmission Control Code TRC Transmission Release Code U Unit UA User Agent UKM User Key Material DALLY Expires 22 March 2001 [Page 75]
INTERNET-DRAFT ACP 133 Common Content and LDAP 22 September 2000 12. ACKNOWLEDGEMENTS This document was prepared with the help and advice of two organizations: CCEB ACP 133 Task Force IETF LDAP Extensions Working Group Thanks to thanks to the members of these groups for their criticism, corrections, and feedback. 13. AUTHOR'S ADDRESS Kathy Dally The MITRE Corp. 1820 Dolley Madison Blvd. McLean, VA 22102 USA e-mail: kdally@mitre.org telephone: +1 703 883 6058 fax: +1 703 883 7142 DALLY Expires 22 March 2001 [Page 76]