From c842f854e85c38016e1be8bae495e07c3337a7ac Mon Sep 17 00:00:00 2001 From: Dimitri Sokolyuk Date: Thu, 22 Oct 2015 17:05:25 +0200 Subject: Normalize names --- acse/2.2.0.0.1.asn1 | 255 ------- acse/2.5.1.0.3.asn1 | 240 ------ acse/2.5.1.1.3.asn1 | 876 --------------------- acse/2.5.1.10.3.asn1 | 90 --- acse/2.5.1.2.3.asn1 | 718 ------------------ acse/2.5.1.5.3.asn1 | 1467 ------------------------------------ acse/ACSE-1.asn1 | 255 +++++++ acse/DirectoryAbstractService.asn1 | 718 ++++++++++++++++++ acse/InformationFramework.asn1 | 876 +++++++++++++++++++++ acse/SelectedAttributeTypes.asn1 | 1467 ++++++++++++++++++++++++++++++++++++ acse/UpperBounds.asn1 | 90 +++ acse/UsefulDefinitions.asn1 | 240 ++++++ 12 files changed, 3646 insertions(+), 3646 deletions(-) delete mode 100644 acse/2.2.0.0.1.asn1 delete mode 100644 acse/2.5.1.0.3.asn1 delete mode 100644 acse/2.5.1.1.3.asn1 delete mode 100644 acse/2.5.1.10.3.asn1 delete mode 100644 acse/2.5.1.2.3.asn1 delete mode 100644 acse/2.5.1.5.3.asn1 create mode 100644 acse/ACSE-1.asn1 create mode 100644 acse/DirectoryAbstractService.asn1 create mode 100644 acse/InformationFramework.asn1 create mode 100644 acse/SelectedAttributeTypes.asn1 create mode 100644 acse/UpperBounds.asn1 create mode 100644 acse/UsefulDefinitions.asn1 (limited to 'acse') diff --git a/acse/2.2.0.0.1.asn1 b/acse/2.2.0.0.1.asn1 deleted file mode 100644 index 6768034..0000000 --- a/acse/2.2.0.0.1.asn1 +++ /dev/null @@ -1,255 +0,0 @@ --- Module ACSE-1 (X.227:04/1995) --- See also ITU-T X.227 (04/1995) --- See also the index of all ASN.1 assignments needed in this document - -ACSE-1 {joint-iso-itu-t association-control(2) modules(0) apdus(0) version1(1)} --- ACSE-1 refers to ACSE version 1 -DEFINITIONS ::= -BEGIN - -EXPORTS - acse-as-id, ACSE-apdu, aCSE-id, Application-context-name, AP-title, - AE-qualifier, AE-title, AP-invocation-identifier, AE-invocation-identifier, - Mechanism-name, Authentication-value, ACSE-requirements, ObjectSet; - -IMPORTS - Name, RelativeDistinguishedName - FROM InformationFramework {joint-iso-itu-t ds(5) module(1) - informationFramework(1) 3}; - --- The data types Name and RelativeDistinguishedName are imported from ISO/IEC 9594-2. --- object identifier assignments -acse-as-id OBJECT IDENTIFIER ::= - {joint-iso-itu-t association-control(2) abstract-syntax(1) apdus(0) - version1(1)} - --- may be used to reference the abstract syntax of the ACSE APDUs -aCSE-id OBJECT IDENTIFIER ::= - {joint-iso-itu-t association-control(2) ase-id(3) acse-ase(1) version(1)} - --- may be used to identify the Association Control ASE. --- top level CHOICE -ACSE-apdu ::= CHOICE { - aarq AARQ-apdu, - aare AARE-apdu, - rlrq RLRQ-apdu, - rlre RLRE-apdu, - abrt ABRT-apdu, - ... -} - -AARQ-apdu ::= [APPLICATION 0] IMPLICIT SEQUENCE { - protocol-version - [0] IMPLICIT BIT STRING {version1(0)} DEFAULT {version1}, - application-context-name [1] Application-context-name, - called-AP-title [2] AP-title OPTIONAL, - called-AE-qualifier [3] AE-qualifier OPTIONAL, - called-AP-invocation-identifier [4] AP-invocation-identifier OPTIONAL, - called-AE-invocation-identifier [5] AE-invocation-identifier OPTIONAL, - calling-AP-title [6] AP-title OPTIONAL, - calling-AE-qualifier [7] AE-qualifier OPTIONAL, - calling-AP-invocation-identifier [8] AP-invocation-identifier OPTIONAL, - calling-AE-invocation-identifier [9] AE-invocation-identifier OPTIONAL, - -- The following field shall not be present if only the Kernel is used. - sender-acse-requirements [10] IMPLICIT ACSE-requirements OPTIONAL, - -- The following field shall only be present if the Authentication functional unit is selected. - mechanism-name [11] IMPLICIT Mechanism-name OPTIONAL, - -- The following field shall only be present if the Authentication functional unit is selected. - calling-authentication-value [12] EXPLICIT Authentication-value OPTIONAL, - application-context-name-list - [13] IMPLICIT Application-context-name-list OPTIONAL, - -- The above field shall only be present if the Application Context Negotiation functional unit is selected - implementation-information [29] IMPLICIT Implementation-data OPTIONAL, - ..., - ..., - user-information - [30] IMPLICIT Association-information OPTIONAL -} - -AARE-apdu ::= [APPLICATION 1] IMPLICIT SEQUENCE { - protocol-version - [0] IMPLICIT BIT STRING {version1(0)} DEFAULT {version1}, - application-context-name [1] Application-context-name, - result [2] Associate-result, - result-source-diagnostic [3] Associate-source-diagnostic, - responding-AP-title [4] AP-title OPTIONAL, - responding-AE-qualifier [5] AE-qualifier OPTIONAL, - responding-AP-invocation-identifier [6] AP-invocation-identifier OPTIONAL, - responding-AE-invocation-identifier [7] AE-invocation-identifier OPTIONAL, - -- The following field shall not be present if only the Kernel is used. - responder-acse-requirements [8] IMPLICIT ACSE-requirements OPTIONAL, - -- The following field shall only be present if the Authentication functional unit is selected. - mechanism-name [9] IMPLICIT Mechanism-name OPTIONAL, - -- This following field shall only be present if the Authentication functional unit is selected. - responding-authentication-value - [10] EXPLICIT Authentication-value OPTIONAL, - application-context-name-list - [11] IMPLICIT Application-context-name-list OPTIONAL, - -- The above field shall only be present if the Application Context Negotiation functional unit is selected - implementation-information - [29] IMPLICIT Implementation-data OPTIONAL, - ..., - ..., - user-information - [30] IMPLICIT Association-information OPTIONAL -} - -RLRQ-apdu ::= [APPLICATION 2] IMPLICIT SEQUENCE { - reason [0] IMPLICIT Release-request-reason OPTIONAL, - ..., - ..., - user-information [30] IMPLICIT Association-information OPTIONAL -} - -RLRE-apdu ::= [APPLICATION 3] IMPLICIT SEQUENCE { - reason [0] IMPLICIT Release-response-reason OPTIONAL, - ..., - ..., - user-information [30] IMPLICIT Association-information OPTIONAL -} - -ABRT-apdu ::= [APPLICATION 4] IMPLICIT SEQUENCE { - abort-source [0] IMPLICIT ABRT-source, - abort-diagnostic [1] IMPLICIT ABRT-diagnostic OPTIONAL, - -- This field shall not be present if only the Kernel is used. - ..., - ..., - user-information [30] IMPLICIT Association-information OPTIONAL -} - -ABRT-diagnostic ::= ENUMERATED { - no-reason-given(1), protocol-error(2), - authentication-mechanism-name-not-recognized(3), - authentication-mechanism-name-required(4), authentication-failure(5), - authentication-required(6), ... - } - -ABRT-source ::= INTEGER {acse-service-user(0), acse-service-provider(1) -}(0..1, ...) - -ACSE-requirements ::= BIT STRING { - authentication(0), application-context-negotiation(1)} - -Application-context-name-list ::= SEQUENCE OF Application-context-name - -Application-context-name ::= OBJECT IDENTIFIER - --- Application-entity title productions follow (not in alphabetical order) -AP-title ::= CHOICE { - ap-title-form1 AP-title-form1, - ap-title-form2 AP-title-form2, - ... -} - -AE-qualifier ::= CHOICE { - ae-qualifier-form1 AE-qualifier-form1, - ae-qualifier-form2 AE-qualifier-form2, - ... -} - --- When both AP-title and AE-qualifier data values are present in an AARQ or AARE APDU, both must --- have the same form to allow the construction of an AE-title as discussed in CCITT Rec. X.665 | --- ISO/IEC 9834-6. -AP-title-form1 ::= - Name - --- The value assigned to AP-title-form1 is The Directory Name of an application-process title. -AE-qualifier-form1 ::= - RelativeDistinguishedName - --- The value assigned to AE-qualifier-form1 is the relative distinguished name of a particular --- application-entity of the application-process identified by AP-title-form1. -AP-title-form2 ::= OBJECT IDENTIFIER - -AE-qualifier-form2 ::= INTEGER - -AE-title ::= CHOICE { - ae-title-form1 AE-title-form1, - ae-title-form2 AE-title-form2, - ... -} - --- As defined in CCITT Rec. X.650 | ISO 7498-3, an application-entity title is composed of an application- --- process title and an application-entity qualifier. The ACSE protocol provides for the transfer of an --- application-entity title value by the transfer of its component values. However, the following data type --- is provided for International Standards that reference a single syntactic structure for AE titles. -AE-title-form1 ::= - Name - --- For access to The Directory (ITU-T Rec. X.500-Series | ISO/IEC 9594), an AE title has AE-title-form1. --- This value can be constructed from AP-title-form1 and AE-qualifier-form1 values contained in an --- AARQ or AARE APDU. A discussion of forming an AE-title-form1 from AP-title-form1 and AE-qualifier- --- form1 may be found in CCITT Rec. X.665 | ISO/IEC 9834-6. -AE-title-form2 ::= OBJECT IDENTIFIER - --- A discussion of forming an AE-title-form2 from AP-title-form2 and AE-qualifier-form2 may be --- found in CCITT Rec. X.665 | ISO/IEC 9834-6. -AE-invocation-identifier ::= INTEGER - -AP-invocation-identifier ::= INTEGER - --- End of Application-entity title productions -Associate-result ::= INTEGER { - accepted(0), rejected-permanent(1), rejected-transient(2)}(0..2, ...) - -Associate-source-diagnostic ::= CHOICE { - acse-service-user - [1] INTEGER {null(0), no-reason-given(1), - application-context-name-not-supported(2), - calling-AP-title-not-recognized(3), - calling-AP-invocation-identifier-not-recognized(4), - calling-AE-qualifier-not-recognized(5), - calling-AE-invocation-identifier-not-recognized(6), - called-AP-title-not-recognized(7), - called-AP-invocation-identifier-not-recognized(8), - called-AE-qualifier-not-recognized(9), - called-AE-invocation-identifier-not-recognized(10), - authentication-mechanism-name-not-recognized(11), - authentication-mechanism-name-required(12), - authentication-failure(13), authentication-required(14)} - (0..14, ...), - acse-service-provider - [2] INTEGER {null(0), no-reason-given(1), no-common-acse-version(2)} - (0..2, ...) -} - -Association-information ::= SEQUENCE SIZE (1, ..., 0 | 2..MAX) OF EXTERNAL - -Authentication-value ::= CHOICE { - charstring [0] IMPLICIT GraphicString, - bitstring [1] IMPLICIT BIT STRING, - external [2] IMPLICIT EXTERNAL, - other - [3] IMPLICIT SEQUENCE {other-mechanism-name - MECHANISM-NAME.&id({ObjectSet}), - other-mechanism-value - MECHANISM-NAME.&Type - ({ObjectSet}{@.other-mechanism-name})} -} - --- The abstract syntax of (calling/responding) authentication-value is determined by the authentication --- mechanism used during association establishment. The authentication mechanism is either explicitly --- denoted by the &id field (of type OBJECT IDENTIFIER) for a mechanism belonging to the class --- MECHANISM-NAME, or it is known implicitly by --- prior agreement between the communicating partners. If the "other" component is chosen, then --- the "mechanism-name" component must be present in accordance with --- ITU-T Rec. X.680 | ISO/IEC 8824. If the value "mechanism-name" occurs in the AARQ-apdu or the --- AARE-apdu, then that value must be the same as the value for "other-mechanism-name" -Implementation-data ::= GraphicString - -Mechanism-name ::= OBJECT IDENTIFIER - -MECHANISM-NAME ::= TYPE-IDENTIFIER - -ObjectSet MECHANISM-NAME ::= - {...} - -Release-request-reason ::= INTEGER {normal(0), urgent(1), user-defined(30) -}(0 | 1 | 30, ...) - -Release-response-reason ::= INTEGER { - normal(0), not-finished(1), user-defined(30)}(0 | 1 | 30, ...) - -END - --- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D diff --git a/acse/2.5.1.0.3.asn1 b/acse/2.5.1.0.3.asn1 deleted file mode 100644 index b755285..0000000 --- a/acse/2.5.1.0.3.asn1 +++ /dev/null @@ -1,240 +0,0 @@ --- Module UsefulDefinitions (X.501 TC2:08/1997) --- See also ITU-T X.501 (1997) Technical Cor. 2 (02/2001) --- See also the index of all ASN.1 assignments needed in this document - -UsefulDefinitions {joint-iso-itu-t ds(5) module(1) usefulDefinitions(0) 3} -DEFINITIONS ::= -BEGIN - --- EXPORTS All - --- The types and values defined in this module are exported for use in the other ASN.1 modules contained --- within the Directory Specifications, and for the use of other applications which will use them to access --- Directory services. Other applications may use them for their own purposes, but this will not constrain --- extensions and modifications needed to maintain or improve the Directory service. -ID ::= OBJECT IDENTIFIER - -ds ID ::= {joint-iso-itu-t ds(5)} - --- categories of information object -module ID ::= {ds 1} - -serviceElement ID ::= {ds 2} - -applicationContext ID ::= {ds 3} - -attributeType ID ::= {ds 4} - -attributeSyntax ID ::= {ds 5} - -objectClass ID ::= {ds 6} - --- attributeSet ID ::= {ds 7} -algorithm ID ::= {ds 8} - -abstractSyntax ID ::= {ds 9} - --- object ID ::= {ds 10} --- port ID ::= {ds 11} -dsaOperationalAttribute ID ::= - {ds 12} - -matchingRule ID ::= {ds 13} - -knowledgeMatchingRule ID ::= {ds 14} - -nameForm ID ::= {ds 15} - -group ID ::= {ds 16} - -subentry ID ::= {ds 17} - -operationalAttributeType ID ::= {ds 18} - -operationalBinding ID ::= {ds 19} - -schemaObjectClass ID ::= {ds 20} - -schemaOperationalAttribute ID ::= {ds 21} - -administrativeRoles ID ::= {ds 23} - -accessControlAttribute ID ::= {ds 24} - -rosObject ID ::= {ds 25} - -contract ID ::= {ds 26} - -package ID ::= {ds 27} - -accessControlSchemes ID ::= {ds 28} - -certificateExtension ID ::= {ds 29} - -managementObject ID ::= {ds 30} - -attributeValueContext ID ::= {ds 31} - --- securityExchange ID ::= {ds 32} -idmProtocol ID ::= {ds 33} - -problem ID ::= {ds 34} - -notification ID ::= {ds 35} - -matchingRestriction ID ::= - {ds 36} -- None are currently defined by this specification - -controlAttributeType ID ::= {ds 37} - --- modules -usefulDefinitions ID ::= {module usefulDefinitions(0) 3} - -informationFramework ID ::= {module informationFramework(1) 3} - -directoryAbstractService ID ::= {module directoryAbstractService(2) 3} - -distributedOperations ID ::= {module distributedOperations(3) 3} - -protocolObjectIdentifiers ID ::= {module protocolObjectIdentifiers(4) 3} - -selectedAttributeTypes ID ::= {module selectedAttributeTypes(5) 3} - -selectedObjectClasses ID ::= {module selectedObjectClasses(6) 3} - -authenticationFramework ID ::= {module authenticationFramework(7) 3} - -algorithmObjectIdentifiers ID ::= {module algorithmObjectIdentifiers(8) 3} - -directoryObjectIdentifiers ID ::= {module directoryObjectIdentifiers(9) 3} - -upperBounds ID ::= {module upperBounds(10) 3} - -dap ID ::= {module dap(11) 3} - -dsp ID ::= {module dsp(12) 3} - -distributedDirectoryOIDs ID ::= {module distributedDirectoryOIDs(13) 3} - -directoryShadowOIDs ID ::= {module directoryShadowOIDs(14) 3} - -directoryShadowAbstractService ID ::= - {module directoryShadowAbstractService(15) 3} - -disp ID ::= {module disp(16) 3} - -dop ID ::= {module dop(17) 3} - -opBindingManagement ID ::= {module opBindingManagement(18) 3} - -opBindingOIDs ID ::= {module opBindingOIDs(19) 3} - -hierarchicalOperationalBindings ID ::= - {module hierarchicalOperationalBindings(20) 3} - -dsaOperationalAttributeTypes ID ::= {module dsaOperationalAttributeTypes(22) 3} - -schemaAdministration ID ::= {module schemaAdministration(23) 3} - -basicAccessControl ID ::= {module basicAccessControl(24) 3} - -directoryOperationalBindingTypes ID ::= - {module directoryOperationalBindingTypes(25) 3} - -certificateExtensions ID ::= {module certificateExtensions(26) 0} - -directoryManagement ID ::= {module directoryManagement(27) 1} - -enhancedSecurity ID ::= {module enhancedSecurity(28) 1} - -iDMProtocolSpecification ID ::= {module iDMProtocolSpecification(30) 4} - -directoryIDMProtocols ID ::= {module directoryIDMProtocols(31) 4} - --- directorySecurityExchanges ID ::= {module directorySecurityExchanges (29) 1} --- synonyms -id-oc ID ::= - objectClass - -id-at ID ::= attributeType - -id-as ID ::= abstractSyntax - -id-mr ID ::= matchingRule - -id-nf ID ::= nameForm - -id-sc ID ::= subentry - -id-oa ID ::= operationalAttributeType - -id-ob ID ::= operationalBinding - -id-doa ID ::= dsaOperationalAttribute - -id-kmr ID ::= knowledgeMatchingRule - -id-soc ID ::= schemaObjectClass - -id-soa ID ::= schemaOperationalAttribute - -id-ar ID ::= administrativeRoles - -id-aca ID ::= accessControlAttribute - -id-ac ID ::= applicationContext - -id-rosObject ID ::= rosObject - -id-contract ID ::= contract - -id-package ID ::= package - -id-acScheme ID ::= accessControlSchemes - -id-ce ID ::= certificateExtension - -id-mgt ID ::= managementObject - -id-idm ID ::= idmProtocol - -id-avc ID ::= attributeValueContext - --- id-se ID ::= securityExchange -id-pr ID ::= problem - -id-not ID ::= notification - -id-mre ID ::= matchingRestriction - -id-cat ID ::= controlAttributeType - --- obsolete module identifiers --- usefulDefinition ID ::= {module 0} --- informationFramework ID ::= {module 1} --- directoryAbstractService ID ::= {module 2} --- distributedOperations ID ::= {module 3} --- protocolObjectIdentifiers ID ::= {module 4} --- selectedAttributeTypes ID ::= {module 5} --- selectedObjectClasses ID ::= {module 6} --- authenticationFramework ID ::= {module 7} --- algorithmObjectIdentifiers ID ::= {module 8} --- directoryObjectIdentifiers ID ::= {module 9} --- upperBounds ID ::= {module 10} --- dap ID ::= {module 11} --- dsp ID ::= {module 12} --- distributedDirectoryObjectIdentifiers ID ::= {module 13} --- unused module identifiers --- directoryShadowOIDs ID ::= {module 14} --- directoryShadowAbstractService ID ::= {module 15} --- disp ID ::= {module 16} --- dop ID ::= {module 17} --- opBindingManagement ID ::= {module 18} --- opBindingOIDs ID ::= {module 19} --- hierarchicalOperationalBindings ID ::= {module 20} --- dsaOperationalAttributeTypes ID ::= {module 22} --- schemaAdministration ID ::= {module 23} --- basicAccessControl ID ::= {module 24} --- operationalBindingOIDs ID ::= {module 25} -END -- UsefulDefinitions - --- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D diff --git a/acse/2.5.1.1.3.asn1 b/acse/2.5.1.1.3.asn1 deleted file mode 100644 index 58d934b..0000000 --- a/acse/2.5.1.1.3.asn1 +++ /dev/null @@ -1,876 +0,0 @@ --- Module InformationFramework (X.501 TC2:08/1997) --- See also ITU-T X.501 (1997) Technical Cor. 2 (02/2001) --- See also the index of all ASN.1 assignments needed in this document - -InformationFramework {joint-iso-itu-t ds(5) module(1) informationFramework(1) - 3} DEFINITIONS ::= -BEGIN - --- EXPORTS All - --- The types and values defined in this module are exported for use in the other ASN.1 modules contained --- within the Directory Specifications, and for the use of other applications which will use them to access --- Directory services. Other applications may use them for their own purposes, but this will not constrain --- extensions and modifications needed to maintain or improve the Directory service. -IMPORTS - id-oc, id-at, id-mr, id-oa, id-sc, id-ar, id-nf, selectedAttributeTypes, - directoryAbstractService, upperBounds - FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) - usefulDefinitions(0) 3} - commonName, generalizedTimeMatch, generalizedTimeOrderingMatch, booleanMatch, - integerMatch, integerOrderingMatch, objectIdentifierFirstComponentMatch, - integerFirstComponentMatch, DirectoryString{} - FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1) - selectedAttributeTypes(5) 3} - TypeAndContextAssertion, ServiceControlOptions, SearchControlOptions, - HierarchySelections, FamilyGrouping, FamilyReturn - FROM DirectoryAbstractService {joint-iso-itu-t ds(5) module(1) - directoryAbstractService(2) 3} - ub-search - FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 3}; - --- attribute data types -Attribute ::= SEQUENCE { - type ATTRIBUTE.&id({SupportedAttributes}), - values - SET SIZE (0..MAX) OF ATTRIBUTE.&Type({SupportedAttributes}{@type}), - valuesWithContext - SET SIZE (1..MAX) OF - SEQUENCE {value ATTRIBUTE.&Type({SupportedAttributes}{@type}), - contextList SET SIZE (1..MAX) OF Context} OPTIONAL -} - -AttributeType ::= ATTRIBUTE.&id - -AttributeValue ::= ATTRIBUTE.&Type - -Context ::= SEQUENCE { - contextType CONTEXT.&id({SupportedContexts}), - contextValues - SET SIZE (1..MAX) OF CONTEXT.&Type({SupportedContexts}{@contextType}), - fallback BOOLEAN DEFAULT FALSE -} - -AttributeValueAssertion ::= SEQUENCE { - type ATTRIBUTE.&id({SupportedAttributes}), - assertion - ATTRIBUTE.&equality-match.&AssertionType - ({SupportedAttributes}{@type}), - assertedContexts - CHOICE {allContexts [0] NULL, - selectedContexts [1] SET SIZE (1..MAX) OF ContextAssertion - } OPTIONAL -} - -ContextAssertion ::= SEQUENCE { - contextType CONTEXT.&id({SupportedContexts}), - contextValues - SET SIZE (1..MAX) OF - CONTEXT.&Assertion({SupportedContexts}{@contextType}) -} - -AttributeTypeAssertion ::= SEQUENCE { - type ATTRIBUTE.&id({SupportedAttributes}), - assertedContexts SEQUENCE SIZE (1..MAX) OF ContextAssertion OPTIONAL -} - --- Definition of the following information object set is deferred, perhaps to standardized --- profiles or to protocol implementation conformance statements. The set is required to --- specify a table constraint on the values component of Attribute, the value component --- of AttributeTypeAndValue, and the assertion component of AttributeValueAssertion. -SupportedAttributes ATTRIBUTE ::= - {objectClass | aliasedEntryName, ...} - --- Definition of the following information object set is deferred, perhaps to standardized --- profiles or to protocol implementation conformance statements. The set is required to --- specify a table constraint on the context specifications -SupportedContexts CONTEXT ::= - {...} - --- naming data types -Name ::= CHOICE { -- only one possibility for now --rdnSequence RDNSequence -} - -RDNSequence ::= SEQUENCE OF RelativeDistinguishedName - -DistinguishedName ::= RDNSequence - -RelativeDistinguishedName ::= - SET SIZE (1..MAX) OF AttributeTypeAndDistinguishedValue - -AttributeTypeAndDistinguishedValue ::= SEQUENCE { - type ATTRIBUTE.&id({SupportedAttributes}), - value ATTRIBUTE.&Type({SupportedAttributes}{@type}), - primaryDistinguished BOOLEAN DEFAULT TRUE, - valuesWithContext - SET SIZE (1..MAX) OF - SEQUENCE {distingAttrValue - [0] ATTRIBUTE.&Type({SupportedAttributes}{@type}) - OPTIONAL, - contextList SET SIZE (1..MAX) OF Context} OPTIONAL -} - --- subtree data types -SubtreeSpecification ::= SEQUENCE { - base [0] LocalName DEFAULT {}, - COMPONENTS OF ChopSpecification, - specificationFilter [4] Refinement OPTIONAL -} - --- empty sequence specifies whole administrative area -LocalName ::= RDNSequence - -ChopSpecification ::= SEQUENCE { - specificExclusions - [1] SET SIZE (1..MAX) OF - CHOICE {chopBefore [0] LocalName, - chopAfter [1] LocalName} OPTIONAL, - minimum [2] BaseDistance DEFAULT 0, - maximum [3] BaseDistance OPTIONAL -} - -BaseDistance ::= INTEGER(0..MAX) - -Refinement ::= CHOICE { - item [0] OBJECT-CLASS.&id, - and [1] SET OF Refinement, - or [2] SET OF Refinement, - not [3] Refinement -} - --- OBJECT-CLASS information object class specification -OBJECT-CLASS ::= CLASS { - &Superclasses OBJECT-CLASS OPTIONAL, - &kind ObjectClassKind DEFAULT structural, - &MandatoryAttributes ATTRIBUTE OPTIONAL, - &OptionalAttributes ATTRIBUTE OPTIONAL, - &id OBJECT IDENTIFIER UNIQUE -} -WITH SYNTAX { - [SUBCLASS OF &Superclasses] - [KIND &kind] - [MUST CONTAIN &MandatoryAttributes] - [MAY CONTAIN &OptionalAttributes] - ID &id -} - -ObjectClassKind ::= ENUMERATED {abstract(0), structural(1), auxiliary(2)} - --- object classes -top OBJECT-CLASS ::= { - KIND abstract - MUST CONTAIN {objectClass} - ID id-oc-top -} - -alias OBJECT-CLASS ::= { - SUBCLASS OF {top} - MUST CONTAIN {aliasedEntryName} - ID id-oc-alias -} - -parent OBJECT-CLASS ::= {KIND abstract - ID id-oc-parent -} - -child OBJECT-CLASS ::= {KIND auxiliary - ID id-oc-child -} - --- ATTRIBUTE information object class specification -ATTRIBUTE ::= CLASS { - &derivation ATTRIBUTE OPTIONAL, - &Type OPTIONAL, -- either &Type or &derivation required - &equality-match MATCHING-RULE OPTIONAL, - &ordering-match MATCHING-RULE OPTIONAL, - &substrings-match MATCHING-RULE OPTIONAL, - &single-valued BOOLEAN DEFAULT FALSE, - &collective BOOLEAN DEFAULT FALSE, - -- operational extensions - &no-user-modification BOOLEAN DEFAULT FALSE, - &usage AttributeUsage DEFAULT userApplications, - &id OBJECT IDENTIFIER UNIQUE -} -WITH SYNTAX { - [SUBTYPE OF &derivation] - [WITH SYNTAX &Type] - [EQUALITY MATCHING RULE &equality-match] - [ORDERING MATCHING RULE &ordering-match] - [SUBSTRINGS MATCHING RULE &substrings-match] - [SINGLE VALUE &single-valued] - [COLLECTIVE &collective] - [NO USER MODIFICATION &no-user-modification] - [USAGE &usage] - ID &id -} - -AttributeUsage ::= ENUMERATED { - userApplications(0), directoryOperation(1), distributedOperation(2), - dSAOperation(3)} - --- attributes -objectClass ATTRIBUTE ::= { - WITH SYNTAX OBJECT IDENTIFIER - EQUALITY MATCHING RULE objectIdentifierMatch - ID id-at-objectClass -} - -aliasedEntryName ATTRIBUTE ::= { - WITH SYNTAX DistinguishedName - EQUALITY MATCHING RULE distinguishedNameMatch - SINGLE VALUE TRUE - ID id-at-aliasedEntryName -} - --- MATCHING-RULE information object class specification -MATCHING-RULE ::= CLASS { - &ParentMatchingRules MATCHING-RULE.&id OPTIONAL, - &AssertionType OPTIONAL, - &uniqueMatchIndicator ATTRIBUTE.&id OPTIONAL, - &id OBJECT IDENTIFIER UNIQUE -} -WITH SYNTAX { - [PARENT &ParentMatchingRules] - [SYNTAX &AssertionType] - [UNIQUE-MATCH-INDICATOR &uniqueMatchIndicator] - ID &id -} - --- matching rules -objectIdentifierMatch MATCHING-RULE ::= { - SYNTAX OBJECT IDENTIFIER - ID id-mr-objectIdentifierMatch -} - -distinguishedNameMatch MATCHING-RULE ::= { - SYNTAX DistinguishedName - ID id-mr-distinguishedNameMatch -} - -MAPPING-BASED-MATCHING{SelectedBy, BOOLEAN:combinable, MappingResult, - OBJECT IDENTIFIER:matchingRule} ::= CLASS { - &selectBy SelectedBy OPTIONAL, - &ApplicableTo ATTRIBUTE, - &subtypesIncluded BOOLEAN DEFAULT TRUE, - &combinable BOOLEAN(combinable), - &mappingResults MappingResult OPTIONAL, - &userControl BOOLEAN DEFAULT FALSE, - &exclusive BOOLEAN DEFAULT TRUE, - &matching-rule MATCHING-RULE.&id(matchingRule), - &id OBJECT IDENTIFIER UNIQUE -} -WITH SYNTAX { - [SELECT BY &selectBy] - APPLICABLE TO &ApplicableTo - [SUBTYPES INCLUDED &subtypesIncluded] - COMBINABLE &combinable - [MAPPING RESULTS &mappingResults] - [USER CONTROL &userControl] - [EXCLUSIVE &exclusive] - MATCHING RULE &matching-rule - ID &id -} - --- NAME-FORM information object class specification -NAME-FORM ::= CLASS { - &namedObjectClass OBJECT-CLASS, - &MandatoryAttributes ATTRIBUTE, - &OptionalAttributes ATTRIBUTE OPTIONAL, - &id OBJECT IDENTIFIER UNIQUE -} -WITH SYNTAX { - NAMES &namedObjectClass - WITH ATTRIBUTES &MandatoryAttributes - [AND OPTIONALLY &OptionalAttributes] - ID &id -} - --- STRUCTURE-RULE class and DIT structure rule data types -STRUCTURE-RULE ::= CLASS { - &nameForm NAME-FORM, - &SuperiorStructureRules STRUCTURE-RULE OPTIONAL, - &id RuleIdentifier -} -WITH SYNTAX { - NAME FORM &nameForm - [SUPERIOR RULES &SuperiorStructureRules] - ID &id -} - -DITStructureRule ::= SEQUENCE { - ruleIdentifier RuleIdentifier, - -- must be unique within the scope of the subschema - nameForm NAME-FORM.