Lightweight Directory Access Protocol (LDAP): Additional Matching Rules
RFC 3698
Document Type RFC - Proposed Standard (February 2004; No errata)
Updated by RFC 4517
Updates RFC 2798
Was draft-zeilenga-ldap-user-schema-mr (individual in gen area)
Last updated 2018-07-18
Stream IETF
Formats plain text html pdf htmlized bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 3698 (Proposed Standard)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Ted Hardie
IESG note 2004-02-26: published as RFC 3698
Send notices to (None)
Email authors IPR References Referenced by Nits 
Network Working Group                                   K. Zeilenga, Ed.
Request for Comments: 3698                           OpenLDAP Foundation
Updates: 2798                                              February 2004
Category: Standards Track

             Lightweight Directory Access Protocol (LDAP):
                       Additional Matching Rules

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).  All Rights Reserved.

Abstract

   This document provides a collection of matching rules for use with
   the Lightweight Directory Access Protocol (LDAP).  As these matching
   rules are simple adaptations of matching rules specified for use with
   the X.500 Directory, most are already in wide use.

Table of Contents

   1.  Background and Intended Use. . . . . . . . . . . . . . . . . .  2
   2.  Matching Rules . . . . . . . . . . . . . . . . . . . . . . . .  2
       2.1.  booleanMatch . . . . . . . . . . . . . . . . . . . . . .  2
       2.2.  caseExactMatch . . . . . . . . . . . . . . . . . . . . .  2
       2.3.  caseExactOrderingMatch . . . . . . . . . . . . . . . . .  3
       2.4.  caseExactSubstringsMatch . . . . . . . . . . . . . . . .  3
       2.5.  caseIgnoreListSubstringsMatch. . . . . . . . . . . . . .  3
       2.6.  directoryStringFirstComponentMatch . . . . . . . . . . .  4
       2.7.  integerOrderingMatch . . . . . . . . . . . . . . . . . .  4
       2.8.  keywordMatch . . . . . . . . . . . . . . . . . . . . . .  4
       2.9.  numericStringOrderingMatch . . . . . . . . . . . . . . .  5
       2.10. octetStringOrderingMatch . . . . . . . . . . . . . . . .  5
       2.11. storedPrefixMatch. . . . . . . . . . . . . . . . . . . .  5
       2.12. wordMatch. . . . . . . . . . . . . . . . . . . . . . . .  6
   3.  Security Considerations. . . . . . . . . . . . . . . . . . . .  6
   4.  IANA Considerations. . . . . . . . . . . . . . . . . . . . . .  6
   5.  Acknowledgments. . . . . . . . . . . . . . . . . . . . . . . .  7
   6.  References . . . . . . . . . . . . . . . . . . . . . . . . . .  7

Zeilenga                    Standards Track                     [Page 1]
RFC 3698            LDAP: Additional Matching Rules        February 2004

       6.1.  Normative References . . . . . . . . . . . . . . . . . .  7
       6.2.  Informative References . . . . . . . . . . . . . . . . .  7
   7.  Author's Address . . . . . . . . . . . . . . . . . . . . . . .  8
   8.  Full Copyright Statement . . . . . . . . . . . . . . . . . . .  9

1.  Background and Intended Use

   This document adapts additional X.500 Directory [X.500] matching
   rules [X.520] for use with the Lightweight Directory Access Protocol
   (LDAP) [RFC3377].  Most of these rules are widely used today on the
   Internet, such as in support of the inetOrgPerson [RFC2798] and
   Policy Core Information Model [RFC3703] LDAP schemas.  The rules are
   applicable to many other applications.

   This document supersedes the informational matching rules
   descriptions provided in RFC 2798 that are now provided in this
   document.  Specifically, section 2 of this document replaces section
   9.3.3 of RFC 2798.

   Schema definitions are provided using LDAP description formats
   [RFC2252].  Definitions provided here are formatted (line wrapped)
   for readability.

2.  Matching Rules

2.1.  booleanMatch

   The booleanMatch rule compares for equality a asserted Boolean value
   with an attribute value of BOOLEAN syntax.  The rule returns TRUE if
   and only if the values are the same, i.e., both are TRUE or both are
   FALSE.  (Source: X.520)

       ( 2.5.13.13 NAME 'booleanMatch'
         SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )

   The BOOLEAN (1.3.6.1.4.1.1466.115.121.1.7) syntax is described in
   [RFC2252].

2.2.  caseExactMatch

   The caseExactMatch rule compares for equality the asserted value with
   an attribute value of DirectoryString syntax.  The rule is identical
   to the caseIgnoreMatch [RFC2252] rule except that case is not
   ignored.  (Source: X.520)

Zeilenga                    Standards Track                     [Page 2]
RFC 3698            LDAP: Additional Matching Rules        February 2004

       ( 2.5.13.5 NAME 'caseExactMatch'
         SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

   The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax is
   described in [RFC2252].

2.3.  caseExactOrderingMatch

   The caseExactOrderingMatch rule compares the collation order of the
   asserted string with an attribute value of DirectoryString syntax.
   The rule is identical to the caseIgnoreOrderingMatch [RFC2252] rule
   except that letters are not folded.  (Source: X.520)
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools