summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDimitri Sokolyuk <demon@dim13.org>2015-10-29 16:47:07 +0100
committerDimitri Sokolyuk <demon@dim13.org>2015-10-29 16:47:07 +0100
commite09c58304737afd9566dc3a9b0fd8931189c8c61 (patch)
tree3dd8e1bd87ecc80509cf6571fda578d94c9c17fb
parent0a789233833272a6e1858b1d8154007b6433b82a (diff)
Update set
-rw-r--r--asn1/ACSE-1.asn110
-rw-r--r--asn1/AttributeCertificateDefinitions.asn1500
-rw-r--r--asn1/AuthenticationFramework.asn1363
-rw-r--r--asn1/BasicAccessControl.asn1191
-rw-r--r--asn1/CertificateExtensions.asn1622
-rw-r--r--asn1/DSAOperationalAttributeTypes.asn1193
-rw-r--r--asn1/DirectoryAbstractService.asn11479
-rw-r--r--asn1/DirectoryAccessProtocol.asn1169
-rw-r--r--asn1/DirectoryInformationShadowProtocol.asn1252
-rw-r--r--asn1/DirectoryOperationalBindingManagementProtocol.asn1125
-rw-r--r--asn1/DirectoryOperationalBindingTypes.asn126
-rw-r--r--asn1/DirectoryShadowAbstractService.asn1324
-rw-r--r--asn1/DirectorySystemProtocol.asn1125
-rw-r--r--asn1/DistributedOperations.asn1193
-rw-r--r--asn1/EnhancedSecurity.asn1367
-rw-r--r--asn1/HierarchicalOperationalBindings.asn1127
-rw-r--r--asn1/IPMSExtendedBodyPartTypes.asn1102
-rw-r--r--asn1/IPMSExtendedBodyPartTypes2.asn137
-rw-r--r--asn1/IPMSExtendedVoiceBodyPartType.asn139
-rw-r--r--asn1/IPMSFileTransferBodyPartType.asn1253
-rw-r--r--asn1/IPMSForwardedContentBodyPartType.asn153
-rw-r--r--asn1/IPMSForwardedReportBodyPartType.asn141
-rw-r--r--asn1/IPMSHeadingExtensions.asn1246
-rw-r--r--asn1/IPMSInformationObjects.asn1626
-rw-r--r--asn1/IPMSObjectIdentifiers.asn1507
-rw-r--r--asn1/IPMSSecurityExtensions.asn1143
-rw-r--r--asn1/IPMSUpperBounds.asn146
-rw-r--r--asn1/ISO8571-FTAM.asn11451
-rw-r--r--asn1/InformationFramework.asn1306
-rw-r--r--asn1/Interchange-Data-Elements.asn156
-rw-r--r--asn1/MHSObjectIdentifiers.asn1187
-rw-r--r--asn1/MHSProtocolObjectIdentifiers.asn1111
-rw-r--r--asn1/MSAbstractService.asn11085
-rw-r--r--asn1/MSAccessProtocol.asn1256
-rw-r--r--asn1/MSGeneralAttributeTypes.asn1832
-rw-r--r--asn1/MSGeneralAutoActionTypes.asn1118
-rw-r--r--asn1/MSMatchingRules.asn1225
-rw-r--r--asn1/MSObjectIdentifiers.asn1322
-rw-r--r--asn1/MSUpperBounds.asn177
-rw-r--r--asn1/MTAAbstractService.asn1481
-rw-r--r--asn1/MTSAbstractService.asn12369
-rw-r--r--asn1/MTSAbstractService88.asn1150
-rw-r--r--asn1/MTSAccessProtocol.asn1320
-rw-r--r--asn1/MTSObjectIdentifiers.asn1116
-rw-r--r--asn1/MTSUpperBounds.asn1146
-rw-r--r--asn1/OperationalBindingManagement.asn1275
-rw-r--r--asn1/PKCS7.asn1342
-rw-r--r--asn1/PKCS7BodyPartType.asn131
-rw-r--r--asn1/PKIX1Implicit93.asn1415
-rw-r--r--asn1/ProtocolObjectIdentifiers.asn1130
-rw-r--r--asn1/Reliable-Transfer-APDU.asn1132
-rw-r--r--asn1/Remote-Operations-Abstract-Syntaxes.asn1103
-rw-r--r--asn1/Remote-Operations-Generic-ROS-PDUs.asn1296
-rw-r--r--asn1/Remote-Operations-Information-Objects-extensions.asn136
-rw-r--r--asn1/Remote-Operations-Information-Objects.asn1240
-rw-r--r--asn1/Remote-Operations-Realizations.asn189
-rw-r--r--asn1/Remote-Operations-Useful-Definitions.asn1172
-rw-r--r--asn1/SchemaAdministration.asn1260
-rw-r--r--asn1/SelectedAttributeTypes.asn1394
-rw-r--r--asn1/ServiceAdministration.asn1239
-rw-r--r--asn1/SpkmGssTokens.asn1257
-rw-r--r--asn1/UpperBounds.asn1178
-rw-r--r--asn1/UsefulDefinitions.asn1118
-rw-r--r--asn1/x.501-2001-02.form_desc.full.zipbin0 -> 171090 bytes
64 files changed, 17846 insertions, 1628 deletions
diff --git a/asn1/ACSE-1.asn1 b/asn1/ACSE-1.asn1
index 490221f..baa680a 100644
--- a/asn1/ACSE-1.asn1
+++ b/asn1/ACSE-1.asn1
@@ -1,7 +1,4 @@
-- Module ACSE-1 (X.227:04/1995)
--- See also ITU-T X.227 (04/1995)
--- See also the index of all ASN.1 assignments needed in this document
-
ACSE-1 {joint-iso-itu-t association-control(2) modules(0) apdus(0) version1(1)}
-- ACSE-1 refers to ACSE version 1
DEFINITIONS ::=
@@ -40,7 +37,7 @@ ACSE-apdu ::= CHOICE {
AARQ-apdu ::= [APPLICATION 0] IMPLICIT SEQUENCE {
protocol-version
- [0] IMPLICIT BIT STRING {version1(0)}, -- DEFAULT {version1},
+ [0] IMPLICIT BIT STRING {version1(0)} DEFAULT {version1},
application-context-name [1] Application-context-name,
called-AP-title [2] AP-title OPTIONAL,
called-AE-qualifier [3] AE-qualifier OPTIONAL,
@@ -68,7 +65,7 @@ AARQ-apdu ::= [APPLICATION 0] IMPLICIT SEQUENCE {
AARE-apdu ::= [APPLICATION 1] IMPLICIT SEQUENCE {
protocol-version
- [0] IMPLICIT BIT STRING {version1(0)},
+ [0] IMPLICIT BIT STRING {version1(0)} DEFAULT {version1},
application-context-name [1] Application-context-name,
result [2] Associate-result,
result-source-diagnostic [3] Associate-source-diagnostic,
@@ -252,4 +249,5 @@ Release-response-reason ::= INTEGER {
END
--- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/AttributeCertificateDefinitions.asn1 b/asn1/AttributeCertificateDefinitions.asn1
new file mode 100644
index 0000000..d976ed9
--- /dev/null
+++ b/asn1/AttributeCertificateDefinitions.asn1
@@ -0,0 +1,500 @@
+-- Module AttributeCertificateDefinitions (X.509:03/2000)
+AttributeCertificateDefinitions {joint-iso-itu-t ds(5) module(1)
+ attributeCertificateDefinitions(32) 4} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- EXPORTS ALL
+IMPORTS
+ id-at, id-ce, id-mr, informationFramework, authenticationFramework,
+ selectedAttributeTypes, upperBounds, id-oc, certificateExtensions
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ Name, RelativeDistinguishedName, ATTRIBUTE, Attribute, MATCHING-RULE,
+ AttributeType, OBJECT-CLASS, top
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 4}
+ CertificateSerialNumber, CertificateList, AlgorithmIdentifier, EXTENSION,
+ SIGNED{}, InfoSyntax, PolicySyntax, Extensions, Certificate
+ FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
+ authenticationFramework(7) 4}
+ DirectoryString{}, TimeSpecification, UniqueIdentifier
+ FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ selectedAttributeTypes(5) 4}
+ GeneralName, GeneralNames, NameConstraintsSyntax, certificateListExactMatch
+ FROM CertificateExtensions {joint-iso-itu-t ds(5) module(1)
+ certificateExtensions(26) 4}
+ ub-name
+ FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4}
+ UserNotice
+ FROM PKIX1Implicit93 {iso(1) identified-organization(3) dod(6) internet(1)
+ security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit-93(4)}
+ ORAddress
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)};
+
+-- Unless explicitly noted otherwise, there is no significance to the ordering
+-- of components of a SEQUENCE OF construct in this Specification.
+-- attribute certificate constructs
+AttributeCertificate ::=
+ SIGNED{AttributeCertificateInfo}
+
+AttributeCertificateInfo ::= SEQUENCE {
+ version AttCertVersion, -- version is v2
+ holder Holder,
+ issuer AttCertIssuer,
+ signature AlgorithmIdentifier,
+ serialNumber CertificateSerialNumber,
+ attrCertValidityPeriod AttCertValidityPeriod,
+ attributes SEQUENCE OF Attribute,
+ issuerUniqueID UniqueIdentifier OPTIONAL,
+ extensions Extensions OPTIONAL
+}
+
+AttCertVersion ::= INTEGER {v1(0), v2(1)}
+
+Holder ::= SEQUENCE {
+ baseCertificateID [0] IssuerSerial OPTIONAL,
+ -- the issuer and serial number of the holder's Public Key Certificate
+ entityName [1] GeneralNames OPTIONAL,
+ -- the name of the entity or role
+ objectDigestInfo [2] ObjectDigestInfo OPTIONAL-- used to directly authenticate the holder, e.g. an executable
+-- at least one of baseCertificateID, entityName or objectDigestInfo shall be present
+}
+
+ObjectDigestInfo ::= SEQUENCE {
+ digestedObjectType
+ ENUMERATED {publicKey(0), publicKeyCert(1), otherObjectTypes(2)},
+ otherObjectTypeID OBJECT IDENTIFIER OPTIONAL,
+ digestAlgorithm AlgorithmIdentifier,
+ objectDigest BIT STRING
+}
+
+AttCertIssuer ::= [0] SEQUENCE {
+ issuerName GeneralNames OPTIONAL,
+ baseCertificateID [0] IssuerSerial OPTIONAL,
+ objectDigestInfo [1] ObjectDigestInfo OPTIONAL
+}
+-- At least one component shall be present
+(WITH COMPONENTS {
+ ...,
+ issuerName PRESENT
+ } | WITH COMPONENTS {
+ ...,
+ baseCertificateID PRESENT
+ } | WITH COMPONENTS {
+ ...,
+ objectDigestInfo PRESENT
+ })
+
+IssuerSerial ::= SEQUENCE {
+ issuer GeneralNames,
+ serial CertificateSerialNumber,
+ issuerUID UniqueIdentifier OPTIONAL
+}
+
+AttCertValidityPeriod ::= SEQUENCE {
+ notBeforeTime GeneralizedTime,
+ notAfterTime GeneralizedTime
+}
+
+AttributeCertificationPath ::= SEQUENCE {
+ attributeCertificate AttributeCertificate,
+ acPath SEQUENCE OF ACPathData OPTIONAL
+}
+
+ACPathData ::= SEQUENCE {
+ certificate [0] Certificate OPTIONAL,
+ attributeCertificate [1] AttributeCertificate OPTIONAL
+}
+
+PrivilegePolicy ::= OBJECT IDENTIFIER
+
+-- privilege attributes
+role ATTRIBUTE ::= {WITH SYNTAX RoleSyntax
+ ID id-at-role
+}
+
+RoleSyntax ::= SEQUENCE {
+ roleAuthority [0] GeneralNames OPTIONAL,
+ roleName [1] GeneralName
+}
+
+-- PMI object classes
+pmiUser OBJECT-CLASS ::= {
+ SUBCLASS OF {top}
+ KIND auxiliary
+ MAY CONTAIN {attributeCertificateAttribute}
+ ID id-oc-pmiUser
+}
+
+pmiAA OBJECT-CLASS ::= {
+ -- a PMI AA
+ SUBCLASS OF {top}
+ KIND auxiliary
+ MAY CONTAIN
+ {aACertificate | attributeCertificateRevocationList |
+ attributeAuthorityRevocationList}
+ ID id-oc-pmiAA
+}
+
+pmiSOA OBJECT-CLASS ::= { -- a PMI Source of Authority
+ SUBCLASS OF {top}
+ KIND auxiliary
+ MAY CONTAIN
+ {attributeCertificateRevocationList | attributeAuthorityRevocationList |
+ attributeDescriptorCertificate}
+ ID id-oc-pmiSOA
+}
+
+attCertCRLDistributionPt OBJECT-CLASS ::= {
+ SUBCLASS OF {top}
+ KIND auxiliary
+ MAY CONTAIN
+ {attributeCertificateRevocationList | attributeAuthorityRevocationList}
+ ID id-oc-attCertCRLDistributionPts
+}
+
+pmiDelegationPath OBJECT-CLASS ::= {
+ SUBCLASS OF {top}
+ KIND auxiliary
+ MAY CONTAIN {delegationPath}
+ ID id-oc-pmiDelegationPath
+}
+
+privilegePolicy OBJECT-CLASS ::= {
+ SUBCLASS OF {top}
+ KIND auxiliary
+ MAY CONTAIN {privPolicy}
+ ID id-oc-privilegePolicy
+}
+
+-- PMI directory attributes
+attributeCertificateAttribute ATTRIBUTE ::= {
+ WITH SYNTAX AttributeCertificate
+ EQUALITY MATCHING RULE attributeCertificateExactMatch
+ ID id-at-attributeCertificate
+}
+
+aACertificate ATTRIBUTE ::= {
+ WITH SYNTAX AttributeCertificate
+ EQUALITY MATCHING RULE attributeCertificateExactMatch
+ ID id-at-aACertificate
+}
+
+attributeDescriptorCertificate ATTRIBUTE ::= {
+ WITH SYNTAX AttributeCertificate
+ EQUALITY MATCHING RULE attributeCertificateExactMatch
+ ID id-at-attributeDescriptorCertificate
+}
+
+attributeCertificateRevocationList ATTRIBUTE ::= {
+ WITH SYNTAX CertificateList
+ EQUALITY MATCHING RULE certificateListExactMatch
+ ID id-at-attributeCertificateRevocationList
+}
+
+attributeAuthorityRevocationList ATTRIBUTE ::= {
+ WITH SYNTAX CertificateList
+ EQUALITY MATCHING RULE certificateListExactMatch
+ ID id-at-attributeAuthorityRevocationList
+}
+
+delegationPath ATTRIBUTE ::= {
+ WITH SYNTAX AttCertPath
+ ID id-at-delegationPath
+}
+
+AttCertPath ::= SEQUENCE OF AttributeCertificate
+
+privPolicy ATTRIBUTE ::= {
+ WITH SYNTAX PolicySyntax
+ ID id-at-privPolicy
+}
+
+--Attribute certificate extensions and matching rules
+attributeCertificateExactMatch MATCHING-RULE ::= {
+ SYNTAX AttributeCertificateExactAssertion
+ ID id-mr-attributeCertificateExactMatch
+}
+
+AttributeCertificateExactAssertion ::= SEQUENCE {
+ serialNumber CertificateSerialNumber,
+ issuer AttCertIssuer
+}
+
+attributeCertificateMatch MATCHING-RULE ::= {
+ SYNTAX AttributeCertificateAssertion
+ ID id-mr-attributeCertificateMatch
+}
+
+AttributeCertificateAssertion ::= SEQUENCE {
+ holder
+ [0] CHOICE {baseCertificateID [0] IssuerSerial,
+ holderName [1] GeneralNames} OPTIONAL,
+ issuer [1] GeneralNames OPTIONAL,
+ attCertValidity [2] GeneralizedTime OPTIONAL,
+ attType [3] SET OF AttributeType OPTIONAL
+}
+
+-- At least one component of the sequence shall be present