&id, - superiorStructureRules SET SIZE (1..MAX) OF RuleIdentifier OPTIONAL -} - -RuleIdentifier ::= INTEGER - --- CONTENT-RULE class and DIT content rule data types -CONTENT-RULE ::= CLASS { - &structuralClass OBJECT-CLASS.&id UNIQUE, - &Auxiliaries OBJECT-CLASS OPTIONAL, - &Mandatory ATTRIBUTE OPTIONAL, - &Optional ATTRIBUTE OPTIONAL, - &Precluded ATTRIBUTE OPTIONAL -} -WITH SYNTAX { - STRUCTURAL OBJECT-CLASS &structuralClass - [AUXILIARY OBJECT-CLASSES &Auxiliaries] - [MUST CONTAIN &Mandatory] - [MAY CONTAIN &Optional] - [MUST-NOT CONTAIN &Precluded] -} - -DITContentRule ::= SEQUENCE { - structuralObjectClass OBJECT-CLASS.&id, - auxiliaries SET SIZE (1..MAX) OF OBJECT-CLASS.&id OPTIONAL, - mandatory [1] SET SIZE (1..MAX) OF ATTRIBUTE.&id OPTIONAL, - optional [2] SET SIZE (1..MAX) OF ATTRIBUTE.&id OPTIONAL, - precluded [3] SET SIZE (1..MAX) OF ATTRIBUTE.&id OPTIONAL -} - -CONTEXT ::= CLASS { - &Type , - &Assertion OPTIONAL, - &id OBJECT IDENTIFIER UNIQUE -}WITH SYNTAX {WITH SYNTAX &Type - [ASSERTED AS &Assertion] - ID &id -} - -DITContextUse ::= SEQUENCE { - attributeType ATTRIBUTE.&id, - mandatoryContexts [1] SET SIZE (1..MAX) OF CONTEXT.&id OPTIONAL, - optionalContexts [2] SET SIZE (1..MAX) OF CONTEXT.&id OPTIONAL -} - -DIT-CONTEXT-USE-RULE ::= CLASS { - &attributeType ATTRIBUTE.&id UNIQUE, - &Mandatory CONTEXT OPTIONAL, - &Optional CONTEXT OPTIONAL -} -WITH SYNTAX { - ATTRIBUTE TYPE &attributeType - [MANDATORY CONTEXTS &Mandatory] - [OPTIONAL CONTEXTS &Optional] -} - --- system schema information objects --- object classes -subentry OBJECT-CLASS ::= { - SUBCLASS OF {top} - KIND structural - MUST CONTAIN {commonName | subtreeSpecification} - ID id-sc-subentry -} - -subentryNameForm NAME-FORM ::= { - NAMES subentry - WITH ATTRIBUTES {commonName} - ID id-nf-subentryNameForm -} - -accessControlSubentry OBJECT-CLASS ::= { - KIND auxiliary - ID id-sc-accessControlSubentry -} - -collectiveAttributeSubentry OBJECT-CLASS ::= { - KIND auxiliary - ID id-sc-collectiveAttributeSubentry -} - -contextAssertionSubentry OBJECT-CLASS ::= { - KIND auxiliary - MUST CONTAIN {contextAssertionDefaults} - ID id-sc-contextAssertionSubentry -} - -serviceAdminSubentry OBJECT-CLASS ::= { - KIND auxiliary - MUST CONTAIN {searchRules} - ID id-sc-serviceAdminSubentry -} - --- attributes -createTimestamp ATTRIBUTE ::= { - WITH SYNTAX GeneralizedTime - -- as per 41.3 b) or c) of ITU-T Rec. X.680 | ISO/IEC 8824-1 - EQUALITY MATCHING RULE generalizedTimeMatch - ORDERING MATCHING RULE generalizedTimeOrderingMatch - SINGLE VALUE TRUE - NO USER MODIFICATION TRUE - USAGE directoryOperation - ID id-oa-createTimestamp -} - -modifyTimestamp ATTRIBUTE ::= { - WITH SYNTAX GeneralizedTime - -- as per 41.3 b) or c) of ITU-T Rec. X.680 | ISO/IEC 8824-1 - EQUALITY MATCHING RULE generalizedTimeMatch - ORDERING MATCHING RULE generalizedTimeOrderingMatch - SINGLE VALUE TRUE - NO USER MODIFICATION TRUE - USAGE directoryOperation - ID id-oa-modifyTimestamp -} - -subschemaTimestamp ATTRIBUTE ::= { - WITH SYNTAX GeneralizedTime - -- as per 41.3 b) or c) of ITU-T Rec.X. 680 | ISO/IEC 8824-1 - EQUALITY MATCHING RULE generalizedTimeMatch - ORDERING MATCHING RULE generalizedTimeOrderingMatch - SINGLE VALUE TRUE - NO USER MODIFICATION TRUE - USAGE directoryOperation - ID id-oa-subschemaTimestamp -} - -creatorsName ATTRIBUTE ::= { - WITH SYNTAX DistinguishedName - EQUALITY MATCHING RULE distinguishedNameMatch - SINGLE VALUE TRUE - NO USER MODIFICATION TRUE - USAGE directoryOperation - ID id-oa-creatorsName -} - -modifiersName ATTRIBUTE ::= { - WITH SYNTAX DistinguishedName - EQUALITY MATCHING RULE distinguishedNameMatch - SINGLE VALUE TRUE - NO USER MODIFICATION TRUE - USAGE directoryOperation - ID id-oa-modifiersName -} - -subschemaSubentryList ATTRIBUTE ::= { - WITH SYNTAX DistinguishedName - EQUALITY MATCHING RULE distinguishedNameMatch - SINGLE VALUE TRUE - NO USER MODIFICATION TRUE - USAGE directoryOperation - ID id-oa-subschemaSubentryList -} - -accessControlSubentryList ATTRIBUTE ::= { - WITH SYNTAX DistinguishedName - EQUALITY MATCHING RULE distinguishedNameMatch - NO USER MODIFICATION TRUE - USAGE directoryOperation - ID id-oa-accessControlSubentryList -} - -collectiveAttributeSubentryList ATTRIBUTE ::= { - WITH SYNTAX DistinguishedName - EQUALITY MATCHING RULE distinguishedNameMatch - NO USER MODIFICATION TRUE - USAGE directoryOperation - ID id-oa-collectiveAttributeSubentryList -} - -contextDefaultSubentryList ATTRIBUTE ::= { - WITH SYNTAX DistinguishedName - EQUALITY MATCHING RULE distinguishedNameMatch - NO USER MODIFICATION TRUE - USAGE directoryOperation - ID id-oa-contextDefaultSubentryList -} - -serviceAdminSubentryList ATTRIBUTE ::= { - WITH SYNTAX DistinguishedName - EQUALITY MATCHING RULE distinguishedNameMatch - NO USER MODIFICATION TRUE - USAGE directoryOperation - ID id-oa-serviceAdminSubentryList -} - -hasSubordinates ATTRIBUTE ::= { - WITH SYNTAX BOOLEAN - EQUALITY MATCHING RULE booleanMatch - SINGLE VALUE TRUE - NO USER MODIFICATION TRUE - USAGE directoryOperation - ID id-oa-hasSubordinates -} - -administrativeRole ATTRIBUTE ::= { - WITH SYNTAX OBJECT-CLASS.&id - EQUALITY MATCHING RULE objectIdentifierMatch - USAGE directoryOperation - ID id-oa-administrativeRole -} - -subtreeSpecification ATTRIBUTE ::= { - WITH SYNTAX SubtreeSpecification - USAGE directoryOperation - ID id-oa-subtreeSpecification -} - -collectiveExclusions ATTRIBUTE ::= { - WITH SYNTAX OBJECT IDENTIFIER - EQUALITY MATCHING RULE objectIdentifierMatch - USAGE directoryOperation - ID id-oa-collectiveExclusions -} - -contextAssertionDefaults ATTRIBUTE ::= { - WITH SYNTAX TypeAndContextAssertion - EQUALITY MATCHING RULE objectIdentifierFirstComponentMatch - USAGE directoryOperation - ID id-oa-contextAssertionDefault -} - -searchRules ATTRIBUTE ::= { - WITH SYNTAX SearchRuleDescription - EQUALITY MATCHING RULE integerFirstComponentMatch - USAGE directoryOperation - ID id-oa-searchRules -} - -SearchRuleDescription ::= SEQUENCE { - COMPONENTS OF SearchRule, - name [28] SET SIZE (1..MAX) OF DirectoryString{ub-search} OPTIONAL, - description [29] DirectoryString{ub-search} OPTIONAL, - obsolete [30] BOOLEAN DEFAULT FALSE -} - -hierarchyLevel ATTRIBUTE ::= { - WITH SYNTAX INTEGER - EQUALITY MATCHING RULE integerMatch - ORDERING MATCHING RULE integerOrderingMatch - SINGLE VALUE TRUE - NO USER MODIFICATION TRUE - USAGE directoryOperation - ID id-oa-hierarchyLevel -} - -hierarchyBelow ATTRIBUTE ::= { - WITH SYNTAX BOOLEAN - EQUALITY MATCHING RULE booleanMatch - SINGLE VALUE TRUE - NO USER MODIFICATION TRUE - USAGE directoryOperation - ID id-oa-hierarchyBelow -} - -hierarchyParent ATTRIBUTE ::= { - WITH SYNTAX DistinguishedName - EQUALITY MATCHING RULE distinguishedNameMatch - SINGLE VALUE TRUE - USAGE directoryOperation - ID id-oa-hierarchyParent -} - -SearchRule ::= SEQUENCE { - COMPONENTS OF SearchRuleId, - serviceType [1] OBJECT IDENTIFIER OPTIONAL, - userClass [2] INTEGER OPTIONAL, - inputAttributeTypes - [3] SEQUENCE SIZE (1..MAX) OF RequestAttribute OPTIONAL, - attributeCombination [4] AttributeCombination DEFAULT and:{}, - outputAttributeTypes [5] SEQUENCE SIZE (1..MAX) OF ResultAttribute OPTIONAL, - defaultControls [6] ControlOptions OPTIONAL, - mandatoryControls [7] ControlOptions OPTIONAL, - searchRuleControls [8] ControlOptions OPTIONAL, - familyGrouping [9] FamilyGrouping OPTIONAL, - familyReturn [10] FamilyReturn OPTIONAL, - relaxation [11] RelaxationPolicy OPTIONAL, - additionalControl [12] SEQUENCE SIZE (1..MAX) OF AttributeType OPTIONAL, - allowedSubset [13] AllowedSubset DEFAULT '111'B, - imposedSubset [14] ImposedSubset OPTIONAL, - entryLimit [15] EntryLimit OPTIONAL -} - -SearchRuleId ::= SEQUENCE {id INTEGER, - dmdId [0] OBJECT IDENTIFIER -} - -AllowedSubset ::= BIT STRING {baseObject(0), oneLevel(1), wholeSubtree(2)} - -ImposedSubset ::= ENUMERATED {baseObject(0), oneLevel(1), wholeSubtree(2)} - -RequestAttribute ::= SEQUENCE { - attributeType ATTRIBUTE.&id({SupportedAttributes}), - includeSubtypes [0] BOOLEAN DEFAULT FALSE, - selectedValues - [1] SEQUENCE SIZE (0..MAX) OF - ATTRIBUTE.&Type({SupportedAttributes}{@attributeType}) OPTIONAL, - defaultValues - [2] SEQUENCE SIZE (0..MAX) OF - SEQUENCE {entryType OBJECT-CLASS.&id OPTIONAL, - values - SEQUENCE OF - ATTRIBUTE.&Type - ({SupportedAttributes}{@attributeType})} OPTIONAL, - contexts [3] SEQUENCE SIZE (0..MAX) OF ContextProfile OPTIONAL, - contextCombination [4] ContextCombination DEFAULT and:{}, - matchingUse [5] SEQUENCE SIZE (1..MAX) OF MatchingUse OPTIONAL -} - -ContextProfile ::= SEQUENCE { - contextType CONTEXT.&id({SupportedContexts}), - contextValue - SEQUENCE SIZE (1..MAX) OF - CONTEXT.&Assertion({SupportedContexts}{@contextType}) OPTIONAL -} - -ContextCombination ::= CHOICE { - context [0] CONTEXT.&id, - and [1] SEQUENCE OF ContextCombination, - or [2] SEQUENCE OF ContextCombination, - not [3] ContextCombination -} - -MatchingUse ::= SEQUENCE { - restrictionType - MATCHING-RESTRICTION.&id({SupportedMatchingRestrictions}), - restrictionValue - MATCHING-RESTRICTION.&Restriction - ({SupportedMatchingRestrictions}{@restrictionType}) -} - --- Definition of the following information object set is deferred, perhaps to standardized --- profiles or to protocol implementation conformance statements. The set is required to --- specify a table constraint on the components of SupportedMatchingRestrictions -SupportedMatchingRestrictions MATCHING-RESTRICTION ::= - {...} - -AttributeCombination ::= CHOICE { - attribute [0] AttributeType, - and [1] SEQUENCE OF AttributeCombination, - or [2] SEQUENCE OF AttributeCombination, - not [3] AttributeCombination -} - -ResultAttribute ::= SEQUENCE { - attributeType ATTRIBUTE.&id({SupportedAttributes}), - outputValues - CHOICE {selectedValues - SEQUENCE SIZE (1..MAX) OF - ATTRIBUTE.&Type({SupportedAttributes}{@attributeType}), - matchedValuesOnly NULL} OPTIONAL, - contexts [0] SEQUENCE SIZE (1..MAX) OF ContextProfile OPTIONAL -} - -OutputValues ::= CHOICE { - selectedValues - SEQUENCE SIZE (1..MAX) OF ATTRIBUTE.&Type({SupportedAttributes}), - matchedValuesOnly NULL -} - -ControlOptions ::= SEQUENCE { - serviceControls [0] ServiceControlOptions DEFAULT {}, - searchOptions [1] SearchControlOptions DEFAULT {searchAliases}, - hierarchyOptions [2] HierarchySelections OPTIONAL -} - -EntryLimit ::= SEQUENCE {default INTEGER, - max INTEGER -} - -RelaxationPolicy ::= SEQUENCE { - basic [0] MRMapping DEFAULT {}, - tightenings [1] SEQUENCE SIZE (1..MAX) OF MRMapping OPTIONAL, - relaxations [2] SEQUENCE SIZE (1..MAX) OF MRMapping OPTIONAL, - maximum [3] INTEGER OPTIONAL, -- mandatory if tightenings is present - minimum [4] INTEGER DEFAULT 1 -} - -MRMapping ::= SEQUENCE { - mapping [0] SEQUENCE SIZE (1..MAX) OF Mapping OPTIONAL, - substitution [1] SEQUENCE SIZE (1..MAX) OF MRSubstitution OPTIONAL -} - -Mapping ::= SEQUENCE { - mappingFunction - OBJECT IDENTIFIER - (CONSTRAINED BY {-- shall be an-- - - -- object identifier of a mapping-based matching algorithm -- }), - level INTEGER DEFAULT 0 -} - -MRSubstitution ::= SEQUENCE { - attribute AttributeType, - oldMatchingRule [0] MATCHING-RULE.&id OPTIONAL, - newMatchingRule [1] MATCHING-RULE.&id OPTIONAL -} - -SEARCH-RULE ::= CLASS { - &dmdId OBJECT IDENTIFIER, - &serviceType OBJECT IDENTIFIER OPTIONAL, - &userClass INTEGER OPTIONAL, - &InputAttributeTypes REQUEST-ATTRIBUTE OPTIONAL, - &combination AttributeCombination OPTIONAL, - &OutputAttributeTypes RESULT-ATTRIBUTE OPTIONAL, - &defaultControls ControlOptions OPTIONAL, - &mandatoryControls ControlOptions OPTIONAL, - &searchRuleControls ControlOptions OPTIONAL, - &familyGrouping FamilyGrouping OPTIONAL, - &familyReturn FamilyReturn OPTIONAL, - &additionalControl AttributeType OPTIONAL, - &relaxation RelaxationPolicy OPTIONAL, - &entryLimit EntryLimit OPTIONAL, - &allowedSubset AllowedSubset DEFAULT '111'B, - &imposedSubset ImposedSubset OPTIONAL, - &id INTEGER UNIQUE -} -WITH SYNTAX { - DMD ID &dmdId - [SERVICE-TYPE &serviceType] - [USER-CLASS &userClass] - [INPUT ATTRIBUTES &InputAttributeTypes] - [COMBINATION &combination] - [OUTPUT ATTRIBUTES &OutputAttributeTypes] - [DEFAULT CONTROL &defaultControls] - [MANDATORY CONTROL &mandatoryControls] - [SEARCH-RULE CONTROL &searchRuleControls] - [FAMILY-GROUPING &familyGrouping] - [FAMILY-RETURN &familyReturn] - [ADDITIONAL CONTROL &additionalControl] - [RELAXATION &relaxation] - [ALLOWED SUBSET &allowedSubset] - [IMPOSED SUBSET &imposedSubset] - [ENTRY LIMIT &entryLimit] - ID &id -} - -REQUEST-ATTRIBUTE ::= CLASS { - &attributeType ATTRIBUTE.&id, - &SelectedValues ATTRIBUTE.&Type OPTIONAL, - &DefaultValues SEQUENCE {entryType OBJECT-CLASS.&id OPTIONAL, - values SEQUENCE OF ATTRIBUTE.&Type - } OPTIONAL, - &contexts SEQUENCE OF ContextProfile OPTIONAL, - &contextCombination ContextCombination OPTIONAL, - &MatchingUse MatchingUse OPTIONAL, - &includeSubtypes BOOLEAN DEFAULT FALSE -} -WITH SYNTAX { - ATTRIBUTE TYPE &attributeType - [SELECTED VALUES &SelectedValues] - [DEFAULT VALUES &DefaultValues] - [CONTEXTS &contexts] - [CONTEXT COMBINATION &contextCombination] - [MATCHING USE &MatchingUse] - [INCLUDE SUBTYPES &includeSubtypes] -} - -RESULT-ATTRIBUTE ::= CLASS { - &attributeType ATTRIBUTE.&id, - &outputValues OutputValues OPTIONAL, - &contexts ContextProfile OPTIONAL -} -WITH SYNTAX { - ATTRIBUTE TYPE &attributeType - [OUTPUT VALUES &outputValues] - [CONTEXTS &contexts] -} - -MATCHING-RESTRICTION ::= CLASS { - &Restriction , - &Rules MATCHING-RULE.&id, - &id OBJECT IDENTIFIER UNIQUE -}WITH SYNTAX {RESTRICTION &Restriction - RULES &Rules - ID &id -} - --- object identifier assignments --- object classes -id-oc-top OBJECT IDENTIFIER ::= - {id-oc 0} - -id-oc-alias OBJECT IDENTIFIER ::= {id-oc 1} - -id-oc-parent OBJECT IDENTIFIER ::= {id-oc 28} - -id-oc-child OBJECT IDENTIFIER ::= {id-oc 29} - --- attributes -id-at-objectClass OBJECT IDENTIFIER ::= {id-at 0} - -id-at-aliasedEntryName OBJECT IDENTIFIER ::= {id-at 1} - --- matching rules -id-mr-objectIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 0} - -id-mr-distinguishedNameMatch OBJECT IDENTIFIER ::= {id-mr 1} - --- operational attributes -id-oa-excludeAllCollectiveAttributes OBJECT IDENTIFIER ::= - {id-oa 0} - -id-oa-createTimestamp OBJECT IDENTIFIER ::= {id-oa 1} - -id-oa-modifyTimestamp OBJECT IDENTIFIER ::= {id-oa 2} - -id-oa-creatorsName OBJECT IDENTIFIER ::= {id-oa 3} - -id-oa-modifiersName OBJECT IDENTIFIER ::= {id-oa 4} - -id-oa-administrativeRole OBJECT IDENTIFIER ::= {id-oa 5} - -id-oa-subtreeSpecification OBJECT IDENTIFIER ::= {id-oa 6} - -id-oa-collectiveExclusions OBJECT IDENTIFIER ::= {id-oa 7} - -id-oa-subschemaTimestamp OBJECT IDENTIFIER ::= {id-oa 8} - -id-oa-hasSubordinates OBJECT IDENTIFIER ::= {id-oa 9} - -id-oa-subschemaSubentryList OBJECT IDENTIFIER ::= {id-oa 10} - -id-oa-accessControlSubentryList OBJECT IDENTIFIER ::= {id-oa 11} - -id-oa-collectiveAttributeSubentryList OBJECT IDENTIFIER ::= {id-oa 12} - -id-oa-contextDefaultSubentryList OBJECT IDENTIFIER ::= {id-oa 13} - -id-oa-contextAssertionDefault OBJECT IDENTIFIER ::= {id-oa 14} - -id-oa-serviceAdminSubentryList OBJECT IDENTIFIER ::= {id-oa 15} - -id-oa-searchRules OBJECT IDENTIFIER ::= {id-oa 16} - -id-oa-hierarchyLevel OBJECT IDENTIFIER ::= {id-oa 17} - -id-oa-hierarchyBelow OBJECT IDENTIFIER ::= {id-oa 18} - -id-oa-hierarchyParent OBJECT IDENTIFIER ::= {id-oa 19} - --- subentry classes -id-sc-subentry OBJECT IDENTIFIER ::= {id-sc 0} - -id-sc-accessControlSubentry OBJECT IDENTIFIER ::= {id-sc 1} - -id-sc-collectiveAttributeSubentry OBJECT IDENTIFIER ::= {id-sc 2} - -id-sc-contextAssertionSubentry OBJECT IDENTIFIER ::= {id-sc 3} - -id-sc-serviceAdminSubentry OBJECT IDENTIFIER ::= {id-sc 4} - --- Name forms -id-nf-subentryNameForm OBJECT IDENTIFIER ::= {id-nf 16} - --- administrative roles -id-ar-autonomousArea OBJECT IDENTIFIER ::= {id-ar 1} - -id-ar-accessControlSpecificArea OBJECT IDENTIFIER ::= {id-ar 2} - -id-ar-accessControlInnerArea OBJECT IDENTIFIER ::= {id-ar 3} - -id-ar-subschemaAdminSpecificArea OBJECT IDENTIFIER ::= {id-ar 4} - -id-ar-collectiveAttributeSpecificArea OBJECT IDENTIFIER ::= {id-ar 5} - -id-ar-collectiveAttributeInnerArea OBJECT IDENTIFIER ::= {id-ar 6} - -id-ar-contextDefaultSpecificArea OBJECT IDENTIFIER ::= {id-ar 7} - -id-ar-serviceSpecificArea OBJECT IDENTIFIER ::= {id-ar 8} - -END -- InformationFramework - --- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D diff --git a/acse/2.5.1.10.3.asn1 b/acse/2.5.1.10.3.asn1 deleted file mode 100644 index 3ebc334..0000000 --- a/acse/2.5.1.10.3.asn1 +++ /dev/null @@ -1,90 +0,0 @@ --- Module UpperBounds (X.520:08/1997) --- See also ITU-T X.520 (08/1997) --- See also the index of all ASN.1 assignments needed in this document - -UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 3} DEFINITIONS ::= -BEGIN - --- EXPORTS All --- The types and values defined in this module are exported for use in the other ASN.1 modules contained --- within the Directory Specifications, and for the use of other applications which will use them to access --- Directory services. Other applications may use them for their own purposes, but this will not constrain --- extensions and modifications needed to maintain or improve the Directory service. -ub-answerback INTEGER ::= - 8 - -ub-business-category INTEGER ::= 128 - -ub-common-name INTEGER ::= 64 - -ub-country-code INTEGER ::= 4 - -ub-description INTEGER ::= 1024 - -ub-destination-indicator INTEGER ::= 128 - -ub-directory-string-first-component-match INTEGER ::= 32768 - -ub-international-isdn-number INTEGER ::= 16 - -ub-knowledge-information INTEGER ::= 32768 - -ub-locality-name INTEGER ::= 128 - -ub-match INTEGER ::= 128 - -ub-name INTEGER ::= 64 - -ub-organization-name INTEGER ::= 64 - -ub-organizational-unit-name INTEGER ::= 64 - -ub-physical-office-name INTEGER ::= 128 - -ub-post-office-box INTEGER ::= 40 - -ub-postal-code INTEGER ::= 40 - -ub-postal-line INTEGER ::= 6 - -ub-postal-string INTEGER ::= 30 - -ub-privacy-mark-length INTEGER ::= 128 - -ub-schema INTEGER ::= 1024 - -ub-search INTEGER ::= 32768 - -ub-serial-number INTEGER ::= 64 - -ub-state-name INTEGER ::= 128 - -ub-street-address INTEGER ::= 128 - -ub-surname INTEGER ::= 64 - -ub-tag INTEGER ::= 64 - -ub-telephone-number INTEGER ::= 32 - -ub-teletex-terminal-id INTEGER ::= 1024 - -ub-telex-number INTEGER ::= 14 - -ub-title INTEGER ::= 64 - -ub-user-password INTEGER ::= 128 - -ub-x121-address INTEGER ::= 15 - -ub-localeContextSyntax INTEGER ::= 128 - -ub-locale-context-syntax INTEGER ::= 64 - -ub-pseudonym INTEGER ::= 128 - -ub-content INTEGER ::= 32768 - -END -- UpperBounds - --- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D diff --git a/acse/2.5.1.2.3.asn1 b/acse/2.5.1.2.3.asn1 deleted file mode 100644 index ca1d934..0000000 --- a/acse/2.5.1.2.3.asn1 +++ /dev/null @@ -1,718 +0,0 @@ --- Module DirectoryAbstractService (X.511 TC2:08/1997) --- See also ITU-T X.511 (1997) Technical Cor. 2 (02/2001) --- See also the index of all ASN.1 assignments needed in this document - -DirectoryAbstractService {joint-iso-itu-t ds(5) module(1) - directoryAbstractService(2) 3} DEFINITIONS ::= -BEGIN - --- EXPORTS All --- The types and values defined in this module are exported for use in the other ASN.1 modules contained --- within the Directory Specifications, and for the use of other applications which will use them to access --- Directory services. Other applications may use them for their own purposes, but this will not constrain --- extensions and modifications needed to maintain or improve the Directory service. -IMPORTS - informationFramework, distributedOperations, authenticationFramework, - dap, directoryShadowAbstractService, basicAccessControl, enhancedSecurity, - id-at - FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) - usefulDefinitions(0) 3} - AttributeTypeAndValue - FROM BasicAccessControl {joint-iso-itu-t ds(5) module(1) - basicAccessControl(24) 3} - AgreementID - FROM DirectoryShadowAbstractService {joint-iso-itu-t ds(5) module(1) - directoryShadowAbstractService(15) 4} - Attribute, AttributeType, AttributeValue, AttributeValueAssertion, - DistinguishedName, Name, RelativeDistinguishedName, SupportedAttributes, - ATTRIBUTE, MATCHING-RULE, ContextAssertion, AttributeTypeAssertion, - OBJECT-CLASS, RelaxationPolicy - FROM InformationFramework {joint-iso-itu-t ds(5) module(1) - informationFramework(1) 3} - OperationProgress, ReferenceType, Exclusions, AccessPoint, - ContinuationReference - FROM DistributedOperations {joint-iso-itu-t ds(5) module(1) - distributedOperations(3) 3} - CertificationPath, SIGNED{}, SIGNATURE{}, ENCRYPTED{}, AlgorithmIdentifier, - AttributeCertificationPath - FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1) - authenticationFramework(7) 3} - OPTIONALLY-PROTECTED{}, OPTIONALLY-PROTECTED-SEQ{} - FROM EnhancedSecurity {joint-iso-itu-t ds(5) modules(1) - enhancedSecurity(28) 1} - id-opcode-read, id-opcode-compare, id-opcode-abandon, id-opcode-list, - id-opcode-search, id-opcode-addEntry, id-opcode-removeEntry, - id-opcode-modifyEntry, id-opcode-modifyDN, id-errcode-abandoned, - id-errcode-abandonFailed, id-errcode-attributeError, id-errcode-nameError, - id-errcode-referral, id-errcode-securityError, id-errcode-serviceError, - id-errcode-updateError - FROM DirectoryAccessProtocol {joint-iso-itu-t ds(5) module(1) dap(11) 3} - OPERATION, ERROR, Code - FROM Remote-Operations-Information-Objects {joint-iso-itu-t - remote-operations(4) informationObjects(5) version1(0)} - emptyUnbind - FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t - remote-operations(4) useful-definitions(7) version1(0)} - InvokeId - FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t - remote-operations(4) generic-ROS-PDUs(6) version1(0)} - --PROTECTED - -- FROM Notation { joint-iso-itu-t genericULS (20) modules (1) notation (1) } - SPKM-REQ, SPKM-REP-TI, SPKM-ERROR - FROM SpkmGssTokens {iso(1) identified-organization(3) dod(6) internet(1) - security(5) mechanisms(5) spkm(1) spkmGssTokens(10)}; - --- Common data types --- Parameterized type for representing optional signing -OPTIONALLY-SIGNED{Type} ::= CHOICE {unsigned Type, - signed SIGNED{Type} -} - -CommonArguments ::= SET { - serviceControls [30] ServiceControls DEFAULT {}, - securityParameters [29] SecurityParameters OPTIONAL, - requestor [28] DistinguishedName OPTIONAL, - operationProgress - [27] OperationProgress DEFAULT {nameResolutionPhase notStarted}, - aliasedRDNs [26] INTEGER OPTIONAL, - criticalExtensions [25] BIT STRING OPTIONAL, - referenceType [24] ReferenceType OPTIONAL, - entryOnly [23] BOOLEAN DEFAULT TRUE, - nameResolveOnMaste [21] BOOLEAN DEFAULT FALSE, - operationContexts [20] ContextSelection OPTIONAL, - familyGrouping [19] FamilyGrouping DEFAULT entryOnly -} - -FamilyGrouping ::= ENUMERATED { - entryOnly(1), compoundEntry(2), strands(3), multiStrand(4)} - -CommonResults ::= SET { - securityParameters [30] SecurityParameters OPTIONAL, - performer [29] DistinguishedName OPTIONAL, - aliasDereferenced [28] BOOLEAN DEFAULT FALSE, - notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL -} - -CommonResultsSeq ::= SEQUENCE { - securityParameters [30] SecurityParameters OPTIONAL, - performer [29] DistinguishedName OPTIONAL, - aliasDereferenced [28] BOOLEAN DEFAULT FALSE -} - -ServiceControls ::= SET { - options [0] ServiceControlOptions DEFAULT {}, - priority [1] INTEGER {low(0), medium(1), high(2)} DEFAULT medium, - timeLimit [2] INTEGER OPTIONAL, - sizeLimit [3] INTEGER OPTIONAL, - scopeOfReferral [4] INTEGER {dmd(0), country(1)} OPTIONAL, - attributeSizeLimit [5] INTEGER OPTIONAL, - manageDSAITPlaneRef - [6] SEQUENCE {dsaName Name, - agreementID AgreementID} OPTIONAL, - serviceType [7] OBJECT IDENTIFIER OPTIONAL, - userClass [8] INTEGER OPTIONAL -} - -ServiceControlOptions ::= BIT STRING { - preferChaining(0), chainingProhibited(1), localScope(2), dontUseCopy(3), - dontDereferenceAliases(4), subentries(5), copyShallDo(6), - partialNameResolution(7), manageDSAIT(8), noSubtypeMatch(9), - noSubtypeSelection(10), countFamily(11)} - -EntryInformationSelection ::= SET { - attributes - CHOICE {allUserAttributes [0] NULL, - select [1] SET OF AttributeType - -- empty set implies no attributes are requested - } DEFAULT allUserAttributes:NULL, - infoTypes - [2] INTEGER {attributeTypesOnly(0), attributeTypesAndValues(1)} - DEFAULT attributeTypesAndValues, - extraAttributes - CHOICE {allOperationalAttributes [3] NULL, - select [4] SET OF AttributeType} OPTIONAL, - contextSelection ContextSelection OPTIONAL, - returnContexts BOOLEAN DEFAULT FALSE, - familyReturn FamilyReturn DEFAULT {memberSelect contributingEntriesOnly} -} - -ContextSelection ::= CHOICE { - allContexts NULL, - selectedContexts SET OF TypeAndContextAssertion -} - -TypeAndContextAssertion ::= SEQUENCE { - type AttributeType, - contextAssertions - CHOICE {preference SEQUENCE OF ContextAssertion, - all SET OF ContextAssertion} -} - -FamilyReturn ::= SEQUENCE { - memberSelect - ENUMERATED {contributingEntriesOnly(1), participatingEntriesOnly(2), - compoundEntry(3)}, - familySelect SEQUENCE SIZE (1..MAX) OF OBJECT-CLASS.&id OPTIONAL -} - -family-information ATTRIBUTE ::= { - WITH SYNTAX FamilyEntries - USAGE directoryOperation - ID id-at-family-information -} - -FamilyEntries ::= SEQUENCE { - family-class OBJECT-CLASS.&id, -- structural object class value - familyEntries SEQUENCE OF FamilyEntry -} - -FamilyEntry ::= SEQUENCE { - rdn RelativeDistinguishedName, - information - SEQUENCE OF CHOICE {attributeType AttributeType, - attribute Attribute}, - family-info SEQUENCE SIZE (1..MAX) OF FamilyEntries OPTIONAL -} - -EntryInformation ::= SEQUENCE { - name Name, - fromEntry BOOLEAN DEFAULT TRUE, - information - SET SIZE (1..MAX) OF - CHOICE {attributeType AttributeType, - attribute Attribute} OPTIONAL, - incompleteEntry [3] BOOLEAN DEFAULT FALSE, -- not in 1988-edition systems - partialNameResolution - [4] BOOLEAN DEFAULT FALSE -- not in 1988 or 1993 edition systems -- -} - -Filter ::= CHOICE { - item [0] FilterItem, - and [1] SET OF Filter, - or [2] SET OF Filter, - not [3] Filter -} - -FilterItem ::= CHOICE { - equality [0] AttributeValueAssertion, - substrings - [1] SEQUENCE {type ATTRIBUTE.&id({SupportedAttributes}), - strings - SEQUENCE OF - CHOICE {initial - [0] ATTRIBUTE.&Type - ({SupportedAttributes} - {@substrings.type}), - any - [1] ATTRIBUTE.&Type - ({SupportedAttributes} - {@substrings.type}), - final - [2] ATTRIBUTE.&Type - ({SupportedAttributes} - {@substrings.type}), - control Attribute -- Used to specify interpretation of following items - }}, - greaterOrEqual [2] AttributeValueAssertion, - lessOrEqual [3] AttributeValueAssertion, - present [4] AttributeType, - approximateMatch [5] AttributeValueAssertion, - extensibleMatch [6] MatchingRuleAssertion, - contextPresent [7] AttributeTypeAssertion -} - -MatchingRuleAssertion ::= SEQUENCE { - matchingRule [1] SET SIZE (1..MAX) OF MATCHING-RULE.&id, - type [2] AttributeType OPTIONAL, - matchValue - [3] MATCHING-RULE.&AssertionType - (CONSTRAINED BY { - -- matchValue must be a value of type specified by the &AssertionType field of - -- one of the MATCHING-RULE information objects identified by matchingRule -- }), - dnAttributes [4] BOOLEAN DEFAULT FALSE -} - -PagedResultsRequest ::= CHOICE { - newRequest - SEQUENCE {pageSize INTEGER, - sortKeys SEQUENCE SIZE (1..MAX) OF SortKey OPTIONAL, - reverse [1] BOOLEAN DEFAULT FALSE, - unmerged [2] BOOLEAN DEFAULT FALSE}, - queryReference OCTET STRING -} - -SortKey ::= SEQUENCE { - type AttributeType, - orderingRule MATCHING-RULE.&id OPTIONAL -} - -SecurityParameters ::= SET { - certification-path [0] CertificationPath OPTIONAL, - name [1] DistinguishedName OPTIONAL, - time [2] Time OPTIONAL, - random [3] BIT STRING OPTIONAL, - target [4] ProtectionRequest OPTIONAL, - response [5] BIT STRING OPTIONAL, - operationCode [6] Code OPTIONAL, - attributeCertificationPath [7] AttributeCertificationPath OPTIONAL, - errorProtection [8] ErrorProtectionRequest OPTIONAL, - errorCode [9] Code OPTIONAL -} - -ProtectionRequest ::= INTEGER { - none(0), signed(1), encrypted(2), signed-encrypted(3)} - -Time ::= CHOICE {utcTime UTCTime, - generalizedTime GeneralizedTime -} - -ErrorProtectionRequest ::= INTEGER { - none(0), signed(1), encrypted(2), signed-encrypted(3)} - --- Bind and unbind operations -directoryBind OPERATION ::= { - ARGUMENT DirectoryBindArgument - RESULT DirectoryBindResult - ERRORS {directoryBindError} -} - -DirectoryBindArgument ::= SET { - credentials [0] Credentials OPTIONAL, - versions [1] Versions DEFAULT {v1} -} - -Credentials ::= CHOICE { - simple [0] SimpleCredentials, - strong [1] StrongCredentials, - externalProcedure [2] EXTERNAL, - spkm [3] SpkmCredentials -} - -SimpleCredentials ::= SEQUENCE { - name [0] DistinguishedName, - validity - [1] SET {time1 [0] CHOICE {utc UTCTime, - gt GeneralizedTime} OPTIONAL, - time2 [1] CHOICE {utc UTCTime, - gt GeneralizedTime} OPTIONAL, - random1 [2] BIT STRING OPTIONAL, - random2 [3] BIT STRING OPTIONAL}, - password - [2] CHOICE {unprotected OCTET STRING, - protected SIGNATURE{OCTET STRING}} OPTIONAL -} - -StrongCredentials ::= SET { - certification-path [0] CertificationPath OPTIONAL, - bind-token [1] Token, - name [2] DistinguishedName OPTIONAL, - attributeCertificationPath [3] AttributeCertificationPath OPTIONAL -} - -SpkmCredentials ::= CHOICE {req [0] SPKM-REQ, - rep [1] SPKM-REP-TI -} - -Token ::= - SIGNED - {SEQUENCE {algorithm [0] AlgorithmIdentifier, - name [1] DistinguishedName, - time [2] Time, - random [3] BIT STRING, - response [4] BIT STRING OPTIONAL, - bindIntAlgorithm - [5] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL, - bindIntKeyInfo [6] BindKeyInfo OPTIONAL, - bindConfAlgorithm - [7] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL, - bindConfKeyInfo [8] BindKeyInfo OPTIONAL}} - -Versions ::= BIT STRING {v1(0), v2(1)} - -DirectoryBindResult ::= DirectoryBindArgument - -directoryBindError ERROR ::= { - PARAMETER OPTIONALLY-PROTECTED - {SET {versions [0] Versions DEFAULT {v1}, - error - CHOICE {serviceError [1] ServiceProblem, - securityError [2] SecurityProblem}}} -} - -BindKeyInfo ::= ENCRYPTED{BIT STRING} - -directoryUnbind OPERATION ::= emptyUnbind - --- Operations, arguments, and results -read OPERATION ::= { - ARGUMENT ReadArgument - RESULT ReadResult - ERRORS - {attributeError | nameError | serviceError | referral | abandoned | - securityError} - CODE id-opcode-read -} - -ReadArgument ::= - OPTIONALLY-PROTECTED - {SET {object [0] Name, - selection [1] EntryInformationSelection DEFAULT {}, - modifyRightsRequest [2] BOOLEAN DEFAULT FALSE, - COMPONENTS OF CommonArguments}} - -ReadResult ::= - OPTIONALLY-PROTECTED - {SET {entry [0] EntryInformation, - modifyRights [1] ModifyRights OPTIONAL, - COMPONENTS OF CommonResults}} - -ModifyRights ::= - SET OF - SEQUENCE {item - CHOICE {entry [0] NULL, - attribute [1] AttributeType, - value [2] AttributeValueAssertion}, - permission - [3] BIT STRING {add(0), remove(1), rename(2), move(3)} - } - -compare OPERATION ::= { - ARGUMENT CompareArgument - RESULT CompareResult - ERRORS - {attributeError | nameError | serviceError | referral | abandoned | - securityError} - CODE id-opcode-compare -} - -CompareArgument ::= - OPTIONALLY-PROTECTED - {SET {object [0] Name, - purported [1] AttributeValueAssertion, - COMPONENTS OF CommonArguments}} - -CompareResult ::= - OPTIONALLY-PROTECTED - {SET {name Name OPTIONAL, - matched [0] BOOLEAN, - fromEntry [1] BOOLEAN DEFAULT TRUE, - matchedSubtype [2] AttributeType OPTIONAL, - COMPONENTS OF CommonResults}} - -abandon OPERATION ::= { - ARGUMENT AbandonArgument - RESULT AbandonResult - ERRORS {abandonFailed} - CODE id-opcode-abandon -} - -AbandonArgument ::= - OPTIONALLY-PROTECTED-SEQ{SEQUENCE {invokeID [0] InvokeId}} - -AbandonResult ::= CHOICE { - null NULL, - information - OPTIONALLY-PROTECTED-SEQ{SEQUENCE {invokeID InvokeId, - COMPONENTS OF CommonResultsSeq - }} -} - -list OPERATION ::= { - ARGUMENT ListArgument - RESULT ListResult - ERRORS {nameError | serviceError | referral | abandoned | securityError} - CODE id-opcode-list -} - -ListArgument ::= - OPTIONALLY-PROTECTED - {SET {object [0] Name, - pagedResults [1] PagedResultsRequest OPTIONAL, - listFamily [2] BOOLEAN DEFAULT FALSE, - COMPONENTS OF CommonArguments}} - -ListResult ::= - OPTIONALLY-PROTECTED - {CHOICE {listInfo - SET {name Name OPTIONAL, - subordinates - [1] SET OF - SEQUENCE {rdn RelativeDistinguishedName, - aliasEntry [0] BOOLEAN DEFAULT FALSE, - fromEntry [1] BOOLEAN DEFAULT TRUE - }, - partialOutcomeQualifier - [2] PartialOutcomeQualifier OPTIONAL, - COMPONENTS OF CommonResults}, - uncorrelatedListInfo [0] SET OF ListResult}} - -PartialOutcomeQualifier ::= SET { - limitProblem [0] LimitProblem OPTIONAL, - unexplored - [1] SET SIZE (1..MAX) OF ContinuationReference OPTIONAL, - unavailableCriticalExtensions [2] BOOLEAN DEFAULT FALSE, - unknownErrors - [3] SET SIZE (1..MAX) OF ABSTRACT-SYNTAX.&Type OPTIONAL, - queryReference [4] OCTET STRING OPTIONAL, - overspecFilter [5] Filter OPTIONAL, - notification - [6] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL, - entryCount - CHOICE {bestEstimate [7] INTEGER, - lowEstimate [8] INTEGER} OPTIONAL -} - -LimitProblem ::= INTEGER { - timeLimitExceeded(0), sizeLimitExceeded(1), administrativeLimitExceeded(2) -} - -search OPERATION ::= { - ARGUMENT SearchArgument - RESULT SearchResult - ERRORS - {attributeError | nameError | serviceError | referral | abandoned | - securityError} - CODE id-opcode-search -} - -SearchArgument ::= - OPTIONALLY-PROTECTED - {SET {baseObject [0] Name, - subset - [1] INTEGER {baseObject(0), oneLevel(1), wholeSubtree(2)} - DEFAULT baseObject, - filter [2] Filter DEFAULT and:{}, - searchAliases [3] BOOLEAN DEFAULT TRUE, - selection [4] EntryInformationSelection DEFAULT {}, - pagedResults [5] PagedResultsRequest OPTIONAL, - matchedValuesOnly [6] BOOLEAN DEFAULT FALSE, - extendedFilter [7] Filter OPTIONAL, - checkOverspecified [8] BOOLEAN DEFAULT FALSE, - relaxation [9] RelaxationPolicy OPTIONAL, - extendedArea [10] INTEGER OPTIONAL, - hierarchySelections [11] HierarchySelections DEFAULT {self}, - searchControlOptions - [12] SearchControlOptions DEFAULT {searchAliases}, - COMPONENTS OF CommonArguments}} - -HierarchySelections ::= BIT STRING { - self(0), children(1), parent(2), hierarchy(3), top(4), subtree(5), - siblings(6), siblingChildren(7), siblingSubtree(8), all(9)} - -SearchControlOptions ::= BIT STRING { - searchAliases(0), matchedValuesOnly(1), checkOverspecified(2), - performExactly(3), includeAllAreas(4), noSystemRelaxation(5), dnAttribute(6), - matchOnResidualName(7), entryCount(8), useSubset(9), - separateFamilyMembers(10), searchFamily(11)} - -SearchResult ::= - OPTIONALLY-PROTECTED - {CHOICE {searchInfo - SET {name Name OPTIONAL, - entries [0] SET OF EntryInformation, - partialOutcomeQualifier - [2] PartialOutcomeQualifier OPTIONAL, - altMatching [3] BOOLEAN DEFAULT FALSE, - COMPONENTS OF CommonResults}, - uncorrelatedSearchInfo [0] SET OF SearchResult}} - -addEntry OPERATION ::= { - ARGUMENT AddEntryArgument - RESULT AddEntryResult - ERRORS - {attributeError | nameError | serviceError | referral | securityError | - updateError} - CODE id-opcode-addEntry -} - -AddEntryArgument ::= - OPTIONALLY-PROTECTED - {SET {object [0] Name, - entry [1] SET OF Attribute, - targetSystem [2] AccessPoint OPTIONAL, - COMPONENTS OF CommonArguments}} - -AddEntryResult ::= CHOICE { - null NULL, - information - OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}} -} - -removeEntry OPERATION ::= { - ARGUMENT RemoveEntryArgument - RESULT RemoveEntryResult - ERRORS {nameError | serviceError | referral | securityError | updateError} - CODE id-opcode-removeEntry -} - -RemoveEntryArgument ::= - OPTIONALLY-PROTECTED{SET {object [0] Name, - COMPONENTS OF CommonArguments}} - -RemoveEntryResult ::= CHOICE { - null NULL, - information - OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}} -} - -modifyEntry OPERATION ::= { - ARGUMENT ModifyEntryArgument - RESULT ModifyEntryResult - ERRORS - {attributeError | nameError | serviceError | referral | securityError | - updateError} - CODE id-opcode-modifyEntry -} - -ModifyEntryArgument ::= - OPTIONALLY-PROTECTED - {SET {object [0] Name, - changes [1] SEQUENCE OF EntryModification, - selection [2] EntryInformationSelection OPTIONAL, - COMPONENTS OF CommonArguments}} - -ModifyEntryResult ::= CHOICE { - null NULL, - information - OPTIONALLY-PROTECTED-SEQ{SEQUENCE {entry [0] EntryInformation OPTIONAL, - COMPONENTS OF CommonResultsSeq - }} -} - -EntryModification ::= CHOICE { - addAttribute [0] Attribute, - removeAttribute [1] AttributeType, - addValues [2] Attribute, - removeValues [3] Attribute, - alterValues [4] AttributeTypeAndValue, - resetValue [5] AttributeType -} - -modifyDN OPERATION ::= { - ARGUMENT ModifyDNArgument - RESULT ModifyDNResult - ERRORS {nameError | serviceError | referral | securityError | updateError} - CODE id-opcode-modifyDN -} - -ModifyDNArgument ::= - OPTIONALLY-PROTECTED - {SET {object [0] DistinguishedName, - newRDN [1] RelativeDistinguishedName, - deleteOldRDN [2] BOOLEAN DEFAULT FALSE, - newSuperior [3] DistinguishedName OPTIONAL, - COMPONENTS OF CommonArguments}} - -ModifyDNResult ::= CHOICE { - null NULL, - information - OPTIONALLY-PROTECTED-SEQ{SEQUENCE {newRDN RelativeDistinguishedName, - COMPONENTS OF CommonResultsSeq - }} -} - --- Errors and parameters -abandoned ERROR ::= { -- not literally an "error" - PARAMETER OPTIONALLY-PROTECTED {SET {COMPONENTS OF CommonResults}} - CODE id-errcode-abandoned -} - -abandonFailed ERROR ::= { - PARAMETER OPTIONALLY-PROTECTED - {SET {problem [0] AbandonProblem, - operation [1] InvokeId, - COMPONENTS OF CommonResults}} - CODE id-errcode-abandonFailed -} - -AbandonProblem ::= INTEGER {noSuchOperation(1), tooLate(2), cannotAbandon(3)} - -attributeError ERROR ::= { - PARAMETER OPTIONALLY-PROTECTED - {SET {object [0] Name, - problems - [1] SET OF - SEQUENCE {problem [0] AttributeProblem, - type [1] AttributeType, - value [2] AttributeValue OPTIONAL}, - COMPONENTS OF CommonResults}} - CODE id-errcode-attributeError -} - -AttributeProblem ::= INTEGER { - noSuchAttributeOrValue(1), invalidAttributeSyntax(2), - undefinedAttributeType(3), inappropriateMatching(4), constraintViolation(5), - attributeOrValueAlreadyExists(6), contextViolation(7)} - -nameError ERROR ::= { - PARAMETER OPTIONALLY-PROTECTED - {SET {problem [0] NameProblem, - matched [1] Name, - COMPONENTS OF CommonResults}} - CODE id-errcode-nameError -} - -NameProblem ::= INTEGER { - noSuchObject(1), aliasProblem(2), invalidAttributeSyntax(3), - aliasDereferencingProblem(4), contextProblem(5)} - -referral ERROR ::= { -- not literally an "error" - PARAMETER OPTIONALLY-PROTECTED - {SET {candidate [0] ContinuationReference, - COMPONENTS OF CommonResults}} - CODE id-errcode-referral -} - -securityError ERROR ::= { - PARAMETER OPTIONALLY-PROTECTED - {SET {problem [0] SecurityProblem, - spkmInfo [1] SPKM-ERROR, - COMPONENTS OF CommonResults}} - CODE id-errcode-securityError -} - -SecurityProblem ::= INTEGER { - inappropriateAuthentication(1), invalidCredentials(2), - insufficientAccessRights(3), invalidSignature(4), protectionRequired(5), - noInformation(6), blockedCredentials(7), invalidQOPMatch(8), spkmError(9) -} - -serviceError ERROR ::= { - PARAMETER OPTIONALLY-PROTECTED - {SET {problem [0] ServiceProblem, - COMPONENTS OF CommonResults}} - CODE id-errcode-serviceError -} - -ServiceProblem ::= INTEGER { - busy(1), unavailable(2), unwillingToPerform(3), chainingRequired(4), - unableToProceed(5), invalidReference(6), timeLimitExceeded(7), - administrativeLimitExceeded(8), loopDetected(9), - unavailableCriticalExtension(10), outOfScope(11), ditError(12), - invalidQueryReference(13), requestedServiceNotAvailable(14), - relaxationNotSupported(15), unavailableRelaxationLevel(16), - unsupportedMatchingUse(17), unmatchedKeyAttributes(18), - ambiguousKeyAttributes(19)} - -updateError ERROR ::= { - PARAMETER OPTIONALLY-PROTECTED - {SET {problem [0] UpdateProblem, - attributeInfo - [1] SET SIZE (1..MAX) OF - CHOICE {attributeType AttributeType, - attribute Attribute} OPTIONAL, - COMPONENTS OF CommonResults}} - CODE id-errcode-updateError -} - -UpdateProblem ::= INTEGER { - namingViolation(1), objectClassViolation(2), notAllowedOnNonLeaf(3), - notAllowedOnRDN(4), entryAlreadyExists(5), affectsMultipleDSAs(6), - objectClassModificationProhibited(7), notAncestor(8), parentNotAncestor(9), - hierarchyRuleViolation(10), familyRuleViolation(11)} - -id-at-family-information OBJECT IDENTIFIER ::= {id-at 64} - -END -- DirectoryAbstractService - --- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D diff --git a/acse/2.5.1.5.3.asn1 b/acse/2.5.1.5.3.asn1 deleted file mode 100644 index 0ac391f..0000000 --- a/acse/2.5.1.5.3.asn1 +++ /dev/null @@ -1,1467 +0,0 @@ --- Module SelectedAttributeTypes (X.520:08/1997) --- See also ITU-T X.520 (08/1997) --- See also the index of all ASN.1 assignments needed in this document - -SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1) - selectedAttributeTypes(5) 3} DEFINITIONS ::= -BEGIN - --- EXPORTS All --- The types and values defined in this module are exported for use in the other ASN.1 modules contained --- within the Directory Specifications, and for the use of other applications which will use them to access --- Directory services. Other applications may use them for their own purposes, but this will not constrain --- extensions and modifications needed to maintain or improve the Directory service. -IMPORTS - informationFramework, upperBounds, id-at, id-mr, id-avc, - directoryAbstractService, id-pr, id-not, id-cat - FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) - usefulDefinitions(0) 3} - Attribute, ATTRIBUTE, MATCHING-RULE, AttributeType, OBJECT-CLASS, - DistinguishedName, objectIdentifierMatch, distinguishedNameMatch, - CONTEXT, ContextAssertion, AttributeCombination, ContextCombination, - MAPPING-BASED-MATCHING, MRMapping, AttributeValueAssertion - FROM InformationFramework informationFramework - G3FacsimileNonBasicParameters - FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0) - mts-abstract-service(1) version-1999(1)} - ub-answerback, ub-name, ub-common-name, ub-surname, ub-serial-number, - ub-locality-name, ub-state-name, ub-street-address, ub-organization-name, - ub-organizational-unit-name, ub-title, ub-description, - ub-business-category, ub-postal-line, ub-postal-string, ub-postal-code, - ub-post-office-box, ub-physical-office-name, ub-telex-number, - ub-country-code, ub-teletex-terminal-id, ub-telephone-number, - ub-x121-address, ub-international-isdn-number, ub-destination-indicator, - ub-user-password, ub-match, ub-knowledge-information, - ub-directory-string-first-component-match, ub-localeContextSyntax, - ub-pseudonym - FROM UpperBounds upperBounds - FilterItem, HierarchySelections, SearchControlOptions, ServiceControlOptions - FROM DirectoryAbstractService directoryAbstractService; - --- Directory string type -DirectoryString{INTEGER:maxSize} ::= CHOICE { - teletexString TeletexString(SIZE (1..maxSize)), - printableString PrintableString(SIZE (1..maxSize)), - universalString UniversalString(SIZE (1..maxSize)), - bmpString BMPString(SIZE (1..maxSize)), - uTF8String UTF8String(SIZE (1..maxSize)) -} - --- Attribute types -knowledgeInformation ATTRIBUTE ::= { - WITH SYNTAX DirectoryString {ub-knowledge-information} - EQUALITY MATCHING RULE caseIgnoreMatch - ID id-at-knowledgeInformation -} - -name ATTRIBUTE ::= { - WITH SYNTAX DirectoryString {ub-name} - EQUALITY MATCHING RULE caseIgnoreMatch - SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch - ID id-at-name -} - -commonName ATTRIBUTE ::= { - SUBTYPE OF name - WITH SYNTAX DirectoryString {ub-common-name} - ID id-at-commonName -} - -surname ATTRIBUTE ::= { - SUBTYPE OF name - WITH SYNTAX DirectoryString {ub-surname} - ID id-at-surname -} - -givenName ATTRIBUTE ::= { - SUBTYPE OF name - WITH SYNTAX DirectoryString {ub-name} - ID id-at-givenName -} - -initials ATTRIBUTE ::= { - SUBTYPE OF name - WITH SYNTAX DirectoryString {ub-name} - ID id-at-initials -} - -generationQualifier ATTRIBUTE ::= { - SUBTYPE OF name - WITH SYNTAX DirectoryString {ub-name} - ID id-at-generationQualifier -} - -uniqueIdentifier ATTRIBUTE ::= { - WITH SYNTAX UniqueIdentifier - EQUALITY MATCHING RULE bitStringMatch - ID id-at-uniqueIdentifier -} - -UniqueIdentifier ::= BIT STRING - -dnQualifier ATTRIBUTE ::= { - WITH SYNTAX PrintableString - EQUALITY MATCHING RULE caseIgnoreMatch - ORDERING MATCHING RULE caseIgnoreOrderingMatch - SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch - ID id-at-dnQualifier -} - -serialNumber ATTRIBUTE ::= { - WITH SYNTAX PrintableString(SIZE (1..ub-serial-number)) - EQUALITY MATCHING RULE caseIgnoreMatch - SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch - ID id-at-serialNumber -} - -pseudonym ATTRIBUTE ::= { - SUBTYPE OF name - WITH SYNTAX DirectoryString {ub-pseudonym} - ID id-at-pseudonym -} - -countryName ATTRIBUTE ::= { - SUBTYPE OF name - WITH SYNTAX CountryName - SINGLE VALUE TRUE - ID id-at-countryName -} - -CountryName ::= PrintableString(SIZE (2)) -- ISO 3166 codes only - - -localityName ATTRIBUTE ::= { - SUBTYPE OF name - WITH SYNTAX DirectoryString {ub-locality-name} - ID id-at-localityName -} - -collectiveLocalityName ATTRIBUTE ::= { - SUBTYPE OF localityName - COLLECTIVE TRUE - ID id-at-collectiveLocalityName -} - -stateOrProvinceName ATTRIBUTE ::= { - SUBTYPE OF name - WITH SYNTAX DirectoryString {ub-state-name} - ID id-at-stateOrProvinceName -} - -collectiveStateOrProvinceName ATTRIBUTE ::= { - SUBTYPE OF stateOrProvinceName - COLLECTIVE TRUE - ID id-at-collectiveStateOrProvinceName -} - -streetAddress ATTRIBUTE ::= { - WITH SYNTAX DirectoryString {ub-street-address} - EQUALITY MATCHING RULE caseIgnoreMatch - SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch - ID id-at-streetAddress -} - -collectiveStreetAddress ATTRIBUTE ::= { - SUBTYPE OF streetAddress - COLLECTIVE TRUE - ID id-at-collectiveStreetAddress -} - -houseIdentifier ATTRIBUTE ::= { - WITH SYNTAX DirectoryString {ub-name} - EQUALITY MATCHING RULE caseIgnoreMatch - SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch - ID id-at-houseIdentifier -} - -organizationName ATTRIBUTE ::= { - SUBTYPE OF name - WITH SYNTAX DirectoryString {ub-organization-name} - ID id-at-organizationName -} - -collectiveOrganizationName ATTRIBUTE ::= { - SUBTYPE OF organizationName - COLLECTIVE TRUE - ID id-at-collectiveOrganizationName -} - -organizationalUnitName ATTRIBUTE ::= { - SUBTYPE OF name - WITH SYNTAX DirectoryString {ub-organizational-unit-name} - ID id-at-organizationalUnitName -} - -collectiveOrganizationalUnitName ATTRIBUTE ::= { - SUBTYPE OF organizationalUnitName - COLLECTIVE TRUE - ID id-at-collectiveOrganizationalUnitName -} - -title ATTRIBUTE ::= { - SUBTYPE OF name - WITH SYNTAX DirectoryString {ub-title} - ID id-at-title -} - -description ATTRIBUTE ::= { - WITH SYNTAX DirectoryString {ub-description} - EQUALITY MATCHING RULE caseIgnoreMatch - SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch - ID id-at-description -} - -searchGuide ATTRIBUTE ::= {WITH SYNTAX Guide - ID id-at-searchGuide -} - -Guide ::= SET { - objectClass [0] OBJECT-CLASS.&id OPTIONAL, - criteria [1] Criteria -} - -Criteria ::= CHOICE { - type [0] CriteriaItem, - and [1] SET OF Criteria, - or [2] SET OF Criteria, - not [3] Criteria -} - -CriteriaItem ::= CHOICE { - equality [0] AttributeType, - substrings [1] AttributeType, - greaterOrEqual [2] AttributeType, - lessOrEqual [3] AttributeType, - approximateMatch [4] AttributeType -} - -enhancedSearchGuide ATTRIBUTE ::= { - WITH SYNTAX EnhancedGuide - ID id-at-enhancedSearchGuide -} - -EnhancedGuide ::= SEQUENCE { - objectClass [0] OBJECT-CLASS.&id, - criteria [1] Criteria, - subset - [2] INTEGER {baseObject(0), oneLevel(1), wholeSubtree(2)} DEFAULT oneLevel -} - -businessCategory ATTRIBUTE ::= { - WITH SYNTAX DirectoryString {ub-business-category} - EQUALITY MATCHING RULE caseIgnoreMatch - SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch - ID id-at-businessCategory -} - -postalAddress ATTRIBUTE ::= { - WITH SYNTAX PostalAddress - EQUALITY MATCHING RULE caseIgnoreListMatch - SUBSTRINGS MATCHING RULE caseIgnoreListSubstringsMatch - ID id-at-postalAddress -} - -PostalAddress ::= - SEQUENCE SIZE (1..ub-postal-line) OF DirectoryString{ub-postal-string} - -collectivePostalAddress ATTRIBUTE ::= { - SUBTYPE OF postalAddress - COLLECTIVE TRUE - ID id-at-collectivePostalAddress -} - -postalCode ATTRIBUTE ::= { - WITH SYNTAX DirectoryString {ub-postal-code} - EQUALITY MATCHING RULE caseIgnoreMatch - SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch - ID id-at-postalCode -} - -collectivePostalCode ATTRIBUTE ::= { - SUBTYPE OF postalCode - COLLECTIVE TRUE - ID id-at-collectivePostalCode -} - -postOfficeBox ATTRIBUTE ::= { - WITH SYNTAX DirectoryString {ub-post-office-box} - EQUALITY MATCHING RULE caseIgnoreMatch - SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch - ID id-at-postOfficeBox -} - -collectivePostOfficeBox ATTRIBUTE ::= { - SUBTYPE OF postOfficeBox - COLLECTIVE TRUE - ID id-at-collectivePostOfficeBox -} - -physicalDeliveryOfficeName ATTRIBUTE ::= { - WITH SYNTAX DirectoryString {ub-physical-office-name} - EQUALITY MATCHING RULE caseIgnoreMatch - SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch - ID id-at-physicalDeliveryOfficeName -} - -collectivePhysicalDeliveryOfficeName ATTRIBUTE ::= { - SUBTYPE OF physicalDeliveryOfficeName - COLLECTIVE TRUE - ID id-at-collectivePhysicalDeliveryOfficeName -} - -telephoneNumber ATTRIBUTE ::= { - WITH SYNTAX TelephoneNumber - EQUALITY MATCHING RULE telephoneNumberMatch - SUBSTRINGS MATCHING RULE telephoneNumberSubstringsMatch - ID id-at-telephoneNumber -} - -TelephoneNumber ::= PrintableString(SIZE (1..ub-telephone-number)) - --- String complying with CCITT Rec. E.123 only -collectiveTelephoneNumber ATTRIBUTE ::= { - SUBTYPE OF telephoneNumber - COLLECTIVE TRUE - ID id-at-collectiveTelephoneNumber -} - -telexNumber ATTRIBUTE ::= { - WITH SYNTAX TelexNumber - ID id-at-telexNumber -} - -TelexNumber ::= SEQUENCE { - telexNumber PrintableString(SIZE (1..ub-telex-number)), - countryCode PrintableString(SIZE (1..ub-country-code)), - answerback PrintableString(SIZE (1..ub-answerback)) -} - -collectiveTelexNumber ATTRIBUTE ::= { - SUBTYPE OF telexNumber - COLLECTIVE TRUE - ID id-at-collectiveTelexNumber -} - -facsimileTelephoneNumber ATTRIBUTE ::= { - WITH SYNTAX FacsimileTelephoneNumber - EQUALITY MATCHING RULE facsimileNumberMatch - SUBSTRINGS MATCHING RULE facsimileNumberSubstringsMatch - ID id-at-facsimileTelephoneNumber -} - -facsimileNumberMatch MATCHING-RULE ::= { - SYNTAX TelephoneNumber - ID id-mr-facsimileNumberMatch -} - -facsimileNumberSubstringsMatch MATCHING-RULE ::= { - SYNTAX SubstringAssertion - ID id-mr-facsimileNumberSubstringsMatch -} - -FacsimileTelephoneNumber ::= SEQUENCE { - telephoneNumber TelephoneNumber, - parameters G3FacsimileNonBasicParameters OPTIONAL -} - -collectiveFacsimileTelephoneNumber ATTRIBUTE ::= { - SUBTYPE OF facsimileTelephoneNumber - COLLECTIVE TRUE - ID id-at-collectiveFacsimileTelephoneNumber -} - -x121Address ATTRIBUTE ::= { - WITH SYNTAX X121Address - EQUALITY MATCHING RULE numericStringMatch - SUBSTRINGS MATCHING RULE numericStringSubstringsMatch - ID id-at-x121Address -} - -X121Address ::= NumericString(SIZE (1..ub-x121-address)) - --- String as defined by ITU-T Rec. X.121 -internationalISDNNumber ATTRIBUTE ::= { - WITH SYNTAX InternationalISDNNumber - EQUALITY MATCHING RULE numericStringMatch - SUBSTRINGS MATCHING RULE numericStringSubstringsMatch - ID id-at-internationalISDNNumber -} - -InternationalISDNNumber ::= - NumericString(SIZE (1..ub-international-isdn-number)) - --- String complying with ITU-T Rec. E.164 only -collectiveInternationalISDNNumber ATTRIBUTE ::= { - SUBTYPE OF internationalISDNNumber - COLLECTIVE TRUE - ID id-at-collectiveInternationalISDNNumber -} - -registeredAddress ATTRIBUTE ::= { - SUBTYPE OF postalAddress - WITH SYNTAX PostalAddress - ID id-at-registeredAddress -} - -destinationIndicator ATTRIBUTE ::= { - WITH SYNTAX DestinationIndicator - EQUALITY MATCHING RULE caseIgnoreMatch - SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch - ID id-at-destinationIndicator -} - -DestinationIndicator ::= PrintableString(SIZE (1..ub-destination-indicator)) - -communicationsService ATTRIBUTE ::= { - WITH SYNTAX OBJECT IDENTIFIER - EQUALITY MATCHING RULE objectIdentifierMatch - ID id-at-communicationsService -} - -communicationsNetwork ATTRIBUTE ::= { - WITH SYNTAX OBJECT IDENTIFIER - EQUALITY MATCHING RULE objectIdentifierMatch - SINGLE VALUE TRUE - ID id-at-communicationsNetwork -} - --- alphabetical characters only -preferredDeliveryMethod ATTRIBUTE ::= { - WITH SYNTAX PreferredDeliveryMethod - SINGLE VALUE TRUE - ID id-at-preferredDeliveryMethod -} - -PreferredDeliveryMethod ::= - SEQUENCE OF - INTEGER {any-delivery-method(0), mhs-delivery(1), physical-delivery(2), - telex-delivery(3), teletex-delivery(4), g3-facsimile-delivery(5), - g4-facsimile-delivery(6), ia5-terminal-delivery(7), - videotex-delivery(8), telephone-delivery(9)} - -presentationAddress ATTRIBUTE ::= { - WITH SYNTAX PresentationAddress - EQUALITY MATCHING RULE presentationAddressMatch - SINGLE VALUE TRUE - ID id-at-presentationAddress -} - -PresentationAddress ::= SEQUENCE { - pSelector [0] OCTET STRING OPTIONAL, - sSelector [1] OCTET STRING OPTIONAL, - tSelector [2] OCTET STRING OPTIONAL, - nAddresses [3] SET SIZE (1..MAX) OF OCTET STRING -} - -supportedApplicationContext ATTRIBUTE ::= { - WITH SYNTAX OBJECT IDENTIFIER - EQUALITY MATCHING RULE objectIdentifierMatch - ID id-at-supportedApplicationContext -} - -protocolInformation ATTRIBUTE ::= { - WITH SYNTAX ProtocolInformation - EQUALITY MATCHING RULE protocolInformationMatch - ID id-at-protocolInformation -} - -ProtocolInformation ::= SEQUENCE { - nAddress OCTET STRING, - profiles SET OF OBJECT IDENTIFIER -} - -distinguishedName ATTRIBUTE ::= { - WITH SYNTAX DistinguishedName - EQUALITY MATCHING RULE distinguishedNameMatch - ID id-at-distinguishedName -} - -member ATTRIBUTE ::= {SUBTYPE OF distinguishedName - ID id-at-member -} - -uniqueMember ATTRIBUTE ::= { - WITH SYNTAX NameAndOptionalUID - EQUALITY MATCHING RULE uniqueMemberMatch - ID id-at-uniqueMember -} - -NameAndOptionalUID ::= SEQUENCE { - dn DistinguishedName, - uid UniqueIdentifier OPTIONAL -} - -owner ATTRIBUTE ::= {SUBTYPE OF distinguishedName - ID id-at-owner -} - -roleOccupant ATTRIBUTE ::= { - SUBTYPE OF distinguishedName - ID id-at-roleOccupant -} - -seeAlso ATTRIBUTE ::= {SUBTYPE OF distinguishedName - ID id-at-seeAlso -} - -dmdName ATTRIBUTE ::= { - SUBTYPE OF name - WITH SYNTAX DirectoryString {ub-common-name} - ID id-at-dmdName -} - -dSAProblem ATTRIBUTE ::= { - WITH SYNTAX OBJECT IDENTIFIER - EQUALITY MATCHING RULE objectIdentifierMatch - ID id-not-dSAProblem -} - -searchServiceProblem ATTRIBUTE ::= { - WITH SYNTAX OBJECT IDENTIFIER - EQUALITY MATCHING RULE objectIdentifierMatch - SINGLE VALUE TRUE - ID id-not-searchServiceProblem -} - -serviceType ATTRIBUTE ::= { - WITH SYNTAX OBJECT IDENTIFIER - EQUALITY MATCHING RULE objectIdentifierMatch - SINGLE VALUE TRUE - ID id-not-serviceType -} - -attributeTypeList ATTRIBUTE ::= { - WITH SYNTAX OBJECT IDENTIFIER - EQUALITY MATCHING RULE objectIdentifierMatch - ID id-not-attributeTypeList -} - -filterItem ATTRIBUTE ::= { - WITH SYNTAX FilterItem - ID id-not-filterItem -} - -attributeCombinations ATTRIBUTE ::= { - WITH SYNTAX AttributeCombination - ID id-not-attributeCombinations -} - -contextTypeList ATTRIBUTE ::= { - WITH SYNTAX OBJECT IDENTIFIER - EQUALITY MATCHING RULE objectIdentifierMatch - ID id-not-contextTypeList -} - -contextList ATTRIBUTE ::= { - WITH SYNTAX ContextAssertion - ID id-not-contextList -} - -hierarchySelectList ATTRIBUTE ::= { - WITH SYNTAX HierarchySelections - SINGLE VALUE TRUE - ID id-not-hierarchySelectList -} - -searchOptionsList ATTRIBUTE ::= { - WITH SYNTAX SearchControlOptions - SINGLE VALUE TRUE - ID id-not-searchOptionsList -} - -serviceControlOptionsList ATTRIBUTE ::= { - WITH SYNTAX ServiceControlOptions - SINGLE VALUE TRUE - ID id-not-serviceControlOptionsList -} - -multipleMatchingLocalities ATTRIBUTE ::= { - WITH SYNTAX MultipleMatchingLocalities - ID id-not-multipleMatchingLocalities -} - -MultipleMatchingLocalities ::= SEQUENCE { - matchingRuleUsed MATCHING-RULE.