INTERNET-DRAFT Kathy Dally
Informational Draft The MITRE Corp.
Expires 28 November 1999 28 May 1999
ACP 133 Common Content and LDAP
<draft-dally-acp133-and-ldap-00.txt>
STATUS OF THIS MEMO
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC 2026 except that the
right to produce derivative works is not granted. Internet-Drafts are
working documents of the Internet Engineering Task Force (IETF),
its areas, and its working groups. Note that other groups may
also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use Internet-Drafts
as reference material or to cite them other than as "work in
progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
ABSTRACT
In Allied Communications Publication (ACP) 133 [1], an X.500 directory
user schema, called Common Content, is specified for the Allied
Directory. In order to enable Lightweight Directory Access
Protocol (LDAP) access to the Allied Directory and to enable the
general use by others of elements from the Common Content, this
document specifies the encoding of the Common Content using the
LDAP notation from Request for Comments (RFC) 2252 [2].
DALLY Expires 28 November 1999 [Page 1]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
TABLE OF CONTENTS
STATUS OF THIS MEMO....................................................1
ABSTRACT...............................................................1
TABLE OF CONTENTS......................................................2
1. INTRODUCTION.......................................................8
1.1 Background........................................................8
1.2 Purpose...........................................................8
2. OBJECT CLASSES.....................................................9
2.1 addressList Object Class..........................................9
2.2 aliasCommonName Object Class......................................9
2.3 aliasOrganizationalUnit Object Class.............................10
2.4 altSpellingACP127 Object Class...................................10
2.5 cadACP127 Object Class...........................................10
2.6 distributionCodeDescription Object Class.........................10
2.7 distributionCodesHandled Object Class............................11
2.8 messagingGateway Object Class....................................11
2.9 mhs-distribution-list Object Class...............................12
2.10 mhs-message-store Object Class...................................12
2.11 mhs-message-transfer-agent Object Class..........................13
2.12 mhs-user Object Class............................................13
2.13 mhs-user-agent Object Class......................................14
2.14 mLA Object Class.................................................14
2.15 mLAgent Object Class.............................................14
2.16 network Object Class.............................................15
2.17 networkInstructions Object Class.................................15
2.18 orgACP127 Object Class...........................................15
2.19 otherContactInformation Object Class.............................16
2.20 pkiCA Object Class...............................................16
2.21 pkiUser Object Class.............................................17
2.22 plaACP127 Object Class...........................................17
2.23 plaCollectiveACP127 Object Class.................................17
2.24 plaData Object Class.............................................18
2.25 plaUser Object Class.............................................18
2.26 releaseAuthorityPerson Object Class..............................18
2.27 releaseAuthorityPersonA Object Class.............................19
2.28 routingIndicator Object Class....................................19
2.29 secure-user Object Class.........................................19
2.30 securePkiUser Object Class.......................................20
2.31 sigintPLA Object Class...........................................20
2.32 sIPLA Object Class...............................................20
2.33 spotPLA Object Class.............................................21
2.34 taskForceACP127 Object Class.....................................21
2.35 tenantACP127 Object Class........................................21
2.36 ukms Object Class................................................22
3. ATTRIBUTE TYPES...................................................23
3.1 accessCodes Attribute............................................23
3.2 accessSchema Attribute...........................................23
3.3 accountingCode Attribute.........................................23
3.4 aCPMobileTelephoneNumber Attribute...............................23
3.5 aCPPagerTelephoneNumber Attribute................................23
DALLY Expires 28 November 1999 [Page 2]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.6 aCPPreferredDelivery Attribute...................................24
3.7 aCPTelephoneFaxNumber............................................24
3.8 actionAddressees Attribute.......................................25
3.9 additionalAddressees Attribute...................................25
3.10 additionalSecondPartyAddressees Attribute........................25
3.11 administrator Attribute..........................................26
3.12 aigsExpanded Attribute...........................................26
3.13 aLExemptedAddressProcessor Attribute.............................26
3.14 aliasPointer Attribute...........................................26
3.15 alid Attribute...................................................26
3.16 allowableOriginators Attribute...................................27
3.17 aLReceiptPolicy Attribute........................................27
3.18 alternateRecipient Attribute.....................................27
3.19 aLType Attribute.................................................27
3.20 aprUKMs Attribute................................................28
3.21 associatedAL Attribute...........................................28
3.22 associatedOrganization Attribute.................................28
3.23 associatedPLA Attribute..........................................28
3.24 augUKMs Attribute................................................28
3.25 cognizantAuthority Attribute.....................................29
3.26 collective-mhs-or-addresses Attribute............................29
3.27 collectiveMilitaryFacsimileNumber Attribute......................29
3.28 collectiveMilitaryTelephoneNumber Attribute......................29
3.29 collectiveNationality Attribute..................................29
3.30 collectiveSecureFacsimileNumber Attribute........................30
3.31 collectiveSecureTelephoneNumber Attribute........................30
3.32 community Attribute..............................................30
3.33 copyMember.......................................................30
3.34 decUKMs Attribute................................................30
3.35 distributionCodeAction Attribute.................................31
3.36 distributionCodeInfo Attribute...................................31
3.37 dualRoute Attribute..............................................31
3.38 effectiveDate Attribute..........................................31
3.39 entryClassification Attribute....................................31
3.40 expirationDate Attribute.........................................32
3.41 febUKMs Attribute................................................32
3.42 gatewayType Attribute............................................32
3.43 ghpType Attribute................................................32
3.44 guard Attribute..................................................33
3.45 host Attribute...................................................33
3.46 hostOrgACP127 Attribute..........................................33
3.47 infoAddressees Attribute.........................................33
3.48 janUKMs Attribute................................................33
3.49 julUKMs Attribute................................................34
3.50 junUKMs Attribute................................................34
3.51 lastRecapDate Attribute..........................................34
3.52 listPointer Attribute............................................34
3.53 lmf Attribute....................................................35
3.54 longTitle Attribute..............................................35
3.55 mailDomains Attribute............................................35
3.56 marUKMs Attribute................................................35
DALLY Expires 28 November 1999 [Page 3]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.57 mayUKMs Attribute................................................36
3.58 mhs-acceptable-eits Attribute....................................36
3.59 mhs-deliverable-classes Attribute................................36
3.60 mhs-deliverable-content-types Attribute..........................36
3.61 mhs-dl-archive-service Attribute.................................36
3.62 mhs-dl-members Attribute.........................................37
3.63 mhs-dl-policy Attribute..........................................37
3.64 mhs-dl-related-lists Attribute...................................37
3.65 mhs-dl-submit-permissions Attribute..............................37
3.66 mhs-dl-subscription-service Attribute............................37
3.67 mhs-exclusively-acceptable-eits Attribute........................38
3.68 mhs-maximum-content-length Attribute.............................38
3.69 mhs-message-store-dn Attribute...................................38
3.70 mhs-or-addresses Attribute.......................................38
3.71 mhs-or-addresses-with-capabilities Attribute.....................39
3.72 mhs-supported-attributes Attribute...............................39
3.73 mhs-supported-automatic-actions Attribute........................39
3.74 mhs-supported-content-types Attribute............................40
3.75 mhs-supported-matching-rules Attribute...........................40
3.76 mhs-unacceptable-eits Attribute..................................40
3.77 militaryFacsimileNumber Attribute................................40
3.78 militaryTelephoneNumber Attribute................................41
3.79 minimize Attribute...............................................41
3.80 minimizeOverride Attribute.......................................41
3.81 nameClassification Attribute.....................................41
3.82 nationality Attribute............................................41
3.83 networkDN Attribute..............................................42
3.84 networkSchema Attribute..........................................42
3.85 novUKMs Attribute................................................42
3.86 octUKMs Attribute................................................42
3.87 onSupported Attribute............................................43
3.88 operationName Attribute..........................................43
3.89 plaAddressees Attribute..........................................43
3.90 plaNameACP127 Attribute..........................................43
3.91 plaReplace Attribute.............................................44
3.92 plasServed Attribute.............................................44
3.93 positionNumber Attribute.........................................44
3.94 primarySpellingACP127 Attribute..................................44
3.95 proprietaryMailboxes Attribute...................................44
3.96 publish Attribute................................................45
3.97 rank Attribute...................................................45
3.98 recapDueDate Attribute...........................................45
3.99 releaseAuthorityName Attribute...................................45
3.100 remarks Attribute...............................................45
3.101 rfc822Mailbox Attribute.........................................46
3.102 rI Attribute....................................................47
3.103 rIClassification Attribute......................................47
3.104 rIInfo Attribute................................................47
3.105 roomNumber Attribute............................................47
3.106 secondPartyAddressees Attribute.................................47
3.107 section Attribute...............................................48
DALLY Expires 28 November 1999 [Page 4]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.108 secureFacsimileNumber Attribute.................................48
3.109 secureTelephoneNumber Attribute.................................48
3.110 sepUKMs Attribute...............................................48
3.111 serviceNumber Attribute.........................................49
3.112 serviceOrAgency Attribute.......................................49
3.113 sHD Attribute...................................................49
3.114 shortTitle Attribute............................................49
3.115 sigad Attribute.................................................49
3.116 spot Attribute..................................................50
3.117 tARE Attribute..................................................50
3.118 tCC Attribute...................................................50
3.119 transferStation Attribute.......................................50
3.120 tRC Attribute...................................................51
4. NAME FORMS........................................................52
4.1 cRLDistPtNameForm................................................52
4.2 countryNameForm..................................................52
4.3 locNameForm......................................................52
4.4 sOPNameForm......................................................52
4.5 gONNameForm......................................................52
4.6 applProcessNameForm..............................................52
4.7 dSANameForm......................................................52
4.8 deviceNameForm...................................................52
4.9 addressListNameForm..............................................53
4.10 aENameForm.......................................................53
4.11 aliasCNNameForm..................................................53
4.12 aliasOUNameForm..................................................53
4.13 alternateSpellingPLANameForm.....................................53
4.14 cadPLANameForm...................................................53
4.15 distributionCodeDescriptionNameForm..............................53
4.16 messagingGatewayNameForm.........................................53
4.17 mhs-dLNameForm...................................................54
4.18 mLANameForm......................................................54
4.19 mLAgentNameForm..................................................54
4.20 mSNameForm.......................................................54
4.21 mTANameForm......................................................54
4.22 mUANameForm......................................................54
4.23 networkNameForm..................................................54
4.24 networkInstructionsNameForm......................................54
4.25 organizationalPLANameForm........................................55
4.26 organizationNameForm.............................................55
4.27 orgRNameForm.....................................................55
4.28 orgUNameForm.....................................................55
4.29 plaCollectiveNameForm............................................55
4.30 qualifiedOrgPersonNameForm.......................................55
4.31 releaseAuthorityPersonNameForm...................................55
4.32 releaseAuthorityPersonANameForm..................................56
4.33 routingIndicatorNameForm.........................................56
4.34 sigintNameForm...................................................56
4.35 sIPLANameForm....................................................56
4.36 spotPLANameForm..................................................56
DALLY Expires 28 November 1999 [Page 5]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
4.37 taskForcePLANameForm.............................................56
4.38 tenantPLANameForm................................................56
5. MATCHING RULES....................................................57
5.1 addressCapabilitiesMatch Matching Rule...........................57
5.2 capabilityMatch Matching Rule....................................57
5.3 oRAddressMatch Matching Rule.....................................57
5.4 oRNameExactMatch Matching Rule...................................57
5.5 caseIgnoreListSubstringsMatch Matching Rule......................57
5.6 booleanMatch Matching Rule.......................................57
6. ATTRIBUTE SYNTAXES................................................58
6.1 aCPTelephoneFaxNumber Attribute Syntax...........................58
6.2 addressees Attribute Syntax......................................58
6.3 otherNotificationsSupported Abstract Syntax for the
onSupported Attribute............................................58
6.4 Classification Attribute Syntax..................................59
6.5 community Abstract Syntax for the community Attribute............59
6.6 aCPPreferredDelivery Attribute Syntax for the
aCPPreferredDelivery Attribute...................................59
6.7 GraphicString Attribute Syntax...................................59
6.8 addressListType Attribute Syntax for the aLType Attribute........59
6.9 MLReceiptPolicy Attribute Syntax.................................60
6.10 ORName Attribute Syntax from X.411...............................61
6.11 Remarks Attribute Syntax.........................................61
6.12 RIParameters Attribute Syntax....................................61
6.13 Capability Attribute Syntax from X.402...........................62
6.14 DLPolicy Attribute Syntax from X.402.............................62
6.15 DLSubmitPermission Attribute Syntax from X.402...................64
6.16 AddressCapabilities Attribute Syntax from X.402..................64
7. EXAMPLE CONTENT RULES.............................................65
7.1 aCPApplicationEntityRuleEdA Content Rule.........................65
7.2 aCPCRLDistributionPointRule Content Rule.........................65
7.3 aCPDeviceRuleEdA Content Rule....................................65
7.4 aCPDSARuleEdA Content Rule.......................................65
7.5 aCPGroupOfNamesRule Content Rule.................................65
7.6 aCPLocalityRule Content Rule.....................................66
7.7 aCPMhs-distribution-listRule Content Rule........................66
7.8 aCPMhs-message-storeRule Content RuleEdA.........................66
7.9 aCPMhs-message-transfer-agentRuleEdA Content Rule................66
7.10 aCPMhs-user-agentRule Content Rule...............................66
7.11 aCPOrganizationalPersonRuleEdA Content Rule......................66
7.12 aCPOrganizationalRoleRuleEdA Content Rule........................67
7.13 aCPOrganizationalUnitRuleEdA Content Rule........................67
7.14 aCPOrganizationRuleEdA Content Rule..............................68
7.15 addressListRuleEdA Content Rule..................................68
7.16 aliasCommonNameRule Content Rule.................................68
7.17 aliasOrganizationalUnitRule Content Rule.........................68
7.18 distributionCodeDescriptionRule Content Rule.....................69
7.19 messagingGatewayRuleEdA Content Rule.............................69
7.20 mLAgentRule Content Rule.........................................69
7.21 networkRule Content Rule.........................................69
7.22 networkInstructionsRule Content Rule.............................69
DALLY Expires 28 November 1999 [Page 6]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
7.23 rAPersonRuleEdA Content Rule.....................................69
7.24 sigintPLARule Content Rule.......................................70
7.25 spotPLARule Content Rule.........................................70
8. STRUCTURE RULES...................................................70
9. SECURITY CONSIDERATIONS...........................................70
10. COPYRIGHT.........................................................70
11. REFERENCES........................................................71
12. ABBREVIATIONS.....................................................73
13. ACKNOWLEDGEMENTS..................................................74
14. AUTHOR'S ADDRESS..................................................75
DALLY Expires 28 November 1999 [Page 7]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
1. INTRODUCTION
1.1 Background
ACP 133 [1] is the specification, developed by the Combined
Communications-Electronics Board (CCEB), of the X.500-based Allied
Directory. One of the things specified in ACP 133 [1] is the
directory user schema, which is called Common Content. In the
Common Content are directory elements that support several
communications applications including electronic mail (e-mail),
Message Handling Systems (MHS), and telephony.
The CCEB is a five nation joint military communications-electronics
organization whose mission is the coordination of any military
communications information systems matters among the members. The
Member Nations of the CCEB are Australia, Canada, New Zealand, the
United Kingdom, and the United States.
ACP 133 [1] specifies access to the Allied Directory using the
X.500 Directory Access Protocol (DAP). Also, within the CCEB,
guidelines are being developed for the use of the Internet LDAP.
1.2 Purpose
This document is meant to be informational. Its purpose is to
record an LDAP encoding of the Common Content, so that:
* elements from the Common Content can be applied generally
to applications and environments other than the Allied
Directory. For example, the name forms for components of
X.400 MHS could be used in any X.400/X.500 system.
Likewise, the addressList object class could be used in
cases where lists of recipients are processed differently
than X.400 distribution lists.
* use of LDAP to access the Allied Directory is enabled
Since the Common Content is based on X.500, this document refers
to RFC 2252 [2] and RFC 2256 [3] for the X.500 schema elements
(e.g., locality attribute, country object class). The contents of
this document are the specifications of all of the rest of the
schema elements in the Common Content (e.g., mLAgentNameForm name
form, otherContactInformation object class). For descriptions and
procedures regarding the Common Content schema elements, consult
ACP 133 [1].