+holderIssuerMatch MATCHING-RULE ::= {
+ SYNTAX HolderIssuerAssertion
+ ID id-mr-holderIssuerMatch
+}
+
+HolderIssuerAssertion ::= SEQUENCE {
+ holder [0] Holder OPTIONAL,
+ issuer [1] AttCertIssuer OPTIONAL
+}
+
+delegationPathMatch MATCHING-RULE ::= {
+ SYNTAX DelMatchSyntax
+ ID id-mr-delegationPathMatch
+}
+
+DelMatchSyntax ::= SEQUENCE {firstIssuer AttCertIssuer,
+ lastHolder Holder
+}
+
+sOAIdentifier EXTENSION ::= {
+ SYNTAX NULL
+ IDENTIFIED BY id-ce-sOAIdentifier
+}
+
+authorityAttributeIdentifier EXTENSION ::= {
+ SYNTAX AuthorityAttributeIdentifierSyntax
+ IDENTIFIED BY {id-ce-authorityAttributeIdentifier}
+}
+
+AuthorityAttributeIdentifierSyntax ::= SEQUENCE SIZE (1..MAX) OF AuthAttId
+
+AuthAttId ::= IssuerSerial
+
+authAttIdMatch MATCHING-RULE ::= {
+ SYNTAX AuthorityAttributeIdentifierSyntax
+ ID id-mr-authAttIdMatch
+}
+
+roleSpecCertIdentifier EXTENSION ::= {
+ SYNTAX RoleSpecCertIdentifierSyntax
+ IDENTIFIED BY {id-ce-roleSpecCertIdentifier}
+}
+
+RoleSpecCertIdentifierSyntax ::=
+ SEQUENCE SIZE (1..MAX) OF RoleSpecCertIdentifier
+
+RoleSpecCertIdentifier ::= SEQUENCE {
+ roleName [0] GeneralName,
+ roleCertIssuer [1] GeneralName,
+ roleCertSerialNumber [2] CertificateSerialNumber OPTIONAL,
+ roleCertLocator [3] GeneralNames OPTIONAL
+}
+
+roleSpecCertIdMatch MATCHING-RULE ::= {
+ SYNTAX RoleSpecCertIdentifierSyntax
+ ID id-mr-roleSpecCertIdMatch
+}
+
+basicAttConstraints EXTENSION ::= {
+ SYNTAX BasicAttConstraintsSyntax
+ IDENTIFIED BY {id-ce-basicAttConstraints}
+}
+
+BasicAttConstraintsSyntax ::= SEQUENCE {
+ authority BOOLEAN DEFAULT FALSE,
+ pathLenConstraint INTEGER(0..MAX) OPTIONAL
+}
+
+basicAttConstraintsMatch MATCHING-RULE ::= {
+ SYNTAX BasicAttConstraintsSyntax
+ ID id-mr-basicAttConstraintsMatch
+}
+
+delegatedNameConstraints EXTENSION ::= {
+ SYNTAX NameConstraintsSyntax
+ IDENTIFIED BY id-ce-delegatedNameConstraints
+}
+
+delegatedNameConstraintsMatch MATCHING-RULE ::= {
+ SYNTAX NameConstraintsSyntax
+ ID id-mr-delegatedNameConstraintsMatch
+}
+
+timeSpecification EXTENSION ::= {
+ SYNTAX TimeSpecification
+ IDENTIFIED BY id-ce-timeSpecification
+}
+
+timeSpecificationMatch MATCHING-RULE ::= {
+ SYNTAX TimeSpecification
+ ID id-mr-timeSpecMatch
+}
+
+acceptableCertPolicies EXTENSION ::= {
+ SYNTAX AcceptableCertPoliciesSyntax
+ IDENTIFIED BY id-ce-acceptableCertPolicies
+}
+
+AcceptableCertPoliciesSyntax ::= SEQUENCE SIZE (1..MAX) OF CertPolicyId
+
+CertPolicyId ::= OBJECT IDENTIFIER
+
+acceptableCertPoliciesMatch MATCHING-RULE ::= {
+ SYNTAX AcceptableCertPoliciesSyntax
+ ID id-mr-acceptableCertPoliciesMatch
+}
+
+attributeDescriptor EXTENSION ::= {
+ SYNTAX AttributeDescriptorSyntax
+ IDENTIFIED BY {id-ce-attributeDescriptor}
+}
+
+AttributeDescriptorSyntax ::= SEQUENCE {
+ identifier AttributeIdentifier,
+ attributeSyntax OCTET STRING(SIZE (1..MAX)),
+ name [0] AttributeName OPTIONAL,
+ description [1] AttributeDescription OPTIONAL,
+ dominationRule PrivilegePolicyIdentifier
+}
+
+AttributeIdentifier ::= ATTRIBUTE.&id({AttributeIDs})
+
+AttributeIDs ATTRIBUTE ::=
+ {...}
+
+AttributeName ::= UTF8String(SIZE (1..MAX))
+
+AttributeDescription ::= UTF8String(SIZE (1..MAX))
+
+PrivilegePolicyIdentifier ::= SEQUENCE {
+ privilegePolicy PrivilegePolicy,
+ privPolSyntax InfoSyntax
+}
+
+attDescriptor MATCHING-RULE ::= {
+ SYNTAX AttributeDescriptorSyntax
+ ID id-mr-attDescriptorMatch
+}
+
+userNotice EXTENSION ::= {
+ SYNTAX SEQUENCE SIZE (1..MAX) OF UserNotice
+ IDENTIFIED BY id-ce-userNotice
+}
+
+targetingInformation EXTENSION ::= {
+ SYNTAX SEQUENCE SIZE (1..MAX) OF Targets
+ IDENTIFIED BY id-ce-targetInformation
+}
+
+Targets ::= SEQUENCE SIZE (1..MAX) OF Target
+
+Target ::= CHOICE {
+ targetName [0] GeneralName,
+ targetGroup [1] GeneralName,
+ targetCert [2] TargetCert
+}
+
+TargetCert ::= SEQUENCE {
+ targetCertificate IssuerSerial,
+ targetName GeneralName OPTIONAL,
+ certDigestInfo ObjectDigestInfo OPTIONAL
+}
+
+noRevAvail EXTENSION ::= {SYNTAX NULL
+ IDENTIFIED BY id-ce-noRevAvail
+}
+
+acceptablePrivilegePolicies EXTENSION ::= {
+ SYNTAX AcceptablePrivilegePoliciesSyntax
+ IDENTIFIED BY id-ce-acceptablePrivilegePolicies
+}
+
+AcceptablePrivilegePoliciesSyntax ::= SEQUENCE SIZE (1..MAX) OF PrivilegePolicy
+
+-- object identifier assignments
+-- object classes
+id-oc-pmiUser OBJECT IDENTIFIER ::=
+ {id-oc 24}
+
+id-oc-pmiAA OBJECT IDENTIFIER ::= {id-oc 25}
+
+id-oc-pmiSOA OBJECT IDENTIFIER ::= {id-oc 26}
+
+id-oc-attCertCRLDistributionPts OBJECT IDENTIFIER ::= {id-oc 27}
+
+id-oc-privilegePolicy OBJECT IDENTIFIER ::= {id-oc 32}
+
+id-oc-pmiDelegationPath OBJECT IDENTIFIER ::= {id-oc 33}
+
+-- directory attributes
+id-at-attributeCertificate OBJECT IDENTIFIER ::=
+ {id-at 58}
+
+id-at-attributeCertificateRevocationList OBJECT IDENTIFIER ::= {id-at 59}
+
+id-at-aACertificate OBJECT IDENTIFIER ::= {id-at 61}
+
+id-at-attributeDescriptorCertificate OBJECT IDENTIFIER ::= {id-at 62}
+
+id-at-attributeAuthorityRevocationList OBJECT IDENTIFIER ::= {id-at 63}
+
+id-at-privPolicy OBJECT IDENTIFIER ::= {id-at 71}
+
+id-at-role OBJECT IDENTIFIER ::= {id-at 72}
+
+id-at-delegationPath OBJECT IDENTIFIER ::= {id-at 73}
+
+--attribute certificate extensions
+id-ce-authorityAttributeIdentifier OBJECT IDENTIFIER ::=
+ {id-ce 38}
+
+id-ce-roleSpecCertIdentifier OBJECT IDENTIFIER ::= {id-ce 39}
+
+id-ce-basicAttConstraints OBJECT IDENTIFIER ::= {id-ce 41}
+
+id-ce-delegatedNameConstraints OBJECT IDENTIFIER ::= {id-ce 42}
+
+id-ce-timeSpecification OBJECT IDENTIFIER ::= {id-ce 43}
+
+id-ce-attributeDescriptor OBJECT IDENTIFIER ::= {id-ce 48}
+
+id-ce-userNotice OBJECT IDENTIFIER ::= {id-ce 49}
+
+id-ce-sOAIdentifier OBJECT IDENTIFIER ::= {id-ce 50}
+
+id-ce-acceptableCertPolicies OBJECT IDENTIFIER ::= {id-ce 52}
+
+id-ce-targetInformation OBJECT IDENTIFIER ::= {id-ce 55}
+
+id-ce-noRevAvail OBJECT IDENTIFIER ::= {id-ce 56}
+
+id-ce-acceptablePrivilegePolicies OBJECT IDENTIFIER ::= {id-ce 57}
+
+-- PMI matching rules
+id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::=
+ {id-mr 42}
+
+id-mr-attributeCertificateExactMatch OBJECT IDENTIFIER ::= {id-mr 45}
+
+id-mr-holderIssuerMatch OBJECT IDENTIFIER ::= {id-mr 46}
+
+id-mr-authAttIdMatch OBJECT IDENTIFIER ::= {id-mr 53}
+
+id-mr-roleSpecCertIdMatch OBJECT IDENTIFIER ::= {id-mr 54}
+
+id-mr-basicAttConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 55}
+
+id-mr-delegatedNameConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 56}
+
+id-mr-timeSpecMatch OBJECT IDENTIFIER ::= {id-mr 57}
+
+id-mr-attDescriptorMatch OBJECT IDENTIFIER ::= {id-mr 58}
+
+id-mr-acceptableCertPoliciesMatch OBJECT IDENTIFIER ::= {id-mr 59}
+
+id-mr-delegationPathMatch OBJECT IDENTIFIER ::= {id-mr 61}
+
+END
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/AuthenticationFramework.asn1 b/asn1/AuthenticationFramework.asn1
new file mode 100644
index 0000000..35b8164
--- /dev/null
+++ b/asn1/AuthenticationFramework.asn1
@@ -0,0 +1,363 @@
+-- Module AuthenticationFramework (X.509:03/2000)
+AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
+ authenticationFramework(7) 4} DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ id-at, id-nf, id-oc, informationFramework, upperBounds,
+ selectedAttributeTypes, basicAccessControl, certificateExtensions
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ Name, ATTRIBUTE, OBJECT-CLASS, NAME-FORM, top
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 4}
+ ub-user-password, ub-content
+ FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4}
+ UniqueIdentifier, octetStringMatch, DirectoryString{}, commonName
+ FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ selectedAttributeTypes(5) 4}
+ certificateExactMatch, certificatePairExactMatch, certificateListExactMatch,
+ KeyUsage, GeneralNames, CertificatePoliciesSyntax,
+ algorithmIdentifierMatch, CertPolicyId
+ FROM CertificateExtensions {joint-iso-itu-t ds(5) module(1)
+ certificateExtensions(26) 4};
+
+-- public-key certificate definition
+Certificate ::=
+ SIGNED
+ {SEQUENCE {version [0] Version DEFAULT v1,
+ serialNumber CertificateSerialNumber,
+ signature AlgorithmIdentifier,
+ issuer Name,
+ validity Validity,
+ subject Name,
+ subjectPublicKeyInfo SubjectPublicKeyInfo,
+ issuerUniqueIdentifier [1] IMPLICIT UniqueIdentifier OPTIONAL,
+ -- if present, version shall be v2 or v3
+ subjectUniqueIdentifier [2] IMPLICIT UniqueIdentifier OPTIONAL,
+ -- if present, version shall be v2 or v3
+ extensions [3] Extensions OPTIONAL
+ }} -- If present, version shall be v3
+
+Version ::= INTEGER {v1(0), v2(1), v3(2)}
+
+CertificateSerialNumber ::= INTEGER
+
+AlgorithmIdentifier ::= SEQUENCE {
+ algorithm ALGORITHM.&id({SupportedAlgorithms}),
+ parameters ALGORITHM.&Type({SupportedAlgorithms}{@algorithm}) OPTIONAL
+}
+
+-- Definition of the following information object set is deferred, perhaps to standardized
+-- profiles or to protocol implementation conformance statements. The set is required to
+-- specify a table constraint on the parameters component of AlgorithmIdentifier.
+SupportedAlgorithms ALGORITHM ::=
+ {...}
+
+Validity ::= SEQUENCE {notBefore Time,
+ notAfter Time
+}
+
+SubjectPublicKeyInfo ::= SEQUENCE {
+ algorithm AlgorithmIdentifier,
+ subjectPublicKey BIT STRING
+}
+
+Time ::= CHOICE {utcTime UTCTime,
+ generalizedTime GeneralizedTime
+}
+
+Extensions ::= SEQUENCE OF Extension
+
+-- For those extensions where ordering of individual extensions within the SEQUENCE is significant, the
+-- specification of those individual extensions shall include the rules for the significance of the order therein
+Extension ::= SEQUENCE {
+ extnId EXTENSION.&id({ExtensionSet}),
+ critical BOOLEAN DEFAULT FALSE,
+ extnValue OCTET STRING
+}
+
+-- contains a DER encoding of a value of type &ExtnType
+-- for the extension object identified by extnId
+ExtensionSet EXTENSION ::=
+ {...}
+
+EXTENSION ::= CLASS {&id OBJECT IDENTIFIER UNIQUE,
+ &ExtnType
+}WITH SYNTAX {SYNTAX &ExtnType
+ IDENTIFIED BY &id
+}
+
+-- other PKI certificate constructs
+Certificates ::= SEQUENCE {
+ userCertificate Certificate,
+ certificationPath ForwardCertificationPath OPTIONAL
+}
+
+ForwardCertificationPath ::= SEQUENCE OF CrossCertificates
+
+CrossCertificates ::= SET OF Certificate
+
+CertificationPath ::= SEQUENCE {
+ userCertificate Certificate,
+ theCACertificates SEQUENCE OF CertificatePair OPTIONAL
+}
+
+CertificatePair ::= SEQUENCE {
+ forward [0] Certificate OPTIONAL,
+ reverse [1] Certificate OPTIONAL
+}
+-- at least one of the pair shall be present
+(WITH COMPONENTS {
+ ...,
+ forward PRESENT
+ } | WITH COMPONENTS {
+ ...,
+ reverse PRESENT
+ })
+
+-- certificate revocation list (CRL)
+CertificateList ::=
+ SIGNED
+ {SEQUENCE {version Version OPTIONAL,
+ -- if present, version shall be v2
+ signature AlgorithmIdentifier,
+ issuer Name,
+ thisUpdate Time,
+ nextUpdate Time OPTIONAL,
+ revokedCertificates
+ SEQUENCE OF
+ SEQUENCE {serialNumber CertificateSerialNumber,
+ revocationDate Time,
+ crlEntryExtensions Extensions OPTIONAL} OPTIONAL,
+ crlExtensions [0] Extensions OPTIONAL}}
+
+-- information object classes
+ALGORITHM ::= TYPE-IDENTIFIER
+
+-- parameterized types
+HASH{ToBeHashed} ::= SEQUENCE {
+ algorithmIdentifier AlgorithmIdentifier,
+ hashValue
+ BIT STRING
+ (CONSTRAINED BY {
+ -- shall be the result of applying a hashing procedure to the DER-encoded octets
+ -- of a value of -- ToBeHashed})
+}
+
+ENCRYPTED-HASH{ToBeSigned} ::=
+ BIT STRING
+ (CONSTRAINED BY {
+ -- shall be the result of applying a hashing procedure to the DER-encoded (see 6.1) octets
+ -- of a value of --ToBeSigned -- and then applying an encipherment procedure to those octets --})
+
+ENCRYPTED{ToBeEnciphered} ::=
+ BIT STRING
+ (CONSTRAINED BY {
+ -- shall be the result of applying an encipherment procedure