&id OPTIONAL, - attributeList SEQUENCE OF AttributeValueAssertion -} - -proposedRelaxation ATTRIBUTE ::= { - WITH SYNTAX SEQUENCE OF MRMapping - ID id-not-proposedRelaxation -} - -appliedRelaxation ATTRIBUTE ::= { - WITH SYNTAX OBJECT IDENTIFIER - EQUALITY MATCHING RULE objectIdentifierMatch - ID id-not-appliedRelaxation -} - --- Matching rules -caseIgnoreMatch MATCHING-RULE ::= { - SYNTAX DirectoryString {ub-match} - ID id-mr-caseIgnoreMatch -} - -caseIgnoreOrderingMatch MATCHING-RULE ::= { - SYNTAX DirectoryString {ub-match} - ID id-mr-caseIgnoreOrderingMatch -} - -caseIgnoreSubstringsMatch MATCHING-RULE ::= { - SYNTAX SubstringAssertion - ID id-mr-caseIgnoreSubstringsMatch -} - -SubstringAssertion ::= - SEQUENCE OF - CHOICE {initial [0] DirectoryString{ub-match}, - any [1] DirectoryString{ub-match}, - final [2] DirectoryString{ub-match}, - control Attribute - } -- Used to specify interpretation of the following items - --- at most one initial and one final component -caseExactMatch MATCHING-RULE ::= { - SYNTAX DirectoryString {ub-match} - ID id-mr-caseExactMatch -} - -caseExactOrderingMatch MATCHING-RULE ::= { - SYNTAX DirectoryString {ub-match} - ID id-mr-caseExactOrderingMatch -} - -caseExactSubstringsMatch MATCHING-RULE ::= { - SYNTAX SubstringAssertion -- only the PrintableString choice - ID id-mr-caseExactSubstringsMatch -} - -numericStringMatch MATCHING-RULE ::= { - SYNTAX NumericString - ID id-mr-numericStringMatch -} - -numericStringOrderingMatch MATCHING-RULE ::= { - SYNTAX NumericString - ID id-mr-numericStringOrderingMatch -} - -numericStringSubstringsMatch MATCHING-RULE ::= { - SYNTAX SubstringAssertion - ID id-mr-numericStringSubstringsMatch -} - -caseIgnoreListMatch MATCHING-RULE ::= { - SYNTAX CaseIgnoreListMatch - ID id-mr-caseIgnoreListMatch -} - -CaseIgnoreListMatch ::= SEQUENCE OF DirectoryString{ub-match} - -caseIgnoreListSubstringsMatch MATCHING-RULE ::= { - SYNTAX SubstringAssertion - ID id-mr-caseIgnoreListSubstringsMatch -} - -storedPrefixMatch MATCHING-RULE ::= { - SYNTAX DirectoryString {ub-match} - ID id-mr-storedPrefixMatch -} - -booleanMatch MATCHING-RULE ::= {SYNTAX BOOLEAN - ID id-mr-booleanMatch -} - -integerMatch MATCHING-RULE ::= {SYNTAX INTEGER - ID id-mr-integerMatch -} - -integerOrderingMatch MATCHING-RULE ::= { - SYNTAX INTEGER - ID id-mr-integerOrderingMatch -} - -bitStringMatch MATCHING-RULE ::= { - SYNTAX BIT STRING - ID id-mr-bitStringMatch -} - -octetStringMatch MATCHING-RULE ::= { - SYNTAX OCTET STRING - ID id-mr-octetStringMatch -} - -octetStringOrderingMatch MATCHING-RULE ::= { - SYNTAX OCTET STRING - ID id-mr-octetStringOrderingMatch -} - -octetStringSubstringsMatch MATCHING-RULE ::= { - SYNTAX OctetSubstringAssertion - ID id-mr-octetStringSubstringsMatch -} - -OctetSubstringAssertion ::= - SEQUENCE OF - CHOICE {initial [0] OCTET STRING, - any [1] OCTET STRING, - final [2] OCTET STRING} - --- at most one initial and one final component -telephoneNumberMatch MATCHING-RULE ::= { - SYNTAX TelephoneNumber - ID id-mr-telephoneNumberMatch -} - -telephoneNumberSubstringsMatch MATCHING-RULE ::= { - SYNTAX SubstringAssertion - ID id-mr-telephoneNumberSubstringsMatch -} - -presentationAddressMatch MATCHING-RULE ::= { - SYNTAX PresentationAddress - ID id-mr-presentationAddressMatch -} - -uniqueMemberMatch MATCHING-RULE ::= { - SYNTAX NameAndOptionalUID - ID id-mr-uniqueMemberMatch -} - -protocolInformationMatch MATCHING-RULE ::= { - SYNTAX OCTET STRING - ID id-mr-protocolInformationMatch -} - -uTCTimeMatch MATCHING-RULE ::= {SYNTAX UTCTime - ID id-mr-uTCTimeMatch -} - -uTCTimeOrderingMatch MATCHING-RULE ::= { - SYNTAX UTCTime - ID id-mr-uTCTimeOrderingMatch -} - -generalizedTimeMatch MATCHING-RULE ::= { - SYNTAX GeneralizedTime - -- as per 41.3 b) or c) of ITU-T Rec. X.680 | ISO/IEC 8824-1 - ID id-mr-generalizedTimeMatch -} - -generalizedTimeOrderingMatch MATCHING-RULE ::= { - SYNTAX GeneralizedTime - -- as per 41.3 b) or c) of ITU-T Rec. X.680 | ISO/IEC 8824-1 - ID id-mr-generalizedTimeOrderingMatch -} - -integerFirstComponentMatch MATCHING-RULE ::= { - SYNTAX INTEGER - ID id-mr-integerFirstComponentMatch -} - -objectIdentifierFirstComponentMatch MATCHING-RULE ::= { - SYNTAX OBJECT IDENTIFIER - ID id-mr-objectIdentifierFirstComponentMatch -} - -directoryStringFirstComponentMatch MATCHING-RULE ::= { - SYNTAX DirectoryString {ub-directory-string-first-component-match} - ID id-mr-directoryStringFirstComponentMatch -} - -wordMatch MATCHING-RULE ::= { - SYNTAX DirectoryString {ub-match} - ID id-mr-wordMatch -} - -keywordMatch MATCHING-RULE ::= { - SYNTAX DirectoryString {ub-match} - ID id-mr-keywordMatch -} - -systemProposedMatch MATCHING-RULE ::= {ID id-mr-systemProposedMatch -} - -generalWordMatch MATCHING-RULE ::= { - SYNTAX SubstringAssertion - ID id-mr-generalWordMatch -} - -sequenceMatchType ATTRIBUTE ::= { - WITH SYNTAX - ENUMERATED {sequenceExact(0), sequenceDeletion(1), - sequenceRestrictedDeletion(2), sequencePermutation(3), - sequencePermutationAndDeletion(4), sequenceProviderDefined(5)} - SINGLE VALUE TRUE - ID id-cat-sequenceMatchType -} -- defaulting to sequenceExact, - -wordMatchTypes ATTRIBUTE ::= { - WITH SYNTAX - ENUMERATED {wordExact(0), wordTruncated(1), wordPhonetic(2), - wordProviderDefined(3)} - SINGLE VALUE TRUE - ID id-cat-wordMatchType -} -- defaulting to wordExact - -characterMatchTypes ATTRIBUTE ::= { - WITH SYNTAX - ENUMERATED {characterExact(0), characterCaseIgnore(1), characterMapped(2)} - SINGLE VALUE TRUE - ID id-cat-characterMatchTypes -} - -selectedContexts ATTRIBUTE ::= { - WITH SYNTAX ContextAssertion - ID id-cat-selectedContexts -} - -approximateStringMatch MATCHING-RULE ::= {ID id-mr-approximateStringMatch -} - -ignoreIfAbsentMatch MATCHING-RULE ::= {ID id-mr-ignoreIfAbsentMatch -} - -nullMatch MATCHING-RULE ::= {ID id-mr-nullMatch -} - -ZONAL-MATCHING ::= - MAPPING-BASED-MATCHING{ZonalSelect, TRUE, ZonalResult, zonalMatch.&id} - -ZonalSelect ::= SEQUENCE OF AttributeType - -ZonalResult ::= ENUMERATED { - cannot-select-mapping(0), zero-mappings(2), multiple-mappings(3)} - -zonalMatch MATCHING-RULE ::= { - UNIQUE-MATCH-INDICATOR multipleMatchingLocalities.&id - ID id-mr-zonalMatch -} - --- Contexts -languageContext CONTEXT ::= { - WITH SYNTAX LanguageContextSyntax - ID id-avc-language -} - -LanguageContextSyntax ::= PrintableString(SIZE (2..3)) -- ISO 639-2 codes only - - -temporalContext CONTEXT ::= { - WITH SYNTAX TimeSpecification - ASSERTED AS TimeAssertion - ID id-avc-temporal -} - -TimeSpecification ::= SEQUENCE { - time - CHOICE {absolute - SEQUENCE {startTime [0] GeneralizedTime OPTIONAL, - endTime [1] GeneralizedTime OPTIONAL}, - periodic SET OF Period}, - notThisTime BOOLEAN DEFAULT FALSE, - timeZone TimeZone OPTIONAL -} - -Period ::= SEQUENCE { - timesOfDay [0] SET SIZE (1..MAX) OF DayTimeBand OPTIONAL, - days - [1] CHOICE {intDay SET OF INTEGER, - bitDay - BIT STRING {sunday(0), monday(1), tuesday(2), wednesday(3), - thursday(4), friday(5), saturday(6)}, - dayOf XDayOf} OPTIONAL, - weeks - [2] CHOICE {allWeeks NULL, - intWeek SET OF INTEGER, - bitWeek - BIT STRING {week1(0), week2(1), week3(2), week4(3), week5(4)} - } OPTIONAL, - months - [3] CHOICE {allMonths NULL, - intMonth SET OF INTEGER, - bitMonth - BIT STRING {january(0), february(1), march(2), april(3), - may(4), june(5), july(6), august(7), - september(8), october(9), november(10), - december(11)}} OPTIONAL, - years [4] SET OF INTEGER(1000..MAX) OPTIONAL -} - -XDayOf ::= CHOICE { - first [1] NamedDay, - second [2] NamedDay, - third [3] NamedDay, - fourth [4] NamedDay, - fifth [5] NamedDay -} - -NamedDay ::= CHOICE { - intNamedDays - ENUMERATED {sunday(1), monday(2), tuesday(3), wednesday(4), thursday(5), - friday(6), saturday(7)}, - bitNamedDays - BIT STRING {sunday(0), monday(1), tuesday(2), wednesday(3), thursday(4), - friday(5), saturday(6)} -} - -DayTimeBand ::= SEQUENCE { - startDayTime [0] DayTime DEFAULT {hour 0}, - endDayTime [1] DayTime DEFAULT {hour 23, minute 59, second 59} -} - -DayTime ::= SEQUENCE { - hour [0] INTEGER(0..23), - minute [1] INTEGER(0..59) DEFAULT 0, - second [2] INTEGER(0..59) DEFAULT 0 -} - -TimeZone ::= INTEGER(-12..12) - -TimeAssertion ::= CHOICE { - now NULL, - at GeneralizedTime, - between - SEQUENCE {startTime [0] GeneralizedTime, - endTime [1] GeneralizedTime OPTIONAL, - entirely BOOLEAN DEFAULT FALSE} -} - -localeContext CONTEXT ::= { - WITH SYNTAX LocaleContextSyntax - ID id-avc-locale -} - -LocaleContextSyntax ::= CHOICE { - localeID1 OBJECT IDENTIFIER, - localeID2 DirectoryString{ub-localeContextSyntax} -} - --- Object identifier assignments - --- object identifiers assigned in other modules are shown in comments --- Attributes --- id-at-objectClass OBJECT IDENTIFIER ::= {id-at 0} --- id-at-aliasedEntryName OBJECT IDENTIFIER ::= {id-at 1} -id-at-encryptedAliasedEntryName OBJECT IDENTIFIER ::= - {id-at 1 2} - -id-at-knowledgeInformation OBJECT IDENTIFIER ::= {id-at 2} - -id-at-commonName OBJECT IDENTIFIER ::= {id-at 3} - -id-at-encryptedCommonName OBJECT IDENTIFIER ::= {id-at 3 2} - -id-at-surname OBJECT IDENTIFIER ::= {id-at 4} - -id-at-encryptedSurname OBJECT IDENTIFIER ::= {id-at 4 2} - -id-at-serialNumber OBJECT IDENTIFIER ::= {id-at 5} - -id-at-encryptedSerialNumber OBJECT IDENTIFIER ::= {id-at 5 2} - -id-at-countryName OBJECT IDENTIFIER ::= {id-at 6} - -id-at-encryptedCountryName OBJECT IDENTIFIER ::= {id-at 6 2} - -id-at-localityName OBJECT IDENTIFIER ::= {id-at 7} - -id-at-encryptedLocalityName OBJECT IDENTIFIER ::= {id-at 7 2} - -id-at-collectiveLocalityName OBJECT IDENTIFIER ::= {id-at 7 1} - -id-at-encryptedCollectiveLocalityName OBJECT IDENTIFIER ::= {id-at 7 1 2} - -id-at-stateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8} - -id-at-encryptedStateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8 2} - -id-at-collectiveStateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8 1} - -id-at-encryptedCollectiveStateOrProvinceName OBJECT IDENTIFIER ::= - {id-at 8 1 2} - -id-at-streetAddress OBJECT IDENTIFIER ::= {id-at 9} - -id-at-encryptedStreetAddress OBJECT IDENTIFIER ::= {id-at 9 2} - -id-at-collectiveStreetAddress OBJECT IDENTIFIER ::= {id-at 9 1} - -id-at-encryptedCollectiveStreetAddress OBJECT IDENTIFIER ::= {id-at 9 1 2} - -id-at-organizationName OBJECT IDENTIFIER ::= {id-at 10} - -id-at-encryptedOrganizationName OBJECT IDENTIFIER ::= {id-at 10 2} - -id-at-collectiveOrganizationName OBJECT IDENTIFIER ::= {id-at 10 1} - -id-at-encryptedCollectiveOrganizationName OBJECT IDENTIFIER ::= {id-at 10 1 2} - -id-at-organizationalUnitName OBJECT IDENTIFIER ::= {id-at 11} - -id-at-encryptedOrganizationalUnitName OBJECT IDENTIFIER ::= {id-at 11 2} - -id-at-collectiveOrganizationalUnitName OBJECT IDENTIFIER ::= {id-at 11 1} - -id-at-encryptedCollectiveOrganizationalUnitName OBJECT IDENTIFIER ::= - {id-at 11 1 2} - -id-at-title OBJECT IDENTIFIER ::= {id-at 12} - -id-at-encryptedTitle OBJECT IDENTIFIER ::= {id-at 12 2} - -id-at-description OBJECT IDENTIFIER ::= {id-at 13} - -id-at-encryptedDescription OBJECT IDENTIFIER ::= {id-at 13 2} - -id-at-searchGuide OBJECT IDENTIFIER ::= {id-at 14} - -id-at-encryptedSearchGuide OBJECT IDENTIFIER ::= {id-at 14 2} - -id-at-businessCategory OBJECT IDENTIFIER ::= {id-at 15} - -id-at-encryptedBusinessCategory OBJECT IDENTIFIER ::= {id-at 15 2} - -id-at-postalAddress OBJECT IDENTIFIER ::= {id-at 16} - -id-at-encryptedPostalAddress OBJECT IDENTIFIER ::= {id-at 16 2} - -id-at-collectivePostalAddress OBJECT IDENTIFIER ::= {id-at 16 1} - -id-at-encryptedCollectivePostalAddress OBJECT IDENTIFIER ::= {id-at 16 1 2} - -id-at-postalCode OBJECT IDENTIFIER ::= {id-at 17} - -id-at-encryptedPostalCode OBJECT IDENTIFIER ::= {id-at 17 2} - -id-at-collectivePostalCode OBJECT IDENTIFIER ::= {id-at 17 1} - -id-at-encryptedCollectivePostalCode OBJECT IDENTIFIER ::= {id-at 17 1 2} - -id-at-postOfficeBox OBJECT IDENTIFIER ::= {id-at 18} - -id-at-encryptedPostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 2} - -id-at-collectivePostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 1} - -id-at-encryptedCollectivePostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 1 2} - -id-at-physicalDeliveryOfficeName OBJECT IDENTIFIER ::= {id-at 19} - -id-at-encryptedPhysicalDeliveryOfficeName OBJECT IDENTIFIER ::= {id-at 19 2} - -id-at-collectivePhysicalDeliveryOfficeName OBJECT IDENTIFIER ::= {id-at 19 1} - -id-at-encryptedCollectivePhysicalDeliveryOfficeName OBJECT IDENTIFIER ::= - {id-at 19 1 2} - -id-at-telephoneNumber OBJECT IDENTIFIER ::= {id-at 20} - -id-at-encryptedTelephoneNumber OBJECT IDENTIFIER ::= {id-at 20 2} - -id-at-collectiveTelephoneNumber OBJECT IDENTIFIER ::= {id-at 20 1} - -id-at-encryptedCollectiveTelephoneNumber OBJECT IDENTIFIER ::= {id-at 20 1 2} - -id-at-telexNumber OBJECT IDENTIFIER ::= {id-at 21} - -id-at-encryptedTelexNumber OBJECT IDENTIFIER ::= {id-at 21 2} - -id-at-collectiveTelexNumber OBJECT IDENTIFIER ::= {id-at 21 1} - -id-at-encryptedCollectiveTelexNumber OBJECT IDENTIFIER ::= {id-at 21 1 2} - --- id-at-teletexTerminalIdentifier OBJECT IDENTIFIER ::= {id-at 22} --- id-at-encryptedTeletexTerminalIdentifier OBJECT IDENTIFIER ::= {id-at 22 2} --- id-at-collectiveTeletexTerminalIdentifier OBJECT IDENTIFIER ::= {id-at 22 1} --- id-at-encryptedCollectiveTeletexTerminalIdentifier --- OBJECT IDENTIFIER ::= {id-at 22 1 2} -id-at-facsimileTelephoneNumber OBJECT IDENTIFIER ::= - {id-at 23} - -id-at-encryptedFacsimileTelephoneNumber OBJECT IDENTIFIER ::= {id-at 23 2} - -id-at-collectiveFacsimileTelephoneNumber OBJECT IDENTIFIER ::= {id-at 23 1} - -id-at-encryptedCollectiveFacsimileTelephoneNumber OBJECT IDENTIFIER ::= - {id-at 23 1 2} - -id-at-x121Address OBJECT IDENTIFIER ::= {id-at 24} - -id-at-encryptedX121Address OBJECT IDENTIFIER ::= {id-at 24 2} - -id-at-internationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25} - -id-at-encryptedInternationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25 2} - -id-at-collectiveInternationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25 1} - -id-at-encryptedCollectiveInternationalISDNNumber OBJECT IDENTIFIER ::= - {id-at 25 1 2} - -id-at-registeredAddress OBJECT IDENTIFIER ::= {id-at 26} - -id-at-encryptedRegisteredAddress OBJECT IDENTIFIER ::= {id-at 26 2} - -id-at-destinationIndicator OBJECT IDENTIFIER ::= {id-at 27} - -id-at-encryptedDestinationIndicator OBJECT IDENTIFIER ::= {id-at 27 2} - -id-at-preferredDeliveryMethod OBJECT IDENTIFIER ::= {id-at 28} - -id-at-encryptedPreferredDeliveryMethod OBJECT IDENTIFIER ::= {id-at 28 2} - -id-at-presentationAddress OBJECT IDENTIFIER ::= {id-at 29} - -id-at-encryptedPresentationAddress OBJECT IDENTIFIER ::= {id-at 29 2} - -id-at-supportedApplicationContext OBJECT IDENTIFIER ::= {id-at 30} - -id-at-encryptedSupportedApplicationContext OBJECT IDENTIFIER ::= {id-at 30 2} - -id-at-member OBJECT IDENTIFIER ::= {id-at 31} - -id-at-encryptedMember OBJECT IDENTIFIER ::= {id-at 31 2} - -id-at-owner OBJECT IDENTIFIER ::= {id-at 32} - -id-at-encryptedOwner OBJECT IDENTIFIER ::= {id-at 32 2} - -id-at-roleOccupant OBJECT IDENTIFIER ::= {id-at 33} - -id-at-encryptedRoleOccupant OBJECT IDENTIFIER ::= {id-at 33 2} - -id-at-seeAlso OBJECT IDENTIFIER ::= {id-at 34} - -id-at-encryptedSeeAlso OBJECT IDENTIFIER ::= {id-at 34 2} - --- id-at-userPassword OBJECT IDENTIFIER ::= {id-at 35} -id-at-encryptedUserPassword OBJECT IDENTIFIER ::= - {id-at 35 2} - --- id-at-userCertificate OBJECT IDENTIFIER ::= {id-at 36} -id-at-encryptedUserCertificate OBJECT IDENTIFIER ::= - {id-at 36 2} - --- id-at-cACertificate OBJECT IDENTIFIER ::= {id-at 37} -id-at-encryptedCACertificate OBJECT IDENTIFIER ::= - {id-at 37 2} - --- id-at-authorityRevocationList OBJECT IDENTIFIER ::= {id-at 38} -id-at-encryptedAuthorityRevocationList OBJECT IDENTIFIER ::= - {id-at 38 2} - --- id-at-certificateRevocationList OBJECT IDENTIFIER ::= {id-at 39} -id-at-encryptedCertificateRevocationList OBJECT IDENTIFIER ::= - {id-at 39 2} - --- id-at-crossCertificatePair OBJECT IDENTIFIER ::= {id-at 40} -id-at-encryptedCrossCertificatePair OBJECT IDENTIFIER ::= - {id-at 40 2} - -id-at-name OBJECT IDENTIFIER ::= {id-at 41} - -id-at-givenName OBJECT IDENTIFIER ::= {id-at 42} - -id-at-encryptedGivenName OBJECT IDENTIFIER ::= {id-at 42 2} - -id-at-initials OBJECT IDENTIFIER ::= {id-at 43} - -id-at-encryptedInitials OBJECT IDENTIFIER ::= {id-at 43 2} - -id-at-generationQualifier OBJECT IDENTIFIER ::= {id-at 44} - -id-at-encryptedGenerationQualifier OBJECT IDENTIFIER ::= {id-at 44 2} - -id-at-uniqueIdentifier OBJECT IDENTIFIER ::= {id-at 45} - -id-at-encryptedUniqueIdentifier OBJECT IDENTIFIER ::= {id-at 45 2} - -id-at-dnQualifier OBJECT IDENTIFIER ::= {id-at 46} - -id-at-encryptedDnQualifier OBJECT IDENTIFIER ::= {id-at 46 2} - -id-at-enhancedSearchGuide OBJECT IDENTIFIER ::= {id-at 47} - -id-at-encryptedEnhancedSearchGuide OBJECT IDENTIFIER ::= {id-at 47 2} - -id-at-protocolInformation OBJECT IDENTIFIER ::= {id-at 48} - -id-at-encryptedProtocolInformation OBJECT IDENTIFIER ::= {id-at 48 2} - -id-at-distinguishedName OBJECT IDENTIFIER ::= {id-at 49} - -id-at-encryptedDistinguishedName OBJECT IDENTIFIER ::= {id-at 49 2} - -id-at-uniqueMember OBJECT IDENTIFIER ::= {id-at 50} - -id-at-encryptedUniqueMember OBJECT IDENTIFIER ::= {id-at 50 2} - -id-at-houseIdentifier OBJECT IDENTIFIER ::= {id-at 51} - -id-at-encryptedHouseIdentifier OBJECT IDENTIFIER ::= {id-at 51 2} - ---id-at-supportedAlgorithms OBJECT IDENTIFIER ::= {id-at 52} -id-at-encryptedSupportedAlgorithms OBJECT IDENTIFIER ::= - {id-at 52 2} - ---id-at-deltaRevocationList OBJECT IDENTIFIER ::= {id-at 53} -id-at-encryptedDeltaRevocationList OBJECT IDENTIFIER ::= - {id-at 53 2} - -id-at-dmdName OBJECT IDENTIFIER ::= {id-at 54} - -id-at-encryptedDmdName OBJECT IDENTIFIER ::= {id-at 54 2} - --- id-at-clearance OBJECT IDENTIFIER ::= {id-at 55} -id-at-encryptedClearance OBJECT IDENTIFIER ::= - {id-at 55 2} - --- id-at-defaultDirQop OBJECT IDENTIFIER ::= {id-at 56} -id-at-encryptedDefaultDirQop OBJECT IDENTIFIER ::= - {id-at 56 2} - --- id-at-attributeIntegrityInfo OBJECT IDENTIFIER ::= {id-at 57} -id-at-encryptedAttributeIntegrityInfo OBJECT IDENTIFIER ::= - {id-at 57 2} - ---id-at-attributeCertificate OBJECT IDENTIFIER ::= {id-at 58} -id-at-encryptedAttributeCertificate OBJECT IDENTIFIER ::= - {id-at 58 2} - --- id-at-attributeCertificateRevocationList OBJECT IDENTIFIER ::= {id-at 59} -id-at-encryptedAttributeCertificateRevocationList OBJECT IDENTIFIER ::= - {id-at 59 2} - --- id-at-confKeyInfo OBJECT IDENTIFIER ::= {id-at 60} -id-at-encryptedConfKeyInfo OBJECT IDENTIFIER ::= - {id-at 60 2} - --- id-at-family-information OBJECT IDENTIFIER {id-at 64} -id-at-pseudonym OBJECT IDENTIFIER ::= - {id-at 65} - -id-at-communicationsService OBJECT IDENTIFIER ::= {id-at 66} - -id-at-communicationsNetwork OBJECT IDENTIFIER ::= {id-at 67} - --- Matching rules --- id-mr-objectIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 0} --- id-mr-distinguishedNameMatch OBJECT IDENTIFIER ::= {id-mr 1} -id-mr-caseIgnoreMatch OBJECT IDENTIFIER ::= - {id-mr 2} - -id-mr-caseIgnoreOrderingMatch OBJECT IDENTIFIER ::= {id-mr 3} - -id-mr-caseIgnoreSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 4} - -id-mr-caseExactMatch OBJECT IDENTIFIER ::= {id-mr 5} - -id-mr-caseExactOrderingMatch OBJECT IDENTIFIER ::= {id-mr 6} - -id-mr-caseExactSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 7} - -id-mr-numericStringMatch OBJECT IDENTIFIER ::= {id-mr 8} - -id-mr-numericStringOrderingMatch OBJECT IDENTIFIER ::= {id-mr 9} - -id-mr-numericStringSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 10} - -id-mr-caseIgnoreListMatch OBJECT IDENTIFIER ::= {id-mr 11} - -id-mr-caseIgnoreListSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 12} - -id-mr-booleanMatch OBJECT IDENTIFIER ::= {id-mr 13} - -id-mr-integerMatch OBJECT IDENTIFIER ::= {id-mr 14} - -id-mr-integerOrderingMatch OBJECT IDENTIFIER ::= {id-mr 15} - -id-mr-bitStringMatch OBJECT IDENTIFIER ::= {id-mr 16} - -id-mr-octetStringMatch OBJECT IDENTIFIER ::= {id-mr 17} - -id-mr-octetStringOrderingMatch OBJECT IDENTIFIER ::= {id-mr 18} - -id-mr-octetStringSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 19} - -id-mr-telephoneNumberMatch OBJECT IDENTIFIER ::= {id-mr 20} - -id-mr-telephoneNumberSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 21} - -id-mr-presentationAddressMatch OBJECT IDENTIFIER ::= {id-mr 22} - -id-mr-uniqueMemberMatch OBJECT IDENTIFIER ::= {id-mr 23} - -id-mr-protocolInformationMatch OBJECT IDENTIFIER ::= {id-mr 24} - -id-mr-uTCTimeMatch OBJECT IDENTIFIER ::= {id-mr 25} - -id-mr-uTCTimeOrderingMatch OBJECT IDENTIFIER ::= {id-mr 26} - -id-mr-generalizedTimeMatch OBJECT IDENTIFIER ::= {id-mr 27} - -id-mr-generalizedTimeOrderingMatch OBJECT IDENTIFIER ::= {id-mr 28} - -id-mr-integerFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 29} - -id-mr-objectIdentifierFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 30} - -id-mr-directoryStringFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 31} - -id-mr-wordMatch OBJECT IDENTIFIER ::= {id-mr 32} - -id-mr-keywordMatch OBJECT IDENTIFIER ::= {id-mr 33} - --- id-mr-certificateExactMatch OBJECT IDENTIFIER ::= {id-mr 34} --- id-mr-certificateMatch OBJECT IDENTIFIER ::= {id-mr 35} --- id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= {id-mr 36} --- id-mr-certificatePairMatch OBJECT IDENTIFIER ::= {id-mr 37} --- id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= {id-mr 38} --- id-mr-certificateListMatch OBJECT IDENTIFIER ::= {id-mr 39} --- id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 40} -id-mr-storedPrefixMatch OBJECT IDENTIFIER ::= - {id-mr 41} - --- id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::= {id-mr 42} --- id-mr-readerAndKeyIDMatch OBJECT IDENTIFIER ::= {id-mr 43} ---id-mr-attributeIntegrityMatch OBJECT IDENTIFIER ::= {id-mr 44} -id-mr-systemProposedMatch OBJECT IDENTIFIER ::= - {id-mr 47} - -id-mr-generalWordMatch OBJECT IDENTIFIER ::= {id-mr 48} - -id-mr-approximateStringMatch OBJECT IDENTIFIER ::= {id-mr 49} - -id-mr-ignoreIfAbsentMatch OBJECT IDENTIFIER ::= {id-mr 50} - -id-mr-nullMatch OBJECT IDENTIFIER ::= {id-mr 51} - -id-mr-zonalMatch OBJECT IDENTIFIER ::= {id-mr 52} - -id-mr-facsimileNumberMatch OBJECT IDENTIFIER ::= {id-mr 63} - -id-mr-facsimileNumberSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 64} - --- contexts -id-avc-language OBJECT IDENTIFIER ::= {id-avc 0} - -id-avc-temporal OBJECT IDENTIFIER ::= {id-avc 1} - -id-avc-locale OBJECT IDENTIFIER ::= {id-avc 2} - ---id-avc-attributeValueSecurityLabelContext OBJECT IDENTIFIER ::= {id-avc 3} ---id-avc-attributeValueIntegrityInfoContext OBJECT IDENTIFIER ::= {id-avc 4} --- Problem definitions -id-pr-targetDsaUnavailable OBJECT IDENTIFIER ::= - {id-pr 1} - -id-pr-dataSourceUnavailable OBJECT IDENTIFIER ::= {id-pr 2} - -id-pr-unidentifiedOperation OBJECT IDENTIFIER ::= {id-pr 3} - -id-pr-unavailableOperation OBJECT IDENTIFIER ::= {id-pr 4} - -id-pr-searchAttributeViolation OBJECT IDENTIFIER ::= {id-pr 5} - -id-pr-searchAttributeCombinationViolation OBJECT IDENTIFIER ::= {id-pr 6} - -id-pr-searchValueNotAllowed OBJECT IDENTIFIER ::= {id-pr 7} - -id-pr-missingSearchAttribute OBJECT IDENTIFIER ::= {id-pr 8} - -id-pr-searchValueViolation OBJECT IDENTIFIER ::= {id-pr 9} - -id-pr-attributeNegationViolation OBJECT IDENTIFIER ::= {id-pr 10} - -id-pr-searchValueRequired OBJECT IDENTIFIER ::= {id-pr 11} - -id-pr-invalidSearchValue OBJECT IDENTIFIER ::= {id-pr 12} - -id-pr-searchContextViolation OBJECT IDENTIFIER ::= {id-pr 13} - -id-pr-searchContextCombinationViolation OBJECT IDENTIFIER ::= {id-pr 14} - -id-pr-missingSearchContext OBJECT IDENTIFIER ::= {id-pr 15} - -id-pr-searchContextValueViolation OBJECT IDENTIFIER ::= {id-pr 16} - -id-pr-searchContextValueRequired OBJECT IDENTIFIER ::= {id-pr 17} - -id-pr-invalidContextSearchValue OBJECT IDENTIFIER ::= {id-pr 18} - -id-pr-unsupportedMatchingRule OBJECT IDENTIFIER ::= {id-pr 19} - -id-pr-attributeMatchingViolation OBJECT IDENTIFIER ::= {id-pr 20} - -id-pr-unsupportedMatchingUse OBJECT IDENTIFIER ::= {id-pr 21} - -id-pr-matchingUseViolation OBJECT IDENTIFIER ::= {id-pr 22} - -id-pr-hierarchySelectForbidden OBJECT IDENTIFIER ::= {id-pr 23} - -id-pr-invalidHierarchySelect OBJECT IDENTIFIER ::= {id-pr 24} - -id-pr-unavailableHierarchySelect OBJECT IDENTIFIER ::= {id-pr 25} - -id-pr-invalidSearchOptions OBJECT IDENTIFIER ::= {id-pr 26} - -id-pr-missingSearchOptions OBJECT IDENTIFIER ::= {id-pr 27} - -id-pr-invalidServiceControlOptions OBJECT IDENTIFIER ::= {id-pr 28} - -id-pr-missingServiceControlOptions OBJECT IDENTIFIER ::= {id-pr 29} - -id-pr-searchSubsetViolation OBJECT IDENTIFIER ::= {id-pr 30} - -id-pr-unmatchedKeyAttributes OBJECT IDENTIFIER ::= {id-pr 31} - -id-pr-ambiguousKeyAttributes OBJECT IDENTIFIER ::= {id-pr 32} - --- Notification attributes -id-not-dSAProblem OBJECT IDENTIFIER ::= {id-not 0} - -id-not-searchServiceProblem OBJECT IDENTIFIER ::= {id-not 1} - -id-not-serviceType OBJECT IDENTIFIER ::= {id-not 2} - -id-not-attributeTypeList