DALLY Expires 28 November 1999 [Page 8]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
2. OBJECT CLASSES
2.1 addressList Object Class
The addressList (aL) object class is used to define directory
entries that represent address lists, in particular, the members
of the list. The sender of a message uses the address list name
to send to all of the members in the list. The replacement of
the address list name by the members of the list is performed by
the sending User Agent (UA) or a Mailing List Agent (MLA), instead
of the Message Transfer System (MTS).
( 2.16.840.1.101.2.2.3.57 NAME 'addressList'
SUP 2.5.6.0 ; top
MUST ( 2.5.4.3 $ ; cn
2.6.5.2.4 ) ; mhs-dl-submit-permissions
MAY ( 2.16.840.1.101.2.1.5.47 $ ; aLExemptedAddressProcessor
2.16.840.1.101.2.1.5.14 $ ; alid
2.16.840.1.101.2.2.1.135 $ ; aLReceiptPolicy
2.16.840.1.101.2.2.1.112 $ ; aLType
2.5.4.15 $ ; businessCategory
2.16.840.1.101.2.2.1.114 $ ; copyMember
2.5.4.13 $ ; description
2.5.4.31 $ ; member
2.6.5.2.12 $ ; mhs-dl-archive-service
2.6.5.2.13 $ ; mhs-dl-policy
2.6.5.2.14 $ ; mhs-dl-related-lists
2.6.5.2.15 $ ; mhs-dl-subscription-service
2.5.4.11 $ ; ou
2.5.4.10 $ ; o
2.5.4.32 $ ; owner
2.16.840.1.101.2.2.1.76 $ ; remarks
2.5.4.34 ) ) ; seeAlso
2.2 aliasCommonName Object Class
The aliasCommonName object class is a subclass of alias where an
alias entry is named by commonName. It is useful when different
attributes are used for the Relative Distinguished Names (RDNs) of
aliases to different types of entries (e.g., commonName as alias
to a person entry and organizationalUnitName as alias to a
corporate department entry). See the aliasOrganizationalUnit
object class.
( 2.16.840.1.101.2.2.3.52 NAME 'aliasCommonName'
SUP 2.5.6.1 ; alias
MUST 2.5.4.3 ) ; cn
DALLY Expires 28 November 1999 [Page 9]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
2.3 aliasOrganizationalUnit Object Class
The aliasOrganizationalUnit object class is a subclass of alias
where an alias entry is named by organizationalUnitName. It
is useful when different attributes are used for the RDNs of
aliases to different types of entries. See the aliasCommonName
object class definition and example.
( 2.16.840.1.101.2.2.3.53 NAME 'aliasOrganizationalUnit'
SUP 2.5.6.1 ; alias
MUST 2.5.4.11 ) ; ou
2.4 altSpellingACP127 Object Class
The altSpellingACP127 object class is used to represent a Plain
Language Address (PLA) that is an alternative spelling of another
PLA. An object from this class always contains a reference to the
PLA for which it provides the alternative spelling. This object
class is a subclass of the plaACP127 auxiliary object class.
( 2.16.840.1.101.2.2.3.58 NAME 'altSpellingACP127'
SUP 2.16.840.1.101.2.2.3.47 ; plaACP127
MUST ( 2.16.840.1.101.2.2.1.72 $ ; plaReplace
2.16.840.1.101.2.2.1.73 ) ) ; primarySpellingACP127
2.5 cadACP127 Object Class
The cadACP127 (Collective Address Designator) object class is used
to represent an ACP 127/JANAP 128 (Joint Army, Navy, Air Force
Procedure) [4]/[5] distribution list. It is a subclass of the
plaACP127 auxiliary object class.
( 2.16.840.1.101.2.2.3.28 NAME 'cadACP127'
SUP 2.16.840.1.101.2.2.3.47 ; plaACP127
MUST 2.16.840.1.101.2.2.1.51 ; cognizantAuthority
MAY ( 2.16.840.1.101.2.2.1.113 $ ; associatedAL
2.16.840.1.101.2.2.1.56 $ ; entryClassification
2.16.840.1.101.2.2.1.75 $ ; recapDueDate
2.16.840.1.101.2.2.1.79 ) ) ; rIInfo
2.6 distributionCodeDescription Object Class
The distributionCodeDescription object class is used to define a
directory entry that represents a registered Distribution Code in
the directory and describes its meaning. See ACP 123 [6] for
specification of distribution codes. The distribution code is
held in the commonName attribute.
DALLY Expires 28 November 1999 [Page 10]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.16.840.1.101.2.2.3.55 NAME 'distributionCodeDescription'
SUP 2.5.6.0 ; top
MUST 2.5.4.3 ; cn
MAY 2.5.4.13 ) ; description
2.7 distributionCodesHandled Object Class
The distributionCodesHandled object class provides for identifying
the distribution codes (e.g., Subject Indicator Codes (SIC) as
defined in NATO Subject Indicator System (NASIS) - publication 3
(NATO APP-3) [7] and supplements) which are handled, either for
action or information, by the object (e.g., organizational role,
organizational person, or organizational unit) represented by the
directory entry in which this auxiliary is included.
( 2.16.840.1.101.2.2.3.54 NAME 'distributionCodesHandled'
SUP 2.5.6.0 ; top
AUXILIARY
MAY ( 2.16.840.1.101.2.2.1.104 $ ; distributionCodeAction
2.16.840.1.101.2.2.1.105 ) ) ; distributionCodeInfo
2.8 messagingGateway Object Class
The messagingGateway object class is used to store information
about an application entity which serves as an application layer
gateway between two mail systems. When a gateway performs
translation services, a messagingGateway object provides a
mechanism to address these translation services directly.
( 2.16.840.1.101.2.2.3.59 NAME 'messagingGateway'
SUP 2.6.5.1.2 ; mhs-message-transfer-agent
MAY ( 2.16.840.1.101.2.2.1.110 $ ; administrator
2.16.840.1.101.2.2.1.111 $ ; aigsExpanded
2.16.840.1.101.2.2.1.115 $ ; gatewayType
2.16.840.1.101.2.2.1.116 $ ; ghpType
0.9.2342.19200300.100.1.9 $ ; host
2.16.840.1.101.2.2.1.118 $ ; mailDomains
2.6.5.2.17 $ ; mhs-acceptable-eits
2.6.5.2.1 $ ; mhs-deliverable-content-types
2.6.5.2.2 $ ; mhs-exclusively-acceptable-eits
2.6.5.2.5 $ ; mhs-message-store-dn
2.6.5.2.6 $ ; mhs-or-addresses
2.6.5.2.16 $ ; mhs-or-addresses-with-capabilities
2.6.5.2.18 $ ; mhs-unacceptable-eits
2.16.840.1.101.2.2.1.123 $ ; onSupported
2.16.840.1.101.2.2.1.70 $ ; plaNameACP127
2.16.840.1.101.2.2.1.79 ) ) ; rIInfo
DALLY Expires 28 November 1999 [Page 11]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
2.9 mhs-distribution-list Object Class
The mhs-distribution-list object class is used to define a
directory entry that represents a distribution list (DL), that
is, an address list that is expanded by the MTS. The attributes
in the entry identify the distribution list name, submit
permissions, and OR-addresses and, to the extent that the relevant
attributes are present, describe the DL, identify its organization,
organizational units, and owner; cite related objects; identify
its maximum content length, deliverable content types, and
acceptable, exclusively acceptable, and unacceptable encoded
information types (EITs); and identify its expansion policy,
subscription addresses, archive addresses, related lists,
and members.
( 2.6.5.1.0 NAME 'mhs-distribution-list'
SUP 2.5.6.0 ; top
MUST ( 2.5.4.3 $ ; cn
2.6.5.2.4 $ ; mhs-dl-submit-permissions
2.6.5.2.6 ) ; mhs-or-addresses
MAY ( 2.5.4.13 $ ; description
2.5.4.10 $ ; o
2.5.4.11 $ ; ou
2.5.4.32 $ ; owner
2.5.4.34 $ ; seeAlso
2.6.5.2.0 $ ; mhs-maximum-content-length
2.6.5.2.1 $ ; mhs-deliverable-content-types
2.6.5.2.17 $ ; mhs-acceptable-eits
2.6.5.2.2 $ ; mhs-exclusively-acceptable-eits
2.6.5.2.18 $ ; mhs-unacceptable-eits
2.6.5.2.13 $ ; mhs-dl-policy
2.6.5.2.15 $ ; mhs-dl-subscription-service
2.6.5.2.12 $ ; mhs-dl-archive-service
2.6.5.2.14 $ ; mhs-dl-related-lists
2.6.5.2.3 ) ) ; mhs-dl-members
2.10 mhs-message-store Object Class
The mhs-message-store object class is used to define directory
entries that represent application entities that implement the
MHS Message Store (MS) functionality. The attributes in an entry,
to the extent that they are present, describe the MS, identify its
owner, and enumerate the attributes, automatic actions, matching
rules, content types, and network protocols the MS supports.
DALLY Expires 28 November 1999 [Page 12]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.6.5.1.1 NAME 'mhs-message-store'
SUP 2.5.6.12 ; applicationEntity
MAY (2.5.4.32 $ ; owner
$ 2.6.5.2.10 $ ; mhs-supported-attributes
$ 2.6.5.2.8 $ ; mhs-supported-automatic-actions
$ 2.6.5.2.11 $ ; mhs-supported-matching-rules
$ 2.6.5.2.9 $ ; mhs-supported-content-types
$ 2.5.4.48 ) ) ; protocolInformation
2.11 mhs-message-transfer-agent Object Class
The mhs-message-transfer-agent object class is used to define
directory entries that represent application entities that
implement the MHS Message Transfer Agent (MTA) functionality. The
attributes in an entry, to the extent that they are present,
describe the MTA and identify its owner, the maximum content
length it can handle, and its supported network protocols.
( 2.6.5.1.2 NAME 'mhs-message-transfer-agent'
SUP 2.5.6.12 ; applicationEntity
MAY ( 2.5.4.32 $ ; owner
2.6.5.2.0 $ ; mhs-maximum-content-length
2.5.4.48 ) ) ; protocolInformation
2.12 mhs-user Object Class
The mhs-user object class is used in defining directory entries
representing MHS users. The attributes in an entry identify the
MHS user's OR-address and, to the extent that the relevant
attributes are present, identify the maximum content length,
content types, and EITs that can be handled by the user; its MS;
and its preferred delivery methods.
( 2.6.5.1.3 NAME 'mhs-user'
SUP 2.5.6.0 ; top
AUXILIARY
MUST 2.6.5.2.6 ; mhs-or-addresses
MAY ( 2.6.5.2.0 $ ; mhs-maximum-content-length
2.6.5.2.1 $ ; mhs-deliverable-content-types
2.6.5.2.17 $ ; mhs-acceptable-eits
2.6.5.2.2 $ ; mhs-exclusively-acceptable-eits
2.6.5.2.18 $ ; mhs-unacceptable-eits
2.6.5.2.16 $ ; mhs-or-addresses-with-capabilities
2.6.5.2.5 ) ) ; mhs-message-store-dn
DALLY Expires 28 November 1999 [Page 13]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
2.13 mhs-user-agent Object Class
The mhs-message-transfer-agent object class is used to define
directory entries that represent application entities that
implement the MHS MTA functionality. The attributes in an entry,
to the extent that they are present, describe the MTA and identify
its owner, the maximum content length it can handle, and its
supported network protocols.
( 2.6.5.1.4 NAME 'mhs-user-agent'
SUP 2.5.6.12 ; applicationEntity
MAY ( 2.5.4.32 $ ; owner
2.6.5.2.0 $ ; mhs-maximum-content-length
2.6.5.2.1 $ ; mhs-deliverable-content-types
2.6.5.2.17 $ ; mhs-acceptable-eits
2.6.5.2.2 $ ; mhs-exclusively-acceptable-eits
2.6.5.2.18 $ ; mhs-unacceptable-eits
2.6.5.2.19 $ ; mhs-deliverable-classes
2.6.5.2.6 $ ; mhs-or-addresses
2.5.4.48 ) ) ; protocolInformation
2.14 mLA Object Class
The mLA object class is used to represent an application entity
that performs the functions of a Mail List Agent (MLA). This
object class is a subclass of applicationEntity and
strong-authentication-user.
Note that this object class may become obsolete, depending on the
resolution of Certificate Management Infrastructure (CMI) issues.
( 2.16.840.1.101.2.2.3.31 NAME 'mLA'
SUP ( 2.5.6.12 $ ; applicationEntity
2.5.6.15 ) ; strongAuthenticationUser
MAY 2.5.4.52 ) ; supportedAlgorithms
2.15 mLAgent Object Class
The mLAgent object class is used to represent an application
entity that performs the functions of a MLA. This object class
is a subclass of applicationEntity and pkiUser.
( 2.16.840.1.101.2.2.3.64 NAME 'mLAgent'
SUP ( 2.5.6.12 $ ; applicationEntity
2.5.6.21 ; pkiUser )
MAY 2.5.4.52 ) ; supportedAlgorithms
DALLY Expires 28 November 1999 [Page 14]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
2.16 network Object Class
The network structural object class is used to define directory
entries representing interconnected communications networks. A
Network entry can have subordinate entries that define the access
and instructions for reaching other networks.
( 2.16.840.1.101.2.2.3.60 NAME 'network'
SUP 2.5.6.0 ; top
MUST 2.5.4.3 ; cn
MAY ( 2.5.4.13 $ ; description
2.16.840.1.101.2.2.1.122 $ ; networkSchema
2.16.840.1.101.2.2.1.124 $ ; operationName
2.5.4.34 ) ) ; seeAlso
2.17 networkInstructions Object Class
The networkInstructions structural object class is used to define
a directory entry that provides the description of how to reach
the subject network from another network.
( 2.16.840.1.101.2.2.3.61 NAME 'networkInstructions'
SUP 2.5.6.0 ; top
MUST 2.5.4.3 ; cn
MAY ( 2.16.840.1.101.2.2.1.106 $ ; accessCodes
2.16.840.1.101.2.2.1.107 $ ; accessSchema
2.5.4.13 $ ; description
2.16.840.1.101.2.2.1.121 ) ) ; networkDN
2.18 orgACP127 Object Class
The orgACP127 object class is used to define the entry for a
single ACP 127/JANAP 128 [4]/[5] messaging user. This object
class is a subclass of the plaACP127 auxiliary object class.
DALLY Expires 28 November 1999 [Page 15]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.16.840.1.101.2.2.3.34 NAME 'orgACP127'
SUP 2.16.840.1.101.2.2.3.47 ; plaACP127
MAY ( 2.16.840.1.101.2.2.1.53 $ ; accountingCode
2.16.840.1.101.2.2.1.4 $ ; associatedOrganization
2.5.4.6 $ ; c
2.16.840.1.101.2.2.1.54 $ ; dualRoute
2.16.840.1.101.2.2.1.56 $ ; entryClassification
2.5.4.7 $ ; l
2.16.840.1.101.2.2.1.63 $ ; longTitle
2.16.840.1.101.2.2.1.64 $ ; minimize
2.16.840.1.101.2.2.1.65 $ ; minimizeOverride
2.16.840.1.101.2.2.1.67 $ ; nameClassification
2.16.840.1.101.2.2.1.77 $ ; rI
2.16.840.1.101.2.2.1.79 $ ; rIInfo
2.16.840.1.101.2.2.1.81 $ ; section
2.5.4.8 $ ; st
2.16.840.1.101.2.2.1.87 ) ) ; tARE
2.19 otherContactInformation Object Class
The otherContactInformation object class provides for additional
telephone, location, and mailbox information in directory entries.
( 2.16.840.1.101.2.2.3.62 NAME 'otherContactInformation'
SUP 2.5.6.0 ; top
AUXILIARY
MAY ( 2.16.840.1.101.2.2.1.94 $ ; aCPMobileTelephoneNumber
2.16.840.1.101.2.2.1.95 $ ; aCPPagerTelephoneNumber
2.16.840.1.101.2.2.1.108 $ ; aCPPreferredDelivery
2.16.840.1.101.2.2.1.118 $ ; mailDomains
2.16.840.1.101.2.2.1.119 $ ; militaryFacsimileNumber
2.16.840.1.101.2.2.1.120 $ ; militaryTelephoneNumber
2.16.840.1.101.2.2.1.126 $ ; proprietaryMailboxes
0.9.2342.19200300.100.1.6 $ ; roomNumber
2.16.840.1.101.2.2.1.127 $ ; secureFacsimileNumber
2.16.840.1.101.2.2.1.128 ) ) ; secureTelephoneNumber
2.20 pkiCA Object Class
The pkiCA object class is used to represent Certification Authorities.
( 2.5.6.22 NAME 'pkiCA'
SUP 2.5.6.0 ; top
AUXILIARY
MAY ( 2.5.4.37 $ ; cACertificate
2.5.4.39 $ ; certificateRevocationList
2.5.4.38 $ ; authorityRevocationList
2.5.4.40 ) ) ; crossCertificatePair
DALLY Expires 28 November 1999 [Page 16]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
2.21 pkiUser Object Class
The pkiUser object class is used to represent certificate
subjects. A certificate subject is a human or other type of
directory user to which a certificate has been issued.
( 2.5.6.21 NAME 'pkiUser'
SUP 2.5.6.0 ; top
AUXILIARY
MAY 2.5.4.36 ) ; userCertificate
2.22 plaACP127 Object Class
The plaACP127 object class provides for the general PLA attributes
common to general service (GENSER) PLA entries, all of which
inherit this class.
( 2.16.840.1.101.2.2.3.47 NAME 'plaACP127'
SUP 2.5.6.0 ; top
AUXILIARY
MUST 2.16.840.1.101.2.2.1.70 ; plaNameACP127
MAY ( 2.16.840.1.101.2.2.1.52 $ ; community
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 $ ; expirationDate
2.16.840.1.101.2.2.1.68 $ ; nationality
2.16.840.1.101.2.2.1.74 $ ; publish
2.16.840.1.101.2.2.1.76 $ ; remarks
2.16.840.1.101.2.2.1.82 ) ) ; serviceOrAgency
2.23 plaCollectiveACP127 Object Class
The plaCollectiveACP127 object class is used to define the entry
for an ACP 127/JANAP 128 [4]/[5] Address Indicator Group (AIG)
distribution list or Type distribution list. This object class is
a subclass of the plaACP127 auxiliary object class.
( 2.16.840.1.101.2.2.3.35 NAME 'plaCollectiveACP127'
SUP 2.16.840.1.101.2.2.3.47 ; plaACP127
MUST 2.16.840.1.101.2.2.1.51 ; cognizantAuthority
MAY ( 2.16.840.1.101.2.2.1.46 $ ; actionAddressees
2.16.840.1.101.2.2.1.50 $ ; allowableOriginators
2.16.840.1.101.2.2.1.113 $ ; associatedAL
2.5.4.13 $ ; description
2.16.840.1.101.2.2.1.56 $ ; entryClassification
2.16.840.1.101.2.2.1.59 $ ; infoAddressees
2.16.840.1.101.2.2.1.60 $ ; lastRecapDate
2.16.840.1.101.2.2.1.75 ) ) ; recapDueDate
DALLY Expires 28 November 1999 [Page 17]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
2.24 plaData Object Class
The plaData object class contains attributes common to Special
Intelligentce (SI) PLAs.
( 2.16.840.1.101.2.2.3.26 NAME 'plaData'
SUP 2.5.6.0 ; top
AUXILIARY
MAY ( 2.16.840.1.101.2.2.1.52 $ ; community
2.5.4.13 $ ; description
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
2.25 plaUser Object Class
The plaUser object class contains the name of a PLA's directory
entry and, optionally, Routing Indicator (RI) for addressing
that PLA.
( 2.16.840.1.101.2.2.3.56 NAME 'plaUser'
SUP 2.5.6.0 ; top
AUXILIARY
MUST 2.16.840.1.101.2.2.1.70 ; plaNameACP127
MAY 2.16.840.1.101.2.2.1.79 ) ; rIInfo
2.26 releaseAuthorityPerson Object Class
The releaseAuthorityPerson object class is used to define the
entry for a role of release authority who releases organizational
messages on behalf of an organization. Whereas organizations
originate their organizational messages, it is the job of the
release authority to sign the messages. Release authorities do
not send individual messages and do not receive messages.
Note that this object class may become obsolete, depending on the
resolution of CMI issues.
( 2.16.840.1.101.2.2.3.63 NAME 'releaseAuthorityPerson'
SUP.2.16.840.1.101.2.1.4.13 ; secure-user
MUST 2.16.840.1.101.2.2.1.45 ) ; releaseAuthorityName
DALLY Expires 28 November 1999 [Page 18]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
2.27 releaseAuthorityPersonA Object Class
The releaseAuthorityPersonA object class is used to define the
entry for a role of release authority who releases organizational
messages on behalf of an organization. Whereas organizations
originate their organizational messages, it is the job of the
release authority to sign the messages. Release authorities do
not send individual messages and do not receive messages.
( 2.16.840.1.101.2.2.3.65 NAME 'releaseAuthorityPersonA'
SUP.2.16.840.1.101.2.2.3.66 ; securePkiUser
MUST 2.16.840.1.101.2.2.1.45 ) ; releaseAuthorityName
2.28 routingIndicator Object Class
The routingIndicator object class is used to define an entry for
a RI and is a subclass of the plaData auxiliary object class.
( 2.16.840.1.101.2.2.3.37 NAME 'routingIndicator'
SUP 2.16.840.1.101.2.2.3.26 ; plaData
MUST 2.16.840.1.101.2.2.1.77 ; rI
MAY ( 2.16.840.1.101.2.2.1.62 $ ; lmf
2.6.5.2.0 $ ; mhs-maximum-content-length
2.16.840.1.101.2.2.1.68 $ ; nationality
2.16.840.1.101.2.2.1.74 $ ; publish
2.16.840.1.101.2.2.1.78 $ ; rIClassification
2.16.840.1.101.2.2.1.83 $ ; sHD
2.16.840.1.101.2.2.1.96 $ ; tCC
2.16.840.1.101.2.2.1.69 $ ; transferStation
2.16.840.1.101.2.2.1.97 ) ) ; tRC
2.29 secure-user Object Class
The secure-user object class is used in defining directory entries
that include credentials for users. It is a subclass of the
strongAuthenticationUser object class, defined in X.521 [8], which
provides for a user certificate.
Note that this object class may become obsolete, depending on the
resolution of CMI issues.
( 2.16.840.1.101.2.1.4.13 NAME 'secure-user'
SUP 2.5.6.15 ; strongAuthenticationUser
AUXILIARY
MAY ( 2.5.6.58 $ ; attributeCertificate
2.5.4.52 ) ) ; supportedAlgorithms
DALLY Expires 28 November 1999 [Page 19]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
2.30 securePkiUser Object Class
The securePkiUser (Public Key Infrastructure) object class is used
in defining directory entries that include credentials for ACP 123
[6] users. It is a subclass of the pkiUser object class, defined
in RFC ???? [9], which provides for a user certificate.
( 2.16.840.1.101.2.2.3.66 NAME 'securePkiUser'
SUP 2.5.6.21 ; pkiUser
AUXILIARY
MAY ( 2.5.6.58 $ ; attributeCertificate
2.5.4.52 ) ) ; supportedAlgorithms
2.31 sigintPLA Object Class
The sigintPLA (Signal Intelligence) object class is used to
represent sensitive SI PLAs. This object class is a subclass of
the plaData auxiliary object class.
( 2.16.840.1.101.2.2.3.38 NAME 'sigintPLA'
SUP 2.16.840.1.101.2.2.3.26 ; plaData
MUST 2.16.840.1.101.2.2.1.85 ; sigad
MAY ( 2.5.4.7 $ ; l
2.16.840.1.101.2.2.1.68 $ ; nationality
2.16.840.1.101.2.2.1.74 $ ; publish
2.16.840.1.101.2.2.1.76 $ ; remarks
2.16.840.1.101.2.2.1.77 $ ; rI
2.16.840.1.101.2.2.1.84 ) ) ; shortTitle
2.32 sIPLA Object Class
The sIPLA object class is used to define the entry for a single
SI messaging user. This object class is a subclass of the plaData
auxiliary object class.
( 2.16.840.1.101.2.2.3.39 NAME 'sIPLA'
SUP 2.16.840.1.101.2.2.3.26 ; plaData
MUST 2.16.840.1.101.2.2.1.63 ; longTitle
MAY ( 2.5.4.7 $ ; l
2.16.840.1.101.2.2.1.68 $ ; nationality
2.16.840.1.101.2.2.1.74 $ ; publish
2.16.840.1.101.2.2.1.76 $ ;remarks
2.16.840.1.101.2.2.1.77 $ ; rI
2.16.840.1.101.2.2.1.84 $ ; shortTitle
2.16.840.1.101.2.2.1.85 ) ) ; sigad
DALLY Expires 28 November 1999 [Page 20]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
2.33 spotPLA Object Class
The spotPLA object class is used to define an entry for a special
products distribution list. This object class is a subclass of
the plaData auxiliary object class.
( 2.16.840.1.101.2.2.3.40 NAME 'spotPLA'
SUP 2.16.840.1.101.2.2.3.26 ; plaData
MUST 2.16.840.1.101.2.2.1.86 ; spot
MAY ( 2.16.840.1.101.2.2.1.46 $ ; actionAddressees
2.16.840.1.101.2.2.1.47 $ ; additionalAddressees
2.16.840.1.101.2.2.1.48 $ ; additionalSecondPartyAddressees
2.6.5.2.4 $ ; mhs-dl-submit-permissions
2.16.840.1.101.2.2.1.76 $ ; remarks
2.16.840.1.101.2.2.1.80 ) ) ; secondPartyAddressees
2.34 taskForceACP127 Object Class
The taskForceACP127 object class is used to define a directory
entry for an ACP 127/JANAP 128 [4]/[5] task force distribution
list. This object class is a subclass of the plaACP127 auxiliary
object class.
( 2.16.840.1.101.2.2.3.41 NAME 'taskForceACP127'
SUP 2.16.840.1.101.2.2.3.47 ; plaACP127
MUST ( 2.16.840.1.101.2.2.1.51 $ ; cognizantAuthority
2.16.840.1.101.2.2.1.60 $ ; lastRecapDate
2.16.840.1.101.2.2.1.75 ; recapDueDate)
MAY ( 2.16.840.1.101.2.2.1.113 $ ; associatedAL
2.16.840.1.101.2.2.1.56 $ ; entryClassification
2.16.840.1.101.2.2.1.71 ) ) ; plaAddressees
2.35 tenantACP127 Object Class
The tenantACP127 object class is used to define a directory entry
that represents a tenant PLA. This object class is a subclass of
the plaACP127 auxiliary object class.
( 2.16.840.1.101.2.2.3.42 NAME 'tenantACP127'
SUP 2.16.840.1.101.2.2.3.47 ; plaACP127
MUST 2.16.840.1.101.2.2.1.58 ; hostOrgACP127
MAY ( 2.16.840.1.101.2.2.1.56 $ ; entryClassification
2.16.840.1.101.2.2.1.87 ) ) ; tARE
DALLY Expires 28 November 1999 [Page 21]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
2.36 ukms Object Class
The ukms object class contains the monthly values of user keying
material (UKM) used in the construction of selected CCEB symmetric
confidentiality algorithms.
( 2.16.840.1.101.2.1.4.16 NAME 'ukms'
SUP 2.5.6.0 ; top
AUXILIARY
MAY ( 2.16.840.1.101.2.1.5.20 $ ; janUKMs
2.16.840.1.101.2.1.5.21 $ ; febUKMs
2.16.840.1.101.2.1.5.22 $ ; marUKMs
2.16.840.1.101.2.1.5.23 $ ; aprUKMs
2.16.840.1.101.2.1.5.24 $ ; mayUKMs
2.16.840.1.101.2.1.5.25 $ ; junUKMs
2.16.840.1.101.2.1.5.26 $ ; julUKMs
2.16.840.1.101.2.1.5.27 $ ; augUKMs
2.16.840.1.101.2.1.5.28 $ ; sepUKMs
2.16.840.1.101.2.1.5.29 $ ; octUKMs
2.16.840.1.101.2.1.5.30 $ ; novUKMs
2.16.840.1.101.2.1.5.31 ) ) ; decUKMs
DALLY Expires 28 November 1999 [Page 22]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3. ATTRIBUTE TYPES
3.1 accessCodes Attribute
The accessCodes attribute value gives the coding of how to reach
one network from another. Additional instructions for the use of
this access code are contained in a description attribute in the
same entry. For example, in a private telephone network, the user
could be required to dial "8" to reach other users in a different
city or to dial "9" to exit the private network.
( 2.16.840.1.101.2.2.1.106 NAME 'accessCodes'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
3.2 accessSchema Attribute
The accessSchema attribute value is a schematic representation
used to complete the access information from one network to
another in the case of a complex connection. (Many connections
are not complex enough to need such a description and in that case
the attribute would not be populated.)
( 2.16.840.1.101.2.2.1.107 NAME 'accessSchema'
SYNTAX 2.16.840.1.101.2.2.2.7 ) ; GraphicString
3.3 accountingCode Attribute
The accountingCode attribute value is a character string used in
logistics applications to identify an organization uniquely. One
example is the U.S. Department of Defense Activity Accounting Code
(DODAAC).
( 2.16.840.1.101.2.2.1.53 NAME 'accountingCode'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{7} )
3.4 aCPMobileTelephoneNumber Attribute
The aCPMobileTelephoneNumber attribute value identifies a mobile
telephone number for the object represented by the directory entry
that contains this attribute.
( 2.16.840.1.101.2.2.1.94 NAME 'aCPMobileTelephoneNumber'
SUP 2.5.4.20 ) ; telephoneNumber
3.5 aCPPagerTelephoneNumber Attribute
The aCPPagerTelephoneNumber attribute identifies a telephone
number for a pager associated with the object represented by the
directory entry.
DALLY Expires 28 November 1999 [Page 23]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.16.840.1.101.2.2.1.95 NAME 'aCPPagerTelephoneNumber'
SUP 2.5.4.20 ) ; telephoneNumber
3.6 aCPPreferredDelivery Attribute
The aCPPreferredDelivery attribute value is used to determine the
messaging system a user, represented by the directory entry,
prefers for message delivery. The possible values are:
"ACP 127", "SMTP" or "MHS". "MHS" signifies either standard X.400
(1984 or 1988) or ACP 123-compliant X.400.
( 2.16.840.1.101.2.2.1.108 NAME 'aCPPreferredDelivery'
SYNTAX 2.16.840.1.101.2.2.2.6 ; ACP Preferred Delivery syntax
SINGLE-VALUE )
3.7 aCPTelephoneFaxNumber ATTRIBUTE
The aCPTelephoneFaxNumber attribute is defined for use as a
supertype in defining the attributes:
militaryFacsimileNumber
militaryTelephoneNumber
secureFacsimileNumber
secureTelephoneNumber
A value of the aCPTelephoneFaxNumber attribute and the attributes
defined as its subtypes is a telephone number that is used for
military purposes and is associated with an object represented by
the directory entry. For example, a person may have a telephone,
equipped with a STU III (Secure Telephone Unit) device, on the
Public Switched Telephone Network (PSTN).
( 2.16.840.1.101.2.2.1.109 NAME 'aCPTelephoneFaxNumber'
EQUALITY 2.5.13.20 ; telephoneNumberMatch
SUBSTR 2.5.13.21 ; telephoneNumberSubstringsMatch
SYNTAX 2.16.840.1.101.2.2.2.1 ) ; ACPTelephoneFaxNumberSyntax
The attribute value for an ACP telephone number contains the
following substrings which are separated by commas (i.e., ","):
network or site identifier
telephone number
security device identifier
The maximum size of the network or site identifier substring is
six characters. In the example, the string "PSTN" would be the
value of this identifier.
For the telephone number substring, if the network is the PSTN,
then the format shall be as for a Telephone Number as defined in
X.520 [10] (i.e., CCITT E.123). Extension numbers shall be
DALLY Expires 28 November 1999 [Page 24]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
preceded by "ext." or other nationally defined equivalent. The
maximum length of this substring is 32 characters. In the
example, the string "+1 555 222 ext. 34" could be the value of
the telephone number.
The maximum size of the security device identifier substring is
eight characters. In the example, the string "STU III" would be
the value of this identifier.
The complete example value would be "PSTN, +1 555 222 ext. 34,
STU III".
The security device (and preceding substring separator ",") is
present only if the military telephone number is secured (i.e.,
attribute subtypes secureTelephoneNumber or secureFacsimileNumber).
Note that the equality and substring matching rule for this
attribute is not case sensitive and the substring matching rule is
case sensitive. Thus, it is recommended that the network/site
identifier and security device identifier are in upper case.
3.8 actionAddressees Attribute
An actionAddressees attribute value is the list of action
addressees of an ACP 127/JANAP 128 [4]/[5] collective, for
example, an AIG. An action addressee is expected to take action
appropriate on the message content, whereas an information
addressee receives the message for informational purposes only.
( 2.16.840.1.101.2.2.1.46 NAME 'actionAddressees'
EQUALITY 2.5.13.11 ; caseIgnoreListMatch
SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch
SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax
3.9 additionalAddressees Attribute
The additionalAddressees attribute value is a list of addressees
to be added to the actionAddressees list (value of the
actionAddressees attribute) under circumstances identified in the
remarks attribute in the same directory entry.
( 2.16.840.1.101.2.2.1.47 NAME 'additionalAddressees'
EQUALITY 2.5.13.11 ; caseIgnoreListMatch
SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch
SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax
3.10 additionalSecondPartyAddressees Attribute
The additionalSecondPartyAddressees attribute value is a list of
addressees to be added to the secondPartyAddressees list (value
of the secondPartyAddressees attribute) under circumstances
DALLY Expires 28 November 1999 [Page 25]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
identified in the remarks attribute in the same directory entry.
( 2.16.840.1.101.2.2.1.48 NAME 'additionalSecondPartyAddressees'
EQUALITY 2.5.13.11 ; caseIgnoreListMatch
SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch
SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax
3.11 administrator Attribute
The administrator attribute value represents the entity
responsible for the operation of a component when it is different
from the owner of the component. For example, the owner may be
a domain.
( 2.16.840.1.101.2.2.1.110 NAME 'administrator'
SUP 2.5.4.49 ) ; distinguishedName
3.12 aigsExpanded Attribute
The aigsExpanded attribute values are the names of the AIGs
expanded by a messaging gateway.
( 2.16.840.1.101.2.2.1.111 NAME 'aigsExpanded'
SUP 2.5.4.49 ) ; distinguishedName
3.13 aLExemptedAddressProcessor Attribute
The aLExemptedAddressProcessor attribute value is the ORName of
the address list processor for the address list where exempted
addresses are removed.
( 2.16.840.1.101.2.1.5.47 'aLExemptedAddressProcessor'
SYNTAX 2.16.840.1.101.2.2.2.10 ; O/R Name syntax
SINGLE-VALUE )
3.14 aliasPointer Attribute
The aliasPointer attribute type value points to alias directory
entries which might have to be modified if the directory entry
containing this attribute is modified. It is intended to be used
to maintain data consistency in the Directory Information
Base (DIB).
( 2.16.840.1.101.2.2.1.49 NAME 'aliasPointer'
EQUALITY 2.5.13.1 ; distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 ) ; DN
3.15 alid Attribute
The alid attribute value is the AL key material identifier.
DALLY Expires 28 November 1999 [Page 26]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.16.840.1.101.2.1.5.14 NAME 'alid'
EQUALITY 2.5.13.17 ; octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) ; Kmid = Octet String
3.16 allowableOriginators Attribute
The allowableOriginators attribute value is the name of an
ACP 127/JANAP 128 [4]/[5] collective that contains the list of
PLAs that are allowed to originate messages to this list.
( 2.16.840.1.101.2.2.1.50 NAME 'allowableOriginators'
EQUALITY 2.5.13.11 ; caseIgnoreListMatch
SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch
SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax
3.17 aLReceiptPolicy Attribute
The aLReceiptPolicy attribute value indicates address list's
signed receipt policy. This receipt policy supersedes the
originator's request for signed receipts (see ACP 120 [11]).
( 2.16.840.1.101.2.2.1.135 NAME 'aLReceiptPolicy'
SYNTAX 2.16.840.1.101.2.2.2.9 ; MLReceiptPolicy
SINGLE-VALUE )
3.18 alternateRecipient Attribute
The alternateRecipient attribute is used to designate an X.400
alternate recipient for a messaging user. It could be used by an
X.400 message originator to create an originator-assigned alternate
recipient address to be used by the MTS, if delivery to the
addressed recipient fails.
( 2.16.840.1.101.2.2.1.3 NAME 'alternateRecipient'
EQUALITY 2.5.13.1 ; distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
3.19 aLType Attribute
The aLType attribute value indicates the type of an address list
from these possibilities: AIG (Address Indicator Group), Type
Organization Collective, CAD (Collective Address Designator), and
Task Force.
( 2.16.840.1.101.2.2.1.112 NAME 'aLType'
EQUALITY 2.5.13.14 ; integerMatch
SYNTAX 2.16.840.1.101.2.2.2.8 ; Address List Type syntax
SINGLE-VALUE )
DALLY Expires 28 November 1999 [Page 27]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.20 aprUKMs Attribute
The aprUKMs (User Key Materials) attribute value is used in the
construction of selected symmetric confidentiality algorithms
for the month of April.
( 2.16.840.1.101.2.1.5.23 NAME 'aprUKMs'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax
; encapsulating
; MonthlyUKMs
SINGLE-VALUE )
3.21 associatedAL Attribute
The associatedAL attribute value points to the address list object
which replaces the ACP 127/JANAP 128 [4]/[5] task force PLA. It
assists in the transition from ACP 127/JANAP 128 [4]/[5] to X.400
addressing and the associated transition from the use of ACP 127/
JANAP 128 [4]/[5] collectives to the use of address lists.
( 2.16.840.1.101.2.2.1.113 NAME 'associatedAL'
EQUALITY 2.5.13.1 ; distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
3.22 associatedOrganization Attribute
The associatedOrganization attribute value points to the
organizationalUnit directory entry which represents the same
organizational messaging entity as the PLA directory entry
containing this attribute.
( 2.16.840.1.101.2.2.1.4 NAME 'associatedOrganization'
EQUALITY 2.5.13.1 ; distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
3.23 associatedPLA Attribute
The associatedPLA attribute value points to the ACP 127/JANAP 128
[4]/[5] directory entry for the same messaging entity as
represented by the Organizational Unit directory entry containing
this attribute.
( 2.16.840.1.101.2.2.1.6 NAME 'associatedPLA'
EQUALITY 2.5.13.1 ; distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
3.24 augUKMs Attribute
The augUKMs attribute value is used in the construction of selected
symmetric confidentiality algorithms for the month of August.
DALLY Expires 28 November 1999 [Page 28]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.16.840.1.101.2.1.5.27 NAME 'augUKMs'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax
; encapsulating
; MonthlyUKMs
SINGLE-VALUE )
3.25 cognizantAuthority Attribute
The cognizantAuthority attribute value indicates the administrator
for an ACP 127/JANAP 128 [4]/[5] collective.
( 2.16.840.1.101.2.2.1.51 NAME 'cognizantAuthority'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55}
SINGLE-VALUE )
3.26 collective-mhs-or-addresses Attribute
The collective-mhs-or-addresses attribute value is a value of
mhs-or-addresses that is applied at an administrative point.
( 2.16.840.1.101.2.2.1.134 1 NAME 'collective-mhs-or-addresses'
SUP 2.6.5.2.6 ) ; mhs-or-addresses
3.27 collectiveMilitaryFacsimileNumber Attribute
The collectiveMilitaryFacsimileNumber attribute value is a value of
militaryFacsimileNumber that is applied at an administrative point.
( 2.16.840.1.101.2.2.1.119 1 NAME 'collectiveMilitaryFacsimileNumber'
SUP 2.16.840.1.101.2.2.1.119 ) ; militaryFacsimileNumber
3.28 collectiveMilitaryTelephoneNumber Attribute
The collectiveMilitaryTelephoneNumber attribute value is a value of
militaryTelephoneNumber that is applied at an administrative point.
( 2.16.840.1.101.2.2.1.120 1 NAME 'collectiveMilitaryTelephoneNumber'
SUP 2.16.840.1.101.2.2.1.120 ) ; militaryTelephoneNumber
3.29 collectiveNationality Attribute
The collectiveNationality attribute value is a value of nationality
that is applied at an administrative point.
( 2.16.840.1.101.2.2.1.68 1 NAME 'collectiveNationality'
SUP 2.16.840.1.101.2.2.1.68 ) ; nationality
DALLY Expires 28 November 1999 [Page 29]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.30 collectiveSecureFacsimileNumber Attribute
The collectiveSecureFacsimileNumber attribute value is a value of
secureFacsimileNumber that is applied at an administrative point.
( 2.16.840.1.101.2.2.1.127 1 NAME 'collectiveSecureFacsimileNumber'
SUP 2.16.840.1.101.2.2.1.127 ) ; secureFacsimileNumber
3.31 collectiveSecureTelephoneNumber ATTRIBUTE
The collectiveSecureTelephoneNumber attribute value is a value of
secureTelephoneNumber that is applied at an administrative point.
( 2.16.840.1.101.2.2.1.128 1 NAME 'collectiveSecureTelephoneNumber'
SUP 2.16.840.1.101.2.2.1.128 ) ; secureTelephoneNumber
3.32 community Attribute
The community attribute value indicates whether an object belongs
to the GENSER (R) or SI (Y) community or both (R/Y).
( 2.16.840.1.101.2.2.1.52 NAME 'community'
SYNTAX 2.16.840.1.101.2.2.2.5 ; Community syntax
SINGLE-VALUE )
3.33 copyMember Attribute
The copyMember attribute value specifies a group of names
associated with the object represented by the directory entry.
In an address list directory entry, this attribute indicates the
"copy" or "info" members of the list as opposed to "primary" or
"action" members.
( 2.16.840.1.101.2.2.1.114 NAME 'copyMember'
SUP 2.5.4.31 ) ; member
3.34 decUKMs Attribute
The decUKMs attribute value is used in the construction of
selected CCEB symmetric confidentiality algorithms for the month
of December.
( 2.16.840.1.101.2.1.5.31 NAME 'decUKMs'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax
; encapsulating
; MonthlyUKMs
SINGLE-VALUE)
DALLY Expires 28 November 1999 [Page 30]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.35 distributionCodeAction Attribute
The distributionCodeAction attribute values identify the
distribution codes (including Subject Indicator Codes (SICs)) for
which an organization, person, or role handles messages for action.
( 2.16.840.1.101.2.2.1.104 NAME 'distributionCodeAction'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ; DistributionCode =
; PrintableString
3.36 distributionCodeInfo Attribute
The distributionCodeInfo attribute values identify the
distribution codes (including SICs) for which an organization,
person, or role handles messages for information.
( 2.16.840.1.101.2.2.1.105 NAME 'distributionCodeInfo'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 ) ; DistributionCode =
; PrintableString
3.37 dualRoute Attribute
The dualRoute attribute value indicates whether delivery of
messages for an organization to both the home and deployed sites
is required. If set to TRUE, dual delivery is required.
( 2.16.840.1.101.2.2.1.54 NAME 'dualRoute'
EQUALITY 2.5.13.13 ; booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ;
SINGLE-VALUE )
3.38 effectiveDate Attribute
The effectiveDate attribute value indicates when the directory
entry is to become valid.
( 2.16.840.1.101.2.2.1.55 NAME 'effectiveDate'
EQUALITY 2.5.13.27 ; generalizedTimeMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE )
3.39 entryClassification Attribute
The entryClassification attribute value indicates the
classification of the directory entry that contains this
attribute. The possible values are: unmarked, unclassified,
restricted, confidential, secret, and top secret.
DALLY Expires 28 November 1999 [Page 31]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.16.840.1.101.2.2.1.56 NAME 'entryClassification'
SYNTAX 2.16.840.1.101.2.2.2.4) ; Classification syntax
3.40 expirationDate Attribute
The expirationDate attribute value indicates the time at which the
directory entry becomes invalid.
( 2.16.840.1.101.2.2.1.57 NAME 'expirationDate'
EQUALITY 2.5.13.27 ; generalizedTimeMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE )
3.41 febUKMs Attribute
The febUKMs attribute value is used in the construction of
selected CCEB symmetric confidentiality algorithms for the month
of February.
( 2.16.840.1.101.2.1.5.21 NAME 'febUKMs'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax
; encapsulating
; MonthlyUKMs
SINGLE-VALUE )
3.42 gatewayType Attribute
The gatewayType attribute value is used to indicate the
translations a messaging gateway is capable of performing. The
translations that can be indicated are:
acp120-acp127-gateway
acp120-janap128-gateway
acp120-mhs-gateway
acp120-mmhs-gateway
acp120-rfc822-gateway
boundary MTA
mmhs-mhs-gateway
mmhs-rfc822-gateway
mta-acp127-gateway
( 2.16.840.1.101.2.2.1.115 NAME 'gatewayType'
EQUALITY 2.5.13.0 ; objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
3.43 ghpType Attribute
The ghpType attribute value is used to indicate the gateway
handling policy of an mta-acp127-gateway defined in
STANAG 4406 [12].
DALLY Expires 28 November 1999 [Page 32]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.16.840.1.101.2.2.1.116 NAME 'ghpType'
EQUALITY 2.5.13.0 ; objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
3.44 guard Attribute
The guard attribute value indicates the Name(s) of the
Guard Gateway.
( 2.16.840.1.101.2.2.1.117 NAME 'guard'
SUP 2.5.4.49 ) ; distinguishedName
3.45 host Attribute
The host attribute value gives an identifier for a host computer,
as defined in the COSINE and Internet X.500 Schema, RFC 1274 [13].
( 0.9.2342.19200300.100.1.9 NAME 'host'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ; limited to
; TeletexString or PrintableString
3.46 hostOrgACP127 Attribute
The hostOrgACP127 attribute value of a tenant PLA identifies the
PLA for the organization which accepts traffic for a tenant.
( 2.16.840.1.101.2.2.1.58 NAME 'hostOrgACP127'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55}
SINGLE-VALUE )
3.47 infoAddressees Attribute
The infoAddressees attribute value of an ACP 127/JANAP 128 [4]/[5]
collective contains the list of information addressees of
the collective.
( 2.16.840.1.101.2.2.1.59 NAME 'infoAddressees'
EQUALITY 2.5.13.11 ; caseIgnoreListMatch
SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch
SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax
3.48 janUKMs Attribute
The janUKMs attribute value is used in the construction of
selected CCEB symmetric confidentiality algorithms for the month
of January.
DALLY Expires 28 November 1999 [Page 33]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.16.840.1.101.2.1.5.20 NAME 'janUKMs'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax
; encapsulating
; MonthlyUKMs
SINGLE-VALUE )
3.49 julUKMs Attribute
The julUKMs attribute value is used in the construction of
selected CCEB symmetric confidentiality algorithms for the month
of July.
( 2.16.840.1.101.2.1.5.26 NAME 'julUKMs'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax
; encapsulating
; MonthlyUKMs
SINGLE-VALUE )
3.50 junUKMs ATTRIBUTE
The junUKMs attribute value is used in the construction of
selected CCEB symmetric confidentiality algorithms for the month
of June.
( 2.16.840.1.101.2.1.5.25 NAME 'junUKMs'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax
; encapsulating
; MonthlyUKMs
SINGLE-VALUE )
3.51 lastRecapDate Attribute
The lastRecapDate attribute value indicates when a list was last
recapped or validated.
( 2.16.840.1.101.2.2.1.60 NAME 'lastRecapDate'
EQUALITY 2.5.13.27 ; generalizedTimeMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE )
3.52 listPointer Attribute
The listPointer attribute value is used to point to address list
directory entries which might have to be modified if the entry
containing this attribute is modified. It is intended to be used
to maintain data consistency in the DIB.
( 2.16.840.1.101.2.2.1.61 NAME 'listPointer'
EQUALITY 2.5.13.1 ; distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
DALLY Expires 28 November 1999 [Page 34]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.53 lmf Attribute
The lmf (Language and Media Format) attribute value indicates the
language and media format that can be accepted between the two
communicating end-systems. Possible values include:
T tape
A ASCII (American Standard Code for Information
Interchange)
C card, etc.
( 2.16.840.1.101.2.2.1.62 NAME 'lmf'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{1}
SINGLE-VALUE )
3.54 longTitle Attribute
The longTitle attribute value is the expanded form of an
organization's PLA.
( 2.16.840.1.101.2.2.1.63 NAME 'longTitle'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{255} ;
SINGLE-VALUE )
3.55 mailDomains Attribute
The mailDomains attribute value is a string, which provides
information on the domains that the messaging gateway will bridge.
( 2.16.840.1.101.2.2.1.118 NAME 'mailDomains'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) ; DirectoryString
3.56 marUKMs Attribute
The marUKMs attribute value is used in the construction of
selected CCEB symmetric confidentiality algorithms for the month
of March.
( 2.16.840.1.101.2.1.5.22 NAME 'marUKMs'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax
; encapsulating
; MonthlyUKMs
SINGLE-VALUE )
DALLY Expires 28 November 1999 [Page 35]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.57 mayUKMs Attribute
The mayUKMs attribute value is used in the construction of
selected CCEB symmetric confidentiality algorithms for the month
of May.
( 2.16.840.1.101.2.1.5.24 NAME 'mayUKMs'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax
; encapsulating
; MonthlyUKMs
SINGLE-VALUE )
3.58 mhs-acceptable-eits Attribute
The mhs-acceptable-eits attribute value identifies a set of EITs
for messages. The user or distribution list, represented by the
directory entry, will accept delivery of or expand a message in
which any one of these eits is present.
( 2.6.5.2.17 NAME 'mhs-acceptable-eits'
EQUALITY 2.5.13.0 ; objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
; ExtendedEncodedInformationType = object identifier
3.59 mhs-deliverable-classes Attribute
The mhs-deliverable-classes attribute value identifies the classes
of messages whose delivery a UA, represented by the directory
entry, will accept.
( 2.6.5.2.19 NAME 'mhs-deliverable-classes'
EQUALITY 2.6.5.4.2 ; capabilityMatch
SYNTAX 2.16.840.1.101.2.2.2.13 ) ; Capability syntax
3.60 mhs-deliverable-content-types Attribute
The mhs-deliverable-content-types attribute values identify the
content types of the messages whose delivery the user, represented
by the directory entry, will accept.
( 2.6.5.2.1 NAME 'mhs-deliverable-content-types'
EQUALITY 2.5.13.0 ; objectIdentifierMatch
SYNTAX 1.3.4.1.4.1.1466.115.121.1.38 ) ; ExtendedContentType
; = object identifier
3.61 mhs-dl-archive-service Attribute
The mhs-dl-archive-service attribute value identifies a service
from which a user may request copies of messages previously
distributed by the address list represented by the directory entry.
DALLY Expires 28 November 1999 [Page 36]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.6.5.2.12 NAME 'mhs-dl-archive-service'
EQUALITY 2.6.5.4.0 ; oRNameExactMatch
SYNTAX 2.16.840.1.101.2.2.2.10 ) ; O/R Name syntax
3.62 mhs-dl-members Attribute
The mhs-dl-members attribute value is an OR-name which identifies
a member of the DL. This attribute may have multiple values each
of which identifies one member of the DL. When a DL is expanded,
each of the values of this attribute becomes a recipient of
the message.
( 2.6.5.2.3 NAME 'mhs-dl-members'
EQUALITY 2.6.5.4.0 ; oRNameExactMatch
SYNTAX 2.16.840.1.101.2.2.2.10 ) ; O/R Name syntax
3.63 mhs-dl-policy Attribute
The mhs-dl-policy attribute value identifies the choice of policy
options to be applied when expanding the address list represented
by the directory entry.
( 2.6.5.2.13 NAME 'mhs-dl-policy'
SYNTAX 2.16.840.1.101.2.2.2.14 ; DLPolicy syntax
SINGLE-VALUE )
3.64 mhs-dl-related-lists Attribute
The mhs-dl-related-lists attribute value identifies other address
lists which are, in some unspecified way, related to the address
list represented by the directory entry.
( 2.6.5.2.14 NAME 'mhs-dl-related-lists'
SUP 2.5.4.49 ; distinguishedName
EQUALITY 2.5.13.1 ; distinguishedNameMatch )
3.65 mhs-dl-submit-permissions Attribute
The mhs-dl-submit-permissions attribute values identify the users
and address lists that may submit messages to the address list
represented by the directory entry.
( 2.6.5.2.4 NAME 'mhs-dl-submit-permissions'
SYNTAX 2.16.840.1.101.2.2.2.15 ) ; DLSubmitPermission syntax
3.66 mhs-dl-subscription-service Attribute
The mhs-dl-subscription-service attribute value identifies a
service of which a user may request changes to the membership of
the address list represented by the directory entry, (e.g., for a
user to request to be added to the address list).
DALLY Expires 28 November 1999 [Page 37]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.6.5.2.15 NAME 'mhs-dl-subscription-service'
EQUALITY 2.6.5.4.0 ; oRNameExactMatch
SYNTAX 2.16.840.1.101.2.2.2.10 ) ; O/R Name syntax
3.67 mhs-exclusively-acceptable-eits Attribute
The mhs-exclusively-acceptable-eits attribute value identifies a
set of EITs for messages. The user or distribution list,
represented by the directory entry, will accept delivery of or
expand a message in which all of these EITs
are present.
( 2.6.5.2.2 NAME 'mhs-exclusively-acceptable-eits'
EQUALITY 2.5.13.0 ; objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
; ExtendedEncodedInformationType = object identifier
3.68 mhs-maximum-content-length Attribute
The mhs-maximum-content-length attribute value identifies the
maximum content length of the messages that can be handled by the
object represented by the directory entry. The object is a user
to whom the message would be delivered, an address list for which
expansion would be performed on the message, or an MTA to which
the message would be acceptable.
( 2.6.5.2.0 NAME 'mhs-maximum-content-length'
EQUALITY 2.5.13.14 ; integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 ; ContentLength = INTEGER
SINGLE-VALUE )
3.69 mhs-message-store-dn Attribute
The mhs-message-store-dn attribute value identifies by directory
name the message store of the user represented by the
directory entry.
( 2.6.5.2.5 NAME 'mhs-message-store-dn'
SUP 2.5.4.49 ; distinguishedName
EQUALITY 2.5.13.1 ; distinguishedNameMatch
SINGLE-VALUE )
3.70 mhs-or-addresses Attribute
The mhs-or-addresses attribute values specify the O/R addresses of
the user or address list represented by the directory entry.
( 2.6.5.2.6 NAME 'mhs-or-addresses'
EQUALITY 2.6.4.8.14 ; oRAddressMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.33 ) ; MHS OR Address syntax
DALLY Expires 28 November 1999 [Page 38]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.71 mhs-or-addresses-with-capabilities Attribute
The mhs-or-addresses-with-capabilities attribute values specify
the O/R addresses and the messaging capabilities associated with
each address of the user or address list represented by the
directory entry.
Recognized security labels are identified in ACP 123 [6].
Information about availability and nationality will be included
in the description.
If the address is served by a foreign nation, the International
Standard Organization 3166 [14] code of the country shall be
entered first.
If an OR-address is not operational on a 24 by 7 basis, the normal
daily schedule shall be given in start and stop times for each day
of operation. Planned down time also shall be given in start and
stop time.
( 2.6.5.2.16 NAME 'mhs-or-addresses-with-capabilities'
EQUALITY 2.6.5.4.1 ; addressCapabilitiesMatch
SYNTAX 2.16.840.1.101.2.2.2.16 ) ; AddressCapabilities syntax
3.72 mhs-supported-attributes Attribute
The mhs-supported-attributes attribute values identify the
attributes that the message store, represented by the directory
entry, fully supports.
( 2.6.5.2.10 NAME 'mhs-supported-attributes'
EQUALITY 2.5.13.0 ; objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
; MS-ATTRIBUTE.&id ({AttributeTable}) = object identifier
3.73 mhs-supported-automatic-actions Attribute
The mhs-supported-automatic-actions attribute values identify the
automatic actions that the message store, represented by the
directory entry, supports.
( 2.6.5.2.8 NAME 'mhs-supported-automatic-actions'
EQUALITY 2.5.13.0 ; objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
; AUTO-ACTION.&id ({AutoActionTable}) = object identifier
DALLY Expires 28 November 1999 [Page 39]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.74 mhs-supported-content-types Attribute
The mhs-supported-content-types attribute values identify the
content types of the messages whose syntax and semantics the
message store, represented by the directory entry, supports.
( 2.6.5.2.9 NAME 'mhs-supported-content-types'
EQUALITY 2.5.13.0 ; objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 ) ; ExtendedContentType
; = object identifier
3.75 mhs-supported-matching-rules Attribute
The mhs-supported-matching-rules attribute values identify the
matching rules that the message store, represented by the
directory entry, fully supports.
( 2.6.5.2.11 NAME 'mhs-supported-matching-rules'
EQUALITY 2.5.13.0 ; objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
; MATCHING-RULE.&id ({MatchingRuleTable}) = object
; identifier
3.76 mhs-unacceptable-eits Attribute
The mhs-undeliverable-eits attribute value identifies the encoded
information types of a message which would make a user not accept
delivery, or which would prevent an address list from doing
expansion on the message. The absence of this attribute indicates
that there are no EITs which are unacceptable. The presence of
the special value "id-eit-all" indicates that all EITs are
unacceptable except for those EITs identified by the
mhs-acceptable-eits or mhs-exclusively-acceptable-eits attributes.
( 2.6.5.2.18 NAME 'mhs-unacceptable-eits'
EQUALITY 2.5.13.0 ; objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
; ExtendedEncodedInformationType = object identifier
3.77 militaryFacsimileNumber Attribute
The militaryFacsimileNumber attribute value identifies a military
facsimile number, such as a Defense Switched Network (DSN) number
or Defence Fixed Telecommunications Service (DFTS) number, which
is associated with the object represented by the directory entry.
This attribute is a subtype of aCPTelephoneFaxNumber. An example
of a militaryFacsimileNumber value is "DFTS, 555 1111 ext 25".
( 2.16.840.1.101.2.2.1.119 NAME 'militaryFacsimileNumber'
SUP 2.16.840.1.101.2.2.1.94 ) ; aCPTelephoneFaxNumber
DALLY Expires 28 November 1999 [Page 40]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.78 militaryTelephoneNumber Attribute
The militaryTelephoneNumber attribute value identifies a military
telephone number, such as a DSN number, which is associated with
the object represented by the directory entry.
This attribute is a subtype of aCPTelephoneFaxNumber. An example
of a militaryTelephoneNumber value is "DSN, 555-333".
( 2.16.840.1.101.2.2.1.120 NAME 'militaryTelephoneNumber'
SUP 2.16.840.1.101.2.2.1.94 ) ; aCPTelephoneFaxNumber
3.79 minimize Attribute
The minimize attribute value indicates whether an organization,
person, or role, represented by the directory entry, is under the
MINIMIZE condition. If so, the message originators are
responsible for not sending unnecessary messages to the recipient.
( 2.16.840.1.101.2.2.1.64 NAME 'minimize'
EQUALITY 2.5.13.13 ; booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
3.80 minimizeOverride Attribute
The minimizeOverride attribute value is used by the Message
Conversion System (MCS) to determine whether the MINIMIZE
condition will be enforced when a message is originated by this
PLA. If the value is FALSE, override does not occur and MINIMIZE
is enforced. If the value is TRUE, MINIMIZE is not enforced.
( 2.16.840.1.101.2.2.1.65 NAME 'minimizeOverride'
EQUALITY 2.5.13.13 ; booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
3.81 nameClassification Attribute
The nameClassification attribute value indicates the security
classification of the name of the directory entry itself.
( 2.16.840.1.101.2.2.1.67 NAME 'nameClassification'
SYNTAX 2.16.840.1.101.2.2.2.4 ) ; Classification
3.82 nationality Attribute
The nationality attribute value names the country which "owns" an
entity. For an individual, it would be the nationality of the
person. The standard Country Name attribute is used to denote the
location of the entity.
DALLY Expires 28 November 1999 [Page 41]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.16.840.1.101.2.2.1.68 NAME 'nationality'
SUP 2.5.4.41 ; name
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{2} ; exactly 2 characters
SINGLE-VALUE )
3.83 networkDN Attribute
The networkDN attribute value contains the full DN of a network
and may be used to reference the entry for the network from
another entry (e.g., used in the Network Instructions entry to
reference the entry for the accessed network).
( 2.16.840.1.101.2.2.1.121 NAME 'networkDN'
EQUALITY 2.5.13.1 ; distinguishedNameMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
3.84 networkSchema Attribute
The networkSchema attribute value is a graphical representation
of a network. It describes the structure of the network and
details any rules associated with that network.
( 2.16.840.1.101.2.2.1.122 NAME 'networkSchema'
SYNTAX 2.16.840.1.101.2.2.2.7 ) ; GraphicString
3.85 novUKMs Attribute
The novUKMs attribute value is used in the construction of
selected CCEB symmetric confidentiality algorithms for the month
of November.
( 2.16.840.1.101.2.1.5.30 NAME 'novUKMs'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax
; encapsulating
; MonthlyUKMs
SINGLE-VALUE )
3.86 octUKMs Attribute
The octUKMs attribute value is used in the construction of
selected CCEB symmetric confidentiality algorithms for the month
of October.
( 2.16.840.1.101.2.1.5.29 NAME 'octUKMs'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax
; encapsulating
; MonthlyUKMs
SINGLE-VALUE )
DALLY Expires 28 November 1999 [Page 42]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.87 onSupported Attribute
The onSupported attribute value indicates the types of
notifications, besides MHS notifications, generated by an
mta-acp127-type of gateway. The gateway may generate all or none
of the notifications. If the attribute is absent, the gateway
does none of the notifications.
( 2.16.840.1.101.2.2.1.123 NAME 'onSupported'
EQUALITY 2.5.13.16 ; bitStringMatch
SYNTAX 2.16.840.1.101.2.2.2.3 ; otherNotificationsSupported
SINGLE-VALUE )
3.88 operationName Attribute
The operationName attribute value is the name of an official
military operation. For example, when used in the definition of
a network (i.e., in a Network directory entry), it could be the
TURQUOISE operation which develops a RITA network.
( 2.16.840.1.101.2.2.1.124 NAME 'operationName'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
3.89 plaAddressees Attribute
The plaAddressees attribute value of an ACP 127/JANAP 128 [4]/[5]
collective contains the list of action and information addressees
of the collective. It is used for some types of collectives
instead of separating action and information addressees.
( 2.16.840.1.101.2.2.1.71 NAME 'plaAddressees'
EQUALITY 2.5.13.11 ; caseIgnoreListMatch
SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch
SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees syntax
3.90 plaNameACP127 Attribute
The plaNameACP127 attribute value is the object's (represented by
the directory entry) ACP 127/JANAP 128 [4]/[5] PLA. A PLA is
sometimes called the Signal Message Address or registered PLA.
The long form of the PLA name is represented in the ACP 133 [1]
by the longTitle attribute.
( 2.16.840.1.101.2.2.1.70 NAME 'plaNameACP127'
SUP 2.5.4.41 ; name
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55}
SINGLE-VALUE )
DALLY Expires 28 November 1999 [Page 43]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.91 plaReplace Attribute
The plaReplace attribute value is used by ACP 127/JANAP 128
[4]/[5]. When an "alternate spelling" PLA is addressed on a
message, the MCS will look at the value of this attribute in the
PLA's directory entry. If set, the alternate spelling on the
message will be replaced with the "primary" or correct spelling.
(Each alternate spelling has a pointer to the primary PLA.)
( 2.16.840.1.101.2.2.1.72 NAME 'plaReplace'
EQUALITY 2.5.13.13 ; booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
3.92 plasServed Attribute
The plasServed attribute value is a list of the PLAs accessible
through a gateway.
( 2.16.840.1.101.2.2.1.138 NAME 'plasServed'
SUP 2.5.4.41 ) ; name
3.93 positionNumber Attribute
The position number attribute value is used by government and
Defense agencies to identify uniquely each individual's position,
and possibly role and duties, within the organization.
( 2.16.840.1.101.2.2.1.125 NAME 'positionNumber'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
3.94 primarySpellingACP127
The primarySpellingACP127 attribute value of an Alternate
Spelling PLA directory entry is the object's correct PLA spelling.
( 2.16.840.1.101.2.2.1.73 NAME 'primarySpellingACP127'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55}
SINGLE-VALUE )
3.95 proprietaryMailboxes Attribute
The proprietaryMailboxes attribute value identifies a mailbox
identifier that can be used to address mail within the local
proprietary domain, such as cc:mail.
DALLY Expires 28 November 1999 [Page 44]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.16.840.1.101.2.2.1.126 NAME 'proprietaryMailboxes'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
3.96 publish Attribute
The publish attribute value indicates whether this PLA should be
published in the Message Address Directory or the ACP 117 [15].
Access controls may be set based on this attribute.
( 2.16.840.1.101.2.2.1.74 NAME 'publish'
EQUALITY 2.5.13.13 ; booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
3.97 rank Attribute
The value of the rank attribute type contains the military or
civilian rank of an individual such as Major or civilian grade.
( 2.16.840.1.101.2.2.1.133 NAME 'rank'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
3.98 recapDueDate Attribute
The recapDueDate attribute value indicates when a list is expected
to be recapped or validated.
( 2.16.840.1.101.2.2.1.75 NAME 'recapDueDate'
EQUALITY 2.5.13.27 ; generalizedTimeMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE )
3.99 releaseAuthorityName Attribute
The releaseAuthorityName attribute value is a relative
distinguished name of a release authority for an organization.
( 2.16.840.1.101.2.2.1.45 NAME 'releaseAuthorityName'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{64} )
3.100 remarks Attribute
The remarks attribute value is textual information associated
with a PLA's directory entry. These remarks may be instructions
rather than a description of the entity.
DALLY Expires 28 November 1999 [Page 45]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.16.840.1.101.2.2.1.76 NAME 'remarks'
EQUALITY 2.5.13.11 ; caseIgnoreListMatch
SYNTAX 2.16.840.1.101.2.2.2.11 ) ; Remarks
3.101 rfc822Mailbox Attribute
As defined in the COSINE/Internet schema, RFC 1274 [13], the
rfc822Mailbox attribute value is an electronic mailbox identifier
following the syntax in RFC 822 [16]. An example for a user on a
military network is "user@host.Service.mil".
There is an issue with this attribute. The problem is that the
caseIgnoreIA5StringSyntax from RFC 1274 [13] must be broken into
the more recent form of separate syntax definition and matching
rules. In fact, object identifiers are assigned and definitions
given in RFC 2252 [2] to an IA5String attribute syntax and a
caseIgnoreIA5Match matching rule. However, a
caseIgnoreIA5SubstringsMatch matching rule is not defined in
RFC 2252 [2] or RFC 2256 [3]. A remedy, including an object
identifier, is specified in the Internet-Draft
draft-smith-ldap-inetorgperson-03.txt [19]:
"caseIgnoreIA5SubstringsMatch
( 1.3.6.1.4.1.1466.109.114.3 NAME
'caseIgnoreIA5SubstringsMatch'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
"This rules determines whether the initial, any and final
substring elements in a presented value are present in an
attribute value of syntax IA5 String without regard to the
case of the letters in the strings. It is expected that this
matching rule will be added to an update of RFC 2252."
Using the draft caseIgnoreIA5SubstringsMatch matching rule, the
rfc822Mailbox attribute definition would be:
( 0.9.2342.19200300.100.1.3 NAME 'mail'
EQUALITY 1.3.6.1.4.1.1466.109.114.2 ; caseIgnoreIA5Match
SUBSTR 1.3.6.1.4.1.1466.109.114.3
; caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) ; IA5String
Finalization of the definition of the rfc822Mailbox attribute
depends on approval for the caseIgnoreIA5SubstringsMatch matching
rule.
DALLY Expires 28 November 1999 [Page 46]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.102 rI Attribute
The rI (Routing Indicator) attribute value is the information
mapped to in ACP 127/JANAP 128 [4]/[5] from a user's PLA name.
Users are named by their PLA names and delivered to by their
routing indicator values, analogous to Directory Names and O/R
Addresses for X.400 users.
( 2.16.840.1.101.2.2.1.77 NAME 'rI'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{7} )
; exactly 7 characters
3.103 rIClassification Attribute
The rIClassification attribute value indicates the highest
classification of data allowed to be processed by a
specified device.
( 2.16.840.1.101.2.2.1.78 NAME 'rIClassification'
SYNTAX 2.16.840.1.101.2.2.2.4 ) ; Classification
3.104 rIInfo Attribute
The rIInfo attribute value is RI values with the associated
properties of each RI.
( 2.16.840.1.101.2.2.1.79 NAME 'rIInfo'
SYNTAX 2.16.840.1.101.2.2.2.12 ) ; RIParameters
3.105 roomNumber Attribute
The roomNumber attribute value identifies a room number, as
defined in the COSINE/Internet schema, RFC 1274 [13].
( 0.9.2342.19200300.100.1.6 NAME 'roomNumber'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) ; limited to
; TeletexString or PrintableString
3.106 secondPartyAddressees Attribute
The secondPartyAddressees attribute value is a list of second
party action PLAs.
( 2.16.840.1.101.2.2.1.80 NAME 'secondPartyAddressees'
EQUALITY 2.5.13.11 ; caseIgnoreListMatch
SUBSTR 2.5.13.12 ; caseIgnoreListSubstringsMatch
SYNTAX 2.16.840.1.101.2.2.2.2 ) ; Addressees
DALLY Expires 28 November 1999 [Page 47]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.107 section Attribute
The section attribute value is set to TRUE if the receiving PLA
requires message sectioning to be performed. This is required to
transition users with slow-speed terminals.
( 2.16.840.1.101.2.2.1.81 NAME 'section'
EQUALITY 2.5.13.13 ; booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
3.108 secureFacsimileNumber Attribute
The secureFacsimileNumber attribute value is a facsimile number
that is used for secure communication with the object represented
by the directory entry.
This attribute is a subtype of aCPTelephoneFaxNumber. An example
of a secureFacsimileNumber value is "DSN, 555-333".
( 2.16.840.1.101.2.2.1.127 NAME 'secureFacsimileNumber'
SUP 2.16.840.1.101.2.2.1.94 ; aCPTelephoneFaxNumber )
3.109 secureTelephoneNumber Attribute
The secureTelephoneNumber attribute value is a telephone number
of a secure device, such as STU II or STU III, that is used for
secure communication with the object represented by the directory
entry.
This attribute is a subtype of aCPTelephoneFaxNumber. An example
of a secureTelephoneNumber value is "PSTN, +1 555 222, STU III".
( 2.16.840.1.101.2.2.1.128 NAME 'secureTelephoneNumber'
SUP 2.16.840.1.101.2.2.1.94 ; aCPTelephoneFaxNumber )
3.110 sepUKMs Attribute
The sepUKMs attribute value is used in the construction of
selected CCEB symmetric confidentiality algorithms for the month
of September.
( 2.16.840.1.101.2.1.5.28 NAME 'sepUKMs'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 ; binary syntax
; encapsulating
; MonthlyUKMs
SINGLE-VALUE )
DALLY Expires 28 November 1999 [Page 48]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
3.111 serviceNumber Attribute
The serviceNumber attribute value is the staff identifier number
used by government and defense agencies for purposes such as
payroll references, medical records, human resources, and
duty rosters.
( 2.16.840.1.101.2.2.1.129 NAME 'serviceNumber'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
3.112 serviceOrAgency Attribute
The serviceOrAgency attribute value is an identifier of the
Service or agency to which the PLA belongs.
( 2.16.840.1.101.2.2.1.82 NAME 'serviceOrAgency'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{4}
SINGLE-VALUE )
3.113 sHD Attribute
The sHD (specialHandlingDesignator) attribute value is a string
containing the special handling designator which an entity,
address, or routing indicator can support.
( 2.16.840.1.101.2.2.1.83 NAME 'sHD'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{7} )
3.114 shortTitle Attribute
The shortTitle attribute value is a PLA name used for Signal
Intelligence (SIGINT) related communications.
( 2.16.840.1.101.2.2.1.84 NAME 'shortTitle'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55}
SINGLE-VALUE )
3.115 sigad Attribute
The sigad (SIGINT Address) attribute value is a PLA name used for
sensitive SIGINT related communications.
DALLY Expires 28 November 1999 [Page 49]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.16.840.1.101.2.2.1.85 NAME 'sigad'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{8} ; 5 - 8 characters
SINGLE-VALUE )
3.116 spot Attribute
The spot attribute value identifies a special project address
list or collective.
( 2.16.840.1.101.2.2.1.86 NAME 'spot'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SUBSTR 2.5.13.4 ; caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{55}
SINGLE-VALUE )
3.117 tARE Attribute
The tARE (Telegraph Automatic Relay Equipment) attribute value is
a flag that specifies delivery responsibility for a message that
is received by an intermediary. The flag is set in the directory
entry for the intended recipient.
( 2.16.840.1.101.2.2.1.87 NAME 'tARE'
EQUALITY 2.5.13.13 ; booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
3.118 tCC Attribute
The tCC (Transmission Control Code) attribute value specifies a
message handling instruction used in the RI.
( 2.16.840.1.101.2.2.1.96 NAME 'tCC'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{3} ; exactly 3 characters
SINGLE-VALUE )
3.119 transferStation Attribute
The transferStation attribute value indicates whether a message
for the entity should be sent to a communications processing and
routing system, called a transfer station. For example, a Naval
Communications Processing and Routing System (NAVCOMPARS) is a
transfer station. If this attribute is TRUE, traffic should be
routed to a transfer station.
DALLY Expires 28 November 1999 [Page 50]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
( 2.16.840.1.101.2.2.1.69 NAME 'transferStation'
EQUALITY 2.5.13.13 ; booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE )
3.120 tRC Attribute
The tRC (Transmission Release Code) attribute value is the
classification of data used in the routing indicator. Possible
values include:
A Australia
B British Commonwealth less Canada, Australia, and
New Zealand
C Canada
U US
X Belgium, Denmark, France, Germany, Greece, Italy,
Netherlands, Norway, Portugal, Turkey, NATO
Z New Zealand
( 2.16.840.1.101.2.2.1.97 NAME 'tRC'
EQUALITY 2.5.13.2 ; caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{1}
SINGLE-VALUE )
DALLY Expires 28 November 1999 [Page 51]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
4. NAME FORMS
4.1 cRLDistPtNameForm
( 2.5.15.14 NAME 'cRLDistPtNameForm'
OC 2.5.6.19 ; cRLDistributionPoint
MUST 2.5.4.3 ) ; cn
4.2 countryNameForm
( 2.5.15.0 NAME 'countryNameForm'
OC 2.5.6.2 ; country
MUST 2.5.4.6 ) ; countryName
4.3 locNameForm
( 2.5.15.1 NAME 'locNameForm'
OC 2.5.6.3 ; locality
MUST 2.5.4.7 ) ; localityName
4.4 sOPNameForm
( 2.5.15.2 NAME 'sOPNameForm'
OC 2.5.6.3 ; locality
MUST 2.5.4.8 ) ; stateOrProvinceName
4.5 gONNameForm
( 2.5.15.8 NAME 'gONNameForm'
OC 2.5.6.9 ; groupOfNames
MUST 2.5.4.3 ) ; cn
4.6 applProcessNameForm
( 2.5.15.10 NAME 'applProcessNameForm'
OC 2.5.6.11 ; applicationProcess
MUST 2.5.4.3 ) ; cn
4.7 dSANameForm
( 2.5.15.12 NAME 'dSANameForm'
OC 2.5.6.13 ; dSA
MUST 2.5.4.3 ) ; cn
4.8 deviceNameForm
( 2.5.15.13 NAME 'deviceNameForm'
OC 2.5.6.14 ; device
MUST 2.5.4.3 ) ; cn
DALLY Expires 28 November 1999 [Page 52]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
4.9 addressListNameForm
( 2.16.840.1.101.2.2.4.27 NAME 'addressListNameForm'
OC 2.16.840.1.101.2.2.3.57 ; addressList
MUST 2.5.4.3 ) ; cn
4.10 aENameForm
( 2.16.840.1.101.2.2.4.34 NAME 'aENameForm'
OC 2.5.6.12 ; applicationEntity
MUST 2.5.4.3 ; cn
MAY 2.5.4.46 ) ; dnQualifier
4.11 aliasCNNameForm
( 2.16.840.1.101.2.2.4.21 NAME 'aliasCNNameForm'
OC 2.16.840.1.101.2.2.3.52 ; aliasCommonName
MUST 2.5.4.3 ) ; cn
4.12 aliasOUNameForm
( 2.16.840.1.101.2.2.4.22 NAME 'aliasOUNameForm'
OC 2.16.840.1.101.2.2.3.53 ; aliasOrganizationalUnit
MUST 2.5.4.11 ) ; ou
4.13 alternateSpellingPLANameForm
( 2.16.840.1.101.2.2.4.4 NAME 'alternateSpellingPLANameForm'
OC 2.16.840.1.101.2.2.3.58 ; altSpellingACP127
MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127
4.14 cadPLANameForm
( 2.16.840.1.101.2.2.4.6 NAME 'cadPLANameForm'
OC 2.16.840.1.101.2.2.3.28 ; cadACP127
MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127
4.15 distributionCodeDescriptionNameForm
( 2.16.840.1.101.2.2.4.23 NAME 'distributionCodeDescriptionNameForm'
OC 2.16.840.1.101.2.2.3.55 ; distributionCodeDescription
MUST 2.5.4.3 ) ; cn
4.16 messagingGatewayNameForm
( 2.16.840.1.101.2.2.4.28 NAME 'messagingGatewayNameForm'
OC 2.16.840.1.101.2.2.4.59 ; messagingGateway
MUST 2.5.4.3 ) ; cn
DALLY Expires 28 November 1999 [Page 53]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
4.17 mhs-dLNameForm
( 2.16.840.1.101.2.2.4.29 NAME 'mhs-dLNameForm'
OC 2.6.5.1.0 ; mhs-distribution-list
MUST 2.5.4.3 ) ; cn
4.18 mLANameForm
( 2.16.840.1.101.2.2.4.9 NAME 'mLANameForm'
OC 2.16.840.1.101.2.2.3.31 ; mLA
MUST 2.5.4.3 ) ; cn
4.19 mLAgentNameForm
( 2.16.840.1.101.2.2.4.40 NAME 'mLAgentNameForm'
OC 2.16.840.1.101.2.2.3.64 ; mLAgent
MUST 2.5.4.3 ) ; cn
4.20 mSNameForm
( 2.16.840.1.101.2.2.4.24 NAME 'mSNameForm'
OC 2.6.5.1.1 ; mhs-message-store
MUST 2.5.4.3 ) ; cn
4.21 mTANameForm
( 2.16.840.1.101.2.2.4.25 NAME 'mTANameForm'
OC 2.6.5.1.2 ; mhs-message-transfer-agent
MUST 2.5.4.3 ) ; cn
4.22 mUANameForm
( 2.16.840.1.101.2.2.4.26 NAME 'mUANameForm'
OC 2.6.5.1.4 ; mhs-user-agent
MUST 2.5.4.3 ) ; cn
4.23 networkNameForm
( 2.16.840.1.101.2.2.4.30 NAME 'networkNameForm'
OC 2.16.840.1.101.2.2.3.60 ; network
MUST 2.5.4.3 ) ; cn
4.24 networkInstructionsNameForm
( 2.16.840.1.101.2.2.4.31 NAME 'networkInstructionsNameForm'
OC 2.16.840.1.101.2.2.3.61 ; networkInstructions
MUST 2.5.4.3 ) ; cn
DALLY Expires 28 November 1999 [Page 54]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
4.25 organizationalPLANameForm
( 2.16.840.1.101.2.2.4.12 NAME 'organizationalPLANameForm'
OC 2.16.840.1.101.2.2.3.34 ; orgACP127
MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127
4.26 organizationNameForm
( 2.16.840.1.101.2.2.4.35 NAME 'organizationNameForm'
OC 2.5.6.4 ; organization
MUST 2.5.4.10 ; organizationName
MAY 2.5.4.46 ) ; dnQualifier
4.27 orgRNameForm
( 2.16.840.1.101.2.2.4.37 NAME 'orgRNameForm'
OC 2.5.6.8 ; organizationalRole
MUST 2.5.4.3 ; cn
MAY 2.5.4.46 ) ; dnQualifier
4.28 orgUNameForm
( 2.16.840.1.101.2.2.4.38 NAME 'orgUNameForm'
OC 2.5.6.5 ; organizationalUnit
MUST 2.5.4.11 ; organizationalUnitName
MAY 2.5.4.46 ) ; dnQualifier
4.29 plaCollectiveNameForm
( 2.16.840.1.101.2.2.4.13 NAME 'plaCollectiveNameForm'
OC 2.16.840.1.101.2.2.3.35 ; plaCollectiveACP127
MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127
4.30 qualifiedOrgPersonNameForm
( 2.16.840.1.101.2.2.4.36 NAME 'qualifiedOrgPersonNameForm'
OC 2.5.6.7 ; organizationalPerson
MUST 2.5.4.3 ; cn
MAY ( 2.5.4.46 ; dnQualifier
$ 2.5.4.11 ) ; organizationalUnitName
4.31 releaseAuthorityPersonNameForm
( 2.16.840.1.101.2.2.4.32 NAME 'releaseAuthorityPersonNameForm'
OC 2.16.840.1.101.2.2.3.63 ; releaseAuthorityPerson
MUST 2.16.840.1.101.2.2.1.45 ) ; releaseAuthorityName
DALLY Expires 28 November 1999 [Page 55]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
4.32 releaseAuthorityPersonANameForm
( 2.16.840.1.101.2.2.4.39 NAME 'releaseAuthorityPersonANameForm'
OC 2.16.840.1.101.2.2.3.65 ; releaseAuthorityPersonA
MUST 2.16.840.1.101.2.2.1.45 ) ; releaseAuthorityName
4.33 routingIndicatorNameForm
( 2.16.840.1.101.2.2.4.15 NAME 'routingIndicatorNameForm'
OC 2.16.840.1.101.2.2.3.37 ; routingIndicator
MUST 2.16.840.1.101.2.2.1.77 ) ; rI
4.34 sigintPLANameForm
( 2.16.840.1.101.2.2.4.16 NAME 'sigintPLANameForm'
OC 2.16.840.1.101.2.2.3.38 ; sigintPLA
MUST 2.16.840.1.101.2.2.1.85 ) ; sigad
4.35 sIPLANameForm
( 2.16.840.1.101.2.2.4.17 NAME 'sIPLANameForm'
OC 2.16.840.1.101.2.2.3.39 ; sIPLA
MUST 2.16.840.1.101.2.2.1.63 ) ; longTitle
4.36 spotPLANameForm
( 2.16.840.1.101.2.2.4.18 NAME 'spotPLANameForm'
OC 2.16.840.1.101.2.2.3.40 ; spotPLA
MUST 2.16.840.1.101.2.2.1.86 ) ; spot
4.37 taskForcePLANameForm
( 2.16.840.1.101.2.2.4.19 NAME 'taskForcePLANameForm'
OC 2.16.840.1.101.2.2.3.41 ; taskForceACP127
MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127
4.38 tenantPLANameForm
( 2.16.840.1.101.2.2.4.20 NAME 'tenantPLANameForm'
OC 2.16.840.1.101.2.2.3.42 ; tenantACP127
MUST 2.16.840.1.101.2.2.1.70 ) ; plaNameACP127
DALLY Expires 28 November 1999 [Page 56]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
5. MATCHING RULES
5.1 addressCapabilitiesMatch Matching Rule
( 2.6.5.4.1 NAME 'addressCapabilitiesMatch'
SYNTAX 2.16.840.1.101.2.2.2.16 ) ; Address Capabilities syntax
5.2 capabilityMatch Matching Rule
( 2.6.5.4.2 NAME 'capabilityMatch'
SYNTAX 2.16.840.1.101.2.2.2.13 ) ; Capability syntax
5.3 oRAddressMatch Matching Rule
( 2.6.4.8.14 NAME 'oRAddressMatch'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.33 )
5.4 oRNameExactMatch Matching Rule
( 2.6.5.4.0 NAME 'oRNameExactMatch'
SYNTAX 2.16.840.1.101.2.2.2.10 ) ; O/R Name syntax
5.5 caseIgnoreListSubstringsMatch Matching Rule
( 2.5.13.12 NAME 'caseIgnoreListSubstringsMatch'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 ) ; Substring Assertion
5.6 booleanMatch Matching Rule
( 2.5.13.13 NAME 'booleanMatch'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 ) ;
DALLY Expires 28 November 1999 [Page 57]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
6. ATTRIBUTE SYNTAXES
6.1 aCPTelephoneFaxNumber Attribute Syntax
( 2.16.840.1.101.2.2.2.1 DESC 'aCPTelephoneFaxNumber syntax' )
Values in this syntax are encoded according to the following BNF:
aCPTelephoneFaxNumber = netid ", " telephonenum [ ", "
securedevid ]
nocommap = a /d / """ / "(" / ")" / "+" / "-" / "." / "/" /
":" / "?" / " "
netid = 1*6nocommap
telephonenum = 1*32nocommap
securdevid = 1*8p
For more information, see ACP 133 [1], Annex B, clause 24.
6.2 Addressees Attribute Syntax
( 2.16.840.1.101.2.2.2.2 DESC 'Addressees' )
Values in this syntax are encoded according to the following BNF:
addressees = [ 1*55p *( "$" 1*55p ) ]
That is, if the Addressees value is an empty sequence, the result
is the empty or zero length string. Otherwise, the output consists
of the PrintableString encoding of each element in the sequence,
in the same order as in the sequence with "$" between the elements.
6.3 otherNotificationsSupported Abstract Syntax for the onSupported
Attribute
( 2.16.840.1.101.2.2.2.3 DESC 'otherNotificationsSupported' )
Values in this syntax are encoded according to the following BNF:
otherNotificationsSupported = namedbits / bitstring
namedbits = "{" [ namedbit *( "," namedbit ) ] "}"
namedbit = "acp127-nn" / "acp127-pn" / "acp127-tn"
bitstring = "'" *binary-digit "'B"
binary-digit = "0" / "1"
DALLY Expires 28 November 1999 [Page 58]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
The presence of the name of a namedbit in the namedbits
alternative means that the value of the bit is 1. The value of
an absent namedbit is 0.
6.4 Classification Attribute Syntax
( 2.16.840.1.101.2.2.2.4 DESC 'Classification' )
The encoding of a value in this syntax is any one of the INTEGER
values: 0, 1, 2, 3, 4, or 5, where:
0 means unmarked,
1 means unclassified,
2 means restricted,
3 means confidential,
4 means secret, and
5 means top secret
6.5 Community Abstract Syntax for the community Attribute
( 2.16.840.1.101.2.2.2.5 DESC 'Community syntax' )
The encoding of a value in this syntax is any one of the INTEGER
values: 0, 1, or 2, where:
0 means GENSER,
1 means SI, and
2 means both
6.6 aCPPreferredDelivery Attribute Syntax for the
aCPPreferredDelivery Attribute
( 2.16.840.1.101.2.2.2.6 DESC 'aCPPreferredDelivery syntax' )
The encoding of a value in this syntax is any one of the INTEGER
values: 0, 1, or 2, where:
0 means SMTP,
1 means ACP 127, and
2 means MHS
6.7 GraphicString Attribute Syntax
( 2.16.840.1.101.2.2.2.7 DESC 'GraphicString' )
The encoding of a value in this syntax is the string value itself.
6.8 addressListType Attribute Syntax for the aLType Attribute
( 2.16.840.1.101.2.2.2.8 DESC 'addressListType' )
DALLY Expires 28 November 1999 [Page 59]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
Values in this syntax are encoded according to the following BNF:
addressListType = [ "-" ] numericstring ; an INTEGER, where:
; 0 means AIG,
; 1 means TYPE,
; 2 means CAD, and
; 3 means TASKFORCE
Note that future definitions of this syntax may assign a standard
meaning to another integer value, e.g., 4 means XXX.
6.9 MLReceiptPolicy Attribute Syntax
( 2.16.840.1.101.2.2.2.9 DESC 'MLReceiptPolicy' )
Values in this syntax are encoded according to the following BNF:
mLReceiptPolicy = none / insteadof / inadditionto
none = "none"
insteadof = "instead of" generalnames *15( "$" generalnames )
inadditionto = "in addition to" generalnames
*15( "$" generalnames )
generalnames = generalname *( "%" generalname )
generalname = ( "otherName = " othername ) /
( "rfc822Name = " ia5string ) /
( "dNSName = " ia5string ) /
( "x400Address = " oraddress ) /
( "directoryName = " name ) /
( "ediPartyName = "
[ "nameAssigner:" directorystring ]
"partyName:" directorystring ) /
( "uniformResourceIdentifier = " ia5string ) /
( "iPAddress = " octetstring ) /
( "registeredID = " numericoid )
othername = ; the BER encoding of the type and value pair
; for an instance of any data type that is
; specified to be an OTHER-NAME type.
ia5string = ; IA5 String syntax 1.3.6.1.4.1.1466.115.121.1.26
oraddress = ; MHS OR Address syntax
; 1.3.6.1.4.1.1466.115.121.1.33
name = ; DN syntax 1.3.6.1.4.1.1466.115.121.1.12
DALLY Expires 28 November 1999 [Page 60]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
directorystring = ; Directory String syntax
; 1.3.6.1.4.1.1466.115.121.1.15
octetstring = ; Octet String syntax
; 1.3.6.1.4.1.1466.115.121.1.40
6.10 ORName Attribute Syntax from X.411 [18]
( 2.16.840.1.101.2.2.2.10 DESC 'ORName' )
Values in this syntax are encoded according to the following BNF:
oRName = oraddress [ "|" name ]
oraddress = ; MHS OR Address syntax
; 1.3.6.1.4.1.1466.115.121.1.33
name = ; DN syntax 1.3.6.1.4.1.1466.115.121.1.12
6.11 Remarks Attribute Syntax
( 2.16.840.1.101.2.2.2.11 DESC 'Remarks syntax' )
Values in this syntax are encoded according to the following BNF:
remarks = [ *p *( "$" *p ) ]
6.12 RIParameters Attribute Syntax
( 2.16.840.1.101.2.2.2.12 DESC 'RIParameters' )
Values in this syntax are encoded according to the following BNF:
rIParameters = "rI=" 7*7p whsp
"rIType=" numericstring whsp ; an INTEGER in
; the range 0 - 2, where
; 0 means normal,
; 1 means off-line, and
; 2 means partTimeTerminal
"minimize=FALSE" whsp
"sHD=" 7*7p whsp
"classification=" numericstring ; an INTEGER
; in the range 0 - 5, where
; 0 means unmarked,
; 1 means unclassified,
; 2 means restricted,
; 3 means confidential,
; 4 means secret, and
; 5 means top secret
DALLY Expires 28 November 1999 [Page 61]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
6.13 Capability Attribute Syntax from X.402 [17]
( 2.16.840.1.101.2.2.2.13 DESC 'Capability' )
Values in this syntax are encoded according to the following BNF:
capability = [ "content-types="
[numericoid *( ", " numericoid) ] ]
[ "maximum-content-length=" numericstring ]
; an INTEGER in the range 0 - 2147483647
[ "encoded-information-types-constraints="
[ "unaccept eits" unacceptable-eits ]
[ "accept eits" acceptable-eits ]
[ "only eits"
exclusively-acceptable-eits ] ]
[ "security-labels=" securitycontext ]
unacceptable-eits = extendedencodedeits
acceptable-eits = extendedencodedeits
exclusively-acceptable-eits = extendedencodedeits
extendedencodedeits = numericoid *1023( ", "numericoid )
securitycontext = securitylabel *255securitylabel
securitylabel = [ "security-policy-id=" numericoid ]
[ "security-classification=" numericstring ]
; an INTEGER in the range 0 - 256, where
; 0 means Unmarked,
; 1 means Unclassified,
; 2 means Restricted,
; 3 means Confidential,
; 4 means Secret, and
; 5 means Top Secret
[ "privacy-mark=" 1*128p ]
[ "security-categories=" securitycategories ]
securitycategories = ; the BER encoding of the set of type
; and value pairs for the instances of any
; data types that are specified to be
; SECURITY-CATEGORY types
6.14 DLPolicy Attribute Syntax from X.402 [17]
( 2.16.840.1.101.2.2.2.14 DESC 'DLPolicy' )
Values in this syntax are encoded according to the following BNF:
dlpolicy = [ "report-propagation=" [ "-" ] numericstring ]
DALLY Expires 28 November 1999 [Page 62]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
; where 0 means previous-dl-or-originator,
; 1 means dl-owner, and
; 2 means both
[ "report-from-dl=" [ "-" ] numericstring ]
; where 0 means whenever-requested and
; 1 means when-no-propagation
[ "originating-MTA-report=" [ "-" ] numericstring ]
; where 0 means unchanged,
; 2 means report,
; 3 means non-delivery-report, and
; 4 means audited-report
[ "originator-report=" [ "-" ] numericstring ]
; where 0 means unchanged,
; 1 means no-report,
; 2 means report, and
; 3 means non-delivery-report
[ "return-of-content=" numericstring ]
; an INTEGER in the range 0 - 2, where
; 0 means unchanged,
; 1 means content-return-not-requested,
; and 2 means content-return-requested
[ "priority=" [ "-" ] numericstring ] ; where
; 0 means unchanged,
; 1 means normal,
; 2 means non-urgent, and
; 3 means urgent
[ "disclosure-of-other-recipients=" numericstring ]
; an INTEGER in the range 0 - 2, where
; 0 means unchanged,
; 1 means disclosure-of-other-recipients-prohibited,
; and 2 means disclosure-of-other-recipients-allowed
[ "implicit-conversion-prohibited=" numericstring ]
; an INTEGER in the range 0 - 2, where
; 0 means unchanged,
; 1 means implicit-conversion-allowed, and
; 2 means implicit-conversion-prohibited
[ "conversion-with-loss-prohibited=" numericstring ]
; an INTEGER in the range 0 - 2, where
; 0 means unchanged,
; 1 means conversion-with-loss-allowed, and
; 2 means conversion-with-loss-prohibited
[ "further-dl-expansion-allowed=" ( "TRUE" /
"FALSE") ]
[ "originator-requested-alternate-recipient-removed="
( "TRUE" / "FALSE" ) ]
[ "proof-of-delivery=" [ "-" ] numericstring ]
; where 0 means dl-expansion-point,
; 1 means dl-members,
; 2 means both, and
; 3 means neither
DALLY Expires 28 November 1999 [Page 63]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
[ "requested-delivery-method=" ( "unchanged" /
"removed" /
( "replaced: " requested-delivery-method ) ) ]
requested-delivery-method = [ delivery-methods
*( ", " delivery-methods ) ]
delivery-methods = numericstring ; an INTEGER in the range
; 0 - 256, where
; 0 means any-delivery-method, 1 means
; mhs-delivery, 2 means physical-delivery,
; 3 means telex-delivery,
; 4 means teletex-delivery,
; 5 means g3-facsimile-delivery,
; 6 means g4-facsimile-delivery,
; 7 means ia5-terminal-delivery,
; 8 means videotex-delivery, and
; 9 means telephone-delivery
6.15 DLSubmitPermission Attribute Syntax from X.402 [17]
( 2.16.840.1.101.2.2.2.15 DESC 'DLSubmitPermission' )
Values in this syntax are encoded according to the following BNF:
dlsubmitpermission = ( "individual=" orname ) /
("member-of-dl=" orname ) /
("pattern-match=" orname ) /
( "member-of-group=" name )
orname = ; O/R Name syntax 2.16.840.1.101.2.2.2.?
name = ; DN syntax 1.3.6.1.4.1.1466.115.121.1.12
6.16 AddressCapabilities Attribute Syntax from X.402 [17]
( 2.16.840.1.101.2.2.2.16 DESC 'AddressCapabilities' )
Values in this syntax are encoded according to the following BNF:
addresscapabilities = [ "description=" generalstring ]
"address=" oraddress
"capabilities=" [ capability *( "$"capability ) ]
generalstring = ; The encoding of a value in this element
; of the syntax is the string value itself.
oraddress = ; MHS OR Address syntax
; 1.3.6.1.4.1.1466.115.121.1.33
capability = ; capability syntax 2.16.840.1.101.2.2.2.13
DALLY Expires 28 November 1999 [Page 64]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
7. EXAMPLE CONTENT RULES
The content rules given in ACP 133 [1] are examples, not
requirements. The rules included in this document are examples
to aid in the specification of similar content rules, especially
those derived from these examples.
7.1 aCPApplicationEntityRuleEdA Content Rule
( 2.5.6.12 NAME 'aCPApplicationEntityRuleEdA'
; applicationEntity object class
AUX ( 2.5.6.22 $ ; pkiCA
2.16.840.1.101.2.2.3.66 ) ; securePkiUser
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.5.4.46 $ ; dnQualifier
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.2 aCPCRLDistributionPointRule Content Rule
( 2.5.6.19 NAME 'aCPCRLDistributionPointRule'
; cRLDistributionPoint object class
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.3 aCPDeviceRuleEdA Content Rule
( 2.5.6.14 NAME 'aCPDeviceRuleEdA' ; device object class
AUX 2.16.840.1.101.2.2.3.66 ; securePkiUser
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.4 aCPDSARuleEdA Content Rule
( 2.5.6.13 NAME 'aCPDSARuleEdA' ; dSA object class
AUX 2.16.840.1.101.2.2.3.66 ; securePkiUser
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.5 aCPGroupOfNamesRule Content Rule
( 2.5.6.9 NAME 'aCPGroupOfNamesRule'
; groupOfNames object class
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
DALLY Expires 28 November 1999 [Page 65]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
7.6 aCPLocalityRule Content Rule
( 2.5.6.3 NAME 'aCPLocalityRule'
; locality object class
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.7 aCPMhs-distribution-listRule Content Rule
( 2.6.5.1.0 NAME 'aCPMhs-distribution-listRule'
; mhs-distribution-list object class
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.8 aCPMhs-message-storeRuleEdA Content Rule
( 2.6.5.1.1 NAME 'aCPMhs-message-storeRuleEdA'
; mhs-message-store object class
AUX 2.16.840.1.101.2.2.3.66 ; securePkiUser
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.9 aCPMhs-message-transfer-agentRuleEdA Content Rule
( 2.6.5.1.2 NAME 'aCPMhs-message-transfer-agentRuleEdA'
; mhs-message-transfer-agent object class
AUX 2.16.840.1.101.2.2.3.66 ; securePkiUser
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.10 aCPMhs-user-agentRule Content Rule
( 2.6.5.1.4 NAME 'aCPMhs-user-agentRule'
; mhs-user-agent object class
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.11 aCPOrganizationalPersonRuleEdA Content Rule
( 2.5.6.7 NAME 'aCPOrganizationalPersonRuleEdA'
; organizationalPerson object class
AUX ( 2.16.840.1.101.2.2.3.54 $ ; distributionCodesHandled
2.6.5.1.3 $ ; mhs-user
2.16.840.1.101.2.2.3.62 $ ; otherContactInformation
2.16.840.1.101.2.2.3.66 $ ; securePkiUser
2.16.840.1.101.2.1.4.16 ) ; ukms
DALLY Expires 28 November 1999 [Page 66]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.3 $ ; alternateRecipient
2.5.4.15 $ ; businessCategory
2.5.4.46 $ ; dnQualifier
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 $ ; expirationDate
2.16.840.1.101.2.2.1.117 $ ; guard
2.16.840.1.101.2.2.1.61 $ ; listPointer
2.16.840.1.101.2.2.1.68 $ ; nationality
2.16.840.1.101.2.2.1.125 $ ; positionNumber
2.16.840.1.101.2.2.1.133 $ ; rank
0.9.2342.19200300.100.1.3 $ ; rfc822Mailbox
2.16.840.1.101.2.2.1.129 ) ) ; serviceNumber
7.12 aCPOrganizationalRoleRuleEdA Content Rule
( 2.5.6.8 NAME 'aCPOrganizationalRoleRuleEdA'
; organizationalRole object class
AUX ( 2.5.6.22 $ ; pkiCA
2.16.840.1.101.2.2.3.54 $ ; distributionCodesHandled
2.6.5.1.3 $ ; mhs-user
2.16.840.1.101.2.2.3.62 $ ; otherContactInformation
2.16.840.1.101.2.2.3.66 $ ; securePkiUser
2.16.840.1.101.2.1.4.16 ) ; ukms
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.3 $ ; alternateRecipient
2.5.4.15 $ ; businessCategory
2.5.4.46 $ ; dnQualifier
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 $ ; expirationDate
2.16.840.1.101.2.2.1.117 $ ; guard
2.16.840.1.101.2.2.1.61 $ ; listPointer
2.16.840.1.101.2.2.1.68 $ ; nationality
0.9.2342.19200300.100.1.3 ) ) ; rfc822Mailbox
7.13 aCPOrganizationalUnitRuleEdA Content Rule
( 2.5.6.5 NAME 'aCPOrganizationalUnitRuleEdA'
; organizationalUnit object class
AUX ( 2.5.6.22 $ ; pkiCA
2.16.840.1.101.2.2.3.54 $ ; distributionCodesHandled
2.6.5.1.3 $ ; mhs-user
2.16.840.1.101.2.2.3.62 $ ; otherContactInformation
2.16.840.1.101.2.2.3.56 $ ; plaUser
2.16.840.1.101.2.2.3.66 $ ; securePkiUser
2.16.840.1.101.2.1.4.16 ) ; ukms
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.3 $ ; alternateRecipient
2.16.840.1.101.2.2.1.6 $ ; associatedPLA
2.5.4.46 $ ; dnQualifier
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
DALLY Expires 28 November 1999 [Page 67]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
2.16.840.1.101.2.2.1.57 $ ; expirationDate
2.16.840.1.101.2.2.1.117 $ ; guard
2.16.840.1.101.2.2.1.61 $ ; listPointer
2.16.840.1.101.2.2.1.68 $ ; nationality
0.9.2342.19200300.100.1.3 ) ) ; rfc822Mailbox
7.14 aCPOrganizationRuleEdA Content Rule
( 2.5.6.4 NAME 'aCPOrganizationRuleEdA'
; organization object class
AUX ( 2.5.6.22 $ ; pkiCA
2.16.840.1.101.2.2.3.62 ) ; otherContactInformation
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.5.4.46 $ ; dnQualifier
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.15 addressListRuleEdA Content Rule
( 2.16.840.1.101.2.2.3.57 NAME 'addressListRuleEdA'
; addressList object class
AUX ( 2.16.840.1.101.2.2.3.54 $ ; distributionCodesHandled
2.6.5.1.3 $ ; mhs-user
2.16.840.1.101.2.2.3.56 $ ; plaUser
2.16.840.1.101.2.2.3.66 $ ; securePkiUser
2.16.840.1.101.2.1.4.16 ) ; ukms
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.3 $ ; alternateRecipient
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 $ ; expirationDate
2.16.840.1.101.2.2.1.117 $ ; guard
2.16.840.1.101.2.2.1.61 $ ; listPointer
0.9.2342.19200300.100.1.3 ) ) ; rfc822Mailbox
7.16 aliasCommonNameRule Content Rule
( 2.16.840.1.101.2.2.3.52 NAME 'aliasCommonNameRule'
; aliasCommonName object class
MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.17 aliasOrganizationalUnitRule Content Rule
( 2.16.840.1.101.2.2.3.53 NAME 'aliasOrganizationalUnitRule'
; aliasOrganizationalUnit object class
MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
DALLY Expires 28 November 1999 [Page 68]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
7.18 distributionCodeDescriptionRule Content Rule
( 2.16.840.1.101.2.2.3.55 NAME 'distributionCodeDescriptionRule'
; distributionCodeDescription object class
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.19 messagingGatewayRuleEdA Content Rule
( 2.16.840.1.101.2.2.3.59 NAME 'messagingGatewayRuleEdA'
; messagingGateway object class
AUX ( 2.16.840.1.101.2.2.3.66 $ ; securePkiUser
2.16.840.1.101.2.1.4.16 ) ; ukms
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 $ ; expirationDate
2.16.840.1.101.2.2.1.117 $ ; guard
0.9.2342.19200300.100.1.3 ) ) ; rfc822Mailbox
7.20 mLAgentRule Content Rule
( 2.16.840.1.101.2.2.3.64 NAME 'mLAgentRule'
; mLAgent object class
MAY ( 2.16.840.1.101.2.2.1.49 $ ; aliasPointer
2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.21 networkRule Content Rule
( 2.16.840.1.101.2.2.3.60 NAME 'networkRule'
; network object class
MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.22 networkInstructionsRule Content Rule
( 2.16.840.1.101.2.2.3.61 NAME 'networkInstructionsRule'
; networkInstructions object class
MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
7.23 rAPersonRuleEdA Content Rule
( 2.16.840.1.101.2.2.3.65 NAME 'rAPersonRuleEdA'
; releaseAuthorityPersonA object class
MAY ( 2.16.840.1.101.2.2.1.55 $ ; effectiveDate
2.16.840.1.101.2.2.1.57 ) ) ; expirationDate
DALLY Expires 28 November 1999 [Page 69]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
7.24 sigintPLARule Content Rule
( 2.16.840.1.101.2.2.3.38 NAME 'sigintPLARule'
; sigintPLA object class
MAY 2.16.840.1.101.2.2.1.4 ) ; associatedOrganization
7.25 spotPLARule Content Rule
( 2.16.840.1.101.2.2.3.40 NAME 'spotPLARule'
; spotPLA object class
MAY 2.16.840.1.101.2.2.1.113 ) ; associatedAL
8. STRUCTURE RULES
There are no structure rules defined in ACP 133 [1]
9. SECURITY CONSIDERATIONS
Attributes of directory entries are used to provide descriptive
information about the real-world objects they represent, which can
be people, organizations or devices. Most countries have privacy
laws regarding the publication of information about people.
Some of the object classes and attributes in this document support
the use of a directory as part of a PKI. This schema also holds
information so that components of a variety of network
applications, including the directory service, can be strongly
authenticated to one another and with users.
10. COPYRIGHT
Copyright (C) The Internet Society (1996-1999). All Rights
Reserved.
This document and translations of it may be copied and furnished
to others, and derivative works that comment on or otherwise
explain it or assist in its implementation may be prepared,
copied, published and distributed, in whole or in part, without
restriction of any kind, provided that the above copyright notice
and this paragraph are included on all such copies and derivative
works. However, this document itself may not be modified in any
way, such as by removing the copyright notice or references to the
Internet Society or other Internet organizations, except as needed
for the purpose of developing Internet standards in which case the
procedures for copyrights defined in the Internet Standards
process must be followed, or as required to translate it into
languages other than English.
DALLY Expires 28 November 1999 [Page 70]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
The limited permissions granted above are perpetual and will not
be revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on
an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
11. REFERENCES
[1] Common Directory Services and Procedures, ACP 133 Edition A,
June 1999
[2] Wahl, M., Coulbeck, A., Howes, T., and S. Kille, "Lightweight
X.500 Directory Access Protocol (v3): Attribute Syntax
Definitions", RFC 2252, December 1997
[3] Wahl, M., "A Summary of the X.500(96) User Schema for use
with LDAPv3", RFC 2256, December 1997
[4] ACP 127, "Communications Instructions - Tape Relay Procedures"
[5] JANAP 128(I), Joint Chiefs of Staff, March 1983, Automatic
Digital Network (AUTODIN) Operating Procedures
[6] ACP 123, "Common Messaging Strategy and Procedures",
November, 1994
[7] NATO APP-3, "NATO Subject Indicator System (NASIS) -
publication 3", Oct. 1982
[8] ITU-T Recommendation X.521 (1993 & 1997) | ISO/IEC 9594-7:
1995 & 1997, "Information technology - Open Systems
Interconnection - The Directory: Selected object classes"
[9] RFC ????, "Internet X.509 Public Key Infrastructure
LDAPv2 Schema", 1999
[10] ITU-T Recommendation X.520 (1993 & 1997) | ISO/IEC 9594-6:
1995 & 1997, "Information technology - Open Systems
Interconnection - The Directory: Selected attribute types"
[11] ACP 120, "Common Security Protocol (CSP)", final draft
[12] STANAG 4406, "NATO Reference Model for Open Systems
Interconnection -Military Message Handling Systems"
DALLY Expires 28 November 1999 [Page 71]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
[13] Barker, P. and Kille, S., "The COSINE and Internet X.500
Schema", RFC 1274, November 1991
[14] ISO 3166-1: 1997, "Codes for the representation of names of
countries and their subdivsions - part 1: Country codes"
[15] ACP 117, "Allied Routing Indicator Book"
[16] RFC 822, "STANDARD FOR THE FORMAT OF ARPA INTERNET TEXT
MESSAGES", August 13, 1982
[17] ITU-T Recommendation X.402 (1995)/ISO/IEC 10021-2: 1996,
"Information Technology - Message Handling Systems (MHS) -
Overall Architecture"
[18] ITU-T Recommendation X.411 (1995)/ISO/IEC 10021-4: 1996,
"Information Technology - Message Handling Systems (MHS) -
Message Transfer System: Abstract Service Definition
and Procedure"
[19] Smith, Mark, "Definition of the inetOrgPerson LDAP Object
Class", draft-smith-ldap-inetorgperson-03.txt, April 1999
DALLY Expires 28 November 1999 [Page 72]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
12. ABBREVIATIONS
ACP Allied Communications Publication
AE Application Entity
AIG Address Indicator Group
AL Address List
ALID AL Identifier
ASN.1 Abstract Syntax Notation One
AUTODIN Automatic Digital Network
BER Basic Encoding Rules
BNF Backus-Naur Form
C Country
CA Certification Authority
CAD Collective Address Designator
CCEB Combined Communications Electronics Board
CCITT The International Telegraph and Telephone
Consultative Committee
CMI Certificate Management Infrastructure
CN Common Name
CRL Certificate Revocation List
DAP Directory Access Protocol
DFTS Defence Fixed Telecommunications Service
DIB Directory Information Base
DL Distribution List
DN Distinguished Name
DODAAC Department of Defense Activity Accounting Code
DSA Directory System Agent
DSN Defense Switched Network (DSN)
EIT Encoded Information Type
FAX Facsimile
GENSER General Service
GHP Gateway Handling Policy
GON Group of Names
IA5 International Alphabet Number 5
IEC International Electrotechnical Commission
IETF Internet Engineering Task Force
ISDN Integrated Services Digital Network
ISO International Organization for Standardization
ITU-T International Telecommunication Union-
Telecommunication Standardization Sector
JANAP Joint Army, Navy, Air Force Procedure
L Locality
LDAP Lightweight Directory Access Protocol
LMF Language and Media Format
LOC Locality
MCS Message Conversion System
MHS Message Handling System
ML Mail List
MLA Mail List Agent
MMHS Military Message Handling System
MS Message Store
DALLY Expires 28 November 1999 [Page 73]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
MTA Message Transfer Agent
MTS Message Transfer System
MUA Messaging User Agent
NASIS NATO Subject Indicator System
NAVCOMPARS Naval Communications Processing and Routing System
O Organization
ON Other Notification
O/R, OR Originator/Recipient
ORG Organizational
OU Organizational Unit
PKI Public Key Infrastructure
PLA Plain Language Address
PSTN Public Switched Telephone Network
R Role
RA Release Authority
RAN Release Authority Name
RDN Relative Distinguished Name
RFC Request for Comments
RI Routing Indicator
SHD Special Handling Designator
SI Special Intelligence
SIC Subject Indicator Code
SIGAD SIGINT Address
SIGINT Signal Intelligence
SMTP Simple Mail Transfer Protocol
SOP State or Province
ST State or Province Name
STU Secure Telephone Unit
TARE Telegraph Automatic Relay Equipment
TCC Transmission Control Code
TRC Transmission Release Code
U Unit
UA User Agent
UKM User Key Material
13. ACKNOWLEDGEMENTS
This document was prepared with the help and advice of
two organizations:
CCEB ACP 133 Task Force
IETF LDAP Extensions Working Group
Thanks to thanks to the members of these groups for their
assistance, criticism, corrections, and feedback.
DALLY Expires 28 November 1999 [Page 74]
INTERNET-DRAFT ACP 133 Common Content and LDAP 28 May 1999
14. AUTHOR'S ADDRESS
Kathy Dally
The MITRE Corp.
1820 Dolley Madison Blvd.
McLean, VA 22102
USA
e-mail: kdally@mitre.org
telephone: +1 703 883 6058
fax: +1 703 883 7142
DALLY Expires 28 November 1999 [Page 75]