+ -- to the BER-encoded octets of a value of --ToBeEnciphered})
+
+SIGNATURE{ToBeSigned} ::= SEQUENCE {
+ algorithmIdentifier AlgorithmIdentifier,
+ encrypted ENCRYPTED-HASH{ToBeSigned}
+}
+
+SIGNED{ToBeSigned} ::= SEQUENCE {
+ toBeSigned ToBeSigned,
+ COMPONENTS OF SIGNATURE{ToBeSigned}
+}
+
+-- PKI object classes
+pkiUser OBJECT-CLASS ::= {
+ SUBCLASS OF {top}
+ KIND auxiliary
+ MAY CONTAIN {userCertificate}
+ ID id-oc-pkiUser
+}
+
+pkiCA OBJECT-CLASS ::= {
+ SUBCLASS OF {top}
+ KIND auxiliary
+ MAY CONTAIN
+ {cACertificate | certificateRevocationList | authorityRevocationList |
+ crossCertificatePair}
+ ID id-oc-pkiCA
+}
+
+cRLDistributionPoint OBJECT-CLASS ::= {
+ SUBCLASS OF {top}
+ KIND structural
+ MUST CONTAIN {commonName}
+ MAY CONTAIN
+ {certificateRevocationList | authorityRevocationList | deltaRevocationList}
+ ID id-oc-cRLDistributionPoint
+}
+
+cRLDistPtNameForm NAME-FORM ::= {
+ NAMES cRLDistributionPoint
+ WITH ATTRIBUTES {commonName}
+ ID id-nf-cRLDistPtNameForm
+}
+
+deltaCRL OBJECT-CLASS ::= {
+ SUBCLASS OF {top}
+ KIND auxiliary
+ MAY CONTAIN {deltaRevocationList}
+ ID id-oc-deltaCRL
+}
+
+cpCps OBJECT-CLASS ::= {
+ SUBCLASS OF {top}
+ KIND auxiliary
+ MAY CONTAIN {certificatePolicy | certificationPracticeStmt}
+ ID id-oc-cpCps
+}
+
+pkiCertPath OBJECT-CLASS ::= {
+ SUBCLASS OF {top}
+ KIND auxiliary
+ MAY CONTAIN {pkiPath}
+ ID id-oc-pkiCertPath
+}
+
+-- PKI directory attributes
+userCertificate ATTRIBUTE ::= {
+ WITH SYNTAX Certificate
+ EQUALITY MATCHING RULE certificateExactMatch
+ ID id-at-userCertificate
+}
+
+cACertificate ATTRIBUTE ::= {
+ WITH SYNTAX Certificate
+ EQUALITY MATCHING RULE certificateExactMatch
+ ID id-at-cAcertificate
+}
+
+crossCertificatePair ATTRIBUTE ::= {
+ WITH SYNTAX CertificatePair
+ EQUALITY MATCHING RULE certificatePairExactMatch
+ ID id-at-crossCertificatePair
+}
+
+certificateRevocationList ATTRIBUTE ::= {
+ WITH SYNTAX CertificateList
+ EQUALITY MATCHING RULE certificateListExactMatch
+ ID id-at-certificateRevocationList
+}
+
+authorityRevocationList ATTRIBUTE ::= {
+ WITH SYNTAX CertificateList
+ EQUALITY MATCHING RULE certificateListExactMatch
+ ID id-at-authorityRevocationList
+}
+
+deltaRevocationList ATTRIBUTE ::= {
+ WITH SYNTAX CertificateList
+ EQUALITY MATCHING RULE certificateListExactMatch
+ ID id-at-deltaRevocationList
+}
+
+supportedAlgorithms ATTRIBUTE ::= {
+ WITH SYNTAX SupportedAlgorithm
+ EQUALITY MATCHING RULE algorithmIdentifierMatch
+ ID id-at-supportedAlgorithms
+}
+
+SupportedAlgorithm ::= SEQUENCE {
+ algorithmIdentifier AlgorithmIdentifier,
+ intendedUsage [0] KeyUsage OPTIONAL,
+ intendedCertificatePolicies [1] CertificatePoliciesSyntax OPTIONAL
+}
+
+certificationPracticeStmt ATTRIBUTE ::= {
+ WITH SYNTAX InfoSyntax
+ ID id-at-certificationPracticeStmt
+}
+
+InfoSyntax ::= CHOICE {
+ content DirectoryString{ub-content},
+ pointer SEQUENCE {name GeneralNames,
+ hash HASH{HashedPolicyInfo} OPTIONAL}
+}
+
+POLICY ::= TYPE-IDENTIFIER
+
+HashedPolicyInfo ::= POLICY.&Type({Policies})
+
+Policies POLICY ::=
+ {...} -- Defined by implementors
+
+certificatePolicy ATTRIBUTE ::= {
+ WITH SYNTAX PolicySyntax
+ ID id-at-certificatePolicy
+}
+
+PolicySyntax ::= SEQUENCE {
+ policyIdentifier PolicyID,
+ policySyntax InfoSyntax
+}
+
+PolicyID ::= CertPolicyId
+
+pkiPath ATTRIBUTE ::= {WITH SYNTAX PkiPath
+ ID id-at-pkiPath
+}
+
+PkiPath ::= SEQUENCE OF CrossCertificates
+
+userPassword ATTRIBUTE ::= {
+ WITH SYNTAX OCTET STRING(SIZE (0..ub-user-password))
+ EQUALITY MATCHING RULE octetStringMatch
+ ID id-at-userPassword
+}
+
+-- object identifier assignments
+-- object classes
+id-oc-cRLDistributionPoint OBJECT IDENTIFIER ::=
+ {id-oc 19}
+
+id-oc-pkiUser OBJECT IDENTIFIER ::= {id-oc 21}
+
+id-oc-pkiCA OBJECT IDENTIFIER ::= {id-oc 22}
+
+id-oc-deltaCRL OBJECT IDENTIFIER ::= {id-oc 23}
+
+id-oc-cpCps OBJECT IDENTIFIER ::= {id-oc 30}
+
+id-oc-pkiCertPath OBJECT IDENTIFIER ::= {id-oc 31}
+
+--name forms
+id-nf-cRLDistPtNameForm OBJECT IDENTIFIER ::= {id-nf 14}
+
+--directory attributes
+id-at-userPassword OBJECT IDENTIFIER ::= {id-at 35}
+
+id-at-userCertificate OBJECT IDENTIFIER ::= {id-at 36}
+
+id-at-cAcertificate OBJECT IDENTIFIER ::= {id-at 37}
+
+id-at-authorityRevocationList OBJECT IDENTIFIER ::= {id-at 38}
+
+id-at-certificateRevocationList OBJECT IDENTIFIER ::= {id-at 39}
+
+id-at-crossCertificatePair OBJECT IDENTIFIER ::= {id-at 40}
+
+id-at-supportedAlgorithms OBJECT IDENTIFIER ::= {id-at 52}
+
+id-at-deltaRevocationList OBJECT IDENTIFIER ::= {id-at 53}
+
+id-at-certificationPracticeStmt OBJECT IDENTIFIER ::= {id-at 68}
+
+id-at-certificatePolicy OBJECT IDENTIFIER ::= {id-at 69}
+
+id-at-pkiPath OBJECT IDENTIFIER ::= {id-at 70}
+
+END
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/BasicAccessControl.asn1 b/asn1/BasicAccessControl.asn1
new file mode 100644
index 0000000..9877227
--- /dev/null
+++ b/asn1/BasicAccessControl.asn1
@@ -0,0 +1,191 @@
+-- Module BasicAccessControl (X.501:02/2001)
+BasicAccessControl {joint-iso-itu-t ds(5) module(1) basicAccessControl(24) 4}
+DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ directoryAbstractService, id-aca, id-acScheme, informationFramework,
+ selectedAttributeTypes, upperBounds
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ ATTRIBUTE, AttributeType, ContextAssertion, DistinguishedName, MATCHING-RULE,
+ objectIdentifierMatch, Refinement, SubtreeSpecification,
+ SupportedAttributes
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 4}
+ -- from ITU-T Rec. X.511 | ISO/IEC 9594-3
+ Filter
+ FROM DirectoryAbstractService {joint-iso-itu-t ds(5) module(1)
+ directoryAbstractService(2) 4}
+ -- from ITU-T Rec. X.520 | ISO/IEC 9594-6
+ DirectoryString{}, directoryStringFirstComponentMatch, NameAndOptionalUID,
+ UniqueIdentifier
+ FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ selectedAttributeTypes(5) 4}
+ ub-tag
+ FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4};
+
+-- types
+ACIItem ::= SEQUENCE {
+ identificationTag DirectoryString{ub-tag},
+ precedence Precedence,
+ authenticationLevel AuthenticationLevel,
+ itemOrUserFirst
+ CHOICE {itemFirst
+ [0] SEQUENCE {protectedItems ProtectedItems,
+ itemPermissions SET OF ItemPermission},
+ userFirst
+ [1] SEQUENCE {userClasses UserClasses,
+ userPermissions SET OF UserPermission}}
+}
+
+Precedence ::= INTEGER(0..255)
+
+ProtectedItems ::= SEQUENCE {
+ entry [0] NULL OPTIONAL,
+ allUserAttributeTypes [1] NULL OPTIONAL,
+ attributeType
+ [2] SET SIZE (1..MAX) OF AttributeType OPTIONAL,
+ allAttributeValues
+ [3] SET SIZE (1..MAX) OF AttributeType OPTIONAL,
+ allUserAttributeTypesAndValues [4] NULL OPTIONAL,
+ attributeValue
+ [5] SET SIZE (1..MAX) OF AttributeTypeAndValue OPTIONAL,
+ selfValue
+ [6] SET SIZE (1..MAX) OF AttributeType OPTIONAL,
+ rangeOfValues [7] Filter OPTIONAL,
+ maxValueCount
+ [8] SET SIZE (1..MAX) OF MaxValueCount OPTIONAL,
+ maxImmSub [9] INTEGER OPTIONAL,
+ restrictedBy
+ [10] SET SIZE (1..MAX) OF RestrictedValue OPTIONAL,
+ contexts
+ [11] SET SIZE (1..MAX) OF ContextAssertion OPTIONAL,
+ classes [12] Refinement OPTIONAL
+}
+
+MaxValueCount ::= SEQUENCE {type AttributeType,
+ maxCount INTEGER
+}
+
+RestrictedValue ::= SEQUENCE {type AttributeType,
+ valuesIn AttributeType
+}
+
+UserClasses ::= SEQUENCE {
+ allUsers [0] NULL OPTIONAL,
+ thisEntry [1] NULL OPTIONAL,
+ name [2] SET SIZE (1..MAX) OF NameAndOptionalUID OPTIONAL,
+ userGroup [3] SET SIZE (1..MAX) OF NameAndOptionalUID OPTIONAL,
+ -- dn component shall be the name of an
+ -- entry of GroupOfUniqueNames
+ subtree [4] SET SIZE (1..MAX) OF SubtreeSpecification OPTIONAL
+}
+
+ItemPermission ::= SEQUENCE {
+ precedence Precedence OPTIONAL,
+ -- defaults to precedence in ACIItem
+ userClasses UserClasses,
+ grantsAndDenials GrantsAndDenials
+}
+
+UserPermission ::= SEQUENCE {
+ precedence Precedence OPTIONAL,
+ -- defaults to precedence in ACIItem
+ protectedItems ProtectedItems,
+ grantsAndDenials GrantsAndDenials
+}
+
+AuthenticationLevel ::= CHOICE {
+ basicLevels
+ SEQUENCE {level ENUMERATED {none(0), simple(1), strong(2)},
+ localQualifier INTEGER OPTIONAL,
+ signed BOOLEAN DEFAULT FALSE},
+ other EXTERNAL
+}
+
+GrantsAndDenials ::= BIT STRING {
+ -- permissions that may be used in conjunction
+ -- with any component of ProtectedItems
+ grantAdd(0), denyAdd(1), grantDiscloseOnError(2), denyDiscloseOnError(3),
+ grantRead(4), denyRead(5), grantRemove(6),
+ denyRemove(7),
+ -- permissions that may be used only in conjunction
+ -- with the entry component
+ grantBrowse(8), denyBrowse(9), grantExport(10), denyExport(11),
+ grantImport(12), denyImport(13), grantModify(14), denyModify(15),
+ grantRename(16), denyRename(17), grantReturnDN(18),
+ denyReturnDN(19),
+ -- permissions that may be used in conjunction
+ -- with any component, except entry, of ProtectedItems
+ grantCompare(20), denyCompare(21), grantFilterMatch(22), denyFilterMatch(23),
+ grantInvoke(24), denyInvoke(25)}
+
+AttributeTypeAndValue ::= SEQUENCE {
+ type ATTRIBUTE.&id({SupportedAttributes}),
+ value ATTRIBUTE.&Type({SupportedAttributes}{@type})
+}
+
+-- attributes
+accessControlScheme ATTRIBUTE ::= {
+ WITH SYNTAX OBJECT IDENTIFIER
+ EQUALITY MATCHING RULE objectIdentifierMatch
+ SINGLE VALUE TRUE
+ USAGE directoryOperation
+ ID id-aca-accessControlScheme
+}
+
+prescriptiveACI ATTRIBUTE ::= {
+ WITH SYNTAX ACIItem
+ EQUALITY MATCHING RULE directoryStringFirstComponentMatch
+ USAGE directoryOperation
+ ID id-aca-prescriptiveACI
+}
+
+entryACI ATTRIBUTE ::= {
+ WITH SYNTAX ACIItem
+ EQUALITY MATCHING RULE directoryStringFirstComponentMatch
+ USAGE directoryOperation
+ ID id-aca-entryACI
+}
+
+subentryACI ATTRIBUTE ::= {
+ WITH SYNTAX ACIItem
+ EQUALITY MATCHING RULE directoryStringFirstComponentMatch
+ USAGE directoryOperation
+ ID id-aca-subentryACI
+}
+
+-- object identifier assignments
+-- attributes
+id-aca-accessControlScheme OBJECT IDENTIFIER ::=
+ {id-aca 1}
+
+id-aca-prescriptiveACI OBJECT IDENTIFIER ::= {id-aca 4}
+
+id-aca-entryACI OBJECT IDENTIFIER ::= {id-aca 5}
+
+id-aca-subentryACI OBJECT IDENTIFIER ::= {id-aca 6}
+
+-- access control schemes -
+basicAccessControlScheme OBJECT IDENTIFIER ::=
+ {id-acScheme 1}
+
+simplifiedAccessControlScheme OBJECT IDENTIFIER ::= {id-acScheme 2}
+
+rule-based-access-control OBJECT IDENTIFIER ::= {id-acScheme 3}
+
+rule-and-basic-access-control OBJECT IDENTIFIER ::= {id-acScheme 4}
+
+rule-and-simple-access-control OBJECT IDENTIFIER ::= {id-acScheme 5}
+
+END -- BasicAccessControl
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/CertificateExtensions.asn1 b/asn1/CertificateExtensions.asn1
new file mode 100644
index 0000000..aeb5125
--- /dev/null
+++ b/asn1/CertificateExtensions.asn1
@@ -0,0 +1,622 @@
+-- Module CertificateExtensions (X.509:03/2000)
+-- A.2 Certificate extensions module
+CertificateExtensions {joint-iso-itu-t ds(5) module(1)
+ certificateExtensions(26) 4} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- EXPORTS ALL
+IMPORTS
+ id-at, id-ce, id-mr, informationFramework, authenticationFramework,
+ selectedAttributeTypes, upperBounds
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ Name, RelativeDistinguishedName, ATTRIBUTE, Attribute, MATCHING-RULE
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 4}
+ CertificateSerialNumber, CertificateList, AlgorithmIdentifier, EXTENSION,
+ Time, PolicyID
+ FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
+ authenticationFramework(7) 4}
+ DirectoryString
+ FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ selectedAttributeTypes(5) 4}
+ ub-name
+ FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4}
+ ORAddress
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)};
+
+-- Unless explicitly noted otherwise, there is no significance to the ordering
+-- of components of a SEQUENCE OF construct in this Specification.
+-- public-key certificate and CRL extensions
+aAissuingDistributionPoint EXTENSION ::= {
+ SYNTAX AAIssuingDistPointSyntax
+ IDENTIFIED BY id-ce-AAissuingDistributionPoint
+}
+
+AAIssuingDistPointSyntax ::= SEQUENCE {
+ distributionPoint [0] DistributionPointName OPTIONAL,
+ onlySomeReasons [1] ReasonFlags OPTIONAL,
+ indirectCRL [2] BOOLEAN DEFAULT FALSE,
+ containsUserAttributeCerts [3] BOOLEAN DEFAULT TRUE,
+ containsAACerts [4] BOOLEAN DEFAULT TRUE,
+ containsSOAPublicKeyCerts [5] BOOLEAN DEFAULT TRUE
+}
+
+authorityKeyIdentifier EXTENSION ::= {
+ SYNTAX AuthorityKeyIdentifier
+ IDENTIFIED BY id-ce-authorityKeyIdentifier
+}
+
+AuthorityKeyIdentifier ::= SEQUENCE {
+ keyIdentifier [0] KeyIdentifier OPTIONAL,
+ authorityCertIssuer [1] GeneralNames OPTIONAL,
+ authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL
+}
+(WITH COMPONENTS {
+ ...,
+ authorityCertIssuer PRESENT,
+ authorityCertSerialNumber PRESENT
+ } |
+ WITH COMPONENTS {
+ ...,
+ authorityCertIssuer ABSENT,
+ authorityCertSerialNumber ABSENT
+ })
+
+KeyIdentifier ::= OCTET STRING
+
+subjectKeyIdentifier EXTENSION ::= {
+ SYNTAX SubjectKeyIdentifier
+ IDENTIFIED BY id-ce-subjectKeyIdentifier
+}
+
+SubjectKeyIdentifier ::= KeyIdentifier
+
+keyUsage EXTENSION ::= {SYNTAX KeyUsage
+ IDENTIFIED BY id-ce-keyUsage
+}
+
+KeyUsage ::= BIT STRING {
+ digitalSignature(0), contentCommitment(1), keyEncipherment(2),
+ dataEncipherment(3), keyAgreement(4), keyCertSign(5), cRLSign(6),
+ encipherOnly(7), decipherOnly(8)}
+
+extKeyUsage EXTENSION ::= {
+ SYNTAX SEQUENCE SIZE (1..MAX) OF KeyPurposeId
+ IDENTIFIED BY id-ce-extKeyUsage
+}
+
+anyExtendedKeyUsage OBJECT IDENTIFIER ::= {2 5 29 37 0}
+
+KeyPurposeId ::= OBJECT IDENTIFIER
+
+privateKeyUsagePeriod EXTENSION ::= {
+ SYNTAX PrivateKeyUsagePeriod
+ IDENTIFIED BY id-ce-privateKeyUsagePeriod
+}
+
+PrivateKeyUsagePeriod ::= SEQUENCE {
+ notBefore [0] GeneralizedTime OPTIONAL,
+ notAfter [1] GeneralizedTime OPTIONAL
+}
+(WITH COMPONENTS {
+ ...,
+ notBefore PRESENT
+ } | WITH COMPONENTS {
+ ...,
+ notAfter PRESENT
+ })
+
+certificatePolicies EXTENSION ::= {
+ SYNTAX CertificatePoliciesSyntax
+ IDENTIFIED BY id-ce-certificatePolicies
+}
+
+CertificatePoliciesSyntax ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
+
+PolicyInformation ::= SEQUENCE {
+ policyIdentifier CertPolicyId,
+ policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL
+}
+
+CertPolicyId ::= OBJECT IDENTIFIER
+
+PolicyQualifierInfo ::= SEQUENCE {
+ policyQualifierId CERT-POLICY-QUALIFIER.&id({SupportedPolicyQualifiers}),
+ qualifier
+ CERT-POLICY-QUALIFIER.&Qualifier
+ ({SupportedPolicyQualifiers}{@policyQualifierId}) OPTIONAL
+}
+
+SupportedPolicyQualifiers CERT-POLICY-QUALIFIER ::=
+ {...}
+
+anyPolicy OBJECT IDENTIFIER ::= {2 5 29 32 0}
+
+CERT-POLICY-QUALIFIER ::= CLASS {
+ &id OBJECT IDENTIFIER UNIQUE,
+ &Qualifier OPTIONAL
+}WITH SYNTAX {POLICY-QUALIFIER-ID &id
+ [QUALIFIER-TYPE &Qualifier]
+}
+
+policyMappings EXTENSION ::= {
+ SYNTAX PolicyMappingsSyntax
+ IDENTIFIED BY id-ce-policyMappings
+}
+
+PolicyMappingsSyntax ::=
+ SEQUENCE SIZE (1..MAX) OF
+ SEQUENCE {issuerDomainPolicy CertPolicyId,
+ subjectDomainPolicy CertPolicyId}
+
+subjectAltName EXTENSION ::= {
+ SYNTAX GeneralNames
+ IDENTIFIED BY id-ce-subjectAltName
+}
+
+GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
+
+GeneralName ::= CHOICE {
+ otherName [0] INSTANCE OF OTHER-NAME,
+ rfc822Name [1] IA5String,
+ dNSName [2] IA5String,
+ x400Address [3] ORAddress,
+ directoryName [4] Name,
+ ediPartyName [5] EDIPartyName,
+ uniformResourceIdentifier [6] IA5String,
+ iPAddress [7] OCTET STRING,
+ registeredID [8] OBJECT IDENTIFIER
+}
+
+OTHER-NAME ::= TYPE-IDENTIFIER
+
+EDIPartyName ::= SEQUENCE {
+ nameAssigner [0] DirectoryString{ub-name} OPTIONAL,
+ partyName [1] DirectoryString{ub-name}
+}
+
+issuerAltName EXTENSION ::= {
+ SYNTAX GeneralNames
+ IDENTIFIED BY id-ce-issuerAltName
+}
+
+subjectDirectoryAttributes EXTENSION ::= {
+ SYNTAX AttributesSyntax
+ IDENTIFIED BY id-ce-subjectDirectoryAttributes
+}
+
+AttributesSyntax ::= SEQUENCE SIZE (1..MAX) OF Attribute
+
+basicConstraints EXTENSION ::= {
+ SYNTAX BasicConstraintsSyntax
+ IDENTIFIED BY id-ce-basicConstraints
+}
+
+BasicConstraintsSyntax ::= SEQUENCE {
+ cA BOOLEAN DEFAULT FALSE,
+ pathLenConstraint INTEGER(0..MAX) OPTIONAL
+}
+
+nameConstraints EXTENSION ::= {
+ SYNTAX NameConstraintsSyntax
+ IDENTIFIED BY id-ce-nameConstraints
+}
+
+NameConstraintsSyntax ::= SEQUENCE {
+ permittedSubtrees [0] GeneralSubtrees OPTIONAL,
+ excludedSubtrees [1] GeneralSubtrees OPTIONAL
+}(ALL EXCEPT ({ --none; at least one component shall be present--}))
+
+GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
+
+GeneralSubtree ::= SEQUENCE {
+ base GeneralName,
+ minimum [0] BaseDistance DEFAULT 0,
+ maximum [1] BaseDistance OPTIONAL
+}
+
+BaseDistance ::= INTEGER(0..MAX)
+
+policyConstraints EXTENSION ::= {
+ SYNTAX PolicyConstraintsSyntax
+ IDENTIFIED BY id-ce-policyConstraints
+}
+
+PolicyConstraintsSyntax ::= SEQUENCE {
+ requireExplicitPolicy [0] SkipCerts OPTIONAL,
+ inhibitPolicyMapping [1] SkipCerts OPTIONAL
+}
+
+SkipCerts ::= INTEGER(0..MAX)
+
+cRLNumber EXTENSION ::= {
+ SYNTAX CRLNumber
+ IDENTIFIED BY id-ce-cRLNumber
+}
+
+CRLNumber ::= INTEGER(0..MAX)
+
+reasonCode EXTENSION ::= {
+ SYNTAX CRLReason
+ IDENTIFIED BY id-ce-reasonCode
+}
+
+CRLReason ::= ENUMERATED {
+ unspecified(0), keyCompromise(1), cACompromise(2), affiliationChanged(3),
+ superseded(4), cessationOfOperation(5), certificateHold(6), removeFromCRL(8),
+ privilegeWithdrawn(9), aaCompromise(10)}
+
+holdInstructionCode EXTENSION ::= {
+ SYNTAX HoldInstruction
+ IDENTIFIED BY id-ce-instructionCode
+}
+
+HoldInstruction ::= OBJECT IDENTIFIER
+
+invalidityDate EXTENSION ::= {
+ SYNTAX GeneralizedTime
+ IDENTIFIED BY id-ce-invalidityDate
+}
+
+crlScope EXTENSION ::= {
+ SYNTAX CRLScopeSyntax
+ IDENTIFIED BY id-ce-cRLScope
+}
+
+CRLScopeSyntax ::= SEQUENCE SIZE (1..MAX) OF PerAuthorityScope
+
+PerAuthorityScope ::= SEQUENCE {
+ authorityName [0] GeneralName OPTIONAL,
+ distributionPoint [1] DistributionPointName OPTIONAL,
+ onlyContains [2] OnlyCertificateTypes OPTIONAL,
+ onlySomeReasons [4] ReasonFlags OPTIONAL,
+ serialNumberRange [5] NumberRange OPTIONAL,
+ subjectKeyIdRange [6] NumberRange OPTIONAL,
+ nameSubtrees [7] GeneralNames OPTIONAL,
+ baseRevocationInfo [9] BaseRevocationInfo OPTIONAL
+}
+
+OnlyCertificateTypes ::= BIT STRING {user(0), authority(1), attribute(2)}
+
+NumberRange ::= SEQUENCE {
+ startingNumber [0] INTEGER OPTIONAL,
+ endingNumber [1] INTEGER OPTIONAL,
+ modulus INTEGER OPTIONAL
+}
+
+BaseRevocationInfo ::= SEQUENCE {
+ cRLStreamIdentifier [0] CRLStreamIdentifier OPTIONAL,
+ cRLNumber [1] CRLNumber,
+ baseThisUpdate [2] GeneralizedTime
+}
+
+statusReferrals EXTENSION ::= {
+ SYNTAX StatusReferrals
+ IDENTIFIED BY id-ce-statusReferrals
+}
+
+StatusReferrals ::= SEQUENCE SIZE (1..MAX) OF StatusReferral
+
+StatusReferral ::= CHOICE {
+ cRLReferral [0] CRLReferral,
+ otherReferral [1] INSTANCE OF OTHER-REFERRAL
+}
+
+CRLReferral ::= SEQUENCE {
+ issuer [0] GeneralName OPTIONAL,
+ location [1] GeneralName OPTIONAL,
+ deltaRefInfo [2] DeltaRefInfo OPTIONAL,
+ cRLScope CRLScopeSyntax,
+ lastUpdate [3] GeneralizedTime OPTIONAL,
+ lastChangedCRL [4] GeneralizedTime OPTIONAL
+}
+
+DeltaRefInfo ::= SEQUENCE {
+ deltaLocation GeneralName,
+ lastDelta GeneralizedTime OPTIONAL
+}
+
+OTHER-REFERRAL ::= TYPE-IDENTIFIER
+
+cRLStreamIdentifier EXTENSION ::= {
+ SYNTAX CRLStreamIdentifier
+ IDENTIFIED BY id-ce-cRLStreamIdentifier
+}
+
+CRLStreamIdentifier ::= INTEGER(0..MAX)
+
+orderedList EXTENSION ::= {
+ SYNTAX OrderedListSyntax
+ IDENTIFIED BY id-ce-orderedList
+}
+
+OrderedListSyntax ::= ENUMERATED {ascSerialNum(0), ascRevDate(1)}
+
+deltaInfo EXTENSION ::= {
+ SYNTAX DeltaInformation
+ IDENTIFIED BY id-ce-deltaInfo
+}
+
+DeltaInformation ::= SEQUENCE {
+ deltaLocation GeneralName,
+ nextDelta GeneralizedTime OPTIONAL
+}
+
+cRLDistributionPoints EXTENSION ::= {
+ SYNTAX CRLDistPointsSyntax
+ IDENTIFIED BY id-ce-cRLDistributionPoints
+}
+
+CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
+
+DistributionPoint ::= SEQUENCE {
+ distributionPoint [0] DistributionPointName OPTIONAL,
+ reasons [1] ReasonFlags OPTIONAL,
+ cRLIssuer [2] GeneralNames OPTIONAL
+}
+
+DistributionPointName ::= CHOICE {
+ fullName [0] GeneralNames,
+ nameRelativeToCRLIssuer [1] RelativeDistinguishedName
+}
+
+ReasonFlags ::= BIT STRING {
+ unused(0), keyCompromise(1), cACompromise(2), affiliationChanged(3),
+ superseded(4), cessationOfOperation(5), certificateHold(6),
+ privilegeWithdrawn(7), aACompromise(8)}
+
+issuingDistributionPoint EXTENSION ::= {
+ SYNTAX IssuingDistPointSyntax
+ IDENTIFIED BY id-ce-issuingDistributionPoint
+}
+
+IssuingDistPointSyntax ::= SEQUENCE {
+ distributionPoint [0] DistributionPointName OPTIONAL,
+ onlyContainsUserPublicKeyCerts [1] BOOLEAN DEFAULT FALSE,
+ onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
+ onlySomeReasons [3] ReasonFlags OPTIONAL,
+ indirectCRL [4] BOOLEAN DEFAULT FALSE
+}
+
+certificateIssuer EXTENSION ::= {
+ SYNTAX GeneralNames
+ IDENTIFIED BY id-ce-certificateIssuer
+}
+
+deltaCRLIndicator EXTENSION ::= {
+ SYNTAX BaseCRLNumber
+ IDENTIFIED BY id-ce-deltaCRLIndicator
+}
+
+BaseCRLNumber ::= CRLNumber
+
+baseUpdateTime EXTENSION ::= {
+ SYNTAX GeneralizedTime
+ IDENTIFIED BY id-ce-baseUpdateTime
+}
+
+freshestCRL EXTENSION ::= {
+ SYNTAX CRLDistPointsSyntax
+ IDENTIFIED BY id-ce-freshestCRL
+}
+
+inhibitAnyPolicy EXTENSION ::= {
+ SYNTAX SkipCerts
+ IDENTIFIED BY id-ce-inhibitAnyPolicy
+}
+
+-- PKI matching rules
+certificateExactMatch MATCHING-RULE ::= {
+ SYNTAX CertificateExactAssertion
+ ID id-mr-certificateExactMatch
+}
+
+CertificateExactAssertion ::= SEQUENCE {
+ serialNumber CertificateSerialNumber,
+ issuer Name
+}
+
+certificateMatch MATCHING-RULE ::= {
+ SYNTAX CertificateAssertion
+ ID id-mr-certificateMatch
+}
+
+CertificateAssertion ::= SEQUENCE {
+ serialNumber [0] CertificateSerialNumber OPTIONAL,
+ issuer [1] Name OPTIONAL,
+ subjectKeyIdentifier [2] SubjectKeyIdentifier OPTIONAL,
+ authorityKeyIdentifier [3] AuthorityKeyIdentifier OPTIONAL,
+ certificateValid [4] Time OPTIONAL,
+ privateKeyValid [5] GeneralizedTime OPTIONAL,
+ subjectPublicKeyAlgID [6] OBJECT IDENTIFIER OPTIONAL,
+ keyUsage [7] KeyUsage OPTIONAL,
+ subjectAltName [8] AltNameType OPTIONAL,
+ policy [9] CertPolicySet OPTIONAL,
+ pathToName [10] Name OPTIONAL,
+ subject [11] Name OPTIONAL,
+ nameConstraints [12] NameConstraintsSyntax OPTIONAL
+}
+
+AltNameType ::= CHOICE {
+ builtinNameForm
+ ENUMERATED {rfc822Name(1), dNSName(2), x400Address(3), directoryName(4),
+ ediPartyName(5), uniformResourceIdentifier(6), iPAddress(7),
+ registeredId(8)},
+ otherNameForm OBJECT IDENTIFIER
+}
+
+CertPolicySet ::= SEQUENCE SIZE (1..MAX) OF CertPolicyId
+
+certificatePairExactMatch MATCHING-RULE ::= {
+ SYNTAX CertificatePairExactAssertion
+ ID id-mr-certificatePairExactMatch
+}
+
+CertificatePairExactAssertion ::= SEQUENCE {
+ issuedToThisCAAssertion [0] CertificateExactAssertion OPTIONAL,
+ issuedByThisCAAssertion [1] CertificateExactAssertion OPTIONAL
+}
+(WITH COMPONENTS {
+ ...,
+ issuedToThisCAAssertion PRESENT
+ } | WITH COMPONENTS {
+ ...,
+ issuedByThisCAAssertion PRESENT
+ })
+
+certificatePairMatch MATCHING-RULE ::= {
+ SYNTAX CertificatePairAssertion
+ ID id-mr-certificatePairMatch
+}
+
+CertificatePairAssertion ::= SEQUENCE {
+ issuedToThisCAAssertion [0] CertificateAssertion OPTIONAL,
+ issuedByThisCAAssertion [1] CertificateAssertion OPTIONAL
+}
+(WITH COMPONENTS {
+ ...,
+ issuedToThisCAAssertion PRESENT
+ } | WITH COMPONENTS {
+ ...,
+ issuedByThisCAAssertion PRESENT
+ })
+
+certificateListExactMatch MATCHING-RULE ::= {
+ SYNTAX CertificateListExactAssertion
+ ID id-mr-certificateListExactMatch
+}
+
+CertificateListExactAssertion ::= SEQUENCE {
+ issuer Name,
+ thisUpdate Time,
+ distributionPoint DistributionPointName OPTIONAL
+}
+
+certificateListMatch MATCHING-RULE ::= {
+ SYNTAX CertificateListAssertion
+ ID id-mr-certificateListMatch
+}
+
+CertificateListAssertion ::= SEQUENCE {
+ issuer Name OPTIONAL,
+ minCRLNumber [0] CRLNumber OPTIONAL,
+ maxCRLNumber [1] CRLNumber OPTIONAL,
+ reasonFlags ReasonFlags OPTIONAL,
+ dateAndTime Time OPTIONAL,
+ distributionPoint [2] DistributionPointName OPTIONAL,
+ authorityKeyIdentifier [3] AuthorityKeyIdentifier OPTIONAL
+}
+
+algorithmIdentifierMatch MATCHING-RULE ::= {
+ SYNTAX AlgorithmIdentifier
+ ID id-mr-algorithmIdentifierMatch
+}
+
+policyMatch MATCHING-RULE ::= {SYNTAX PolicyID
+ ID id-mr-policyMatch
+}
+
+pkiPathMatch MATCHING-RULE ::= {
+ SYNTAX PkiPathMatchSyntax
+ ID id-mr-pkiPathMatch
+}
+
+PkiPathMatchSyntax ::= SEQUENCE {firstIssuer Name,
+ lastSubject Name
+}
+
+-- Object identifier assignments