OBJECT IDENTIFIER ::= {id-not 3} - -id-not-matchingRuleList OBJECT IDENTIFIER ::= {id-not 4} - -id-not-filterItem OBJECT IDENTIFIER ::= {id-not 5} - -id-not-attributeCombinations OBJECT IDENTIFIER ::= {id-not 6} - -id-not-contextTypeList OBJECT IDENTIFIER ::= {id-not 7} - -id-not-contextList OBJECT IDENTIFIER ::= {id-not 8} - -id-not-contextCombinations OBJECT IDENTIFIER ::= {id-not 9} - -id-not-hierarchySelectList OBJECT IDENTIFIER ::= {id-not 10} - -id-not-searchOptionsList OBJECT IDENTIFIER ::= {id-not 11} - -id-not-serviceControlOptionsList OBJECT IDENTIFIER ::= {id-not 12} - -id-not-multipleMatchingLocalities OBJECT IDENTIFIER ::= {id-not 13} - -id-not-proposedRelaxation OBJECT IDENTIFIER ::= {id-not 14} - -id-not-appliedRelaxation OBJECT IDENTIFIER ::= {id-not 15} - -id-not-substringRequirements OBJECT IDENTIFIER ::= {id-not 16} - --- Control attributes -id-cat-sequenceMatchType OBJECT IDENTIFIER ::= - {id-cat 1} - -id-cat-wordMatchType OBJECT IDENTIFIER ::= {id-cat 2} - -id-cat-characterMatchTypes OBJECT IDENTIFIER ::= {id-cat 3} - -id-cat-selectedContexts OBJECT IDENTIFIER ::= {id-cat 4} - -END -- SelectedAttributeTypes - --- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D diff --git a/acse/ACSE-1.asn1 b/acse/ACSE-1.asn1 new file mode 100644 index 0000000..6768034 --- /dev/null +++ b/acse/ACSE-1.asn1 @@ -0,0 +1,255 @@ +-- Module ACSE-1 (X.227:04/1995) +-- See also ITU-T X.227 (04/1995) +-- See also the index of all ASN.1 assignments needed in this document + +ACSE-1 {joint-iso-itu-t association-control(2) modules(0) apdus(0) version1(1)} +-- ACSE-1 refers to ACSE version 1 +DEFINITIONS ::= +BEGIN + +EXPORTS + acse-as-id, ACSE-apdu, aCSE-id, Application-context-name, AP-title, + AE-qualifier, AE-title, AP-invocation-identifier, AE-invocation-identifier, + Mechanism-name, Authentication-value, ACSE-requirements, ObjectSet; + +IMPORTS + Name, RelativeDistinguishedName + FROM InformationFramework {joint-iso-itu-t ds(5) module(1) + informationFramework(1) 3}; + +-- The data types Name and RelativeDistinguishedName are imported from ISO/IEC 9594-2. +-- object identifier assignments +acse-as-id OBJECT IDENTIFIER ::= + {joint-iso-itu-t association-control(2) abstract-syntax(1) apdus(0) + version1(1)} + +-- may be used to reference the abstract syntax of the ACSE APDUs +aCSE-id OBJECT IDENTIFIER ::= + {joint-iso-itu-t association-control(2) ase-id(3) acse-ase(1) version(1)} + +-- may be used to identify the Association Control ASE. +-- top level CHOICE +ACSE-apdu ::= CHOICE { + aarq AARQ-apdu, + aare AARE-apdu, + rlrq RLRQ-apdu, + rlre RLRE-apdu, + abrt ABRT-apdu, + ... +} + +AARQ-apdu ::= [APPLICATION 0] IMPLICIT SEQUENCE { + protocol-version + [0] IMPLICIT BIT STRING {version1(0)} DEFAULT {version1}, + application-context-name [1] Application-context-name, + called-AP-title [2] AP-title OPTIONAL, + called-AE-qualifier [3] AE-qualifier OPTIONAL, + called-AP-invocation-identifier [4] AP-invocation-identifier OPTIONAL, + called-AE-invocation-identifier [5] AE-invocation-identifier OPTIONAL, + calling-AP-title [6] AP-title OPTIONAL, + calling-AE-qualifier [7] AE-qualifier OPTIONAL, + calling-AP-invocation-identifier [8] AP-invocation-identifier OPTIONAL, + calling-AE-invocation-identifier [9] AE-invocation-identifier OPTIONAL, + -- The following field shall not be present if only the Kernel is used. + sender-acse-requirements [10] IMPLICIT ACSE-requirements OPTIONAL, + -- The following field shall only be present if the Authentication functional unit is selected. + mechanism-name [11] IMPLICIT Mechanism-name OPTIONAL, + -- The following field shall only be present if the Authentication functional unit is selected. + calling-authentication-value [12] EXPLICIT Authentication-value OPTIONAL, + application-context-name-list + [13] IMPLICIT Application-context-name-list OPTIONAL, + -- The above field shall only be present if the Application Context Negotiation functional unit is selected + implementation-information [29] IMPLICIT Implementation-data OPTIONAL, + ..., + ..., + user-information + [30] IMPLICIT Association-information OPTIONAL +} + +AARE-apdu ::= [APPLICATION 1] IMPLICIT SEQUENCE { + protocol-version + [0] IMPLICIT BIT STRING {version1(0)} DEFAULT {version1}, + application-context-name [1] Application-context-name, + result [2] Associate-result, + result-source-diagnostic [3] Associate-source-diagnostic, + responding-AP-title [4] AP-title OPTIONAL, + responding-AE-qualifier [5] AE-qualifier OPTIONAL, + responding-AP-invocation-identifier [6] AP-invocation-identifier OPTIONAL, + responding-AE-invocation-identifier [7] AE-invocation-identifier OPTIONAL, + -- The following field shall not be present if only the Kernel is used. + responder-acse-requirements [8] IMPLICIT ACSE-requirements OPTIONAL, + -- The following field shall only be present if the Authentication functional unit is selected. + mechanism-name [9] IMPLICIT Mechanism-name OPTIONAL, + -- This following field shall only be present if the Authentication functional unit is selected. + responding-authentication-value + [10] EXPLICIT Authentication-value OPTIONAL, + application-context-name-list + [11] IMPLICIT Application-context-name-list OPTIONAL, + -- The above field shall only be present if the Application Context Negotiation functional unit is selected + implementation-information + [29] IMPLICIT Implementation-data OPTIONAL, + ..., + ..., + user-information + [30] IMPLICIT Association-information OPTIONAL +} + +RLRQ-apdu ::= [APPLICATION 2] IMPLICIT SEQUENCE { + reason [0] IMPLICIT Release-request-reason OPTIONAL, + ..., + ..., + user-information [30] IMPLICIT Association-information OPTIONAL +} + +RLRE-apdu ::= [APPLICATION 3] IMPLICIT SEQUENCE { + reason [0] IMPLICIT Release-response-reason OPTIONAL, + ..., + ..., + user-information [30] IMPLICIT Association-information OPTIONAL +} + +ABRT-apdu ::= [APPLICATION 4] IMPLICIT SEQUENCE { + abort-source [0] IMPLICIT ABRT-source, + abort-diagnostic [1] IMPLICIT ABRT-diagnostic OPTIONAL, + -- This field shall not be present if only the Kernel is used. + ..., + ..., + user-information [30] IMPLICIT Association-information OPTIONAL +} + +ABRT-diagnostic ::= ENUMERATED { + no-reason-given(1), protocol-error(2), + authentication-mechanism-name-not-recognized(3), + authentication-mechanism-name-required(4), authentication-failure(5), + authentication-required(6), ... + } + +ABRT-source ::= INTEGER {acse-service-user(0), acse-service-provider(1) +}(0..1, ...) + +ACSE-requirements ::= BIT STRING { + authentication(0), application-context-negotiation(1)} + +Application-context-name-list ::= SEQUENCE OF Application-context-name + +Application-context-name ::= OBJECT IDENTIFIER + +-- Application-entity title productions follow (not in alphabetical order) +AP-title ::= CHOICE { + ap-title-form1 AP-title-form1, + ap-title-form2 AP-title-form2, + ... +} + +AE-qualifier ::= CHOICE { + ae-qualifier-form1 AE-qualifier-form1, + ae-qualifier-form2 AE-qualifier-form2, + ... +} + +-- When both AP-title and AE-qualifier data values are present in an AARQ or AARE APDU, both must +-- have the same form to allow the construction of an AE-title as discussed in CCITT Rec. X.665 | +-- ISO/IEC 9834-6. +AP-title-form1 ::= + Name + +-- The value assigned to AP-title-form1 is The Directory Name of an application-process title. +AE-qualifier-form1 ::= + RelativeDistinguishedName + +-- The value assigned to AE-qualifier-form1 is the relative distinguished name of a particular +-- application-entity of the application-process identified by AP-title-form1. +AP-title-form2 ::= OBJECT IDENTIFIER + +AE-qualifier-form2 ::= INTEGER + +AE-title ::= CHOICE { + ae-title-form1 AE-title-form1, + ae-title-form2 AE-title-form2, + ... +} + +-- As defined in CCITT Rec. X.650 | ISO 7498-3, an application-entity title is composed of an application- +-- process title and an application-entity qualifier. The ACSE protocol provides for the transfer of an +-- application-entity title value by the transfer of its component values. However, the following data type +-- is provided for International Standards that reference a single syntactic structure for AE titles. +AE-title-form1 ::= + Name + +-- For access to The Directory (ITU-T Rec. X.500-Series | ISO/IEC 9594), an AE title has AE-title-form1. +-- This value can be constructed from AP-title-form1 and AE-qualifier-form1 values contained in an +-- AARQ or AARE APDU. A discussion of forming an AE-title-form1 from AP-title-form1 and AE-qualifier- +-- form1 may be found in CCITT Rec. X.665 | ISO/IEC 9834-6. +AE-title-form2 ::= OBJECT IDENTIFIER + +-- A discussion of forming an AE-title-form2 from AP-title-form2 and AE-qualifier-form2 may be +-- found in CCITT Rec. X.665 | ISO/IEC 9834-6. +AE-invocation-identifier ::= INTEGER + +AP-invocation-identifier ::= INTEGER + +-- End of Application-entity title productions +Associate-result ::= INTEGER { + accepted(0), rejected-permanent(1), rejected-transient(2)}(0..2, ...) + +Associate-source-diagnostic ::= CHOICE { + acse-service-user + [1] INTEGER {null(0), no-reason-given(1), + application-context-name-not-supported(2), + calling-AP-title-not-recognized(3), + calling-AP-invocation-identifier-not-recognized(4), + calling-AE-qualifier-not-recognized(5), + calling-AE-invocation-identifier-not-recognized(6), + called-AP-title-not-recognized(7), + called-AP-invocation-identifier-not-recognized(8), + called-AE-qualifier-not-recognized(9), + called-AE-invocation-identifier-not-recognized(10), + authentication-mechanism-name-not-recognized(11), + authentication-mechanism-name-required(12), + authentication-failure(13), authentication-required(14)} + (0..14, ...), + acse-service-provider + [2] INTEGER {null(0), no-reason-given(1), no-common-acse-version(2)} + (0..2, ...) +} + +Association-information ::= SEQUENCE SIZE (1, ..., 0 | 2..MAX) OF EXTERNAL + +Authentication-value ::= CHOICE { + charstring [0] IMPLICIT GraphicString, + bitstring [1] IMPLICIT BIT STRING, + external [2] IMPLICIT EXTERNAL, + other + [3] IMPLICIT SEQUENCE {other-mechanism-name + MECHANISM-NAME.&id({ObjectSet}), + other-mechanism-value + MECHANISM-NAME.&Type + ({ObjectSet}{@.other-mechanism-name})} +} + +-- The abstract syntax of (calling/responding) authentication-value is determined by the authentication +-- mechanism used during association establishment. The authentication mechanism is either explicitly +-- denoted by the &id field (of type OBJECT IDENTIFIER) for a mechanism belonging to the class +-- MECHANISM-NAME, or it is known implicitly by +-- prior agreement between the communicating partners. If the "other" component is chosen, then +-- the "mechanism-name" component must be present in accordance with +-- ITU-T Rec. X.680 | ISO/IEC 8824. If the value "mechanism-name" occurs in the AARQ-apdu or the +-- AARE-apdu, then that value must be the same as the value for "other-mechanism-name" +Implementation-data ::= GraphicString + +Mechanism-name ::= OBJECT IDENTIFIER + +MECHANISM-NAME ::= TYPE-IDENTIFIER + +ObjectSet MECHANISM-NAME ::= + {...} + +Release-request-reason ::= INTEGER {normal(0), urgent(1), user-defined(30) +}(0 | 1 | 30, ...) + +Release-response-reason ::= INTEGER { + normal(0), not-finished(1), user-defined(30)}(0 | 1 | 30, ...) + +END + +-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D diff --git a/acse/DirectoryAbstractService.asn1 b/acse/DirectoryAbstractService.asn1 new file mode 100644 index 0000000..ca1d934 --- /dev/null +++ b/acse/DirectoryAbstractService.asn1 @@ -0,0 +1,718 @@ +-- Module DirectoryAbstractService (X.511 TC2:08/1997) +-- See also ITU-T X.511 (1997) Technical Cor. 2 (02/2001) +-- See also the index of all ASN.1 assignments needed in this document + +DirectoryAbstractService {joint-iso-itu-t ds(5) module(1) + directoryAbstractService(2) 3} DEFINITIONS ::= +BEGIN + +-- EXPORTS All +-- The types and values defined in this module are exported for use in the other ASN.1 modules contained +-- within the Directory Specifications, and for the use of other applications which will use them to access +-- Directory services. Other applications may use them for their own purposes, but this will not constrain +-- extensions and modifications needed to maintain or improve the Directory service. +IMPORTS + informationFramework, distributedOperations, authenticationFramework, + dap, directoryShadowAbstractService, basicAccessControl, enhancedSecurity, + id-at + FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) + usefulDefinitions(0) 3} + AttributeTypeAndValue + FROM BasicAccessControl {joint-iso-itu-t ds(5) module(1) + basicAccessControl(24) 3} + AgreementID + FROM DirectoryShadowAbstractService {joint-iso-itu-t ds(5) module(1) + directoryShadowAbstractService(15) 4} + Attribute, AttributeType, AttributeValue, AttributeValueAssertion, + DistinguishedName, Name, RelativeDistinguishedName, SupportedAttributes, + ATTRIBUTE, MATCHING-RULE, ContextAssertion, AttributeTypeAssertion, + OBJECT-CLASS, RelaxationPolicy + FROM InformationFramework {joint-iso-itu-t ds(5) module(1) + informationFramework(1) 3} + OperationProgress, ReferenceType, Exclusions, AccessPoint, + ContinuationReference + FROM DistributedOperations {joint-iso-itu-t ds(5) module(1) + distributedOperations(3) 3} + CertificationPath, SIGNED{}, SIGNATURE{}, ENCRYPTED{}, AlgorithmIdentifier, + AttributeCertificationPath + FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1) + authenticationFramework(7) 3} + OPTIONALLY-PROTECTED{}, OPTIONALLY-PROTECTED-SEQ{} + FROM EnhancedSecurity {joint-iso-itu-t ds(5) modules(1) + enhancedSecurity(28) 1} + id-opcode-read, id-opcode-compare, id-opcode-abandon, id-opcode-list, + id-opcode-search, id-opcode-addEntry, id-opcode-removeEntry, + id-opcode-modifyEntry, id-opcode-modifyDN, id-errcode-abandoned, + id-errcode-abandonFailed, id-errcode-attributeError, id-errcode-nameError, + id-errcode-referral, id-errcode-securityError, id-errcode-serviceError, + id-errcode-updateError + FROM DirectoryAccessProtocol {joint-iso-itu-t ds(5) module(1) dap(11) 3} + OPERATION, ERROR, Code + FROM Remote-Operations-Information-Objects {joint-iso-itu-t + remote-operations(4) informationObjects(5) version1(0)} + emptyUnbind + FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t + remote-operations(4) useful-definitions(7) version1(0)} + InvokeId + FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t + remote-operations(4) generic-ROS-PDUs(6) version1(0)} + --PROTECTED + -- FROM Notation { joint-iso-itu-t genericULS (20) modules (1) notation (1) } + SPKM-REQ, SPKM-REP-TI, SPKM-ERROR + FROM SpkmGssTokens {iso(1) identified-organization(3) dod(6) internet(1) + security(5) mechanisms(5) spkm(1) spkmGssTokens(10)}; + +-- Common data types +-- Parameterized type for representing optional signing +OPTIONALLY-SIGNED{Type} ::= CHOICE {unsigned Type, + signed SIGNED{Type} +} + +CommonArguments ::= SET { + serviceControls [30] ServiceControls DEFAULT {}, + securityParameters [29] SecurityParameters OPTIONAL, + requestor [28] DistinguishedName OPTIONAL, + operationProgress + [27] OperationProgress DEFAULT {nameResolutionPhase notStarted}, + aliasedRDNs [26] INTEGER OPTIONAL, + criticalExtensions [25] BIT STRING OPTIONAL, + referenceType [24] ReferenceType OPTIONAL, + entryOnly [23] BOOLEAN DEFAULT TRUE, + nameResolveOnMaste [21] BOOLEAN DEFAULT FALSE, + operationContexts [20] ContextSelection OPTIONAL, + familyGrouping [19] FamilyGrouping DEFAULT entryOnly +} + +FamilyGrouping ::= ENUMERATED { + entryOnly(1), compoundEntry(2), strands(3), multiStrand(4)} + +CommonResults ::= SET { + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE, + notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL +} + +CommonResultsSeq ::= SEQUENCE { + securityParameters [30] SecurityParameters OPTIONAL, + performer [29] DistinguishedName OPTIONAL, + aliasDereferenced [28] BOOLEAN DEFAULT FALSE +} + +ServiceControls ::= SET { + options [0] ServiceControlOptions DEFAULT {}, + priority [1] INTEGER {low(0), medium(1), high(2)} DEFAULT medium, + timeLimit [2] INTEGER OPTIONAL, + sizeLimit [3] INTEGER OPTIONAL, + scopeOfReferral [4] INTEGER {dmd(0), country(1)} OPTIONAL, + attributeSizeLimit [5] INTEGER OPTIONAL, + manageDSAITPlaneRef + [6] SEQUENCE {dsaName Name, + agreementID AgreementID} OPTIONAL, + serviceType [7] OBJECT IDENTIFIER OPTIONAL, + userClass [8] INTEGER OPTIONAL +} + +ServiceControlOptions ::= BIT STRING { + preferChaining(0), chainingProhibited(1), localScope(2), dontUseCopy(3), + dontDereferenceAliases(4), subentries(5), copyShallDo(6), + partialNameResolution(7), manageDSAIT(8), noSubtypeMatch(9), + noSubtypeSelection(10), countFamily(11)} + +EntryInformationSelection ::= SET { + attributes + CHOICE {allUserAttributes [0] NULL, + select [1] SET OF AttributeType + -- empty set implies no attributes are requested + } DEFAULT allUserAttributes:NULL, + infoTypes + [2] INTEGER {attributeTypesOnly(0), attributeTypesAndValues(1)} + DEFAULT attributeTypesAndValues, + extraAttributes + CHOICE {allOperationalAttributes [3] NULL, + select [4] SET OF AttributeType} OPTIONAL, + contextSelection ContextSelection OPTIONAL, + returnContexts BOOLEAN DEFAULT FALSE, + familyReturn FamilyReturn DEFAULT {memberSelect contributingEntriesOnly} +} + +ContextSelection ::= CHOICE { + allContexts NULL, + selectedContexts SET OF TypeAndContextAssertion +} + +TypeAndContextAssertion ::= SEQUENCE { + type AttributeType, + contextAssertions + CHOICE {preference SEQUENCE OF ContextAssertion, + all SET OF ContextAssertion} +} + +FamilyReturn ::= SEQUENCE { + memberSelect + ENUMERATED {contributingEntriesOnly(1), participatingEntriesOnly(2), + compoundEntry(3)}, + familySelect SEQUENCE SIZE (1..MAX) OF OBJECT-CLASS.&id OPTIONAL +} + +family-information ATTRIBUTE ::= { + WITH SYNTAX FamilyEntries + USAGE directoryOperation + ID id-at-family-information +} + +FamilyEntries ::= SEQUENCE { + family-class OBJECT-CLASS.&id, -- structural object class value + familyEntries SEQUENCE OF FamilyEntry +} + +FamilyEntry ::= SEQUENCE { + rdn RelativeDistinguishedName, + information + SEQUENCE OF CHOICE {attributeType AttributeType, + attribute Attribute}, + family-info SEQUENCE SIZE (1..MAX) OF FamilyEntries OPTIONAL +} + +EntryInformation ::= SEQUENCE { + name Name, + fromEntry BOOLEAN DEFAULT TRUE, + information + SET SIZE (1..MAX) OF + CHOICE {attributeType AttributeType, + attribute Attribute} OPTIONAL, + incompleteEntry [3] BOOLEAN DEFAULT FALSE, -- not in 1988-edition systems + partialNameResolution + [4] BOOLEAN DEFAULT FALSE -- not in 1988 or 1993 edition systems -- +} + +Filter ::= CHOICE { + item [0] FilterItem, + and [1] SET OF Filter, + or [2] SET OF Filter, + not [3] Filter +} + +FilterItem ::= CHOICE { + equality [0] AttributeValueAssertion, + substrings + [1] SEQUENCE {type ATTRIBUTE.&id({SupportedAttributes}), + strings + SEQUENCE OF + CHOICE {initial + [0] ATTRIBUTE.&Type + ({SupportedAttributes} + {@substrings.type}), + any + [1] ATTRIBUTE.&Type + ({SupportedAttributes} + {@substrings.type}), + final + [2] ATTRIBUTE.&Type + ({SupportedAttributes} + {@substrings.type}), + control Attribute -- Used to specify interpretation of following items + }}, + greaterOrEqual [2] AttributeValueAssertion, + lessOrEqual [3] AttributeValueAssertion, + present [4] AttributeType, + approximateMatch [5] AttributeValueAssertion, + extensibleMatch [6] MatchingRuleAssertion, + contextPresent [7] AttributeTypeAssertion +} + +MatchingRuleAssertion ::= SEQUENCE { + matchingRule [1] SET SIZE (1..MAX) OF MATCHING-RULE.&id, + type [2] AttributeType OPTIONAL, + matchValue + [3] MATCHING-RULE.&AssertionType + (CONSTRAINED BY { + -- matchValue must be a value of type specified by the &AssertionType field of + -- one of the MATCHING-RULE information objects identified by matchingRule -- }), + dnAttributes [4] BOOLEAN DEFAULT FALSE +} + +PagedResultsRequest ::= CHOICE { + newRequest + SEQUENCE {pageSize INTEGER, + sortKeys SEQUENCE SIZE (1..MAX) OF SortKey OPTIONAL, + reverse [1] BOOLEAN DEFAULT FALSE, + unmerged [2] BOOLEAN DEFAULT FALSE}, + queryReference OCTET STRING +} + +SortKey ::= SEQUENCE { + type AttributeType, + orderingRule MATCHING-RULE.&id OPTIONAL +} + +SecurityParameters ::= SET { + certification-path [0] CertificationPath OPTIONAL, + name [1] DistinguishedName OPTIONAL, + time [2] Time OPTIONAL, + random [3] BIT STRING OPTIONAL, + target [4] ProtectionRequest OPTIONAL, + response [5] BIT STRING OPTIONAL, + operationCode [6] Code OPTIONAL, + attributeCertificationPath [7] AttributeCertificationPath OPTIONAL, + errorProtection [8] ErrorProtectionRequest OPTIONAL, + errorCode [9] Code OPTIONAL +} + +ProtectionRequest ::= INTEGER { + none(0), signed(1), encrypted(2), signed-encrypted(3)} + +Time ::= CHOICE {utcTime UTCTime, + generalizedTime GeneralizedTime +} + +ErrorProtectionRequest ::= INTEGER { + none(0), signed(1), encrypted(2), signed-encrypted(3)} + +-- Bind and unbind operations +directoryBind OPERATION ::= { + ARGUMENT DirectoryBindArgument + RESULT DirectoryBindResult + ERRORS {directoryBindError} +} + +DirectoryBindArgument ::= SET { + credentials [0] Credentials OPTIONAL, + versions [1] Versions DEFAULT {v1} +} + +Credentials ::= CHOICE { + simple [0] SimpleCredentials, + strong [1] StrongCredentials, + externalProcedure [2] EXTERNAL, + spkm [3] SpkmCredentials +} + +SimpleCredentials ::= SEQUENCE { + name [0] DistinguishedName, + validity + [1] SET {time1 [0] CHOICE {utc UTCTime, + gt GeneralizedTime} OPTIONAL, + time2 [1] CHOICE {utc UTCTime, + gt GeneralizedTime} OPTIONAL, + random1 [2] BIT STRING OPTIONAL, + random2 [3] BIT STRING OPTIONAL}, + password + [2] CHOICE {unprotected OCTET STRING, + protected SIGNATURE{OCTET STRING}} OPTIONAL +} + +StrongCredentials ::= SET { + certification-path [0] CertificationPath OPTIONAL, + bind-token [1] Token, + name [2] DistinguishedName OPTIONAL, + attributeCertificationPath [3] AttributeCertificationPath OPTIONAL +} + +SpkmCredentials ::= CHOICE {req [0] SPKM-REQ, + rep [1] SPKM-REP-TI +} + +Token ::= + SIGNED + {SEQUENCE {algorithm [0] AlgorithmIdentifier, + name [1] DistinguishedName, + time [2] Time, + random [3] BIT STRING, + response [4] BIT STRING OPTIONAL, + bindIntAlgorithm + [5] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL, + bindIntKeyInfo [6] BindKeyInfo OPTIONAL, + bindConfAlgorithm + [7] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL, + bindConfKeyInfo [8] BindKeyInfo OPTIONAL}} + +Versions ::= BIT STRING {v1(0), v2(1)} + +DirectoryBindResult ::= DirectoryBindArgument + +directoryBindError ERROR ::= { + PARAMETER OPTIONALLY-PROTECTED + {SET {versions [0] Versions DEFAULT {v1}, + error + CHOICE {serviceError [1] ServiceProblem, + securityError [2] SecurityProblem}}} +} + +BindKeyInfo ::= ENCRYPTED{BIT STRING} + +directoryUnbind OPERATION ::= emptyUnbind + +-- Operations, arguments, and results +read OPERATION ::= { + ARGUMENT ReadArgument + RESULT ReadResult + ERRORS + {attributeError | nameError | serviceError | referral | abandoned | + securityError} + CODE id-opcode-read +} + +ReadArgument ::= + OPTIONALLY-PROTECTED + {SET {object [0] Name, + selection [1] EntryInformationSelection DEFAULT {}, + modifyRightsRequest [2] BOOLEAN DEFAULT FALSE, + COMPONENTS OF CommonArguments}} + +ReadResult ::= + OPTIONALLY-PROTECTED + {SET {entry [0] EntryInformation, + modifyRights [1] ModifyRights OPTIONAL, + COMPONENTS OF CommonResults}} + +ModifyRights ::= + SET OF + SEQUENCE {item + CHOICE {entry [0] NULL, + attribute [1] AttributeType, + value [2] AttributeValueAssertion}, + permission + [3] BIT STRING {add(0), remove(1), rename(2), move(3)} + } + +compare OPERATION ::= { + ARGUMENT CompareArgument + RESULT CompareResult + ERRORS + {attributeError | nameError | serviceError | referral | abandoned | + securityError} + CODE id-opcode-compare +} + +CompareArgument ::= + OPTIONALLY-PROTECTED + {SET {object [0] Name, + purported [1] AttributeValueAssertion, + COMPONENTS OF CommonArguments}} + +CompareResult ::= + OPTIONALLY-PROTECTED + {SET {name Name OPTIONAL, + matched [0] BOOLEAN, + fromEntry [1] BOOLEAN DEFAULT TRUE, + matchedSubtype [2] AttributeType OPTIONAL, + COMPONENTS OF CommonResults}} + +abandon OPERATION ::= { + ARGUMENT AbandonArgument + RESULT AbandonResult + ERRORS {abandonFailed} + CODE id-opcode-abandon +} + +AbandonArgument ::= + OPTIONALLY-PROTECTED-SEQ{SEQUENCE {invokeID [0] InvokeId}} + +AbandonResult ::= CHOICE { + null NULL, + information + OPTIONALLY-PROTECTED-SEQ{SEQUENCE {invokeID InvokeId, + COMPONENTS OF CommonResultsSeq + }} +} + +list OPERATION ::= { + ARGUMENT ListArgument + RESULT ListResult + ERRORS {nameError | serviceError | referral | abandoned | securityError} + CODE id-opcode-list +} + +ListArgument ::= + OPTIONALLY-PROTECTED + {SET {object [0] Name, + pagedResults [1] PagedResultsRequest OPTIONAL, + listFamily [2] BOOLEAN DEFAULT FALSE, + COMPONENTS OF CommonArguments}} + +ListResult ::= + OPTIONALLY-PROTECTED + {CHOICE {listInfo + SET {name Name OPTIONAL, + subordinates + [1] SET OF + SEQUENCE {rdn RelativeDistinguishedName, + aliasEntry [0] BOOLEAN DEFAULT FALSE, + fromEntry [1] BOOLEAN DEFAULT TRUE + }, + partialOutcomeQualifier + [2] PartialOutcomeQualifier OPTIONAL, + COMPONENTS OF CommonResults}, + uncorrelatedListInfo [0] SET OF ListResult}} + +PartialOutcomeQualifier ::= SET { + limitProblem [0] LimitProblem OPTIONAL, + unexplored + [1] SET SIZE (1..MAX) OF ContinuationReference OPTIONAL, + unavailableCriticalExtensions [2] BOOLEAN DEFAULT FALSE, + unknownErrors + [3] SET SIZE (1..MAX) OF ABSTRACT-SYNTAX.