Lightweight Directory Access Protocol (LDAP) Read Entry Controls
RFC 4527

 
Document Type RFC - Proposed Standard (June 2006; No errata)
Was draft-zeilenga-ldap-readentry (individual in app area)
Last updated 2013-03-02
Stream IETF
Formats plain text pdf html
Stream WG state (None)
Consensus Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 4527 (Proposed Standard)
Telechat date
Responsible AD Ted Hardie
Send notices to kurt@openLDAP.org

Email authors IPR References Referenced by Nits Search lists

Network Working Group                                        K. Zeilenga
Request for Comments: 4527                           OpenLDAP Foundation
Category: Standards Track                                      June 2006

              Lightweight Directory Access Protocol (LDAP)
                          Read Entry Controls

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   This document specifies an extension to the Lightweight Directory
   Access Protocol (LDAP) to allow the client to read the target entry
   of an update operation.  The client may request to read the entry
   before and/or after the modifications are applied.  These reads are
   done as an atomic part of the update operation.

Table of Contents

   1. Background and Intent of Use ....................................2
   2. Terminology .....................................................2
   3. Read Entry Controls .............................................3
      3.1. The Pre-Read Controls ......................................3
      3.2. The Post-Read Controls .....................................3
   4. Interaction with Other Controls .................................4
   5. Security Considerations .........................................4
   6. IANA Considerations .............................................5
      6.1. Object Identifier ..........................................5
      6.2. LDAP Protocol Mechanisms ...................................5
   7. Acknowledgement .................................................5
   8. References ......................................................6
      8.1. Normative References .......................................6
      8.2. Informative References .....................................7

Zeilenga                    Standards Track                     [Page 1]
RFC 4527                LDAP Read Entry Controls               June 2006

1.  Background and Intent of Use

   This document specifies an extension to the Lightweight Directory
   Access Protocol (LDAP) [RFC4510] to allow the client to read the
   target entry of an update operation (e.g., Add, Delete, Modify,
   ModifyDN).  The extension utilizes controls [RFC4511] attached to
   update requests to request and return copies of the target entry.
   One request control, called the Pre-Read request control, indicates
   that a copy of the entry before application of update is to be
   returned.  Another control, called the Post-Read request control,
   indicates that a copy of the entry after application of the update is
   to be returned.  Each request control has a corresponding response
   control used to return the entry.

   To ensure proper isolation, the controls are processed as an atomic
   part of the update operation.

   The functionality offered by these controls is based upon similar
   functionality in the X.500 Directory Access Protocol (DAP) [X.511].

   The Pre-Read controls may be used to obtain replaced or deleted
   values of modified attributes or a copy of the entry being deleted.

   The Post-Read controls may be used to obtain values of operational
   attributes, such as the 'entryUUID' [RFC4530] and 'modifyTimestamp'
   [RFC4512] attributes, updated by the server as part of the update
   operation.

2. Terminology

   Protocol elements are described using ASN.1 [X.680] with implicit
   tags.  The term "BER-encoded" means the element is to be encoded
   using the Basic Encoding Rules [X.690] under the restrictions
   detailed in Section 5.1 of [RFC4511].

   DN stands for Distinguished Name.
   DSA stands for Directory System Agent (i.e., a directory server).
   DSE stands for DSA-specific Entry.

   In this document, the key words "MUST", "MUST NOT", "REQUIRED",
   "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
   and "OPTIONAL" are to be interpreted as described in BCP 14
   [RFC2119].

Zeilenga                    Standards Track                     [Page 2]
RFC 4527                LDAP Read Entry Controls               June 2006

3.  Read Entry Controls

3.1.  The Pre-Read Controls

   The Pre-Read request and response controls are identified by the
Show full document text