+id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::=
+ {id-ce 9}
+
+id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 14}
+
+id-ce-keyUsage OBJECT IDENTIFIER ::= {id-ce 15}
+
+id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= {id-ce 16}
+
+id-ce-subjectAltName OBJECT IDENTIFIER ::= {id-ce 17}
+
+id-ce-issuerAltName OBJECT IDENTIFIER ::= {id-ce 18}
+
+id-ce-basicConstraints OBJECT IDENTIFIER ::= {id-ce 19}
+
+id-ce-cRLNumber OBJECT IDENTIFIER ::= {id-ce 20}
+
+id-ce-reasonCode OBJECT IDENTIFIER ::= {id-ce 21}
+
+id-ce-instructionCode OBJECT IDENTIFIER ::= {id-ce 23}
+
+id-ce-invalidityDate OBJECT IDENTIFIER ::= {id-ce 24}
+
+id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= {id-ce 27}
+
+id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= {id-ce 28}
+
+id-ce-certificateIssuer OBJECT IDENTIFIER ::= {id-ce 29}
+
+id-ce-nameConstraints OBJECT IDENTIFIER ::= {id-ce 30}
+
+id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31}
+
+id-ce-certificatePolicies OBJECT IDENTIFIER ::= {id-ce 32}
+
+id-ce-policyMappings OBJECT IDENTIFIER ::= {id-ce 33}
+
+-- deprecated OBJECT IDENTIFIER ::= {id-ce 34}
+id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::=
+ {id-ce 35}
+
+id-ce-policyConstraints OBJECT IDENTIFIER ::= {id-ce 36}
+
+id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37}
+
+id-ce-cRLStreamIdentifier OBJECT IDENTIFIER ::= {id-ce 40}
+
+id-ce-cRLScope OBJECT IDENTIFIER ::= {id-ce 44}
+
+id-ce-statusReferrals OBJECT IDENTIFIER ::= {id-ce 45}
+
+id-ce-freshestCRL OBJECT IDENTIFIER ::= {id-ce 46}
+
+id-ce-orderedList OBJECT IDENTIFIER ::= {id-ce 47}
+
+id-ce-baseUpdateTime OBJECT IDENTIFIER ::= {id-ce 51}
+
+id-ce-deltaInfo OBJECT IDENTIFIER ::= {id-ce 53}
+
+id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= {id-ce 54}
+
+id-ce-AAissuingDistributionPoint OBJECT IDENTIFIER ::= {id-ce 55}
+
+-- matching rule OIDs
+id-mr-certificateExactMatch OBJECT IDENTIFIER ::=
+ {id-mr 34}
+
+id-mr-certificateMatch OBJECT IDENTIFIER ::= {id-mr 35}
+
+id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= {id-mr 36}
+
+id-mr-certificatePairMatch OBJECT IDENTIFIER ::= {id-mr 37}
+
+id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= {id-mr 38}
+
+id-mr-certificateListMatch OBJECT IDENTIFIER ::= {id-mr 39}
+
+id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 40}
+
+id-mr-policyMatch OBJECT IDENTIFIER ::= {id-mr 60}
+
+id-mr-pkiPathMatch OBJECT IDENTIFIER ::= {id-mr 62}
+
+-- The following OBJECT IDENTIFIERS are not used by this Specification:
+-- {id-ce 2}, {id-ce 3}, {id-ce 4}, {id-ce 5}, {id-ce 6}, {id-ce 7},
+-- {id-ce 8}, {id-ce 10}, {id-ce 11}, {id-ce 12}, {id-ce 13},
+-- {id-ce 22}, {id-ce 25}, {id-ce 26}
+
+END
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/DSAOperationalAttributeTypes.asn1 b/asn1/DSAOperationalAttributeTypes.asn1
new file mode 100644
index 0000000..e8146cd
--- /dev/null
+++ b/asn1/DSAOperationalAttributeTypes.asn1
@@ -0,0 +1,193 @@
+-- Module DSAOperationalAttributeTypes (X.501:02/2001)
+DSAOperationalAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ dsaOperationalAttributeTypes(22) 4} DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ distributedOperations, id-doa, id-kmr, informationFramework,
+ opBindingManagement, selectedAttributeTypes, upperBounds
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ ATTRIBUTE, MATCHING-RULE, Name
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 4}
+ OperationalBindingID
+ FROM OperationalBindingManagement {joint-iso-itu-t ds(5) module(1)
+ opBindingManagement(18) 4}
+ -- from ITU-T Rec. X.518 | ISO/IEC 9594-4
+ AccessPoint, MasterAndShadowAccessPoints
+ FROM DistributedOperations {joint-iso-itu-t ds(5) module(1)
+ distributedOperations(3) 4}
+ -- from ITU-T Rec. X.520 | ISO/IEC 9594-6
+ bitStringMatch
+ FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ selectedAttributeTypes(5) 4};
+
+-- data types
+DSEType ::= BIT STRING {
+ root(0), -- root DSE
+ glue(1), -- represents knowledge of a name only
+ cp(2), -- context prefix
+ entry(3), -- object entry
+ alias(4), -- alias entry
+ subr(5), -- subordinate reference
+ nssr(6), -- non-specific subordinate reference
+ supr(7), -- superior reference
+ xr(8), -- cross reference
+ admPoint(9), -- administrative point
+ subentry(10), -- subentry
+ shadow(11), -- shadow copy
+ immSupr(13), -- immediate superior reference
+ rhob(14), -- rhob information
+ sa(15), -- subordinate reference to alias entry
+ dsSubentry(16), -- DSA Specific subentry
+ familyMember(17)} -- family member
+
+SupplierOrConsumer ::= SET {
+ COMPONENTS OF AccessPoint, -- supplier or consumer
+ agreementID [3] OperationalBindingID
+}
+
+SupplierInformation ::= SET {
+ COMPONENTS OF SupplierOrConsumer, -- supplier
+ supplier-is-master [4] BOOLEAN DEFAULT TRUE,
+ non-supplying-master [5] AccessPoint OPTIONAL
+}
+
+ConsumerInformation ::= SupplierOrConsumer -- consumer
+
+SupplierAndConsumers ::= SET {
+ COMPONENTS OF AccessPoint, -- supplier
+ consumers [3] SET OF AccessPoint
+}
+
+-- attribute types
+dseType ATTRIBUTE ::= {
+ WITH SYNTAX DSEType
+ EQUALITY MATCHING RULE bitStringMatch
+ SINGLE VALUE TRUE
+ NO USER MODIFICATION TRUE
+ USAGE dSAOperation
+ ID id-doa-dseType
+}
+
+myAccessPoint ATTRIBUTE ::= {
+ WITH SYNTAX AccessPoint
+ EQUALITY MATCHING RULE accessPointMatch
+ SINGLE VALUE TRUE
+ NO USER MODIFICATION TRUE
+ USAGE dSAOperation
+ ID id-doa-myAccessPoint
+}
+
+superiorKnowledge ATTRIBUTE ::= {
+ WITH SYNTAX AccessPoint
+ EQUALITY MATCHING RULE accessPointMatch
+ NO USER MODIFICATION TRUE
+ USAGE dSAOperation
+ ID id-doa-superiorKnowledge
+}
+
+specificKnowledge ATTRIBUTE ::= {
+ WITH SYNTAX MasterAndShadowAccessPoints
+ EQUALITY MATCHING RULE masterAndShadowAccessPointsMatch
+ SINGLE VALUE TRUE
+ NO USER MODIFICATION TRUE
+ USAGE distributedOperation
+ ID id-doa-specificKnowledge
+}
+
+nonSpecificKnowledge ATTRIBUTE ::= {
+ WITH SYNTAX MasterAndShadowAccessPoints
+ EQUALITY MATCHING RULE masterAndShadowAccessPointsMatch
+ NO USER MODIFICATION TRUE
+ USAGE distributedOperation
+ ID id-doa-nonSpecificKnowledge
+}
+
+supplierKnowledge ATTRIBUTE ::= {
+ WITH SYNTAX SupplierInformation
+ EQUALITY MATCHING RULE supplierOrConsumerInformationMatch
+ NO USER MODIFICATION TRUE
+ USAGE dSAOperation
+ ID id-doa-supplierKnowledge
+}
+
+consumerKnowledge ATTRIBUTE ::= {
+ WITH SYNTAX ConsumerInformation
+ EQUALITY MATCHING RULE supplierOrConsumerInformationMatch
+ NO USER MODIFICATION TRUE
+ USAGE dSAOperation
+ ID id-doa-consumerKnowledge
+}
+
+secondaryShadows ATTRIBUTE ::= {
+ WITH SYNTAX SupplierAndConsumers
+ EQUALITY MATCHING RULE supplierAndConsumersMatch
+ NO USER MODIFICATION TRUE
+ USAGE dSAOperation
+ ID id-doa-secondaryShadows
+}
+
+-- matching rules
+accessPointMatch MATCHING-RULE ::= {
+ SYNTAX Name
+ ID id-kmr-accessPointMatch
+}
+
+masterAndShadowAccessPointsMatch MATCHING-RULE ::= {
+ SYNTAX SET OF Name
+ ID id-kmr-masterShadowMatch
+}
+
+supplierOrConsumerInformationMatch MATCHING-RULE ::= {
+ SYNTAX
+ SET {ae-title [0] Name,
+ agreement-identifier [2] INTEGER}
+ ID id-kmr-supplierConsumerMatch
+}
+
+supplierAndConsumersMatch MATCHING-RULE ::= {
+ SYNTAX Name
+ ID id-kmr-supplierConsumersMatch
+}
+
+-- object identifier assignments
+-- dsa operational attributes
+id-doa-dseType OBJECT IDENTIFIER ::=
+ {id-doa 0}
+
+id-doa-myAccessPoint OBJECT IDENTIFIER ::= {id-doa 1}
+
+id-doa-superiorKnowledge OBJECT IDENTIFIER ::= {id-doa 2}
+
+id-doa-specificKnowledge OBJECT IDENTIFIER ::= {id-doa 3}
+
+id-doa-nonSpecificKnowledge OBJECT IDENTIFIER ::= {id-doa 4}
+
+id-doa-supplierKnowledge OBJECT IDENTIFIER ::= {id-doa 5}
+
+id-doa-consumerKnowledge OBJECT IDENTIFIER ::= {id-doa 6}
+
+id-doa-secondaryShadows OBJECT IDENTIFIER ::= {id-doa 7}
+
+-- knowledge matching rules
+id-kmr-accessPointMatch OBJECT IDENTIFIER ::=
+ {id-kmr 0}
+
+id-kmr-masterShadowMatch OBJECT IDENTIFIER ::= {id-kmr 1}
+
+id-kmr-supplierConsumerMatch OBJECT IDENTIFIER ::= {id-kmr 2}
+
+id-kmr-supplierConsumersMatch OBJECT IDENTIFIER ::= {id-kmr 3}
+
+END -- DSAOperationalAttributeTypes
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/DirectoryAbstractService.asn1 b/asn1/DirectoryAbstractService.asn1
index ca1d934..b098ae0 100644
--- a/asn1/DirectoryAbstractService.asn1
+++ b/asn1/DirectoryAbstractService.asn1
@@ -1,718 +1,761 @@
--- Module DirectoryAbstractService (X.511 TC2:08/1997)
--- See also ITU-T X.511 (1997) Technical Cor. 2 (02/2001)
--- See also the index of all ASN.1 assignments needed in this document
-
-DirectoryAbstractService {joint-iso-itu-t ds(5) module(1)
- directoryAbstractService(2) 3} DEFINITIONS ::=
-BEGIN
-
--- EXPORTS All
--- The types and values defined in this module are exported for use in the other ASN.1 modules contained
--- within the Directory Specifications, and for the use of other applications which will use them to access
--- Directory services. Other applications may use them for their own purposes, but this will not constrain
--- extensions and modifications needed to maintain or improve the Directory service.
-IMPORTS
- informationFramework, distributedOperations, authenticationFramework,
- dap, directoryShadowAbstractService, basicAccessControl, enhancedSecurity,
- id-at
- FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
- usefulDefinitions(0) 3}
- AttributeTypeAndValue
- FROM BasicAccessControl {joint-iso-itu-t ds(5) module(1)
- basicAccessControl(24) 3}
- AgreementID
- FROM DirectoryShadowAbstractService {joint-iso-itu-t ds(5) module(1)
- directoryShadowAbstractService(15) 4}
- Attribute, AttributeType, AttributeValue, AttributeValueAssertion,
- DistinguishedName, Name, RelativeDistinguishedName, SupportedAttributes,
- ATTRIBUTE, MATCHING-RULE, ContextAssertion, AttributeTypeAssertion,
- OBJECT-CLASS, RelaxationPolicy
- FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
- informationFramework(1) 3}
- OperationProgress, ReferenceType, Exclusions, AccessPoint,
- ContinuationReference
- FROM DistributedOperations {joint-iso-itu-t ds(5) module(1)
- distributedOperations(3) 3}
- CertificationPath, SIGNED{}, SIGNATURE{}, ENCRYPTED{}, AlgorithmIdentifier,
- AttributeCertificationPath
- FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
- authenticationFramework(7) 3}
- OPTIONALLY-PROTECTED{}, OPTIONALLY-PROTECTED-SEQ{}
- FROM EnhancedSecurity {joint-iso-itu-t ds(5) modules(1)
- enhancedSecurity(28) 1}
- id-opcode-read, id-opcode-compare, id-opcode-abandon, id-opcode-list,
- id-opcode-search, id-opcode-addEntry, id-opcode-removeEntry,
- id-opcode-modifyEntry, id-opcode-modifyDN, id-errcode-abandoned,
- id-errcode-abandonFailed, id-errcode-attributeError, id-errcode-nameError,
- id-errcode-referral, id-errcode-securityError, id-errcode-serviceError,
- id-errcode-updateError
- FROM DirectoryAccessProtocol {joint-iso-itu-t ds(5) module(1) dap(11) 3}
- OPERATION, ERROR, Code
- FROM Remote-Operations-Information-Objects {joint-iso-itu-t
- remote-operations(4) informationObjects(5) version1(0)}
- emptyUnbind
- FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t
- remote-operations(4) useful-definitions(7) version1(0)}
- InvokeId
- FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t
- remote-operations(4) generic-ROS-PDUs(6) version1(0)}
- --PROTECTED
- -- FROM Notation { joint-iso-itu-t genericULS (20) modules (1) notation (1) }
- SPKM-REQ, SPKM-REP-TI, SPKM-ERROR
- FROM SpkmGssTokens {iso(1) identified-organization(3) dod(6) internet(1)
- security(5) mechanisms(5) spkm(1) spkmGssTokens(10)};
-
--- Common data types
--- Parameterized type for representing optional signing
-OPTIONALLY-SIGNED{Type} ::= CHOICE {unsigned Type,
- signed SIGNED{Type}
-}
-
-CommonArguments ::= SET {
- serviceControls [30] ServiceControls DEFAULT {},
- securityParameters [29] SecurityParameters OPTIONAL,
- requestor [28] DistinguishedName OPTIONAL,
- operationProgress
- [27] OperationProgress DEFAULT {nameResolutionPhase notStarted},
- aliasedRDNs [26] INTEGER OPTIONAL,
- criticalExtensions [25] BIT STRING OPTIONAL,
- referenceType [24] ReferenceType OPTIONAL,
- entryOnly [23] BOOLEAN DEFAULT TRUE,
- nameResolveOnMaste [21] BOOLEAN DEFAULT FALSE,
- operationContexts [20] ContextSelection OPTIONAL,
- familyGrouping [19] FamilyGrouping DEFAULT entryOnly
-}
-
-FamilyGrouping ::= ENUMERATED {
- entryOnly(1), compoundEntry(2), strands(3), multiStrand(4)}
-
-CommonResults ::= SET {
- securityParameters [30] SecurityParameters OPTIONAL,
- performer [29] DistinguishedName OPTIONAL,
- aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
- notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
-}
-
-CommonResultsSeq ::= SEQUENCE {
- securityParameters [30] SecurityParameters OPTIONAL,
- performer [29] DistinguishedName OPTIONAL,
- aliasDereferenced [28] BOOLEAN DEFAULT FALSE
-}
-
-ServiceControls ::= SET {
- options [0] ServiceControlOptions DEFAULT {},