&Type OPTIONAL, + queryReference [4] OCTET STRING OPTIONAL, + overspecFilter [5] Filter OPTIONAL, + notification + [6] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL, + entryCount + CHOICE {bestEstimate [7] INTEGER, + lowEstimate [8] INTEGER} OPTIONAL +} + +LimitProblem ::= INTEGER { + timeLimitExceeded(0), sizeLimitExceeded(1), administrativeLimitExceeded(2) +} + +search OPERATION ::= { + ARGUMENT SearchArgument + RESULT SearchResult + ERRORS + {attributeError | nameError | serviceError | referral | abandoned | + securityError} + CODE id-opcode-search +} + +SearchArgument ::= + OPTIONALLY-PROTECTED + {SET {baseObject [0] Name, + subset + [1] INTEGER {baseObject(0), oneLevel(1), wholeSubtree(2)} + DEFAULT baseObject, + filter [2] Filter DEFAULT and:{}, + searchAliases [3] BOOLEAN DEFAULT TRUE, + selection [4] EntryInformationSelection DEFAULT {}, + pagedResults [5] PagedResultsRequest OPTIONAL, + matchedValuesOnly [6] BOOLEAN DEFAULT FALSE, + extendedFilter [7] Filter OPTIONAL, + checkOverspecified [8] BOOLEAN DEFAULT FALSE, + relaxation [9] RelaxationPolicy OPTIONAL, + extendedArea [10] INTEGER OPTIONAL, + hierarchySelections [11] HierarchySelections DEFAULT {self}, + searchControlOptions + [12] SearchControlOptions DEFAULT {searchAliases}, + COMPONENTS OF CommonArguments}} + +HierarchySelections ::= BIT STRING { + self(0), children(1), parent(2), hierarchy(3), top(4), subtree(5), + siblings(6), siblingChildren(7), siblingSubtree(8), all(9)} + +SearchControlOptions ::= BIT STRING { + searchAliases(0), matchedValuesOnly(1), checkOverspecified(2), + performExactly(3), includeAllAreas(4), noSystemRelaxation(5), dnAttribute(6), + matchOnResidualName(7), entryCount(8), useSubset(9), + separateFamilyMembers(10), searchFamily(11)} + +SearchResult ::= + OPTIONALLY-PROTECTED + {CHOICE {searchInfo + SET {name Name OPTIONAL, + entries [0] SET OF EntryInformation, + partialOutcomeQualifier + [2] PartialOutcomeQualifier OPTIONAL, + altMatching [3] BOOLEAN DEFAULT FALSE, + COMPONENTS OF CommonResults}, + uncorrelatedSearchInfo [0] SET OF SearchResult}} + +addEntry OPERATION ::= { + ARGUMENT AddEntryArgument + RESULT AddEntryResult + ERRORS + {attributeError | nameError | serviceError | referral | securityError | + updateError} + CODE id-opcode-addEntry +} + +AddEntryArgument ::= + OPTIONALLY-PROTECTED + {SET {object [0] Name, + entry [1] SET OF Attribute, + targetSystem [2] AccessPoint OPTIONAL, + COMPONENTS OF CommonArguments}} + +AddEntryResult ::= CHOICE { + null NULL, + information + OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}} +} + +removeEntry OPERATION ::= { + ARGUMENT RemoveEntryArgument + RESULT RemoveEntryResult + ERRORS {nameError | serviceError | referral | securityError | updateError} + CODE id-opcode-removeEntry +} + +RemoveEntryArgument ::= + OPTIONALLY-PROTECTED{SET {object [0] Name, + COMPONENTS OF CommonArguments}} + +RemoveEntryResult ::= CHOICE { + null NULL, + information + OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}} +} + +modifyEntry OPERATION ::= { + ARGUMENT ModifyEntryArgument + RESULT ModifyEntryResult + ERRORS + {attributeError | nameError | serviceError | referral | securityError | + updateError} + CODE id-opcode-modifyEntry +} + +ModifyEntryArgument ::= + OPTIONALLY-PROTECTED + {SET {object [0] Name, + changes [1] SEQUENCE OF EntryModification, + selection [2] EntryInformationSelection OPTIONAL, + COMPONENTS OF CommonArguments}} + +ModifyEntryResult ::= CHOICE { + null NULL, + information + OPTIONALLY-PROTECTED-SEQ{SEQUENCE {entry [0] EntryInformation OPTIONAL, + COMPONENTS OF CommonResultsSeq + }} +} + +EntryModification ::= CHOICE { + addAttribute [0] Attribute, + removeAttribute [1] AttributeType, + addValues [2] Attribute, + removeValues [3] Attribute, + alterValues [4] AttributeTypeAndValue, + resetValue [5] AttributeType +} + +modifyDN OPERATION ::= { + ARGUMENT ModifyDNArgument + RESULT ModifyDNResult + ERRORS {nameError | serviceError | referral | securityError | updateError} + CODE id-opcode-modifyDN +} + +ModifyDNArgument ::= + OPTIONALLY-PROTECTED + {SET {object [0] DistinguishedName, + newRDN [1] RelativeDistinguishedName, + deleteOldRDN [2] BOOLEAN DEFAULT FALSE, + newSuperior [3] DistinguishedName OPTIONAL, + COMPONENTS OF CommonArguments}} + +ModifyDNResult ::= CHOICE { + null NULL, + information + OPTIONALLY-PROTECTED-SEQ{SEQUENCE {newRDN RelativeDistinguishedName, + COMPONENTS OF CommonResultsSeq + }} +} + +-- Errors and parameters +abandoned ERROR ::= { -- not literally an "error" + PARAMETER OPTIONALLY-PROTECTED {SET {COMPONENTS OF CommonResults}} + CODE id-errcode-abandoned +} + +abandonFailed ERROR ::= { + PARAMETER OPTIONALLY-PROTECTED + {SET {problem [0] AbandonProblem, + operation [1] InvokeId, + COMPONENTS OF CommonResults}} + CODE id-errcode-abandonFailed +} + +AbandonProblem ::= INTEGER {noSuchOperation(1), tooLate(2), cannotAbandon(3)} + +attributeError ERROR ::= { + PARAMETER OPTIONALLY-PROTECTED + {SET {object [0] Name, + problems + [1] SET OF + SEQUENCE {problem [0] AttributeProblem, + type [1] AttributeType, + value [2] AttributeValue OPTIONAL}, + COMPONENTS OF CommonResults}} + CODE id-errcode-attributeError +} + +AttributeProblem ::= INTEGER { + noSuchAttributeOrValue(1), invalidAttributeSyntax(2), + undefinedAttributeType(3), inappropriateMatching(4), constraintViolation(5), + attributeOrValueAlreadyExists(6), contextViolation(7)} + +nameError ERROR ::= { + PARAMETER OPTIONALLY-PROTECTED + {SET {problem [0] NameProblem, + matched [1] Name, + COMPONENTS OF CommonResults}} + CODE id-errcode-nameError +} + +NameProblem ::= INTEGER { + noSuchObject(1), aliasProblem(2), invalidAttributeSyntax(3), + aliasDereferencingProblem(4), contextProblem(5)} + +referral ERROR ::= { -- not literally an "error" + PARAMETER OPTIONALLY-PROTECTED + {SET {candidate [0] ContinuationReference, + COMPONENTS OF CommonResults}} + CODE id-errcode-referral +} + +securityError ERROR ::= { + PARAMETER OPTIONALLY-PROTECTED + {SET {problem [0] SecurityProblem, + spkmInfo [1] SPKM-ERROR, + COMPONENTS OF CommonResults}} + CODE id-errcode-securityError +} + +SecurityProblem ::= INTEGER { + inappropriateAuthentication(1), invalidCredentials(2), + insufficientAccessRights(3), invalidSignature(4), protectionRequired(5), + noInformation(6), blockedCredentials(7), invalidQOPMatch(8), spkmError(9) +} + +serviceError ERROR ::= { + PARAMETER OPTIONALLY-PROTECTED + {SET {problem [0] ServiceProblem, + COMPONENTS OF CommonResults}} + CODE id-errcode-serviceError +} + +ServiceProblem ::= INTEGER { + busy(1), unavailable(2), unwillingToPerform(3), chainingRequired(4), + unableToProceed(5), invalidReference(6), timeLimitExceeded(7), + administrativeLimitExceeded(8), loopDetected(9), + unavailableCriticalExtension(10), outOfScope(11), ditError(12), + invalidQueryReference(13), requestedServiceNotAvailable(14), + relaxationNotSupported(15), unavailableRelaxationLevel(16), + unsupportedMatchingUse(17), unmatchedKeyAttributes(18), + ambiguousKeyAttributes(19)} + +updateError ERROR ::= { + PARAMETER OPTIONALLY-PROTECTED + {SET {problem [0] UpdateProblem, + attributeInfo + [1] SET SIZE (1..MAX) OF + CHOICE {attributeType AttributeType, + attribute Attribute} OPTIONAL, + COMPONENTS OF CommonResults}} + CODE id-errcode-updateError +} + +UpdateProblem ::= INTEGER { + namingViolation(1), objectClassViolation(2), notAllowedOnNonLeaf(3), + notAllowedOnRDN(4), entryAlreadyExists(5), affectsMultipleDSAs(6), + objectClassModificationProhibited(7), notAncestor(8), parentNotAncestor(9), + hierarchyRuleViolation(10), familyRuleViolation(11)} + +id-at-family-information OBJECT IDENTIFIER ::= {id-at 64} + +END -- DirectoryAbstractService + +-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D diff --git a/acse/InformationFramework.asn1 b/acse/InformationFramework.asn1 new file mode 100644 index 0000000..58d934b --- /dev/null +++ b/acse/InformationFramework.asn1 @@ -0,0 +1,876 @@ +-- Module InformationFramework (X.501 TC2:08/1997) +-- See also ITU-T X.501 (1997) Technical Cor. 2 (02/2001) +-- See also the index of all ASN.1 assignments needed in this document + +InformationFramework {joint-iso-itu-t ds(5) module(1) informationFramework(1) + 3} DEFINITIONS ::= +BEGIN + +-- EXPORTS All - +-- The types and values defined in this module are exported for use in the other ASN.1 modules contained +-- within the Directory Specifications, and for the use of other applications which will use them to access +-- Directory services. Other applications may use them for their own purposes, but this will not constrain +-- extensions and modifications needed to maintain or improve the Directory service. +IMPORTS + id-oc, id-at, id-mr, id-oa, id-sc, id-ar, id-nf, selectedAttributeTypes, + directoryAbstractService, upperBounds + FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) + usefulDefinitions(0) 3} + commonName, generalizedTimeMatch, generalizedTimeOrderingMatch, booleanMatch, + integerMatch, integerOrderingMatch, objectIdentifierFirstComponentMatch, + integerFirstComponentMatch, DirectoryString{} + FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1) + selectedAttributeTypes(5) 3} + TypeAndContextAssertion, ServiceControlOptions, SearchControlOptions, + HierarchySelections, FamilyGrouping, FamilyReturn + FROM DirectoryAbstractService {joint-iso-itu-t ds(5) module(1) + directoryAbstractService(2) 3} + ub-search + FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 3}; + +-- attribute data types +Attribute ::= SEQUENCE { + type ATTRIBUTE.&id({SupportedAttributes}), + values + SET SIZE (0..MAX) OF ATTRIBUTE.&Type({SupportedAttributes}{@type}), + valuesWithContext + SET SIZE (1..MAX) OF + SEQUENCE {value ATTRIBUTE.&Type({SupportedAttributes}{@type}), + contextList SET SIZE (1..MAX) OF Context} OPTIONAL +} + +AttributeType ::= ATTRIBUTE.&id + +AttributeValue ::= ATTRIBUTE.&Type + +Context ::= SEQUENCE { + contextType CONTEXT.&id({SupportedContexts}), + contextValues + SET SIZE (1..MAX) OF CONTEXT.&Type({SupportedContexts}{@contextType}), + fallback BOOLEAN DEFAULT FALSE +} + +AttributeValueAssertion ::= SEQUENCE { + type ATTRIBUTE.&id({SupportedAttributes}), + assertion + ATTRIBUTE.&equality-match.&AssertionType + ({SupportedAttributes}{@type}), + assertedContexts + CHOICE {allContexts [0] NULL, + selectedContexts [1] SET SIZE (1..MAX) OF ContextAssertion + } OPTIONAL +} + +ContextAssertion ::= SEQUENCE { + contextType CONTEXT.&id({SupportedContexts}), + contextValues + SET SIZE (1..MAX) OF + CONTEXT.&Assertion({SupportedContexts}{@contextType}) +} + +AttributeTypeAssertion ::= SEQUENCE { + type ATTRIBUTE.&id({SupportedAttributes}), + assertedContexts SEQUENCE SIZE (1..MAX) OF ContextAssertion OPTIONAL +} + +-- Definition of the following information object set is deferred, perhaps to standardized +-- profiles or to protocol implementation conformance statements. The set is required to +-- specify a table constraint on the values component of Attribute, the value component +-- of AttributeTypeAndValue, and the assertion component of AttributeValueAssertion. +SupportedAttributes ATTRIBUTE ::= + {objectClass | aliasedEntryName, ...} + +-- Definition of the following information object set is deferred, perhaps to standardized +-- profiles or to protocol implementation conformance statements. The set is required to +-- specify a table constraint on the context specifications +SupportedContexts CONTEXT ::= + {...} + +-- naming data types +Name ::= CHOICE { -- only one possibility for now --rdnSequence RDNSequence +} + +RDNSequence ::= SEQUENCE OF RelativeDistinguishedName + +DistinguishedName ::= RDNSequence + +RelativeDistinguishedName ::= + SET SIZE (1..MAX) OF AttributeTypeAndDistinguishedValue + +AttributeTypeAndDistinguishedValue ::= SEQUENCE { + type ATTRIBUTE.&id({SupportedAttributes}), + value ATTRIBUTE.&Type({SupportedAttributes}{@type}), + primaryDistinguished BOOLEAN DEFAULT TRUE, + valuesWithContext + SET SIZE (1..MAX) OF + SEQUENCE {distingAttrValue + [0] ATTRIBUTE.&Type({SupportedAttributes}{@type}) + OPTIONAL, + contextList SET SIZE (1..MAX) OF Context} OPTIONAL +} + +-- subtree data types +SubtreeSpecification ::= SEQUENCE { + base [0] LocalName DEFAULT {}, + COMPONENTS OF ChopSpecification, + specificationFilter [4] Refinement OPTIONAL +} + +-- empty sequence specifies whole administrative area +LocalName ::= RDNSequence + +ChopSpecification ::= SEQUENCE { + specificExclusions + [1] SET SIZE (1..MAX) OF + CHOICE {chopBefore [0] LocalName, + chopAfter [1] LocalName} OPTIONAL, + minimum [2] BaseDistance DEFAULT 0, + maximum [3] BaseDistance OPTIONAL +} + +BaseDistance ::= INTEGER(0..MAX) + +Refinement ::= CHOICE { + item [0] OBJECT-CLASS.&id, + and [1] SET OF Refinement, + or [2] SET OF Refinement, + not [3] Refinement +} + +-- OBJECT-CLASS information object class specification +OBJECT-CLASS ::= CLASS { + &Superclasses OBJECT-CLASS OPTIONAL, + &kind ObjectClassKind DEFAULT structural, + &MandatoryAttributes ATTRIBUTE OPTIONAL, + &OptionalAttributes ATTRIBUTE OPTIONAL, + &id OBJECT IDENTIFIER UNIQUE +} +WITH SYNTAX { + [SUBCLASS OF &Superclasses] + [KIND &kind] + [MUST CONTAIN &MandatoryAttributes] + [MAY CONTAIN &OptionalAttributes] + ID &id +} + +ObjectClassKind ::= ENUMERATED {abstract(0), structural(1), auxiliary(2)} + +-- object classes +top OBJECT-CLASS ::= { + KIND abstract + MUST CONTAIN {objectClass} + ID id-oc-top +} + +alias OBJECT-CLASS ::= { + SUBCLASS OF {top} + MUST CONTAIN {aliasedEntryName} + ID id-oc-alias +} + +parent OBJECT-CLASS ::= {KIND abstract + ID id-oc-parent +} + +child OBJECT-CLASS ::= {KIND auxiliary + ID id-oc-child +} + +-- ATTRIBUTE information object class specification +ATTRIBUTE ::= CLASS { + &derivation ATTRIBUTE OPTIONAL, + &Type OPTIONAL, -- either &Type or &derivation required + &equality-match MATCHING-RULE OPTIONAL, + &ordering-match MATCHING-RULE OPTIONAL, + &substrings-match MATCHING-RULE OPTIONAL, + &single-valued BOOLEAN DEFAULT FALSE, + &collective BOOLEAN DEFAULT FALSE, + -- operational extensions + &no-user-modification BOOLEAN DEFAULT FALSE, + &usage AttributeUsage DEFAULT userApplications, + &id OBJECT IDENTIFIER UNIQUE +} +WITH SYNTAX { + [SUBTYPE OF &derivation] + [WITH SYNTAX &Type] + [EQUALITY MATCHING RULE &equality-match] + [ORDERING MATCHING RULE &ordering-match] + [SUBSTRINGS MATCHING RULE &substrings-match] + [SINGLE VALUE &single-valued] + [COLLECTIVE &collective] + [NO USER MODIFICATION &no-user-modification] + [USAGE &usage] + ID &id +} + +AttributeUsage ::= ENUMERATED { + userApplications(0), directoryOperation(1), distributedOperation(2), + dSAOperation(3)} + +-- attributes +objectClass ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + ID id-at-objectClass +} + +aliasedEntryName ATTRIBUTE ::= { + WITH SYNTAX DistinguishedName + EQUALITY MATCHING RULE distinguishedNameMatch + SINGLE VALUE TRUE + ID id-at-aliasedEntryName +} + +-- MATCHING-RULE information object class specification +MATCHING-RULE ::= CLASS { + &ParentMatchingRules MATCHING-RULE.&id OPTIONAL, + &AssertionType OPTIONAL, + &uniqueMatchIndicator ATTRIBUTE.&id OPTIONAL, + &id OBJECT IDENTIFIER UNIQUE +} +WITH SYNTAX { + [PARENT &ParentMatchingRules] + [SYNTAX &AssertionType] + [UNIQUE-MATCH-INDICATOR &uniqueMatchIndicator] + ID &id +} + +-- matching rules +objectIdentifierMatch MATCHING-RULE ::= { + SYNTAX OBJECT IDENTIFIER + ID id-mr-objectIdentifierMatch +} + +distinguishedNameMatch MATCHING-RULE ::= { + SYNTAX DistinguishedName + ID id-mr-distinguishedNameMatch +} + +MAPPING-BASED-MATCHING{SelectedBy, BOOLEAN:combinable, MappingResult, + OBJECT IDENTIFIER:matchingRule} ::= CLASS { + &selectBy SelectedBy OPTIONAL, + &ApplicableTo ATTRIBUTE, + &subtypesIncluded BOOLEAN DEFAULT TRUE, + &combinable BOOLEAN(combinable), + &mappingResults MappingResult OPTIONAL, + &userControl BOOLEAN DEFAULT FALSE, + &exclusive BOOLEAN DEFAULT TRUE, + &matching-rule MATCHING-RULE.&id(matchingRule), + &id OBJECT IDENTIFIER UNIQUE +} +WITH SYNTAX { + [SELECT BY &selectBy] + APPLICABLE TO &ApplicableTo + [SUBTYPES INCLUDED &subtypesIncluded] + COMBINABLE &combinable + [MAPPING RESULTS &mappingResults] + [USER CONTROL &userControl] + [EXCLUSIVE &exclusive] + MATCHING RULE &matching-rule + ID &id +} + +-- NAME-FORM information object class specification +NAME-FORM ::= CLASS { + &namedObjectClass OBJECT-CLASS, + &MandatoryAttributes ATTRIBUTE, + &OptionalAttributes ATTRIBUTE OPTIONAL, + &id OBJECT IDENTIFIER UNIQUE +} +WITH SYNTAX { + NAMES &namedObjectClass + WITH ATTRIBUTES &MandatoryAttributes + [AND OPTIONALLY &OptionalAttributes] + ID &id +} + +-- STRUCTURE-RULE class and DIT structure rule data types +STRUCTURE-RULE ::= CLASS { + &nameForm NAME-FORM, + &SuperiorStructureRules STRUCTURE-RULE OPTIONAL, + &id RuleIdentifier +} +WITH SYNTAX { + NAME FORM &nameForm + [SUPERIOR RULES &SuperiorStructureRules] + ID &id +} + +DITStructureRule ::= SEQUENCE { + ruleIdentifier RuleIdentifier, + -- must be unique within the scope of the subschema + nameForm NAME-FORM.&id, + superiorStructureRules SET SIZE (1..MAX) OF RuleIdentifier OPTIONAL +} + +RuleIdentifier ::= INTEGER + +-- CONTENT-RULE class and DIT content rule data types +CONTENT-RULE ::= CLASS { + &structuralClass OBJECT-CLASS.&id UNIQUE, + &Auxiliaries OBJECT-CLASS OPTIONAL, + &Mandatory ATTRIBUTE OPTIONAL, + &Optional ATTRIBUTE OPTIONAL, + &Precluded ATTRIBUTE OPTIONAL +} +WITH SYNTAX { + STRUCTURAL OBJECT-CLASS &structuralClass + [AUXILIARY OBJECT-CLASSES &Auxiliaries] + [MUST CONTAIN &Mandatory] + [MAY CONTAIN &Optional] + [MUST-NOT CONTAIN &Precluded] +} + +DITContentRule ::= SEQUENCE { + structuralObjectClass OBJECT-CLASS.&id, + auxiliaries SET SIZE (1..MAX) OF OBJECT-CLASS.&id OPTIONAL, + mandatory [1] SET SIZE (1..MAX) OF ATTRIBUTE.&id OPTIONAL, + optional [2] SET SIZE (1..MAX) OF ATTRIBUTE.&id OPTIONAL, + precluded [3] SET SIZE (1..MAX) OF ATTRIBUTE.&id OPTIONAL +} + +CONTEXT ::= CLASS { + &Type , + &Assertion OPTIONAL, + &id OBJECT IDENTIFIER UNIQUE +}WITH SYNTAX {WITH SYNTAX &Type + [ASSERTED AS &Assertion] + ID &id +} + +DITContextUse ::= SEQUENCE { + attributeType ATTRIBUTE.&id, + mandatoryContexts [1] SET SIZE (1..MAX) OF CONTEXT.&id OPTIONAL, + optionalContexts [2] SET SIZE (1..MAX) OF CONTEXT.&id OPTIONAL +} + +DIT-CONTEXT-USE-RULE ::= CLASS { + &attributeType ATTRIBUTE.&id UNIQUE, + &Mandatory CONTEXT OPTIONAL, + &Optional CONTEXT OPTIONAL +} +WITH SYNTAX { + ATTRIBUTE TYPE &attributeType + [MANDATORY CONTEXTS &Mandatory] + [OPTIONAL CONTEXTS &Optional] +} + +-- system schema information objects +-- object classes +subentry OBJECT-CLASS ::= { + SUBCLASS OF {top} + KIND structural + MUST CONTAIN {commonName | subtreeSpecification} + ID id-sc-subentry +} + +subentryNameForm NAME-FORM ::= { + NAMES subentry + WITH ATTRIBUTES {commonName} + ID id-nf-subentryNameForm +} + +accessControlSubentry OBJECT-CLASS ::= { + KIND auxiliary + ID id-sc-accessControlSubentry +} + +collectiveAttributeSubentry OBJECT-CLASS ::= { + KIND auxiliary + ID id-sc-collectiveAttributeSubentry +} + +contextAssertionSubentry OBJECT-CLASS ::= { + KIND auxiliary + MUST CONTAIN {contextAssertionDefaults} + ID id-sc-contextAssertionSubentry +} + +serviceAdminSubentry OBJECT-CLASS ::= { + KIND auxiliary + MUST CONTAIN {searchRules} + ID id-sc-serviceAdminSubentry +} + +-- attributes +createTimestamp ATTRIBUTE ::= { + WITH SYNTAX GeneralizedTime + -- as per 41.3 b) or c) of ITU-T Rec. X.680 | ISO/IEC 8824-1 + EQUALITY MATCHING RULE generalizedTimeMatch + ORDERING MATCHING RULE generalizedTimeOrderingMatch + SINGLE VALUE TRUE + NO USER MODIFICATION TRUE + USAGE directoryOperation + ID id-oa-createTimestamp +} + +modifyTimestamp ATTRIBUTE ::= { + WITH SYNTAX GeneralizedTime + -- as per 41.3 b) or c) of ITU-T Rec. X.680 | ISO/IEC 8824-1 + EQUALITY MATCHING RULE generalizedTimeMatch + ORDERING MATCHING RULE generalizedTimeOrderingMatch + SINGLE VALUE TRUE + NO USER MODIFICATION TRUE + USAGE directoryOperation + ID id-oa-modifyTimestamp +} + +subschemaTimestamp ATTRIBUTE ::= { + WITH SYNTAX GeneralizedTime + -- as per 41.3 b) or c) of ITU-T Rec.X. 680 | ISO/IEC 8824-1 + EQUALITY MATCHING RULE generalizedTimeMatch + ORDERING MATCHING RULE generalizedTimeOrderingMatch + SINGLE VALUE TRUE + NO USER MODIFICATION TRUE + USAGE directoryOperation + ID id-oa-subschemaTimestamp +} + +creatorsName ATTRIBUTE ::= { + WITH SYNTAX DistinguishedName + EQUALITY MATCHING RULE distinguishedNameMatch + SINGLE VALUE TRUE + NO USER MODIFICATION TRUE + USAGE directoryOperation + ID id-oa-creatorsName +} + +modifiersName ATTRIBUTE ::= { + WITH SYNTAX DistinguishedName + EQUALITY MATCHING RULE distinguishedNameMatch + SINGLE VALUE TRUE + NO USER MODIFICATION TRUE + USAGE directoryOperation + ID id-oa-modifiersName +} + +subschemaSubentryList ATTRIBUTE ::= { + WITH SYNTAX DistinguishedName + EQUALITY MATCHING RULE distinguishedNameMatch + SINGLE VALUE TRUE + NO USER MODIFICATION TRUE + USAGE directoryOperation + ID id-oa-subschemaSubentryList +} + +accessControlSubentryList ATTRIBUTE ::= { + WITH SYNTAX DistinguishedName + EQUALITY MATCHING RULE distinguishedNameMatch + NO USER MODIFICATION TRUE + USAGE directoryOperation + ID id-oa-accessControlSubentryList +} + +collectiveAttributeSubentryList ATTRIBUTE ::= { + WITH SYNTAX DistinguishedName + EQUALITY MATCHING RULE distinguishedNameMatch + NO USER MODIFICATION TRUE + USAGE directoryOperation + ID id-oa-collectiveAttributeSubentryList +} + +contextDefaultSubentryList ATTRIBUTE ::= { + WITH SYNTAX DistinguishedName + EQUALITY MATCHING RULE distinguishedNameMatch + NO USER MODIFICATION TRUE + USAGE directoryOperation + ID id-oa-contextDefaultSubentryList +} + +serviceAdminSubentryList ATTRIBUTE ::= { + WITH SYNTAX DistinguishedName + EQUALITY MATCHING RULE distinguishedNameMatch + NO USER MODIFICATION TRUE + USAGE directoryOperation + ID id-oa-serviceAdminSubentryList +} + +hasSubordinates ATTRIBUTE ::= { + WITH SYNTAX BOOLEAN + EQUALITY MATCHING RULE booleanMatch + SINGLE VALUE TRUE + NO USER MODIFICATION TRUE + USAGE directoryOperation + ID id-oa-hasSubordinates +} + +administrativeRole ATTRIBUTE ::= { + WITH SYNTAX OBJECT-CLASS.&id + EQUALITY MATCHING RULE objectIdentifierMatch + USAGE directoryOperation + ID id-oa-administrativeRole +} + +subtreeSpecification ATTRIBUTE ::= { + WITH SYNTAX SubtreeSpecification + USAGE directoryOperation + ID id-oa-subtreeSpecification +} + +collectiveExclusions ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + USAGE directoryOperation + ID id-oa-collectiveExclusions +} + +contextAssertionDefaults ATTRIBUTE ::= { + WITH SYNTAX TypeAndContextAssertion + EQUALITY MATCHING RULE objectIdentifierFirstComponentMatch + USAGE directoryOperation + ID id-oa-contextAssertionDefault +} + +searchRules ATTRIBUTE ::= { + WITH SYNTAX SearchRuleDescription + EQUALITY MATCHING RULE integerFirstComponentMatch + USAGE directoryOperation + ID id-oa-searchRules +} + +SearchRuleDescription ::= SEQUENCE { + COMPONENTS OF SearchRule, + name [28] SET SIZE (1..MAX) OF DirectoryString{ub-search} OPTIONAL, + description [29] DirectoryString{ub-search} OPTIONAL, + obsolete [30] BOOLEAN DEFAULT FALSE +} + +hierarchyLevel ATTRIBUTE ::= { + WITH SYNTAX INTEGER + EQUALITY MATCHING RULE integerMatch + ORDERING MATCHING RULE integerOrderingMatch + SINGLE VALUE TRUE + NO USER MODIFICATION TRUE + USAGE directoryOperation + ID id-oa-hierarchyLevel +} + +hierarchyBelow ATTRIBUTE ::= { + WITH SYNTAX BOOLEAN + EQUALITY MATCHING RULE booleanMatch + SINGLE VALUE TRUE + NO USER MODIFICATION TRUE + USAGE directoryOperation + ID id-oa-hierarchyBelow +} + +hierarchyParent ATTRIBUTE ::= { + WITH SYNTAX DistinguishedName + EQUALITY MATCHING RULE distinguishedNameMatch + SINGLE VALUE TRUE + USAGE directoryOperation + ID id-oa-hierarchyParent +} + +SearchRule ::= SEQUENCE { + COMPONENTS OF SearchRuleId, + serviceType [1] OBJECT IDENTIFIER OPTIONAL, + userClass [2] INTEGER OPTIONAL, + inputAttributeTypes + [3] SEQUENCE SIZE (1..MAX) OF RequestAttribute OPTIONAL, + attributeCombination [4] AttributeCombination DEFAULT and:{}, + outputAttributeTypes [5] SEQUENCE SIZE (1..MAX) OF ResultAttribute OPTIONAL, + defaultControls [6] ControlOptions OPTIONAL, + mandatoryControls [7] ControlOptions OPTIONAL, + searchRuleControls [8] ControlOptions OPTIONAL, + familyGrouping [9] FamilyGrouping OPTIONAL, + familyReturn [10] FamilyReturn OPTIONAL, + relaxation [11] RelaxationPolicy OPTIONAL, + additionalControl [12] SEQUENCE SIZE (1..MAX) OF AttributeType OPTIONAL, + allowedSubset [13] AllowedSubset DEFAULT '111'B, + imposedSubset [14] ImposedSubset OPTIONAL, + entryLimit [15] EntryLimit OPTIONAL +} + +SearchRuleId ::= SEQUENCE {id INTEGER, + dmdId [0] OBJECT IDENTIFIER +} + +AllowedSubset ::= BIT STRING {baseObject(0), oneLevel(1), wholeSubtree(2)} + +ImposedSubset ::= ENUMERATED {baseObject(0), oneLevel(1), wholeSubtree(2)} + +RequestAttribute ::= SEQUENCE { + attributeType ATTRIBUTE.&id({SupportedAttributes}), + includeSubtypes [0] BOOLEAN DEFAULT FALSE, + selectedValues + [1] SEQUENCE SIZE (0..MAX) OF + ATTRIBUTE.&Type({SupportedAttributes}{@attributeType}) OPTIONAL, + defaultValues + [2] SEQUENCE SIZE (0..MAX) OF + SEQUENCE {entryType OBJECT-CLASS.&id OPTIONAL, + values + SEQUENCE OF + ATTRIBUTE.&Type + ({SupportedAttributes}{@attributeType})} OPTIONAL, + contexts [3] SEQUENCE SIZE (0..MAX) OF ContextProfile OPTIONAL, + contextCombination [4] ContextCombination DEFAULT and:{}, + matchingUse [5] SEQUENCE SIZE (1..MAX) OF MatchingUse OPTIONAL +} + +ContextProfile ::= SEQUENCE { + contextType CONTEXT.&id({SupportedContexts}), + contextValue + SEQUENCE SIZE (1..MAX) OF + CONTEXT.&Assertion({SupportedContexts}{@contextType}) OPTIONAL +} + +ContextCombination ::= CHOICE { + context [0] CONTEXT.&id, + and [1] SEQUENCE OF ContextCombination, + or [2] SEQUENCE OF ContextCombination, + not [3] ContextCombination +} + +MatchingUse ::= SEQUENCE { + restrictionType + MATCHING-RESTRICTION.&id({SupportedMatchingRestrictions}), + restrictionValue + MATCHING-RESTRICTION.&Restriction + ({SupportedMatchingRestrictions}{@restrictionType}) +} + +-- Definition of the following information object set is deferred, perhaps to standardized +-- profiles or to protocol implementation conformance statements. The set is required to +-- specify a table constraint on the components of SupportedMatchingRestrictions +SupportedMatchingRestrictions MATCHING-RESTRICTION ::= + {...} + +AttributeCombination ::= CHOICE { + attribute [0] AttributeType, + and [1] SEQUENCE OF AttributeCombination, + or [2] SEQUENCE OF AttributeCombination, + not [3] AttributeCombination +} + +ResultAttribute ::= SEQUENCE { + attributeType ATTRIBUTE.&id({SupportedAttributes}), + outputValues + CHOICE {selectedValues + SEQUENCE SIZE (1..MAX) OF + ATTRIBUTE.&Type({SupportedAttributes}{@attributeType}), + matchedValuesOnly NULL} OPTIONAL, + contexts [0] SEQUENCE SIZE (1..MAX) OF ContextProfile OPTIONAL +} + +OutputValues ::= CHOICE { + selectedValues + SEQUENCE SIZE (1..MAX) OF ATTRIBUTE.&Type({SupportedAttributes}), + matchedValuesOnly NULL +} + +ControlOptions ::= SEQUENCE { + serviceControls [0] ServiceControlOptions DEFAULT {}, + searchOptions [1] SearchControlOptions DEFAULT {searchAliases}, + hierarchyOptions [2] HierarchySelections OPTIONAL +} + +EntryLimit ::= SEQUENCE {default INTEGER, + max INTEGER +} + +RelaxationPolicy ::= SEQUENCE { + basic [0] MRMapping DEFAULT {}, + tightenings [1] SEQUENCE SIZE (1..MAX) OF MRMapping OPTIONAL, + relaxations [2] SEQUENCE SIZE (1..MAX) OF MRMapping OPTIONAL, + maximum [3] INTEGER OPTIONAL, -- mandatory if tightenings is present + minimum [4] INTEGER DEFAULT 1 +} + +MRMapping ::= SEQUENCE { + mapping [0] SEQUENCE SIZE (1..MAX) OF Mapping OPTIONAL, + substitution [1] SEQUENCE SIZE (1..MAX) OF MRSubstitution OPTIONAL +} + +Mapping ::= SEQUENCE { + mappingFunction + OBJECT IDENTIFIER + (CONSTRAINED BY {-- shall be an-- + + -- object identifier of a mapping-based matching algorithm -- }), + level INTEGER DEFAULT 0 +} + +MRSubstitution ::= SEQUENCE { + attribute AttributeType, + oldMatchingRule [0] MATCHING-RULE.&id OPTIONAL, + newMatchingRule [1] MATCHING-RULE.&id OPTIONAL +} + +SEARCH-RULE ::= CLASS { + &dmdId OBJECT IDENTIFIER, + &serviceType OBJECT IDENTIFIER OPTIONAL, + &userClass INTEGER OPTIONAL, + &InputAttributeTypes REQUEST-ATTRIBUTE OPTIONAL, + &combination AttributeCombination OPTIONAL, + &OutputAttributeTypes RESULT-ATTRIBUTE OPTIONAL, + &defaultControls ControlOptions OPTIONAL, + &mandatoryControls ControlOptions OPTIONAL, + &searchRuleControls ControlOptions OPTIONAL, + &familyGrouping FamilyGrouping OPTIONAL, + &familyReturn FamilyReturn OPTIONAL, + &additionalControl AttributeType OPTIONAL, + &relaxation RelaxationPolicy OPTIONAL, + &entryLimit EntryLimit OPTIONAL, + &allowedSubset AllowedSubset DEFAULT '111'B, + &imposedSubset ImposedSubset OPTIONAL, + &id INTEGER UNIQUE +} +WITH SYNTAX { + DMD ID &dmdId + [SERVICE-TYPE &serviceType] + [USER-CLASS &userClass] + [INPUT ATTRIBUTES &InputAttributeTypes] + [COMBINATION &combination] + [OUTPUT ATTRIBUTES &OutputAttributeTypes] + [DEFAULT CONTROL &defaultControls] + [MANDATORY CONTROL &mandatoryControls] + [SEARCH-RULE CONTROL &searchRuleControls] + [FAMILY-GROUPING &familyGrouping] + [FAMILY-RETURN &familyReturn] + [ADDITIONAL CONTROL &additionalControl] + [RELAXATION &relaxation] + [ALLOWED SUBSET &allowedSubset] + [IMPOSED SUBSET &imposedSubset] + [ENTRY LIMIT &entryLimit] + ID &id +} + +REQUEST-ATTRIBUTE ::= CLASS { + &attributeType ATTRIBUTE.&id, + &SelectedValues ATTRIBUTE.&Type OPTIONAL, + &DefaultValues SEQUENCE {entryType OBJECT-CLASS.&id OPTIONAL, + values SEQUENCE OF ATTRIBUTE.&Type + } OPTIONAL, + &contexts SEQUENCE OF ContextProfile OPTIONAL, + &contextCombination ContextCombination OPTIONAL, + &MatchingUse MatchingUse OPTIONAL, + &includeSubtypes BOOLEAN DEFAULT FALSE +} +WITH SYNTAX { + ATTRIBUTE TYPE &attributeType + [SELECTED VALUES &SelectedValues] + [DEFAULT VALUES &DefaultValues] + [CONTEXTS &contexts] + [CONTEXT COMBINATION &contextCombination] + [MATCHING USE &MatchingUse] + [INCLUDE SUBTYPES &includeSubtypes] +} + +RESULT-ATTRIBUTE ::= CLASS { + &attributeType ATTRIBUTE.&id, + &outputValues OutputValues OPTIONAL, + &contexts ContextProfile OPTIONAL +} +WITH SYNTAX { + ATTRIBUTE TYPE &attributeType + [OUTPUT VALUES &outputValues] + [CONTEXTS &contexts] +} + +MATCHING-RESTRICTION ::= CLASS { + &Restriction , + &Rules MATCHING-RULE.&id, + &id OBJECT IDENTIFIER UNIQUE +}WITH SYNTAX {RESTRICTION &Restriction + RULES &Rules + ID &id +} + +-- object identifier assignments +-- object classes +id-oc-top OBJECT IDENTIFIER ::= + {id-oc 0} + +id-oc-alias OBJECT IDENTIFIER ::= {id-oc 1} + +id-oc-parent OBJECT IDENTIFIER ::= {id-oc 28} + +id-oc-child OBJECT IDENTIFIER ::= {id-oc 29} + +-- attributes +id-at-objectClass OBJECT IDENTIFIER ::= {id-at 0} + +id-at-aliasedEntryName OBJECT IDENTIFIER ::= {id-at 1} + +-- matching rules +id-mr-objectIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 0} + +id-mr-distinguishedNameMatch OBJECT IDENTIFIER ::= {id-mr 1} + +-- operational attributes +id-oa-excludeAllCollectiveAttributes OBJECT IDENTIFIER ::= + {id-oa 0} + +id-oa-createTimestamp OBJECT IDENTIFIER ::= {id-oa 1} + +id-oa-modifyTimestamp OBJECT IDENTIFIER ::= {id-oa 2} + +id-oa-creatorsName OBJECT IDENTIFIER ::= {id-oa 3} + +id-oa-modifiersName OBJECT IDENTIFIER ::= {id-oa 4} + +id-oa-administrativeRole OBJECT IDENTIFIER ::= {id-oa 5} + +id-oa-subtreeSpecification OBJECT IDENTIFIER ::= {id-oa 6} + +id-oa-collectiveExclusions OBJECT IDENTIFIER ::= {id-oa 7} + +id-oa-subschemaTimestamp OBJECT IDENTIFIER ::= {id-oa 8} + +id-oa-hasSubordinates OBJECT IDENTIFIER ::= {id-oa 9} + +id-oa-subschemaSubentryList OBJECT IDENTIFIER ::= {id-oa 10} + +id-oa-accessControlSubentryList OBJECT IDENTIFIER ::= {id-oa 11} + +id-oa-collectiveAttributeSubentryList OBJECT IDENTIFIER ::= {id-oa 12} + +id-oa-contextDefaultSubentryList OBJECT IDENTIFIER ::= {id-oa 13} + +id-oa-contextAssertionDefault OBJECT IDENTIFIER ::= {id-oa 14} + +id-oa-serviceAdminSubentryList OBJECT IDENTIFIER ::= {id-oa 15} + +id-oa-searchRules OBJECT IDENTIFIER ::= {id-oa 16} + +id-oa-hierarchyLevel OBJECT IDENTIFIER ::= {id-oa 17} + +id-oa-hierarchyBelow OBJECT IDENTIFIER ::= {id-oa 18} + +id-oa-hierarchyParent OBJECT IDENTIFIER ::= {id-oa 19} + +-- subentry classes +id-sc-subentry OBJECT IDENTIFIER ::= {id-sc 0} + +id-sc-accessControlSubentry OBJECT IDENTIFIER ::= {id-sc 1} + +id-sc-collectiveAttributeSubentry OBJECT IDENTIFIER ::= {id-sc 2} + +id-sc-contextAssertionSubentry OBJECT IDENTIFIER ::= {id-sc 3} + +id-sc-serviceAdminSubentry OBJECT IDENTIFIER ::= {id-sc 4} + +-- Name forms +id-nf-subentryNameForm OBJECT IDENTIFIER ::= {id-nf 16} + +-- administrative roles +id-ar-autonomousArea OBJECT IDENTIFIER ::= {id-ar 1} + +id-ar-accessControlSpecificArea OBJECT IDENTIFIER ::= {id-ar 2} + +id-ar-accessControlInnerArea OBJECT IDENTIFIER ::= {id-ar 3} + +id-ar-subschemaAdminSpecificArea OBJECT IDENTIFIER ::= {id-ar 4} + +id-ar-collectiveAttributeSpecificArea OBJECT IDENTIFIER ::= {id-ar 5} + +id-ar-collectiveAttributeInnerArea OBJECT IDENTIFIER ::= {id-ar 6} + +id-ar-contextDefaultSpecificArea OBJECT IDENTIFIER ::= {id-ar 7} + +id-ar-serviceSpecificArea OBJECT IDENTIFIER ::= {id-ar 8} + +END -- InformationFramework + +-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D diff --git a/acse/SelectedAttributeTypes.asn1 b/acse/SelectedAttributeTypes.asn1 new file mode 100644 index 0000000..0ac391f --- /dev/null +++ b/acse/SelectedAttributeTypes.asn1 @@ -0,0 +1,1467 @@ +-- Module SelectedAttributeTypes (X.520:08/1997) +-- See also ITU-T X.520 (08/1997) +-- See also the index of all ASN.1 assignments needed in this document + +SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1) + selectedAttributeTypes(5) 3} DEFINITIONS ::= +BEGIN + +-- EXPORTS All +-- The types and values defined in this module are exported for use in the other ASN.1 modules contained +-- within the Directory Specifications, and for the use of other applications which will use them to access +-- Directory services. Other applications may use them for their own purposes, but this will not constrain +-- extensions and modifications needed to maintain or improve the Directory service. +IMPORTS + informationFramework, upperBounds, id-at, id-mr, id-avc, + directoryAbstractService, id-pr, id-not, id-cat + FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) + usefulDefinitions(0) 3} + Attribute, ATTRIBUTE, MATCHING-RULE, AttributeType, OBJECT-CLASS, + DistinguishedName, objectIdentifierMatch, distinguishedNameMatch, + CONTEXT, ContextAssertion, AttributeCombination, ContextCombination, + MAPPING-BASED-MATCHING, MRMapping, AttributeValueAssertion + FROM InformationFramework informationFramework + G3FacsimileNonBasicParameters + FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0) + mts-abstract-service(1) version-1999(1)} + ub-answerback, ub-name, ub-common-name, ub-surname, ub-serial-number, + ub-locality-name, ub-state-name, ub-street-address, ub-organization-name, + ub-organizational-unit-name, ub-title, ub-description, + ub-business-category, ub-postal-line, ub-postal-string, ub-postal-code, + ub-post-office-box, ub-physical-office-name, ub-telex-number, + ub-country-code, ub-teletex-terminal-id, ub-telephone-number, + ub-x121-address, ub-international-isdn-number, ub-destination-indicator, + ub-user-password, ub-match, ub-knowledge-information, + ub-directory-string-first-component-match, ub-localeContextSyntax, + ub-pseudonym + FROM UpperBounds upperBounds + FilterItem, HierarchySelections, SearchControlOptions, ServiceControlOptions + FROM DirectoryAbstractService directoryAbstractService; + +-- Directory string type +DirectoryString{INTEGER:maxSize} ::= CHOICE { + teletexString TeletexString(SIZE (1..maxSize)), + printableString PrintableString(SIZE (1..maxSize)), + universalString UniversalString(SIZE (1..maxSize)), + bmpString BMPString(SIZE (1..maxSize)), + uTF8String UTF8String(SIZE (1..maxSize)) +} + +-- Attribute types +knowledgeInformation ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-knowledge-information} + EQUALITY MATCHING RULE caseIgnoreMatch + ID id-at-knowledgeInformation +} + +name ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-name} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-name +} + +commonName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-common-name} + ID id-at-commonName +} + +surname ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-surname} + ID id-at-surname +} + +givenName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-name} + ID id-at-givenName +} + +initials ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-name} + ID id-at-initials +} + +generationQualifier ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-name} + ID id-at-generationQualifier +} + +uniqueIdentifier ATTRIBUTE ::= { + WITH SYNTAX UniqueIdentifier + EQUALITY MATCHING RULE bitStringMatch + ID id-at-uniqueIdentifier +} + +UniqueIdentifier ::= BIT STRING + +dnQualifier ATTRIBUTE ::= { + WITH SYNTAX PrintableString + EQUALITY MATCHING RULE caseIgnoreMatch + ORDERING MATCHING RULE caseIgnoreOrderingMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-dnQualifier +} + +serialNumber ATTRIBUTE ::= { + WITH SYNTAX PrintableString(SIZE (1..ub-serial-number)) + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-serialNumber +} + +pseudonym ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-pseudonym} + ID id-at-pseudonym +} + +countryName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX CountryName + SINGLE VALUE TRUE + ID id-at-countryName +} + +CountryName ::= PrintableString(SIZE (2)) -- ISO 3166 codes only + + +localityName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-locality-name} + ID id-at-localityName +} + +collectiveLocalityName ATTRIBUTE ::= { + SUBTYPE OF localityName + COLLECTIVE TRUE + ID id-at-collectiveLocalityName +} + +stateOrProvinceName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-state-name} + ID id-at-stateOrProvinceName +} + +collectiveStateOrProvinceName ATTRIBUTE ::= { + SUBTYPE OF stateOrProvinceName + COLLECTIVE TRUE + ID id-at-collectiveStateOrProvinceName +} + +streetAddress ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-street-address} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-streetAddress +} + +collectiveStreetAddress ATTRIBUTE ::= { + SUBTYPE OF streetAddress + COLLECTIVE TRUE + ID id-at-collectiveStreetAddress +} + +houseIdentifier ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-name} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-houseIdentifier +} + +organizationName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-organization-name} + ID id-at-organizationName +} + +collectiveOrganizationName ATTRIBUTE ::= { + SUBTYPE OF organizationName + COLLECTIVE TRUE + ID id-at-collectiveOrganizationName +} + +organizationalUnitName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-organizational-unit-name} + ID id-at-organizationalUnitName +} + +collectiveOrganizationalUnitName ATTRIBUTE ::= { + SUBTYPE OF organizationalUnitName + COLLECTIVE TRUE + ID id-at-collectiveOrganizationalUnitName +} + +title ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-title} + ID id-at-title +} + +description ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-description} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-description +} + +searchGuide ATTRIBUTE ::= {WITH SYNTAX Guide + ID id-at-searchGuide +} + +Guide ::= SET { + objectClass [0] OBJECT-CLASS.&id OPTIONAL, + criteria [1] Criteria +} + +Criteria ::= CHOICE { + type [0] CriteriaItem, + and [1] SET OF Criteria, + or [2] SET OF Criteria, + not [3] Criteria +} + +CriteriaItem ::= CHOICE { + equality [0] AttributeType, + substrings [1] AttributeType, + greaterOrEqual [2] AttributeType, + lessOrEqual [3] AttributeType, + approximateMatch [4] AttributeType +} + +enhancedSearchGuide ATTRIBUTE ::= { + WITH SYNTAX EnhancedGuide + ID id-at-enhancedSearchGuide +} + +EnhancedGuide ::= SEQUENCE { + objectClass [0] OBJECT-CLASS.&id, + criteria [1] Criteria, + subset + [2] INTEGER {baseObject(0), oneLevel(1), wholeSubtree(2)} DEFAULT oneLevel +} + +businessCategory ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-business-category} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-businessCategory +} + +postalAddress ATTRIBUTE ::= { + WITH SYNTAX PostalAddress + EQUALITY MATCHING RULE caseIgnoreListMatch + SUBSTRINGS MATCHING RULE caseIgnoreListSubstringsMatch + ID id-at-postalAddress +} + +PostalAddress ::= + SEQUENCE SIZE (1..ub-postal-line) OF DirectoryString{ub-postal-string} + +collectivePostalAddress ATTRIBUTE ::= { + SUBTYPE OF postalAddress + COLLECTIVE TRUE + ID id-at-collectivePostalAddress +} + +postalCode ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-postal-code} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-postalCode +} + +collectivePostalCode ATTRIBUTE ::= { + SUBTYPE OF postalCode + COLLECTIVE TRUE + ID id-at-collectivePostalCode +} + +postOfficeBox ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-post-office-box} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-postOfficeBox +} + +collectivePostOfficeBox ATTRIBUTE ::= { + SUBTYPE OF postOfficeBox + COLLECTIVE TRUE + ID id-at-collectivePostOfficeBox +} + +physicalDeliveryOfficeName ATTRIBUTE ::= { + WITH SYNTAX DirectoryString {ub-physical-office-name} + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-physicalDeliveryOfficeName +} + +collectivePhysicalDeliveryOfficeName ATTRIBUTE ::= { + SUBTYPE OF physicalDeliveryOfficeName + COLLECTIVE TRUE + ID id-at-collectivePhysicalDeliveryOfficeName +} + +telephoneNumber ATTRIBUTE ::= { + WITH SYNTAX TelephoneNumber + EQUALITY MATCHING RULE telephoneNumberMatch + SUBSTRINGS MATCHING RULE telephoneNumberSubstringsMatch + ID id-at-telephoneNumber +} + +TelephoneNumber ::= PrintableString(SIZE (1..ub-telephone-number)) + +-- String complying with CCITT Rec. E.123 only +collectiveTelephoneNumber ATTRIBUTE ::= { + SUBTYPE OF telephoneNumber + COLLECTIVE TRUE + ID id-at-collectiveTelephoneNumber +} + +telexNumber ATTRIBUTE ::= { + WITH SYNTAX TelexNumber + ID id-at-telexNumber +} + +TelexNumber ::= SEQUENCE { + telexNumber PrintableString(SIZE (1..ub-telex-number)), + countryCode PrintableString(SIZE (1..ub-country-code)), + answerback PrintableString(SIZE (1..ub-answerback)) +} + +collectiveTelexNumber ATTRIBUTE ::= { + SUBTYPE OF telexNumber + COLLECTIVE TRUE + ID id-at-collectiveTelexNumber +} + +facsimileTelephoneNumber ATTRIBUTE ::= { + WITH SYNTAX FacsimileTelephoneNumber + EQUALITY MATCHING RULE facsimileNumberMatch + SUBSTRINGS MATCHING RULE facsimileNumberSubstringsMatch + ID id-at-facsimileTelephoneNumber +} + +facsimileNumberMatch MATCHING-RULE ::= { + SYNTAX TelephoneNumber + ID id-mr-facsimileNumberMatch +} + +facsimileNumberSubstringsMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion + ID id-mr-facsimileNumberSubstringsMatch +} + +FacsimileTelephoneNumber ::= SEQUENCE { + telephoneNumber TelephoneNumber, + parameters G3FacsimileNonBasicParameters OPTIONAL +} + +collectiveFacsimileTelephoneNumber ATTRIBUTE ::= { + SUBTYPE OF facsimileTelephoneNumber + COLLECTIVE TRUE + ID id-at-collectiveFacsimileTelephoneNumber +} + +x121Address ATTRIBUTE ::= { + WITH SYNTAX X121Address + EQUALITY MATCHING RULE numericStringMatch + SUBSTRINGS MATCHING RULE numericStringSubstringsMatch + ID id-at-x121Address +} + +X121Address ::= NumericString(SIZE (1..ub-x121-address)) + +-- String as defined by ITU-T Rec. X.121 +internationalISDNNumber ATTRIBUTE ::= { + WITH SYNTAX InternationalISDNNumber + EQUALITY MATCHING RULE numericStringMatch + SUBSTRINGS MATCHING RULE numericStringSubstringsMatch + ID id-at-internationalISDNNumber +} + +InternationalISDNNumber ::= + NumericString(SIZE (1..ub-international-isdn-number)) + +-- String complying with ITU-T Rec. E.164 only +collectiveInternationalISDNNumber ATTRIBUTE ::= { + SUBTYPE OF internationalISDNNumber + COLLECTIVE TRUE + ID id-at-collectiveInternationalISDNNumber +} + +registeredAddress ATTRIBUTE ::= { + SUBTYPE OF postalAddress + WITH SYNTAX PostalAddress + ID id-at-registeredAddress +} + +destinationIndicator ATTRIBUTE ::= { + WITH SYNTAX DestinationIndicator + EQUALITY MATCHING RULE caseIgnoreMatch + SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch + ID id-at-destinationIndicator +} + +DestinationIndicator ::= PrintableString(SIZE (1..ub-destination-indicator)) + +communicationsService ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + ID id-at-communicationsService +} + +communicationsNetwork ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + SINGLE VALUE TRUE + ID id-at-communicationsNetwork +} + +-- alphabetical characters only +preferredDeliveryMethod ATTRIBUTE ::= { + WITH SYNTAX PreferredDeliveryMethod + SINGLE VALUE TRUE + ID id-at-preferredDeliveryMethod +} + +PreferredDeliveryMethod ::= + SEQUENCE OF + INTEGER {any-delivery-method(0), mhs-delivery(1), physical-delivery(2), + telex-delivery(3), teletex-delivery(4), g3-facsimile-delivery(5), + g4-facsimile-delivery(6), ia5-terminal-delivery(7), + videotex-delivery(8), telephone-delivery(9)} + +presentationAddress ATTRIBUTE ::= { + WITH SYNTAX PresentationAddress + EQUALITY MATCHING RULE presentationAddressMatch + SINGLE VALUE TRUE + ID id-at-presentationAddress +} + +PresentationAddress ::= SEQUENCE { + pSelector [0] OCTET STRING OPTIONAL, + sSelector [1] OCTET STRING OPTIONAL, + tSelector [2] OCTET STRING OPTIONAL, + nAddresses [3] SET SIZE (1..MAX) OF OCTET STRING +} + +supportedApplicationContext ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + ID id-at-supportedApplicationContext +} + +protocolInformation ATTRIBUTE ::= { + WITH SYNTAX ProtocolInformation + EQUALITY MATCHING RULE protocolInformationMatch + ID id-at-protocolInformation +} + +ProtocolInformation ::= SEQUENCE { + nAddress OCTET STRING, + profiles SET OF OBJECT IDENTIFIER +} + +distinguishedName ATTRIBUTE ::= { + WITH SYNTAX DistinguishedName + EQUALITY MATCHING RULE distinguishedNameMatch + ID id-at-distinguishedName +} + +member ATTRIBUTE ::= {SUBTYPE OF distinguishedName + ID id-at-member +} + +uniqueMember ATTRIBUTE ::= { + WITH SYNTAX NameAndOptionalUID + EQUALITY MATCHING RULE uniqueMemberMatch + ID id-at-uniqueMember +} + +NameAndOptionalUID ::= SEQUENCE { + dn DistinguishedName, + uid UniqueIdentifier OPTIONAL +} + +owner ATTRIBUTE ::= {SUBTYPE OF distinguishedName + ID id-at-owner +} + +roleOccupant ATTRIBUTE ::= { + SUBTYPE OF distinguishedName + ID id-at-roleOccupant +} + +seeAlso ATTRIBUTE ::= {SUBTYPE OF distinguishedName + ID id-at-seeAlso +} + +dmdName ATTRIBUTE ::= { + SUBTYPE OF name + WITH SYNTAX DirectoryString {ub-common-name} + ID id-at-dmdName +} + +dSAProblem ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + ID id-not-dSAProblem +} + +searchServiceProblem ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + SINGLE VALUE TRUE + ID id-not-searchServiceProblem +} + +serviceType ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + SINGLE VALUE TRUE + ID id-not-serviceType +} + +attributeTypeList ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + ID id-not-attributeTypeList +} + +filterItem ATTRIBUTE ::= { + WITH SYNTAX FilterItem + ID id-not-filterItem +} + +attributeCombinations ATTRIBUTE ::= { + WITH SYNTAX AttributeCombination + ID id-not-attributeCombinations +} + +contextTypeList ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + ID id-not-contextTypeList +} + +contextList ATTRIBUTE ::= { + WITH SYNTAX ContextAssertion + ID id-not-contextList +} + +hierarchySelectList ATTRIBUTE ::= { + WITH SYNTAX HierarchySelections + SINGLE VALUE TRUE + ID id-not-hierarchySelectList +} + +searchOptionsList ATTRIBUTE ::= { + WITH SYNTAX SearchControlOptions + SINGLE VALUE TRUE + ID id-not-searchOptionsList +} + +serviceControlOptionsList ATTRIBUTE ::= { + WITH SYNTAX ServiceControlOptions + SINGLE VALUE TRUE + ID id-not-serviceControlOptionsList +} + +multipleMatchingLocalities ATTRIBUTE ::= { + WITH SYNTAX MultipleMatchingLocalities + ID id-not-multipleMatchingLocalities +} + +MultipleMatchingLocalities ::= SEQUENCE { + matchingRuleUsed MATCHING-RULE.&id OPTIONAL, + attributeList SEQUENCE OF AttributeValueAssertion +} + +proposedRelaxation ATTRIBUTE ::= { + WITH SYNTAX SEQUENCE OF MRMapping + ID id-not-proposedRelaxation +} + +appliedRelaxation ATTRIBUTE ::= { + WITH SYNTAX OBJECT IDENTIFIER + EQUALITY MATCHING RULE objectIdentifierMatch + ID id-not-appliedRelaxation +} + +-- Matching rules +caseIgnoreMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-caseIgnoreMatch +} + +caseIgnoreOrderingMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-caseIgnoreOrderingMatch +} + +caseIgnoreSubstringsMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion + ID id-mr-caseIgnoreSubstringsMatch +} + +SubstringAssertion ::= + SEQUENCE OF + CHOICE {initial [0] DirectoryString{ub-match}, + any [1] DirectoryString{ub-match}, + final [2] DirectoryString{ub-match}, + control Attribute + } -- Used to specify interpretation of the following items + +-- at most one initial and one final component +caseExactMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-caseExactMatch +} + +caseExactOrderingMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-caseExactOrderingMatch +} + +caseExactSubstringsMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion -- only the PrintableString choice + ID id-mr-caseExactSubstringsMatch +} + +numericStringMatch MATCHING-RULE ::= { + SYNTAX NumericString + ID id-mr-numericStringMatch +} + +numericStringOrderingMatch MATCHING-RULE ::= { + SYNTAX NumericString + ID id-mr-numericStringOrderingMatch +} + +numericStringSubstringsMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion + ID id-mr-numericStringSubstringsMatch +} + +caseIgnoreListMatch MATCHING-RULE ::= { + SYNTAX CaseIgnoreListMatch + ID id-mr-caseIgnoreListMatch +} + +CaseIgnoreListMatch ::= SEQUENCE OF DirectoryString{ub-match} + +caseIgnoreListSubstringsMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion + ID id-mr-caseIgnoreListSubstringsMatch +} + +storedPrefixMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-storedPrefixMatch +} + +booleanMatch MATCHING-RULE ::= {SYNTAX BOOLEAN + ID id-mr-booleanMatch +} + +integerMatch MATCHING-RULE ::= {SYNTAX INTEGER + ID id-mr-integerMatch +} + +integerOrderingMatch MATCHING-RULE ::= { + SYNTAX INTEGER + ID id-mr-integerOrderingMatch +} + +bitStringMatch MATCHING-RULE ::= { + SYNTAX BIT STRING + ID id-mr-bitStringMatch +} + +octetStringMatch MATCHING-RULE ::= { + SYNTAX OCTET STRING + ID id-mr-octetStringMatch +} + +octetStringOrderingMatch MATCHING-RULE ::= { + SYNTAX OCTET STRING + ID id-mr-octetStringOrderingMatch +} + +octetStringSubstringsMatch MATCHING-RULE ::= { + SYNTAX OctetSubstringAssertion + ID id-mr-octetStringSubstringsMatch +} + +OctetSubstringAssertion ::= + SEQUENCE OF + CHOICE {initial [0] OCTET STRING, + any [1] OCTET STRING, + final [2] OCTET STRING} + +-- at most one initial and one final component +telephoneNumberMatch MATCHING-RULE ::= { + SYNTAX TelephoneNumber + ID id-mr-telephoneNumberMatch +} + +telephoneNumberSubstringsMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion + ID id-mr-telephoneNumberSubstringsMatch +} + +presentationAddressMatch MATCHING-RULE ::= { + SYNTAX PresentationAddress + ID id-mr-presentationAddressMatch +} + +uniqueMemberMatch MATCHING-RULE ::= { + SYNTAX NameAndOptionalUID + ID id-mr-uniqueMemberMatch +} + +protocolInformationMatch MATCHING-RULE ::= { + SYNTAX OCTET STRING + ID id-mr-protocolInformationMatch +} + +uTCTimeMatch MATCHING-RULE ::= {SYNTAX UTCTime + ID id-mr-uTCTimeMatch +} + +uTCTimeOrderingMatch MATCHING-RULE ::= { + SYNTAX UTCTime + ID id-mr-uTCTimeOrderingMatch +} + +generalizedTimeMatch MATCHING-RULE ::= { + SYNTAX GeneralizedTime + -- as per 41.3 b) or c) of ITU-T Rec. X.680 | ISO/IEC 8824-1 + ID id-mr-generalizedTimeMatch +} + +generalizedTimeOrderingMatch MATCHING-RULE ::= { + SYNTAX GeneralizedTime + -- as per 41.3 b) or c) of ITU-T Rec. X.680 | ISO/IEC 8824-1 + ID id-mr-generalizedTimeOrderingMatch +} + +integerFirstComponentMatch MATCHING-RULE ::= { + SYNTAX INTEGER + ID id-mr-integerFirstComponentMatch +} + +objectIdentifierFirstComponentMatch MATCHING-RULE ::= { + SYNTAX OBJECT IDENTIFIER + ID id-mr-objectIdentifierFirstComponentMatch +} + +directoryStringFirstComponentMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-directory-string-first-component-match} + ID id-mr-directoryStringFirstComponentMatch +} + +wordMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-wordMatch +} + +keywordMatch MATCHING-RULE ::= { + SYNTAX DirectoryString {ub-match} + ID id-mr-keywordMatch +} + +systemProposedMatch MATCHING-RULE ::= {ID id-mr-systemProposedMatch +} + +generalWordMatch MATCHING-RULE ::= { + SYNTAX SubstringAssertion + ID id-mr-generalWordMatch +} + +sequenceMatchType ATTRIBUTE ::= { + WITH SYNTAX + ENUMERATED {sequenceExact(0), sequenceDeletion(1), + sequenceRestrictedDeletion(2), sequencePermutation(3), + sequencePermutationAndDeletion(4), sequenceProviderDefined(5)} + SINGLE VALUE TRUE + ID id-cat-sequenceMatchType +} -- defaulting to sequenceExact, + +wordMatchTypes ATTRIBUTE ::= { + WITH SYNTAX + ENUMERATED {wordExact(0), wordTruncated(1), wordPhonetic(2), + wordProviderDefined(3)} + SINGLE VALUE TRUE + ID id-cat-wordMatchType +} -- defaulting to wordExact + +characterMatchTypes ATTRIBUTE ::= { + WITH SYNTAX + ENUMERATED {characterExact(0), characterCaseIgnore(1), characterMapped(2)} + SINGLE VALUE TRUE + ID id-cat-characterMatchTypes +} + +selectedContexts ATTRIBUTE ::= { + WITH SYNTAX ContextAssertion + ID id-cat-selectedContexts +} + +approximateStringMatch MATCHING-RULE ::= {ID id-mr-approximateStringMatch +} + +ignoreIfAbsentMatch MATCHING-RULE ::= {ID id-mr-ignoreIfAbsentMatch +} + +nullMatch MATCHING-RULE ::= {ID id-mr-nullMatch +} + +ZONAL-MATCHING ::= + MAPPING-BASED-MATCHING{ZonalSelect, TRUE, ZonalResult, zonalMatch.&id} + +ZonalSelect ::= SEQUENCE OF AttributeType + +ZonalResult ::= ENUMERATED { + cannot-select-mapping(0), zero-mappings(2), multiple-mappings(3)} + +zonalMatch MATCHING-RULE ::= { + UNIQUE-MATCH-INDICATOR multipleMatchingLocalities.&id + ID id-mr-zonalMatch +} + +-- Contexts +languageContext CONTEXT ::= { + WITH SYNTAX LanguageContextSyntax + ID id-avc-language +} + +LanguageContextSyntax ::= PrintableString(SIZE (2..3)) -- ISO 639-2 codes only + + +temporalContext CONTEXT ::= { + WITH SYNTAX TimeSpecification + ASSERTED AS TimeAssertion + ID id-avc-temporal +} + +TimeSpecification ::= SEQUENCE { + time + CHOICE {absolute + SEQUENCE {startTime [0] GeneralizedTime OPTIONAL, + endTime [1] GeneralizedTime OPTIONAL}, + periodic SET OF Period}, + notThisTime BOOLEAN DEFAULT FALSE, + timeZone TimeZone OPTIONAL +} + +Period ::= SEQUENCE { + timesOfDay [0] SET SIZE (1..MAX) OF DayTimeBand OPTIONAL, + days + [1] CHOICE {intDay SET OF INTEGER, + bitDay + BIT STRING {sunday(0), monday(1), tuesday(2), wednesday(3), + thursday(4), friday(5), saturday(6)}, + dayOf XDayOf} OPTIONAL, + weeks + [2] CHOICE {allWeeks NULL, + intWeek SET OF INTEGER, + bitWeek + BIT STRING {week1(0), week2(1), week3(2), week4(3), week5(4)} + } OPTIONAL, + months + [3] CHOICE {allMonths NULL, + intMonth SET OF INTEGER, + bitMonth + BIT STRING {january(0), february(1), march(2), april(3), + may(4), june(5), july(6), august(7), + september(8), october(9), november(10), + december(11)}} OPTIONAL, + years [4] SET OF INTEGER(1000..MAX) OPTIONAL +} + +XDayOf ::= CHOICE { + first [1] NamedDay, + second [2] NamedDay, + third [3] NamedDay, + fourth [4] NamedDay, + fifth [5] NamedDay +} + +NamedDay ::= CHOICE { + intNamedDays + ENUMERATED {sunday(1), monday(2), tuesday(3), wednesday(4), thursday(5), + friday(6), saturday(7)}, + bitNamedDays + BIT STRING {sunday(0), monday(1), tuesday(2), wednesday(3), thursday(4), + friday(5), saturday(6)} +} + +DayTimeBand ::= SEQUENCE { + startDayTime [0] DayTime DEFAULT {hour 0}, + endDayTime [1] DayTime DEFAULT {hour 23, minute 59, second 59} +} + +DayTime ::= SEQUENCE { + hour [0] INTEGER(0..23), + minute [1] INTEGER(0..59) DEFAULT 0, + second [2] INTEGER(0..59) DEFAULT 0 +} + +TimeZone ::= INTEGER(-12..12) + +TimeAssertion ::= CHOICE { + now NULL, + at GeneralizedTime, + between + SEQUENCE {startTime [0] GeneralizedTime, + endTime [1] GeneralizedTime OPTIONAL, + entirely BOOLEAN DEFAULT FALSE} +} + +localeContext CONTEXT ::= { + WITH SYNTAX LocaleContextSyntax + ID id-avc-locale +} + +LocaleContextSyntax ::= CHOICE { + localeID1 OBJECT IDENTIFIER, + localeID2 DirectoryString{ub-localeContextSyntax} +} + +-- Object identifier assignments - +-- object identifiers assigned in other modules are shown in comments +-- Attributes +-- id-at-objectClass OBJECT IDENTIFIER ::= {id-at 0} +-- id-at-aliasedEntryName OBJECT IDENTIFIER ::= {id-at 1} +id-at-encryptedAliasedEntryName OBJECT IDENTIFIER ::= + {id-at 1 2} + +id-at-knowledgeInformation OBJECT IDENTIFIER ::= {id-at 2} + +id-at-commonName OBJECT IDENTIFIER ::= {id-at 3} + +id-at-encryptedCommonName OBJECT IDENTIFIER ::= {id-at 3 2} + +id-at-surname OBJECT IDENTIFIER ::= {id-at 4} + +id-at-encryptedSurname OBJECT IDENTIFIER ::= {id-at 4 2} + +id-at-serialNumber OBJECT IDENTIFIER ::= {id-at 5} + +id-at-encryptedSerialNumber OBJECT IDENTIFIER ::= {id-at 5 2} + +id-at-countryName OBJECT IDENTIFIER ::= {id-at 6} + +id-at-encryptedCountryName OBJECT IDENTIFIER ::= {id-at 6 2} + +id-at-localityName OBJECT IDENTIFIER ::= {id-at 7} + +id-at-encryptedLocalityName OBJECT IDENTIFIER ::= {id-at 7 2} + +id-at-collectiveLocalityName OBJECT IDENTIFIER ::= {id-at 7 1} + +id-at-encryptedCollectiveLocalityName OBJECT IDENTIFIER ::= {id-at 7 1 2} + +id-at-stateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8} + +id-at-encryptedStateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8 2} + +id-at-collectiveStateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8 1} + +id-at-encryptedCollectiveStateOrProvinceName OBJECT IDENTIFIER ::= + {id-at 8 1 2} + +id-at-streetAddress OBJECT IDENTIFIER ::= {id-at 9} + +id-at-encryptedStreetAddress OBJECT IDENTIFIER ::= {id-at 9 2} + +id-at-collectiveStreetAddress OBJECT IDENTIFIER ::= {id-at 9 1} + +id-at-encryptedCollectiveStreetAddress OBJECT IDENTIFIER ::= {id-at 9 1 2} + +id-at-organizationName OBJECT IDENTIFIER ::= {id-at 10} + +id-at-encryptedOrganizationName OBJECT IDENTIFIER ::= {id-at 10 2} + +id-at-collectiveOrganizationName OBJECT IDENTIFIER ::= {id-at 10 1} + +id-at-encryptedCollectiveOrganizationName OBJECT IDENTIFIER ::= {id-at 10 1 2} + +id-at-organizationalUnitName OBJECT IDENTIFIER ::= {id-at 11} + +id-at-encryptedOrganizationalUnitName OBJECT IDENTIFIER ::= {id-at 11 2} + +id-at-collectiveOrganizationalUnitName OBJECT IDENTIFIER ::= {id-at 11 1} + +id-at-encryptedCollectiveOrganizationalUnitName OBJECT IDENTIFIER ::= + {id-at 11 1 2} + +id-at-title OBJECT IDENTIFIER ::= {id-at 12} + +id-at-encryptedTitle OBJECT IDENTIFIER ::= {id-at 12 2} + +id-at-description OBJECT IDENTIFIER ::= {id-at 13} + +id-at-encryptedDescription OBJECT IDENTIFIER ::= {id-at 13 2} + +id-at-searchGuide OBJECT IDENTIFIER ::= {id-at 14} + +id-at-encryptedSearchGuide OBJECT IDENTIFIER ::= {id-at 14 2} + +id-at-businessCategory OBJECT IDENTIFIER ::= {id-at 15} + +id-at-encryptedBusinessCategory OBJECT IDENTIFIER ::= {id-at 15 2} + +id-at-postalAddress OBJECT IDENTIFIER ::= {id-at 16} + +id-at-encryptedPostalAddress OBJECT IDENTIFIER ::= {id-at 16 2} + +id-at-collectivePostalAddress OBJECT IDENTIFIER ::= {id-at 16 1} + +id-at-encryptedCollectivePostalAddress OBJECT IDENTIFIER ::= {id-at 16 1 2} + +id-at-postalCode OBJECT IDENTIFIER ::= {id-at 17} + +id-at-encryptedPostalCode OBJECT IDENTIFIER ::= {id-at 17 2} + +id-at-collectivePostalCode OBJECT IDENTIFIER ::= {id-at 17 1} + +id-at-encryptedCollectivePostalCode OBJECT IDENTIFIER ::= {id-at 17 1 2} + +id-at-postOfficeBox OBJECT IDENTIFIER ::= {id-at 18} + +id-at-encryptedPostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 2} + +id-at-collectivePostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 1} + +id-at-encryptedCollectivePostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 1 2} + +id-at-physicalDeliveryOfficeName OBJECT IDENTIFIER ::= {id-at 19} + +id-at-encryptedPhysicalDeliveryOfficeName OBJECT IDENTIFIER ::= {id-at 19 2} + +id-at-collectivePhysicalDeliveryOfficeName OBJECT IDENTIFIER ::= {id-at 19 1} + +id-at-encryptedCollectivePhysicalDeliveryOfficeName OBJECT IDENTIFIER ::= + {id-at 19 1 2} + +id-at-telephoneNumber OBJECT IDENTIFIER ::= {id-at 20} + +id-at-encryptedTelephoneNumber OBJECT IDENTIFIER ::= {id-at 20 2} + +id-at-collectiveTelephoneNumber OBJECT IDENTIFIER ::= {id-at 20 1} + +id-at-encryptedCollectiveTelephoneNumber OBJECT IDENTIFIER ::= {id-at 20 1 2} + +id-at-telexNumber OBJECT IDENTIFIER ::= {id-at 21} + +id-at-encryptedTelexNumber OBJECT IDENTIFIER ::= {id-at 21 2} + +id-at-collectiveTelexNumber OBJECT IDENTIFIER ::= {id-at 21 1} + +id-at-encryptedCollectiveTelexNumber OBJECT IDENTIFIER ::= {id-at 21 1 2} + +-- id-at-teletexTerminalIdentifier OBJECT IDENTIFIER ::= {id-at 22} +-- id-at-encryptedTeletexTerminalIdentifier OBJECT IDENTIFIER ::= {id-at 22 2} +-- id-at-collectiveTeletexTerminalIdentifier OBJECT IDENTIFIER ::= {id-at 22 1} +-- id-at-encryptedCollectiveTeletexTerminalIdentifier +-- OBJECT IDENTIFIER ::= {id-at 22 1 2} +id-at-facsimileTelephoneNumber OBJECT IDENTIFIER ::= + {id-at 23} + +id-at-encryptedFacsimileTelephoneNumber OBJECT IDENTIFIER ::= {id-at 23 2} + +id-at-collectiveFacsimileTelephoneNumber OBJECT IDENTIFIER ::= {id-at 23 1} + +id-at-encryptedCollectiveFacsimileTelephoneNumber OBJECT IDENTIFIER ::= + {id-at 23 1 2} + +id-at-x121Address OBJECT IDENTIFIER ::= {id-at 24} + +id-at-encryptedX121Address OBJECT IDENTIFIER ::= {id-at 24 2} + +id-at-internationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25} + +id-at-encryptedInternationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25 2} + +id-at-collectiveInternationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25 1} + +id-at-encryptedCollectiveInternationalISDNNumber OBJECT IDENTIFIER ::= + {id-at 25 1 2} + +id-at-registeredAddress OBJECT IDENTIFIER ::= {id-at 26} + +id-at-encryptedRegisteredAddress OBJECT IDENTIFIER ::= {id-at 26 2} + +id-at-destinationIndicator OBJECT IDENTIFIER ::= {id-at 27} + +id-at-encryptedDestinationIndicator OBJECT IDENTIFIER ::= {id-at 27 2} + +id-at-preferredDeliveryMethod OBJECT IDENTIFIER ::= {id-at 28} + +id-at-encryptedPreferredDeliveryMethod OBJECT IDENTIFIER ::= {id-at 28 2} + +id-at-presentationAddress OBJECT IDENTIFIER ::= {id-at 29} + +id-at-encryptedPresentationAddress OBJECT IDENTIFIER ::= {id-at 29 2} + +id-at-supportedApplicationContext OBJECT IDENTIFIER ::= {id-at 30} + +id-at-encryptedSupportedApplicationContext OBJECT IDENTIFIER ::= {id-at 30 2} + +id-at-member OBJECT IDENTIFIER ::= {id-at 31} + +id-at-encryptedMember OBJECT IDENTIFIER ::= {id-at 31 2} + +id-at-owner OBJECT IDENTIFIER ::= {id-at 32} + +id-at-encryptedOwner OBJECT IDENTIFIER ::= {id-at 32 2} + +id-at-roleOccupant OBJECT IDENTIFIER ::= {id-at 33} + +id-at-encryptedRoleOccupant OBJECT IDENTIFIER ::= {id-at 33 2} + +id-at-seeAlso OBJECT IDENTIFIER ::= {id-at 34} + +id-at-encryptedSeeAlso OBJECT IDENTIFIER ::= {id-at 34 2} + +-- id-at-userPassword OBJECT IDENTIFIER ::= {id-at 35} +id-at-encryptedUserPassword OBJECT IDENTIFIER ::= + {id-at 35 2} + +-- id-at-userCertificate OBJECT IDENTIFIER ::= {id-at 36} +id-at-encryptedUserCertificate OBJECT IDENTIFIER ::= + {id-at 36 2} + +-- id-at-cACertificate OBJECT IDENTIFIER ::= {id-at 37} +id-at-encryptedCACertificate OBJECT IDENTIFIER ::= + {id-at 37 2} + +-- id-at-authorityRevocationList OBJECT IDENTIFIER ::= {id-at 38} +id-at-encryptedAuthorityRevocationList OBJECT IDENTIFIER ::= + {id-at 38 2} + +-- id-at-certificateRevocationList OBJECT IDENTIFIER ::= {id-at 39} +id-at-encryptedCertificateRevocationList OBJECT IDENTIFIER ::= + {id-at 39 2} + +-- id-at-crossCertificatePair OBJECT IDENTIFIER ::= {id-at 40} +id-at-encryptedCrossCertificatePair OBJECT IDENTIFIER ::= + {id-at 40 2} + +id-at-name OBJECT IDENTIFIER ::= {id-at 41} + +id-at-givenName OBJECT IDENTIFIER ::= {id-at 42} + +id-at-encryptedGivenName OBJECT IDENTIFIER ::= {id-at 42 2} + +id-at-initials OBJECT IDENTIFIER ::= {id-at 43} + +id-at-encryptedInitials OBJECT IDENTIFIER ::= {id-at 43 2} + +id-at-generationQualifier OBJECT IDENTIFIER ::= {id-at 44} + +id-at-encryptedGenerationQualifier OBJECT IDENTIFIER ::= {id-at 44 2} + +id-at-uniqueIdentifier OBJECT IDENTIFIER ::= {id-at 45} + +id-at-encryptedUniqueIdentifier OBJECT IDENTIFIER ::= {id-at 45 2} + +id-at-dnQualifier OBJECT IDENTIFIER ::= {id-at 46} + +id-at-encryptedDnQualifier OBJECT IDENTIFIER ::= {id-at 46 2} + +id-at-enhancedSearchGuide OBJECT IDENTIFIER ::= {id-at 47} + +id-at-encryptedEnhancedSearchGuide OBJECT IDENTIFIER ::= {id-at 47 2} + +id-at-protocolInformation OBJECT IDENTIFIER ::= {id-at 48} + +id-at-encryptedProtocolInformation OBJECT IDENTIFIER ::= {id-at 48 2} + +id-at-distinguishedName OBJECT IDENTIFIER ::= {id-at 49} + +id-at-encryptedDistinguishedName OBJECT IDENTIFIER ::= {id-at 49 2} + +id-at-uniqueMember OBJECT IDENTIFIER ::= {id-at 50} + +id-at-encryptedUniqueMember OBJECT IDENTIFIER ::= {id-at 50 2} + +id-at-houseIdentifier OBJECT IDENTIFIER ::= {id-at 51} + +id-at-encryptedHouseIdentifier OBJECT IDENTIFIER ::= {id-at 51 2} + +--id-at-supportedAlgorithms OBJECT IDENTIFIER ::= {id-at 52} +id-at-encryptedSupportedAlgorithms OBJECT IDENTIFIER ::= + {id-at 52 2} + +--id-at-deltaRevocationList OBJECT IDENTIFIER ::= {id-at 53} +id-at-encryptedDeltaRevocationList OBJECT IDENTIFIER ::= + {id-at 53 2} + +id-at-dmdName OBJECT IDENTIFIER ::= {id-at 54} + +id-at-encryptedDmdName OBJECT IDENTIFIER ::= {id-at 54 2} + +-- id-at-clearance OBJECT IDENTIFIER ::= {id-at 55} +id-at-encryptedClearance OBJECT IDENTIFIER ::= + {id-at 55 2} + +-- id-at-defaultDirQop OBJECT IDENTIFIER ::= {id-at 56} +id-at-encryptedDefaultDirQop OBJECT IDENTIFIER ::= + {id-at 56 2} + +-- id-at-attributeIntegrityInfo OBJECT IDENTIFIER ::= {id-at 57} +id-at-encryptedAttributeIntegrityInfo OBJECT IDENTIFIER ::= + {id-at 57 2} + +--id-at-attributeCertificate OBJECT IDENTIFIER ::= {id-at 58} +id-at-encryptedAttributeCertificate OBJECT IDENTIFIER ::= + {id-at 58 2} + +-- id-at-attributeCertificateRevocationList OBJECT IDENTIFIER ::= {id-at 59} +id-at-encryptedAttributeCertificateRevocationList OBJECT IDENTIFIER ::= + {id-at 59 2} + +-- id-at-confKeyInfo OBJECT IDENTIFIER ::= {id-at 60} +id-at-encryptedConfKeyInfo OBJECT IDENTIFIER ::= + {id-at 60 2} + +-- id-at-family-information OBJECT IDENTIFIER {id-at 64} +id-at-pseudonym OBJECT IDENTIFIER ::= + {id-at 65} + +id-at-communicationsService OBJECT IDENTIFIER ::= {id-at 66} + +id-at-communicationsNetwork OBJECT IDENTIFIER ::= {id-at 67} + +-- Matching rules +-- id-mr-objectIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 0} +-- id-mr-distinguishedNameMatch OBJECT IDENTIFIER ::= {id-mr 1} +id-mr-caseIgnoreMatch OBJECT IDENTIFIER ::= + {id-mr 2} + +id-mr-caseIgnoreOrderingMatch OBJECT IDENTIFIER ::= {id-mr 3} + +id-mr-caseIgnoreSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 4} + +id-mr-caseExactMatch OBJECT IDENTIFIER ::= {id-mr 5} + +id-mr-caseExactOrderingMatch OBJECT IDENTIFIER ::= {id-mr 6} + +id-mr-caseExactSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 7} + +id-mr-numericStringMatch OBJECT IDENTIFIER ::= {id-mr 8} + +id-mr-numericStringOrderingMatch OBJECT IDENTIFIER ::= {id-mr 9} + +id-mr-numericStringSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 10} + +id-mr-caseIgnoreListMatch OBJECT IDENTIFIER ::= {id-mr 11} + +id-mr-caseIgnoreListSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 12} + +id-mr-booleanMatch OBJECT IDENTIFIER ::= {id-mr 13} + +id-mr-integerMatch OBJECT IDENTIFIER ::= {id-mr 14} + +id-mr-integerOrderingMatch OBJECT IDENTIFIER ::= {id-mr 15} + +id-mr-bitStringMatch OBJECT IDENTIFIER ::= {id-mr 16} + +id-mr-octetStringMatch OBJECT IDENTIFIER ::= {id-mr 17} + +id-mr-octetStringOrderingMatch OBJECT IDENTIFIER ::= {id-mr 18} + +id-mr-octetStringSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 19} + +id-mr-telephoneNumberMatch OBJECT IDENTIFIER ::= {id-mr 20} + +id-mr-telephoneNumberSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 21} + +id-mr-presentationAddressMatch OBJECT IDENTIFIER ::= {id-mr 22} + +id-mr-uniqueMemberMatch OBJECT IDENTIFIER ::= {id-mr 23} + +id-mr-protocolInformationMatch OBJECT IDENTIFIER ::= {id-mr 24} + +id-mr-uTCTimeMatch OBJECT IDENTIFIER ::= {id-mr 25} + +id-mr-uTCTimeOrderingMatch OBJECT IDENTIFIER ::= {id-mr 26} + +id-mr-generalizedTimeMatch OBJECT IDENTIFIER ::= {id-mr 27} + +id-mr-generalizedTimeOrderingMatch OBJECT IDENTIFIER ::= {id-mr 28} + +id-mr-integerFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 29} + +id-mr-objectIdentifierFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 30} + +id-mr-directoryStringFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 31} + +id-mr-wordMatch OBJECT IDENTIFIER ::= {id-mr 32} + +id-mr-keywordMatch OBJECT IDENTIFIER ::= {id-mr 33} + +-- id-mr-certificateExactMatch OBJECT IDENTIFIER ::= {id-mr 34} +-- id-mr-certificateMatch OBJECT IDENTIFIER ::= {id-mr 35} +-- id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= {id-mr 36} +-- id-mr-certificatePairMatch OBJECT IDENTIFIER ::= {id-mr 37} +-- id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= {id-mr 38} +-- id-mr-certificateListMatch OBJECT IDENTIFIER ::= {id-mr 39} +-- id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 40} +id-mr-storedPrefixMatch OBJECT IDENTIFIER ::= + {id-mr 41} + +-- id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::= {id-mr 42} +-- id-mr-readerAndKeyIDMatch OBJECT IDENTIFIER ::= {id-mr 43} +--id-mr-attributeIntegrityMatch OBJECT IDENTIFIER ::= {id-mr 44} +id-mr-systemProposedMatch OBJECT IDENTIFIER ::= + {id-mr 47} + +id-mr-generalWordMatch OBJECT IDENTIFIER ::= {id-mr 48} + +id-mr-approximateStringMatch OBJECT IDENTIFIER ::= {id-mr 49} + +id-mr-ignoreIfAbsentMatch OBJECT IDENTIFIER ::= {id-mr 50} + +id-mr-nullMatch OBJECT IDENTIFIER ::= {id-mr 51} + +id-mr-zonalMatch OBJECT IDENTIFIER ::= {id-mr 52} + +id-mr-facsimileNumberMatch OBJECT IDENTIFIER ::= {id-mr 63} + +id-mr-facsimileNumberSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 64} + +-- contexts +id-avc-language OBJECT IDENTIFIER ::= {id-avc 0} + +id-avc-temporal OBJECT IDENTIFIER ::= {id-avc 1} + +id-avc-locale OBJECT IDENTIFIER ::= {id-avc 2} + +--id-avc-attributeValueSecurityLabelContext OBJECT IDENTIFIER ::= {id-avc 3} +--id-avc-attributeValueIntegrityInfoContext OBJECT IDENTIFIER ::= {id-avc 4} +-- Problem definitions +id-pr-targetDsaUnavailable OBJECT IDENTIFIER ::= + {id-pr 1} + +id-pr-dataSourceUnavailable OBJECT IDENTIFIER ::= {id-pr 2} + +id-pr-unidentifiedOperation OBJECT IDENTIFIER ::= {id-pr 3} + +id-pr-unavailableOperation OBJECT IDENTIFIER ::= {id-pr 4} + +id-pr-searchAttributeViolation OBJECT IDENTIFIER ::= {id-pr 5} + +id-pr-searchAttributeCombinationViolation OBJECT IDENTIFIER ::= {id-pr 6} + +id-pr-searchValueNotAllowed OBJECT IDENTIFIER ::= {id-pr 7} + +id-pr-missingSearchAttribute OBJECT IDENTIFIER ::= {id-pr 8} + +id-pr-searchValueViolation OBJECT IDENTIFIER ::= {id-pr 9} + +id-pr-attributeNegationViolation OBJECT IDENTIFIER ::= {id-pr 10} + +id-pr-searchValueRequired OBJECT IDENTIFIER ::= {id-pr 11} + +id-pr-invalidSearchValue OBJECT IDENTIFIER ::= {id-pr 12} + +id-pr-searchContextViolation OBJECT IDENTIFIER ::= {id-pr 13} + +id-pr-searchContextCombinationViolation OBJECT IDENTIFIER ::= {id-pr 14} + +id-pr-missingSearchContext OBJECT IDENTIFIER ::= {id-pr 15} + +id-pr-searchContextValueViolation OBJECT IDENTIFIER ::= {id-pr 16} + +id-pr-searchContextValueRequired OBJECT IDENTIFIER ::= {id-pr 17} + +id-pr-invalidContextSearchValue OBJECT IDENTIFIER ::= {id-pr 18} + +id-pr-unsupportedMatchingRule OBJECT IDENTIFIER ::= {id-pr 19} + +id-pr-attributeMatchingViolation OBJECT IDENTIFIER ::= {id-pr 20} + +id-pr-unsupportedMatchingUse OBJECT IDENTIFIER ::= {id-pr 21} + +id-pr-matchingUseViolation OBJECT IDENTIFIER ::= {id-pr 22} + +id-pr-hierarchySelectForbidden OBJECT IDENTIFIER ::= {id-pr 23} + +id-pr-invalidHierarchySelect OBJECT IDENTIFIER ::= {id-pr 24} + +id-pr-unavailableHierarchySelect OBJECT IDENTIFIER ::= {id-pr 25} + +id-pr-invalidSearchOptions OBJECT IDENTIFIER ::= {id-pr 26} + +id-pr-missingSearchOptions OBJECT IDENTIFIER ::= {id-pr 27} + +id-pr-invalidServiceControlOptions OBJECT IDENTIFIER ::= {id-pr 28} + +id-pr-missingServiceControlOptions OBJECT IDENTIFIER ::= {id-pr 29} + +id-pr-searchSubsetViolation OBJECT IDENTIFIER ::= {id-pr 30} + +id-pr-unmatchedKeyAttributes OBJECT IDENTIFIER ::= {id-pr 31} + +id-pr-ambiguousKeyAttributes OBJECT IDENTIFIER ::= {id-pr 32} + +-- Notification attributes +id-not-dSAProblem OBJECT IDENTIFIER ::= {id-not 0} + +id-not-searchServiceProblem OBJECT IDENTIFIER ::= {id-not 1} + +id-not-serviceType OBJECT IDENTIFIER ::= {id-not 2} + +id-not-attributeTypeList OBJECT IDENTIFIER ::= {id-not 3} + +id-not-matchingRuleList OBJECT IDENTIFIER ::= {id-not 4} + +id-not-filterItem OBJECT IDENTIFIER ::= {id-not 5} + +id-not-attributeCombinations OBJECT IDENTIFIER ::= {id-not 6} + +id-not-contextTypeList OBJECT IDENTIFIER ::= {id-not 7} + +id-not-contextList OBJECT IDENTIFIER ::= {id-not 8} + +id-not-contextCombinations OBJECT IDENTIFIER ::= {id-not 9} + +id-not-hierarchySelectList OBJECT IDENTIFIER ::= {id-not 10} + +id-not-searchOptionsList OBJECT IDENTIFIER ::= {id-not 11} + +id-not-serviceControlOptionsList OBJECT IDENTIFIER ::= {id-not 12} + +id-not-multipleMatchingLocalities OBJECT IDENTIFIER ::= {id-not 13} + +id-not-proposedRelaxation OBJECT IDENTIFIER ::= {id-not 14} + +id-not-appliedRelaxation OBJECT IDENTIFIER ::= {id-not 15} + +id-not-substringRequirements OBJECT IDENTIFIER ::= {id-not 16} + +-- Control attributes +id-cat-sequenceMatchType OBJECT IDENTIFIER ::= + {id-cat 1} + +id-cat-wordMatchType OBJECT IDENTIFIER ::= {id-cat 2} + +id-cat-characterMatchTypes OBJECT IDENTIFIER ::= {id-cat 3} + +id-cat-selectedContexts OBJECT IDENTIFIER ::= {id-cat 4} + +END -- SelectedAttributeTypes + +-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D diff --git a/acse/UpperBounds.asn1 b/acse/UpperBounds.asn1 new file mode 100644 index 0000000..3ebc334 --- /dev/null +++ b/acse/UpperBounds.asn1 @@ -0,0 +1,90 @@ +-- Module UpperBounds (X.520:08/1997) +-- See also ITU-T X.520 (08/1997) +-- See also the index of all ASN.1 assignments needed in this document + +UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 3} DEFINITIONS ::= +BEGIN + +-- EXPORTS All +-- The types and values defined in this module are exported for use in the other ASN.1 modules contained +-- within the Directory Specifications, and for the use of other applications which will use them to access +-- Directory services. Other applications may use them for their own purposes, but this will not constrain +-- extensions and modifications needed to maintain or improve the Directory service. +ub-answerback INTEGER ::= + 8 + +ub-business-category INTEGER ::= 128 + +ub-common-name INTEGER ::= 64 + +ub-country-code INTEGER ::= 4 + +ub-description INTEGER ::= 1024 + +ub-destination-indicator INTEGER ::= 128 + +ub-directory-string-first-component-match INTEGER ::= 32768 + +ub-international-isdn-number INTEGER ::= 16 + +ub-knowledge-information INTEGER ::= 32768 + +ub-locality-name INTEGER ::= 128 + +ub-match INTEGER ::= 128 + +ub-name INTEGER ::= 64 + +ub-organization-name INTEGER ::= 64 + +ub-organizational-unit-name INTEGER ::= 64 + +ub-physical-office-name INTEGER ::= 128 + +ub-post-office-box INTEGER ::= 40 + +ub-postal-code INTEGER ::= 40 + +ub-postal-line INTEGER ::= 6 + +ub-postal-string INTEGER ::= 30 + +ub-privacy-mark-length INTEGER ::= 128 + +ub-schema INTEGER ::= 1024 + +ub-search INTEGER ::= 32768 + +ub-serial-number INTEGER ::= 64 + +ub-state-name INTEGER ::= 128 + +ub-street-address INTEGER ::= 128 + +ub-surname INTEGER ::= 64 + +ub-tag INTEGER ::= 64 + +ub-telephone-number INTEGER ::= 32 + +ub-teletex-terminal-id INTEGER ::= 1024 + +ub-telex-number INTEGER ::= 14 + +ub-title INTEGER ::= 64 + +ub-user-password INTEGER ::= 128 + +ub-x121-address INTEGER ::= 15 + +ub-localeContextSyntax INTEGER ::= 128 + +ub-locale-context-syntax INTEGER ::= 64 + +ub-pseudonym INTEGER ::= 128 + +ub-content INTEGER ::= 32768 + +END -- UpperBounds + +-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D diff --git a/acse/UsefulDefinitions.asn1 b/acse/UsefulDefinitions.asn1 new file mode 100644 index 0000000..b755285 --- /dev/null +++ b/acse/UsefulDefinitions.asn1 @@ -0,0 +1,240 @@ +-- Module UsefulDefinitions (X.501 TC2:08/1997) +-- See also ITU-T X.501 (1997) Technical Cor. 2 (02/2001) +-- See also the index of all ASN.1 assignments needed in this document + +UsefulDefinitions {joint-iso-itu-t ds(5) module(1) usefulDefinitions(0) 3} +DEFINITIONS ::= +BEGIN + +-- EXPORTS All - +-- The types and values defined in this module are exported for use in the other ASN.1 modules contained +-- within the Directory Specifications, and for the use of other applications which will use them to access +-- Directory services. Other applications may use them for their own purposes, but this will not constrain +-- extensions and modifications needed to maintain or improve the Directory service. +ID ::= OBJECT IDENTIFIER + +ds ID ::= {joint-iso-itu-t ds(5)} + +-- categories of information object +module ID ::= {ds 1} + +serviceElement ID ::= {ds 2} + +applicationContext ID ::= {ds 3} + +attributeType ID ::= {ds 4} + +attributeSyntax ID ::= {ds 5} + +objectClass ID ::= {ds 6} + +-- attributeSet ID ::= {ds 7} +algorithm ID ::= {ds 8} + +abstractSyntax ID ::= {ds 9} + +-- object ID ::= {ds 10} +-- port ID ::= {ds 11} +dsaOperationalAttribute ID ::= + {ds 12} + +matchingRule ID ::= {ds 13} + +knowledgeMatchingRule ID ::= {ds 14} + +nameForm ID ::= {ds 15} + +group ID ::= {ds 16} + +subentry ID ::= {ds 17} + +operationalAttributeType ID ::= {ds 18} + +operationalBinding ID ::= {ds 19} + +schemaObjectClass ID ::= {ds 20} + +schemaOperationalAttribute ID ::= {ds 21} + +administrativeRoles ID ::= {ds 23} + +accessControlAttribute ID ::= {ds 24} + +rosObject ID ::= {ds 25} + +contract ID ::= {ds 26} + +package ID ::= {ds 27} + +accessControlSchemes ID ::= {ds 28} + +certificateExtension ID ::= {ds 29} + +managementObject ID ::= {ds 30} + +attributeValueContext ID ::= {ds 31} + +-- securityExchange ID ::= {ds 32} +idmProtocol ID ::= {ds 33} + +problem ID ::= {ds 34} + +notification ID ::= {ds 35} + +matchingRestriction ID ::= + {ds 36} -- None are currently defined by this specification + +controlAttributeType ID ::= {ds 37} + +-- modules +usefulDefinitions ID ::= {module usefulDefinitions(0) 3} + +informationFramework ID ::= {module informationFramework(1) 3} + +directoryAbstractService ID ::= {module directoryAbstractService(2) 3} + +distributedOperations ID ::= {module distributedOperations(3) 3} + +protocolObjectIdentifiers ID ::= {module protocolObjectIdentifiers(4) 3} + +selectedAttributeTypes ID ::= {module selectedAttributeTypes(5) 3} + +selectedObjectClasses ID ::= {module selectedObjectClasses(6) 3} + +authenticationFramework ID ::= {module authenticationFramework(7) 3} + +algorithmObjectIdentifiers ID ::= {module algorithmObjectIdentifiers(8) 3} + +directoryObjectIdentifiers ID ::= {module directoryObjectIdentifiers(9) 3} + +upperBounds ID ::= {module upperBounds(10) 3} + +dap ID ::= {module dap(11) 3} + +dsp ID ::= {module dsp(12) 3} + +distributedDirectoryOIDs ID ::= {module distributedDirectoryOIDs(13) 3} + +directoryShadowOIDs ID ::= {module directoryShadowOIDs(14) 3} + +directoryShadowAbstractService ID ::= + {module directoryShadowAbstractService(15) 3} + +disp ID ::= {module disp(16) 3} + +dop ID ::= {module dop(17) 3} + +opBindingManagement ID ::= {module opBindingManagement(18) 3} + +opBindingOIDs ID ::= {module opBindingOIDs(19) 3} + +hierarchicalOperationalBindings ID ::= + {module hierarchicalOperationalBindings(20) 3} + +dsaOperationalAttributeTypes ID ::= {module dsaOperationalAttributeTypes(22) 3} + +schemaAdministration ID ::= {module schemaAdministration(23) 3} + +basicAccessControl ID ::= {module basicAccessControl(24) 3} + +directoryOperationalBindingTypes ID ::= + {module directoryOperationalBindingTypes(25) 3} + +certificateExtensions ID ::= {module certificateExtensions(26) 0} + +directoryManagement ID ::= {module directoryManagement(27) 1} + +enhancedSecurity ID ::= {module enhancedSecurity(28) 1} + +iDMProtocolSpecification ID ::= {module iDMProtocolSpecification(30) 4} + +directoryIDMProtocols ID ::= {module directoryIDMProtocols(31) 4} + +-- directorySecurityExchanges ID ::= {module directorySecurityExchanges (29) 1} +-- synonyms +id-oc ID ::= + objectClass + +id-at ID ::= attributeType + +id-as ID ::= abstractSyntax + +id-mr ID ::= matchingRule + +id-nf ID ::= nameForm + +id-sc ID ::= subentry + +id-oa ID ::= operationalAttributeType + +id-ob ID ::= operationalBinding + +id-doa ID ::= dsaOperationalAttribute + +id-kmr ID ::= knowledgeMatchingRule + +id-soc ID ::= schemaObjectClass + +id-soa ID ::= schemaOperationalAttribute + +id-ar ID ::= administrativeRoles + +id-aca ID ::= accessControlAttribute + +id-ac ID ::= applicationContext + +id-rosObject ID ::= rosObject + +id-contract ID ::= contract + +id-package ID ::= package + +id-acScheme ID ::= accessControlSchemes + +id-ce ID ::= certificateExtension + +id-mgt ID ::= managementObject + +id-idm ID ::= idmProtocol + +id-avc ID ::= attributeValueContext + +-- id-se ID ::= securityExchange +id-pr ID ::= problem + +id-not ID ::= notification + +id-mre ID ::= matchingRestriction + +id-cat ID ::= controlAttributeType + +-- obsolete module identifiers +-- usefulDefinition ID ::= {module 0} +-- informationFramework ID ::= {module 1} +-- directoryAbstractService ID ::= {module 2} +-- distributedOperations ID ::= {module 3} +-- protocolObjectIdentifiers ID ::= {module 4} +-- selectedAttributeTypes ID ::= {module 5} +-- selectedObjectClasses ID ::= {module 6} +-- authenticationFramework ID ::= {module 7} +-- algorithmObjectIdentifiers ID ::= {module 8} +-- directoryObjectIdentifiers ID ::= {module 9} +-- upperBounds ID ::= {module 10} +-- dap ID ::= {module 11} +-- dsp ID ::= {module 12} +-- distributedDirectoryObjectIdentifiers ID ::= {module 13} +-- unused module identifiers +-- directoryShadowOIDs ID ::= {module 14} +-- directoryShadowAbstractService ID ::= {module 15} +-- disp ID ::= {module 16} +-- dop ID ::= {module 17} +-- opBindingManagement ID ::= {module 18} +-- opBindingOIDs ID ::= {module 19} +-- hierarchicalOperationalBindings ID ::= {module 20} +-- dsaOperationalAttributeTypes ID ::= {module 22} +-- schemaAdministration ID ::= {module 23} +-- basicAccessControl ID ::= {module 24} +-- operationalBindingOIDs ID ::= {module 25} +END -- UsefulDefinitions + +-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D -- cgit v1.2.3