- priority [1] INTEGER {low(0), medium(1), high(2)} DEFAULT medium,
- timeLimit [2] INTEGER OPTIONAL,
- sizeLimit [3] INTEGER OPTIONAL,
- scopeOfReferral [4] INTEGER {dmd(0), country(1)} OPTIONAL,
- attributeSizeLimit [5] INTEGER OPTIONAL,
- manageDSAITPlaneRef
- [6] SEQUENCE {dsaName Name,
- agreementID AgreementID} OPTIONAL,
- serviceType [7] OBJECT IDENTIFIER OPTIONAL,
- userClass [8] INTEGER OPTIONAL
-}
-
-ServiceControlOptions ::= BIT STRING {
- preferChaining(0), chainingProhibited(1), localScope(2), dontUseCopy(3),
- dontDereferenceAliases(4), subentries(5), copyShallDo(6),
- partialNameResolution(7), manageDSAIT(8), noSubtypeMatch(9),
- noSubtypeSelection(10), countFamily(11)}
-
-EntryInformationSelection ::= SET {
- attributes
- CHOICE {allUserAttributes [0] NULL,
- select [1] SET OF AttributeType
- -- empty set implies no attributes are requested
- } DEFAULT allUserAttributes:NULL,
- infoTypes
- [2] INTEGER {attributeTypesOnly(0), attributeTypesAndValues(1)}
- DEFAULT attributeTypesAndValues,
- extraAttributes
- CHOICE {allOperationalAttributes [3] NULL,
- select [4] SET OF AttributeType} OPTIONAL,
- contextSelection ContextSelection OPTIONAL,
- returnContexts BOOLEAN DEFAULT FALSE,
- familyReturn FamilyReturn DEFAULT {memberSelect contributingEntriesOnly}
-}
-
-ContextSelection ::= CHOICE {
- allContexts NULL,
- selectedContexts SET OF TypeAndContextAssertion
-}
-
-TypeAndContextAssertion ::= SEQUENCE {
- type AttributeType,
- contextAssertions
- CHOICE {preference SEQUENCE OF ContextAssertion,
- all SET OF ContextAssertion}
-}
-
-FamilyReturn ::= SEQUENCE {
- memberSelect
- ENUMERATED {contributingEntriesOnly(1), participatingEntriesOnly(2),
- compoundEntry(3)},
- familySelect SEQUENCE SIZE (1..MAX) OF OBJECT-CLASS.&id OPTIONAL
-}
-
-family-information ATTRIBUTE ::= {
- WITH SYNTAX FamilyEntries
- USAGE directoryOperation
- ID id-at-family-information
-}
-
-FamilyEntries ::= SEQUENCE {
- family-class OBJECT-CLASS.&id, -- structural object class value
- familyEntries SEQUENCE OF FamilyEntry
-}
-
-FamilyEntry ::= SEQUENCE {
- rdn RelativeDistinguishedName,
- information
- SEQUENCE OF CHOICE {attributeType AttributeType,
- attribute Attribute},
- family-info SEQUENCE SIZE (1..MAX) OF FamilyEntries OPTIONAL
-}
-
-EntryInformation ::= SEQUENCE {
- name Name,
- fromEntry BOOLEAN DEFAULT TRUE,
- information
- SET SIZE (1..MAX) OF
- CHOICE {attributeType AttributeType,
- attribute Attribute} OPTIONAL,
- incompleteEntry [3] BOOLEAN DEFAULT FALSE, -- not in 1988-edition systems
- partialNameResolution
- [4] BOOLEAN DEFAULT FALSE -- not in 1988 or 1993 edition systems --
-}
-
-Filter ::= CHOICE {
- item [0] FilterItem,
- and [1] SET OF Filter,
- or [2] SET OF Filter,
- not [3] Filter
-}
-
-FilterItem ::= CHOICE {
- equality [0] AttributeValueAssertion,
- substrings
- [1] SEQUENCE {type ATTRIBUTE.&id({SupportedAttributes}),
- strings
- SEQUENCE OF
- CHOICE {initial
- [0] ATTRIBUTE.&Type
- ({SupportedAttributes}
- {@substrings.type}),
- any
- [1] ATTRIBUTE.&Type
- ({SupportedAttributes}
- {@substrings.type}),
- final
- [2] ATTRIBUTE.&Type
- ({SupportedAttributes}
- {@substrings.type}),
- control Attribute -- Used to specify interpretation of following items
- }},
- greaterOrEqual [2] AttributeValueAssertion,
- lessOrEqual [3] AttributeValueAssertion,
- present [4] AttributeType,
- approximateMatch [5] AttributeValueAssertion,
- extensibleMatch [6] MatchingRuleAssertion,
- contextPresent [7] AttributeTypeAssertion
-}
-
-MatchingRuleAssertion ::= SEQUENCE {
- matchingRule [1] SET SIZE (1..MAX) OF MATCHING-RULE.&id,
- type [2] AttributeType OPTIONAL,
- matchValue
- [3] MATCHING-RULE.&AssertionType
- (CONSTRAINED BY {
- -- matchValue must be a value of type specified by the &AssertionType field of
- -- one of the MATCHING-RULE information objects identified by matchingRule -- }),
- dnAttributes [4] BOOLEAN DEFAULT FALSE
-}
-
-PagedResultsRequest ::= CHOICE {
- newRequest
- SEQUENCE {pageSize INTEGER,
- sortKeys SEQUENCE SIZE (1..MAX) OF SortKey OPTIONAL,
- reverse [1] BOOLEAN DEFAULT FALSE,
- unmerged [2] BOOLEAN DEFAULT FALSE},
- queryReference OCTET STRING
-}
-
-SortKey ::= SEQUENCE {
- type AttributeType,
- orderingRule MATCHING-RULE.&id OPTIONAL
-}
-
-SecurityParameters ::= SET {
- certification-path [0] CertificationPath OPTIONAL,
- name [1] DistinguishedName OPTIONAL,
- time [2] Time OPTIONAL,
- random [3] BIT STRING OPTIONAL,
- target [4] ProtectionRequest OPTIONAL,
- response [5] BIT STRING OPTIONAL,
- operationCode [6] Code OPTIONAL,
- attributeCertificationPath [7] AttributeCertificationPath OPTIONAL,
- errorProtection [8] ErrorProtectionRequest OPTIONAL,
- errorCode [9] Code OPTIONAL
-}
-
-ProtectionRequest ::= INTEGER {
- none(0), signed(1), encrypted(2), signed-encrypted(3)}
-
-Time ::= CHOICE {utcTime UTCTime,
- generalizedTime GeneralizedTime
-}
-
-ErrorProtectionRequest ::= INTEGER {
- none(0), signed(1), encrypted(2), signed-encrypted(3)}
-
--- Bind and unbind operations
-directoryBind OPERATION ::= {
- ARGUMENT DirectoryBindArgument
- RESULT DirectoryBindResult
- ERRORS {directoryBindError}
-}
-
-DirectoryBindArgument ::= SET {
- credentials [0] Credentials OPTIONAL,
- versions [1] Versions DEFAULT {v1}
-}
-
-Credentials ::= CHOICE {
- simple [0] SimpleCredentials,
- strong [1] StrongCredentials,
- externalProcedure [2] EXTERNAL,
- spkm [3] SpkmCredentials
-}
-
-SimpleCredentials ::= SEQUENCE {
- name [0] DistinguishedName,
- validity
- [1] SET {time1 [0] CHOICE {utc UTCTime,
- gt GeneralizedTime} OPTIONAL,
- time2 [1] CHOICE {utc UTCTime,
- gt GeneralizedTime} OPTIONAL,
- random1 [2] BIT STRING OPTIONAL,
- random2 [3] BIT STRING OPTIONAL},
- password
- [2] CHOICE {unprotected OCTET STRING,
- protected SIGNATURE{OCTET STRING}} OPTIONAL
-}
-
-StrongCredentials ::= SET {
- certification-path [0] CertificationPath OPTIONAL,
- bind-token [1] Token,
- name [2] DistinguishedName OPTIONAL,
- attributeCertificationPath [3] AttributeCertificationPath OPTIONAL
-}
-
-SpkmCredentials ::= CHOICE {req [0] SPKM-REQ,
- rep [1] SPKM-REP-TI
-}
-
-Token ::=
- SIGNED
- {SEQUENCE {algorithm [0] AlgorithmIdentifier,
- name [1] DistinguishedName,
- time [2] Time,
- random [3] BIT STRING,
- response [4] BIT STRING OPTIONAL,
- bindIntAlgorithm
- [5] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL,
- bindIntKeyInfo [6] BindKeyInfo OPTIONAL,
- bindConfAlgorithm
- [7] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL,
- bindConfKeyInfo [8] BindKeyInfo OPTIONAL}}
-
-Versions ::= BIT STRING {v1(0), v2(1)}
-
-DirectoryBindResult ::= DirectoryBindArgument
-
-directoryBindError ERROR ::= {
- PARAMETER OPTIONALLY-PROTECTED
- {SET {versions [0] Versions DEFAULT {v1},
- error
- CHOICE {serviceError [1] ServiceProblem,
- securityError [2] SecurityProblem}}}
-}
-
-BindKeyInfo ::= ENCRYPTED{BIT STRING}
-
-directoryUnbind OPERATION ::= emptyUnbind
-
--- Operations, arguments, and results
-read OPERATION ::= {
- ARGUMENT ReadArgument
- RESULT ReadResult
- ERRORS
- {attributeError | nameError | serviceError | referral | abandoned |
- securityError}
- CODE id-opcode-read
-}
-
-ReadArgument ::=
- OPTIONALLY-PROTECTED
- {SET {object [0] Name,
- selection [1] EntryInformationSelection DEFAULT {},
- modifyRightsRequest [2] BOOLEAN DEFAULT FALSE,
- COMPONENTS OF CommonArguments}}
-
-ReadResult ::=
- OPTIONALLY-PROTECTED
- {SET {entry [0] EntryInformation,
- modifyRights [1] ModifyRights OPTIONAL,
- COMPONENTS OF CommonResults}}
-
-ModifyRights ::=
- SET OF
- SEQUENCE {item
- CHOICE {entry [0] NULL,
- attribute [1] AttributeType,
- value [2] AttributeValueAssertion},
- permission
- [3] BIT STRING {add(0), remove(1), rename(2), move(3)}
- }
-
-compare OPERATION ::= {
- ARGUMENT CompareArgument
- RESULT CompareResult
- ERRORS
- {attributeError | nameError | serviceError | referral | abandoned |
- securityError}
- CODE id-opcode-compare
-}
-
-CompareArgument ::=
- OPTIONALLY-PROTECTED
- {SET {object [0] Name,
- purported [1] AttributeValueAssertion,
- COMPONENTS OF CommonArguments}}
-
-CompareResult ::=
- OPTIONALLY-PROTECTED
- {SET {name Name OPTIONAL,
- matched [0] BOOLEAN,
- fromEntry [1] BOOLEAN DEFAULT TRUE,
- matchedSubtype [2] AttributeType OPTIONAL,
- COMPONENTS OF CommonResults}}
-
-abandon OPERATION ::= {
- ARGUMENT AbandonArgument
- RESULT AbandonResult
- ERRORS {abandonFailed}
- CODE id-opcode-abandon
-}
-
-AbandonArgument ::=
- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {invokeID [0] InvokeId}}
-
-AbandonResult ::= CHOICE {
- null NULL,
- information
- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {invokeID InvokeId,
- COMPONENTS OF CommonResultsSeq
- }}
-}
-
-list OPERATION ::= {
- ARGUMENT ListArgument
- RESULT ListResult
- ERRORS {nameError | serviceError | referral | abandoned | securityError}
- CODE id-opcode-list
-}
-
-ListArgument ::=
- OPTIONALLY-PROTECTED
- {SET {object [0] Name,
- pagedResults [1] PagedResultsRequest OPTIONAL,
- listFamily [2] BOOLEAN DEFAULT FALSE,
- COMPONENTS OF CommonArguments}}
-
-ListResult ::=
- OPTIONALLY-PROTECTED
- {CHOICE {listInfo
- SET {name Name OPTIONAL,
- subordinates
- [1] SET OF
- SEQUENCE {rdn RelativeDistinguishedName,
- aliasEntry [0] BOOLEAN DEFAULT FALSE,
- fromEntry [1] BOOLEAN DEFAULT TRUE
- },
- partialOutcomeQualifier
- [2] PartialOutcomeQualifier OPTIONAL,
- COMPONENTS OF CommonResults},
- uncorrelatedListInfo [0] SET OF ListResult}}
-
-PartialOutcomeQualifier ::= SET {
- limitProblem [0] LimitProblem OPTIONAL,
- unexplored
- [1] SET SIZE (1..MAX) OF ContinuationReference OPTIONAL,
- unavailableCriticalExtensions [2] BOOLEAN DEFAULT FALSE,
- unknownErrors
- [3] SET SIZE (1..MAX) OF ABSTRACT-SYNTAX.&Type OPTIONAL,
- queryReference [4] OCTET STRING OPTIONAL,
- overspecFilter [5] Filter OPTIONAL,
- notification
- [6] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL,
- entryCount
- CHOICE {bestEstimate [7] INTEGER,
- lowEstimate [8] INTEGER} OPTIONAL
-}
-
-LimitProblem ::= INTEGER {
- timeLimitExceeded(0), sizeLimitExceeded(1), administrativeLimitExceeded(2)
-}
-
-search OPERATION ::= {
- ARGUMENT SearchArgument
- RESULT SearchResult
- ERRORS
- {attributeError | nameError | serviceError | referral | abandoned |
- securityError}
- CODE id-opcode-search
-}
-
-SearchArgument ::=
- OPTIONALLY-PROTECTED
- {SET {baseObject [0] Name,
- subset
- [1] INTEGER {baseObject(0), oneLevel(1), wholeSubtree(2)}
- DEFAULT baseObject,
- filter [2] Filter DEFAULT and:{},
- searchAliases [3] BOOLEAN DEFAULT TRUE,
- selection [4] EntryInformationSelection DEFAULT {},
- pagedResults [5] PagedResultsRequest OPTIONAL,
- matchedValuesOnly [6] BOOLEAN DEFAULT FALSE,
- extendedFilter [7] Filter OPTIONAL,
- checkOverspecified [8] BOOLEAN DEFAULT FALSE,
- relaxation [9] RelaxationPolicy OPTIONAL,
- extendedArea [10] INTEGER OPTIONAL,
- hierarchySelections [11] HierarchySelections DEFAULT {self},
- searchControlOptions
- [12] SearchControlOptions DEFAULT {searchAliases},
- COMPONENTS OF CommonArguments}}
-
-HierarchySelections ::= BIT STRING {
- self(0), children(1), parent(2), hierarchy(3), top(4), subtree(5),
- siblings(6), siblingChildren(7), siblingSubtree(8), all(9)}
-
-SearchControlOptions ::= BIT STRING {
- searchAliases(0), matchedValuesOnly(1), checkOverspecified(2),
- performExactly(3), includeAllAreas(4), noSystemRelaxation(5), dnAttribute(6),
- matchOnResidualName(7), entryCount(8), useSubset(9),
- separateFamilyMembers(10), searchFamily(11)}
-
-SearchResult ::=
- OPTIONALLY-PROTECTED
- {CHOICE {searchInfo
- SET {name Name OPTIONAL,
- entries [0] SET OF EntryInformation,
- partialOutcomeQualifier
- [2] PartialOutcomeQualifier OPTIONAL,
- altMatching [3] BOOLEAN DEFAULT FALSE,
- COMPONENTS OF CommonResults},
- uncorrelatedSearchInfo [0] SET OF SearchResult}}
-
-addEntry OPERATION ::= {
- ARGUMENT AddEntryArgument
- RESULT AddEntryResult
- ERRORS
- {attributeError | nameError | serviceError | referral | securityError |
- updateError}
- CODE id-opcode-addEntry
-}
-
-AddEntryArgument ::=
- OPTIONALLY-PROTECTED
- {SET {object [0] Name,
- entry [1] SET OF Attribute,
- targetSystem [2] AccessPoint OPTIONAL,
- COMPONENTS OF CommonArguments}}
-
-AddEntryResult ::= CHOICE {
- null NULL,
- information
- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}}
-}
-
-removeEntry OPERATION ::= {
- ARGUMENT RemoveEntryArgument
- RESULT RemoveEntryResult
- ERRORS {nameError | serviceError | referral | securityError | updateError}
- CODE id-opcode-removeEntry
-}
-
-RemoveEntryArgument ::=
- OPTIONALLY-PROTECTED{SET {object [0] Name,
- COMPONENTS OF CommonArguments}}
-
-RemoveEntryResult ::= CHOICE {
- null NULL,
- information
- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}}
-}
-
-modifyEntry OPERATION ::= {
- ARGUMENT ModifyEntryArgument
- RESULT ModifyEntryResult
- ERRORS
- {attributeError | nameError | serviceError | referral | securityError |
- updateError}
- CODE id-opcode-modifyEntry
-}
-
-ModifyEntryArgument ::=
- OPTIONALLY-PROTECTED
- {SET {object [0] Name,
- changes [1] SEQUENCE OF EntryModification,
- selection [2] EntryInformationSelection OPTIONAL,
- COMPONENTS OF CommonArguments}}
-
-ModifyEntryResult ::= CHOICE {
- null NULL,
- information
- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {entry [0] EntryInformation OPTIONAL,
- COMPONENTS OF CommonResultsSeq
- }}
-}
-
-EntryModification ::= CHOICE {
- addAttribute [0] Attribute,
- removeAttribute [1] AttributeType,
- addValues [2] Attribute,
- removeValues [3] Attribute,
- alterValues [4] AttributeTypeAndValue,
- resetValue [5] AttributeType
-}
-
-modifyDN OPERATION ::= {
- ARGUMENT ModifyDNArgument
- RESULT ModifyDNResult
- ERRORS {nameError | serviceError | referral | securityError | updateError}
- CODE id-opcode-modifyDN
-}
-
-ModifyDNArgument ::=
- OPTIONALLY-PROTECTED
- {SET {object [0] DistinguishedName,
- newRDN [1] RelativeDistinguishedName,
- deleteOldRDN [2] BOOLEAN DEFAULT FALSE,
- newSuperior [3] DistinguishedName OPTIONAL,
- COMPONENTS OF CommonArguments}}
-
-ModifyDNResult ::= CHOICE {
- null NULL,
- information
- OPTIONALLY-PROTECTED-SEQ{SEQUENCE {newRDN RelativeDistinguishedName,
- COMPONENTS OF CommonResultsSeq
- }}
-}
-
--- Errors and parameters
-abandoned ERROR ::= { -- not literally an "error"
- PARAMETER OPTIONALLY-PROTECTED {SET {COMPONENTS OF CommonResults}}
- CODE id-errcode-abandoned
-}
-
-abandonFailed ERROR ::= {
- PARAMETER OPTIONALLY-PROTECTED
- {SET {problem [0] AbandonProblem,
- operation [1] InvokeId,
- COMPONENTS OF CommonResults}}
- CODE id-errcode-abandonFailed
-}
-
-AbandonProblem ::= INTEGER {noSuchOperation(1), tooLate(2), cannotAbandon(3)}
-
-attributeError ERROR ::= {
- PARAMETER OPTIONALLY-PROTECTED
- {SET {object [0] Name,
- problems
- [1] SET OF
- SEQUENCE {problem [0] AttributeProblem,
- type [1] AttributeType,
- value [2] AttributeValue OPTIONAL},
- COMPONENTS OF CommonResults}}
- CODE id-errcode-attributeError
-}
-
-AttributeProblem ::= INTEGER {
- noSuchAttributeOrValue(1), invalidAttributeSyntax(2),
- undefinedAttributeType(3), inappropriateMatching(4), constraintViolation(5),
- attributeOrValueAlreadyExists(6), contextViolation(7)}
-
-nameError ERROR ::= {
- PARAMETER OPTIONALLY-PROTECTED
- {SET {problem [0] NameProblem,
- matched [1] Name,
- COMPONENTS OF CommonResults}}
- CODE id-errcode-nameError
-}
-
-NameProblem ::= INTEGER {
- noSuchObject(1), aliasProblem(2), invalidAttributeSyntax(3),
- aliasDereferencingProblem(4), contextProblem(5)}
-
-referral ERROR ::= { -- not literally an "error"
- PARAMETER OPTIONALLY-PROTECTED
- {SET {candidate [0] ContinuationReference,
- COMPONENTS OF CommonResults}}
- CODE id-errcode-referral
-}
-
-securityError ERROR ::= {
- PARAMETER OPTIONALLY-PROTECTED
- {SET {problem [0] SecurityProblem,
- spkmInfo [1] SPKM-ERROR,
- COMPONENTS OF CommonResults}}
- CODE id-errcode-securityError
-}
-
-SecurityProblem ::= INTEGER {
- inappropriateAuthentication(1), invalidCredentials(2),
- insufficientAccessRights(3), invalidSignature(4), protectionRequired(5),
- noInformation(6), blockedCredentials(7), invalidQOPMatch(8), spkmError(9)
-}
-
-serviceError ERROR ::= {
- PARAMETER OPTIONALLY-PROTECTED
- {SET {problem [0] ServiceProblem,
- COMPONENTS OF CommonResults}}
- CODE id-errcode-serviceError
-}
-
-ServiceProblem ::= INTEGER {
- busy(1), unavailable(2), unwillingToPerform(3), chainingRequired(4),
- unableToProceed(5), invalidReference(6), timeLimitExceeded(7),
- administrativeLimitExceeded(8), loopDetected(9),
- unavailableCriticalExtension(10), outOfScope(11), ditError(12),
- invalidQueryReference(13), requestedServiceNotAvailable(14),
- relaxationNotSupported(15), unavailableRelaxationLevel(16),
- unsupportedMatchingUse(17), unmatchedKeyAttributes(18),
- ambiguousKeyAttributes(19)}
-
-updateError ERROR ::= {
- PARAMETER OPTIONALLY-PROTECTED
- {SET {problem [0] UpdateProblem,
- attributeInfo
- [1] SET SIZE (1..MAX) OF
- CHOICE {attributeType AttributeType,
- attribute Attribute} OPTIONAL,
- COMPONENTS OF CommonResults}}
- CODE id-errcode-updateError
-}
-
-UpdateProblem ::= INTEGER {
- namingViolation(1), objectClassViolation(2), notAllowedOnNonLeaf(3),
- notAllowedOnRDN(4), entryAlreadyExists(5), affectsMultipleDSAs(6),
- objectClassModificationProhibited(7), notAncestor(8), parentNotAncestor(9),
- hierarchyRuleViolation(10), familyRuleViolation(11)}
-
-id-at-family-information OBJECT IDENTIFIER ::= {id-at 64}
-
-END -- DirectoryAbstractService
-
--- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+-- Module DirectoryAbstractService (X.511:02/2001)
+DirectoryAbstractService {joint-iso-itu-t ds(5) module(1)
+ directoryAbstractService(2) 4} DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ attributeCertificateDefinitions, authenticationFramework, basicAccessControl,
+ dap, directoryShadowAbstractService, distributedOperations,
+ enhancedSecurity, id-at, informationFramework, selectedAttributeTypes,
+ serviceAdministration, upperBounds
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ Attribute, ATTRIBUTE, AttributeType, AttributeTypeAssertion, AttributeValue,
+ AttributeValueAssertion, CONTEXT, ContextAssertion, DistinguishedName,
+ MATCHING-RULE, Name, OBJECT-CLASS, RelativeDistinguishedName,
+ SupportedAttributes, SupportedContexts
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 4}
+ RelaxationPolicy
+ FROM ServiceAdministration {joint-iso-itu-t ds(5) module(1)
+ serviceAdministration(33) 4}
+ AttributeTypeAndValue
+ FROM BasicAccessControl {joint-iso-itu-t ds(5) module(1)
+ basicAccessControl(24) 4}
+ OPTIONALLY-PROTECTED{}, OPTIONALLY-PROTECTED-SEQ{}
+ FROM EnhancedSecurity {joint-iso-itu-t ds(5) module(1) enhancedSecurity(28)
+ 4}
+ -- from ITU-T Rec. X.518 | ISO/IEC 9594-4
+ AccessPoint, ContinuationReference, Exclusions, OperationProgress,
+ ReferenceType
+ FROM DistributedOperations {joint-iso-itu-t ds(5) module(1)
+ distributedOperations(3) 4}
+ -- from ITU-T Rec. X.519 | ISO/IEC 9594-5
+ id-errcode-abandoned, id-errcode-abandonFailed, id-errcode-attributeError,
+ id-errcode-nameError, id-errcode-referral, id-errcode-securityError,
+ id-errcode-serviceError, id-errcode-updateError, id-opcode-abandon,
+ id-opcode-addEntry, id-opcode-compare, id-opcode-list, id-opcode-modifyDN,
+ id-opcode-modifyEntry, id-opcode-read, id-opcode-removeEntry,
+ id-opcode-search
+ FROM DirectoryAccessProtocol {joint-iso-itu-t ds(5) module(1) dap(11) 4}
+ -- from ITU-T Rec. X.520 | ISO/IEC 9594-6
+ DirectoryString{}
+ FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ selectedAttributeTypes(5) 4}
+ ub-domainLocalID
+ FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4}
+ -- from ITU-T Rec. X.509 | ISO/IEC 9594-8
+ AlgorithmIdentifier, CertificationPath, ENCRYPTED{}, SIGNATURE{}, SIGNED{}
+ FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
+ authenticationFramework(7) 4}
+ AttributeCertificationPath
+ FROM AttributeCertificateDefinitions {joint-iso-itu-t ds(5) module(1)
+ attributeCertificateDefinitions(32) 4}
+ -- from ITU-T Rec. X.525 | ISO/IEC 9594-9
+ AgreementID
+ FROM DirectoryShadowAbstractService {joint-iso-itu-t ds(5) module(1)
+ directoryShadowAbstractService(15) 4}
+ -- from ITU-T Rec. X.880 | ISO/IEC 13712-1
+ Code, ERROR, OPERATION
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ emptyUnbind
+ FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t
+ remote-operations(4) useful-definitions(7) version1(0)}
+ InvokeId
+ FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t
+ remote-operations(4) generic-ROS-PDUs(6) version1(0)}
+ -- from RFC 2025
+ SPKM-ERROR, SPKM-REP-TI, SPKM-REQ
+ FROM SpkmGssTokens {iso(1) identified-organization(3) dod(6) internet(1)
+ security(5) mechanisms(5) spkm(1) spkmGssTokens(10)};
+
+-- Common data types
+CommonArguments ::= SET {
+ serviceControls [30] ServiceControls DEFAULT {},
+ securityParameters [29] SecurityParameters OPTIONAL,
+ requestor [28] DistinguishedName OPTIONAL,
+ operationProgress
+ [27] OperationProgress DEFAULT {nameResolutionPhase notStarted},
+ aliasedRDNs [26] INTEGER OPTIONAL,
+ criticalExtensions [25] BIT STRING OPTIONAL,
+ referenceType [24] ReferenceType OPTIONAL,
+ entryOnly [23] BOOLEAN DEFAULT TRUE,
+ exclusions [22] Exclusions OPTIONAL,
+ nameResolveOnMaster [21] BOOLEAN DEFAULT FALSE,
+ operationContexts [20] ContextSelection OPTIONAL,
+ familyGrouping [19] FamilyGrouping DEFAULT entryOnly
+}
+
+FamilyGrouping ::= ENUMERATED {
+ entryOnly(1), compoundEntry(2), strands(3), multiStrand(4)}
+
+CommonResults ::= SET {
+ securityParameters [30] SecurityParameters OPTIONAL,
+ performer [29] DistinguishedName OPTIONAL,
+ aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
+ notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
+}
+
+CommonResultsSeq ::= SEQUENCE {
+ securityParameters [30] SecurityParameters OPTIONAL,
+ performer [29] DistinguishedName OPTIONAL,
+ aliasDereferenced [28] BOOLEAN DEFAULT FALSE,
+ notification [27] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL
+}
+
+ServiceControls ::= SET {
+ options [0] ServiceControlOptions DEFAULT {},
+ priority [1] INTEGER {low(0), medium(1), high(2)} DEFAULT medium,
+ timeLimit [2] INTEGER OPTIONAL,
+ sizeLimit [3] INTEGER OPTIONAL,
+ scopeOfReferral [4] INTEGER {dmd(0), country(1)} OPTIONAL,
+ attributeSizeLimit [5] INTEGER OPTIONAL,
+ manageDSAITPlaneRef
+ [6] SEQUENCE {dsaName Name,
+ agreementID AgreementID} OPTIONAL,
+ serviceType [7] OBJECT IDENTIFIER OPTIONAL,
+ userClass [8] INTEGER OPTIONAL
+}
+
+ServiceControlOptions ::= BIT STRING {
+ preferChaining(0), chainingProhibited(1), localScope(2), dontUseCopy(3),
+ dontDereferenceAliases(4), subentries(5), copyShallDo(6),
+ partialNameResolution(7), manageDSAIT(8), noSubtypeMatch(9),
+ noSubtypeSelection(10), countFamily(11)}
+
+EntryInformationSelection ::= SET {
+ attributes
+ CHOICE {allUserAttributes [0] NULL,
+ select [1] SET OF AttributeType
+ -- empty set implies no attributes are requested
+ } DEFAULT allUserAttributes:NULL,
+ infoTypes
+ [2] INTEGER {attributeTypesOnly(0), attributeTypesAndValues(1)}
+ DEFAULT attributeTypesAndValues,
+ extraAttributes
+ CHOICE {allOperationalAttributes [3] NULL,
+ select [4] SET SIZE (1..MAX) OF AttributeType
+ } OPTIONAL,
+ contextSelection ContextSelection OPTIONAL,
+ returnContexts BOOLEAN DEFAULT FALSE,
+ familyReturn FamilyReturn DEFAULT {memberSelect contributingEntriesOnly}
+}
+
+ContextSelection ::= CHOICE {
+ allContexts NULL,
+ selectedContexts SET SIZE (1..MAX) OF TypeAndContextAssertion
+}
+
+TypeAndContextAssertion ::= SEQUENCE {
+ type AttributeType,
+ contextAssertions
+ CHOICE {preference SEQUENCE OF ContextAssertion,
+ all SET OF ContextAssertion}
+}
+
+FamilyReturn ::= SEQUENCE {
+ memberSelect
+ ENUMERATED {contributingEntriesOnly(1), participatingEntriesOnly(2),
+ compoundEntry(3)},
+ familySelect SEQUENCE SIZE (1..MAX) OF OBJECT-CLASS.&id OPTIONAL
+}
+
+EntryInformation ::= SEQUENCE {
+ name Name,
+ fromEntry BOOLEAN DEFAULT TRUE,
+ information
+ SET SIZE (1..MAX) OF
+ CHOICE {attributeType AttributeType,
+ attribute Attribute} OPTIONAL,
+ incompleteEntry [3] BOOLEAN DEFAULT FALSE, -- not in 1988-edition systems
+ partialName [4] BOOLEAN DEFAULT FALSE, -- not in 1988 or 1993 edition systems
+ derivedEntry
+ [5] BOOLEAN DEFAULT FALSE -- not in pre-2001 edition systems --
+}
+
+family-information ATTRIBUTE ::= {
+ WITH SYNTAX FamilyEntries
+ USAGE directoryOperation
+ ID id-at-family-information
+}
+
+FamilyEntries ::= SEQUENCE {
+ family-class OBJECT-CLASS.&id, -- structural object class value
+ familyEntries SEQUENCE OF FamilyEntry
+}
+
+FamilyEntry ::= SEQUENCE {
+ rdn RelativeDistinguishedName,
+ information
+ SEQUENCE OF CHOICE {attributeType AttributeType,
+ attribute Attribute},
+ family-info SEQUENCE SIZE (1..MAX) OF FamilyEntries OPTIONAL
+}
+
+Filter ::= CHOICE {
+ item [0] FilterItem,
+ and [1] SET OF Filter,
+ or [2] SET OF Filter,
+ not [3] Filter
+}
+
+FilterItem ::= CHOICE {
+ equality [0] AttributeValueAssertion,
+ substrings
+ [1] SEQUENCE {type ATTRIBUTE.&id({SupportedAttributes}),
+ strings
+ SEQUENCE OF
+ CHOICE {initial
+ [0] ATTRIBUTE.&Type
+ ({SupportedAttributes}
+ {@substrings.type}),
+ any
+ [1] ATTRIBUTE.&Type
+ ({SupportedAttributes}
+ {@substrings.type}),
+ final
+ [2] ATTRIBUTE.&Type
+ ({SupportedAttributes}
+ {@substrings.type}),
+ control Attribute}}, -- Used to specify interpretation of following items
+ greaterOrEqual [2] AttributeValueAssertion,
+ lessOrEqual [3] AttributeValueAssertion,
+ present [4] AttributeType,
+ approximateMatch [5] AttributeValueAssertion,
+ extensibleMatch [6] MatchingRuleAssertion,
+ contextPresent [7] AttributeTypeAssertion
+}
+
+MatchingRuleAssertion ::= SEQUENCE {
+ matchingRule [1] SET SIZE (1..MAX) OF MATCHING-RULE.&id,
+ type [2] AttributeType OPTIONAL,
+ matchValue
+ [3] MATCHING-RULE.&AssertionType
+ (CONSTRAINED BY {
+ -- matchValue shall be a value of type specified by the &AssertionType field of
+ -- one of the MATCHING-RULE information objects identified by matchingRule -- }),
+ dnAttributes [4] BOOLEAN DEFAULT FALSE
+}
+
+PagedResultsRequest ::= CHOICE {
+ newRequest
+ SEQUENCE {pageSize INTEGER,
+ sortKeys SEQUENCE SIZE (1..MAX) OF SortKey OPTIONAL,
+ reverse [1] BOOLEAN DEFAULT FALSE,
+ unmerged [2] BOOLEAN DEFAULT FALSE},
+ queryReference OCTET STRING
+}
+
+SortKey ::= SEQUENCE {
+ type AttributeType,
+ orderingRule MATCHING-RULE.&id OPTIONAL
+}
+
+SecurityParameters ::= SET {
+ certification-path [0] CertificationPath OPTIONAL,
+ name [1] DistinguishedName OPTIONAL,
+ time [2] Time OPTIONAL,
+ random [3] BIT STRING OPTIONAL,
+ target [4] ProtectionRequest OPTIONAL,
+ response [5] BIT STRING OPTIONAL,
+ operationCode [6] Code OPTIONAL,
+ attributeCertificationPath [7] AttributeCertificationPath OPTIONAL,
+ errorProtection [8] ErrorProtectionRequest OPTIONAL,
+ errorCode [9] Code OPTIONAL
+}
+
+ProtectionRequest ::= INTEGER {
+ none(0), signed(1), encrypted(2), signed-encrypted(3)}
+
+Time ::= CHOICE {utcTime UTCTime,
+ generalizedTime GeneralizedTime
+}
+
+ErrorProtectionRequest ::= INTEGER {
+ none(0), signed(1), encrypted(2), signed-encrypted(3)}
+
+-- Bind and unbind operations
+directoryBind OPERATION ::= {
+ ARGUMENT DirectoryBindArgument
+ RESULT DirectoryBindResult
+ ERRORS {directoryBindError}
+}
+
+DirectoryBindArgument ::= SET {
+ credentials [0] Credentials OPTIONAL,
+ versions [1] Versions DEFAULT {v1}
+}
+
+Credentials ::= CHOICE {
+ simple [0] SimpleCredentials,
+ strong [1] StrongCredentials,
+ externalProcedure [2] EXTERNAL,
+ spkm [3] SpkmCredentials
+}
+
+SimpleCredentials ::= SEQUENCE {
+ name [0] DistinguishedName,
+ validity
+ [1] SET {time1 [0] CHOICE {utc UTCTime,
+ gt GeneralizedTime} OPTIONAL,
+ time2 [1] CHOICE {utc UTCTime,
+ gt GeneralizedTime} OPTIONAL,
+ random1 [2] BIT STRING OPTIONAL,
+ random2 [3] BIT STRING OPTIONAL} OPTIONAL,
+ password
+ [2] CHOICE {unprotected OCTET STRING,
+ protected SIGNATURE{OCTET STRING}} OPTIONAL
+}
+
+StrongCredentials ::= SET {
+ certification-path [0] CertificationPath OPTIONAL,
+ bind-token [1] Token,
+ name [2] DistinguishedName OPTIONAL,
+ attributeCertificationPath [3] AttributeCertificationPath OPTIONAL
+}
+
+SpkmCredentials ::= CHOICE {req [0] SPKM-REQ,
+ rep [1] SPKM-REP-TI
+}
+
+Token ::=
+ SIGNED
+ {SEQUENCE {algorithm [0] AlgorithmIdentifier,
+ name [1] DistinguishedName,
+ time [2] UTCTime,
+ random [3] BIT STRING,
+ response [4] BIT STRING OPTIONAL,
+ bindIntAlgorithm
+ [5] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL,
+ bindIntKeyInfo [6] BindKeyInfo OPTIONAL,
+ bindConfAlgorithm
+ [7] SEQUENCE SIZE (1..MAX) OF AlgorithmIdentifier OPTIONAL,
+ bindConfKeyInfo
+ [8] BindKeyInfo--,--
+ OPTIONAL -- dirqop [9] OBJECT IDENTIFIER OPTIONAL--
+ }}
+
+Versions ::= BIT STRING {v1(0), v2(1)}
+
+DirectoryBindResult ::= DirectoryBindArgument
+
+directoryBindError ERROR ::= {
+ PARAMETER OPTIONALLY-PROTECTED
+ {SET {versions [0] Versions DEFAULT {v1},
+ error
+ CHOICE {serviceError [1] ServiceProblem,
+ securityError [2] SecurityProblem},
+ securityParameters [30] SecurityParameters OPTIONAL}}
+}
+
+BindKeyInfo ::= ENCRYPTED{BIT STRING}
+
+directoryUnbind OPERATION ::= emptyUnbind
+
+-- Operations, arguments, and results
+read OPERATION ::= {
+ ARGUMENT ReadArgument
+ RESULT ReadResult
+ ERRORS
+ {attributeError | nameError | serviceError | referral | abandoned |
+ securityError}
+ CODE id-opcode-read
+}
+
+ReadArgument ::=
+ OPTIONALLY-PROTECTED
+ {SET {object [0] Name,
+ selection [1] EntryInformationSelection DEFAULT {},
+ modifyRightsRequest [2] BOOLEAN DEFAULT FALSE,
+ COMPONENTS OF CommonArguments}}
+
+ReadResult ::=
+ OPTIONALLY-PROTECTED
+ {SET {entry [0] EntryInformation,
+ modifyRights [1] ModifyRights OPTIONAL,
+ COMPONENTS OF CommonResults}}
+
+ModifyRights ::=
+ SET OF
+ SEQUENCE {item
+ CHOICE {entry [0] NULL,
+ attribute [1] AttributeType,
+ value [2] AttributeValueAssertion},
+ permission
+ [3] BIT STRING {add(0), remove(1), rename(2), move(3)}
+ }
+
+compare OPERATION ::= {
+ ARGUMENT CompareArgument
+ RESULT CompareResult
+ ERRORS
+ {attributeError | nameError | serviceError | referral | abandoned |
+ securityError}
+ CODE id-opcode-compare
+}
+
+CompareArgument ::=
+ OPTIONALLY-PROTECTED
+ {SET {object [0] Name,
+ purported [1] AttributeValueAssertion,
+ COMPONENTS OF CommonArguments}}
+
+CompareResult ::=
+ OPTIONALLY-PROTECTED
+ {SET {name Name OPTIONAL,
+ matched [0] BOOLEAN,
+ fromEntry [1] BOOLEAN DEFAULT TRUE,
+ matchedSubtype [2] AttributeType OPTIONAL,
+ COMPONENTS OF CommonResults}}
+
+abandon OPERATION ::= {
+ ARGUMENT AbandonArgument
+ RESULT AbandonResult
+ ERRORS {abandonFailed}
+ CODE id-opcode-abandon
+}
+
+AbandonArgument ::=
+ OPTIONALLY-PROTECTED-SEQ{SEQUENCE {invokeID [0] InvokeId}}
+
+AbandonResult ::= CHOICE {
+ null NULL,
+ information
+ OPTIONALLY-PROTECTED-SEQ{SEQUENCE {invokeID InvokeId,
+ COMPONENTS OF CommonResultsSeq
+ }}
+}
+
+list OPERATION ::= {
+ ARGUMENT ListArgument
+ RESULT ListResult
+ ERRORS {nameError | serviceError | referral | abandoned | securityError}
+ CODE id-opcode-list
+}
+
+ListArgument ::=
+ OPTIONALLY-PROTECTED
+ {SET {object [0] Name,
+ pagedResults [1] PagedResultsRequest OPTIONAL,
+ listFamily [2] BOOLEAN DEFAULT FALSE,
+ COMPONENTS OF CommonArguments}}
+
+ListResult ::=
+ OPTIONALLY-PROTECTED
+ {CHOICE {listInfo
+ SET {name Name OPTIONAL,
+ subordinates
+ [1] SET OF
+ SEQUENCE {rdn RelativeDistinguishedName,
+ aliasEntry [0] BOOLEAN DEFAULT FALSE,
+ fromEntry [1] BOOLEAN DEFAULT TRUE
+ },
+ partialOutcomeQualifier
+ [2] PartialOutcomeQualifier OPTIONAL,
+ COMPONENTS OF CommonResults},
+ uncorrelatedListInfo [0] SET OF ListResult}}
+
+PartialOutcomeQualifier ::= SET {
+ limitProblem [0] LimitProblem OPTIONAL,
+ unexplored
+ [1] SET SIZE (1..MAX) OF ContinuationReference OPTIONAL,
+ unavailableCriticalExtensions [2] BOOLEAN DEFAULT FALSE,
+ unknownErrors
+ [3] SET SIZE (1..MAX) OF ABSTRACT-SYNTAX.&Type OPTIONAL,
+ queryReference [4] OCTET STRING OPTIONAL,
+ overspecFilter [5] Filter OPTIONAL,
+ notification
+ [6] SEQUENCE SIZE (1..MAX) OF Attribute OPTIONAL,
+ entryCount
+ CHOICE {bestEstimate [7] INTEGER,
+ lowEstimate [8] INTEGER} OPTIONAL
+}
+
+LimitProblem ::= INTEGER {
+ timeLimitExceeded(0), sizeLimitExceeded(1), administrativeLimitExceeded(2)
+}
+
+search OPERATION ::= {
+ ARGUMENT SearchArgument
+ RESULT SearchResult
+ ERRORS
+ {attributeError | nameError | serviceError | referral | abandoned |
+ securityError}
+ CODE id-opcode-search
+}
+
+SearchArgument ::=
+ OPTIONALLY-PROTECTED
+ {SET {baseObject [0] Name,
+ subset
+ [1] INTEGER {baseObject(0), oneLevel(1), wholeSubtree(2)}
+ DEFAULT baseObject,
+ filter [2] Filter DEFAULT and:{},
+ searchAliases [3] BOOLEAN DEFAULT TRUE,
+ selection [4] EntryInformationSelection DEFAULT {},
+ pagedResults [5] PagedResultsRequest OPTIONAL,
+ matchedValuesOnly [6] BOOLEAN DEFAULT FALSE,
+ extendedFilter [7] Filter OPTIONAL,
+ checkOverspecified [8] BOOLEAN DEFAULT FALSE,
+ relaxation [9] RelaxationPolicy OPTIONAL,
+ extendedArea [10] INTEGER OPTIONAL,
+ hierarchySelections [11] HierarchySelections DEFAULT {self},
+ searchControlOptions
+ [12] SearchControlOptions DEFAULT {searchAliases},
+ joinArguments
+ [13] SEQUENCE SIZE (1..MAX) OF JoinArgument OPTIONAL,
+ joinType
+ [14] ENUMERATED {innerJoin(0), leftOuterJoin(1), fullOuterJoin(2)}
+ DEFAULT leftOuterJoin,
+ COMPONENTS OF CommonArguments}}
+
+HierarchySelections ::= BIT STRING {
+ self(0), children(1), parent(2), hierarchy(3), top(4), subtree(5),
+ siblings(6), siblingChildren(7), siblingSubtree(8), all(9)}
+
+SearchControlOptions ::= BIT STRING {
+ searchAliases(0), matchedValuesOnly(1), checkOverspecified(2),
+ performExactly(3), includeAllAreas(4), noSystemRelaxation(5), dnAttribute(6),
+ matchOnResidualName(7), entryCount(8), useSubset(9),
+ separateFamilyMembers(10), searchFamily(11)}
+
+JoinArgument ::= SEQUENCE {
+ joinBaseObject [0] Name,
+ domainLocalID [1] DomainLocalID OPTIONAL,
+ joinSubset
+ [2] ENUMERATED {baseObject(0), oneLevel(1), wholeSubtree(2)}
+ DEFAULT baseObject,
+ joinFilter [3] Filter OPTIONAL,
+ joinAttributes [4] SEQUENCE SIZE (1..MAX) OF JoinAttPair OPTIONAL,
+ joinSelection [5] EntryInformationSelection
+}
+
+DomainLocalID ::= DirectoryString{ub-domainLocalID}
+
+JoinAttPair ::= SEQUENCE {
+ baseAtt AttributeType,
+ joinAtt AttributeType,
+ joinContext SEQUENCE SIZE (1..MAX) OF JoinContextType OPTIONAL
+}
+
+JoinContextType ::= CONTEXT.&id({SupportedContexts})
+
+SearchResult ::=
+ OPTIONALLY-PROTECTED
+ {CHOICE {searchInfo
+ SET {name Name OPTIONAL,
+ entries [0] SET OF EntryInformation,
+ partialOutcomeQualifier
+ [2] PartialOutcomeQualifier OPTIONAL,
+ altMatching [3] BOOLEAN DEFAULT FALSE,
+ COMPONENTS OF CommonResults},
+ uncorrelatedSearchInfo [0] SET OF SearchResult}}
+
+addEntry OPERATION ::= {
+ ARGUMENT AddEntryArgument
+ RESULT AddEntryResult
+ ERRORS
+ {attributeError | nameError | serviceError | referral | securityError |
+ updateError}
+ CODE id-opcode-addEntry
+}
+
+AddEntryArgument ::=
+ OPTIONALLY-PROTECTED
+ {SET {object [0] Name,
+ entry [1] SET OF Attribute,
+ targetSystem [2] AccessPoint OPTIONAL,
+ COMPONENTS OF CommonArguments}}
+
+AddEntryResult ::= CHOICE {
+ null NULL,
+ information
+ OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}}
+}
+
+removeEntry OPERATION ::= {
+ ARGUMENT RemoveEntryArgument
+ RESULT RemoveEntryResult
+ ERRORS {nameError | serviceError | referral | securityError | updateError}
+ CODE id-opcode-removeEntry
+}
+
+RemoveEntryArgument ::=
+ OPTIONALLY-PROTECTED{SET {object [0] Name,
+ COMPONENTS OF CommonArguments}}
+
+RemoveEntryResult ::= CHOICE {
+ null NULL,
+ information
+ OPTIONALLY-PROTECTED-SEQ{SEQUENCE {COMPONENTS OF CommonResultsSeq}}
+}
+
+modifyEntry OPERATION ::= {
+ ARGUMENT ModifyEntryArgument
+ RESULT ModifyEntryResult
+ ERRORS
+ {attributeError | nameError | serviceError | referral | securityError |
+ updateError}
+ CODE id-opcode-modifyEntry
+}
+
+ModifyEntryArgument ::=
+ OPTIONALLY-PROTECTED
+ {SET {object [0] Name,
+ changes [1] SEQUENCE OF EntryModification,
+ selection [2] EntryInformationSelection OPTIONAL,
+ COMPONENTS OF CommonArguments}}
+
+ModifyEntryResult ::= CHOICE {
+ null NULL,
+ information
+ OPTIONALLY-PROTECTED-SEQ{SEQUENCE {entry [0] EntryInformation OPTIONAL,
+ COMPONENTS OF CommonResultsSeq
+ }}
+}
+
+EntryModification ::= CHOICE {
+ addAttribute [0] Attribute,
+ removeAttribute [1] AttributeType,
+ addValues [2] Attribute,
+ removeValues [3] Attribute,
+ alterValues [4] AttributeTypeAndValue,
+ resetValue [5] AttributeType
+}
+
+modifyDN OPERATION ::= {
+ ARGUMENT ModifyDNArgument
+ RESULT ModifyDNResult
+ ERRORS {nameError | serviceError | referral | securityError | updateError}
+ CODE id-opcode-modifyDN
+}
+
+ModifyDNArgument ::=
+ OPTIONALLY-PROTECTED
+ {SET {object [0] DistinguishedName,
+ newRDN [1] RelativeDistinguishedName,
+ deleteOldRDN [2] BOOLEAN DEFAULT FALSE,
+ newSuperior [3] DistinguishedName OPTIONAL,
+ COMPONENTS OF CommonArguments}}
+
+ModifyDNResult ::= CHOICE {
+ null NULL,
+ information
+ OPTIONALLY-PROTECTED-SEQ{SEQUENCE {newRDN RelativeDistinguishedName,
+ COMPONENTS OF CommonResultsSeq
+ }}
+}
+
+-- Errors and parameters
+abandoned ERROR ::= { -- not literally an "error"
+ PARAMETER OPTIONALLY-PROTECTED {SET {COMPONENTS OF CommonResults}}
+ CODE id-errcode-abandoned
+}
+
+abandonFailed ERROR ::= {
+ PARAMETER OPTIONALLY-PROTECTED
+ {SET {problem [0] AbandonProblem,
+ operation [1] InvokeId,
+ COMPONENTS OF CommonResults}}
+ CODE id-errcode-abandonFailed
+}
+
+AbandonProblem ::= INTEGER {noSuchOperation(1), tooLate(2), cannotAbandon(3)}
+
+attributeError ERROR ::= {
+ PARAMETER OPTIONALLY-PROTECTED
+ {SET {object [0] Name,
+ problems
+ [1] SET OF
+ SEQUENCE {problem [0] AttributeProblem,
+ type [1] AttributeType,
+ value [2] AttributeValue OPTIONAL},
+ COMPONENTS OF CommonResults}}
+ CODE id-errcode-attributeError
+}
+
+AttributeProblem ::= INTEGER {
+ noSuchAttributeOrValue(1), invalidAttributeSyntax(2),
+ undefinedAttributeType(3), inappropriateMatching(4), constraintViolation(5),
+ attributeOrValueAlreadyExists(6), contextViolation(7)}
+
+nameError ERROR ::= {
+ PARAMETER OPTIONALLY-PROTECTED
+ {SET {problem [0] NameProblem,
+ matched [1] Name,
+ COMPONENTS OF CommonResults}}
+ CODE id-errcode-nameError
+}
+
+NameProblem ::= INTEGER {
+ noSuchObject(1), aliasProblem(2), invalidAttributeSyntax(3),
+ aliasDereferencingProblem(4), contextProblem(5)}
+
+referral ERROR ::= { -- not literally an "error"
+ PARAMETER OPTIONALLY-PROTECTED
+ {SET {candidate [0] ContinuationReference,
+ COMPONENTS OF CommonResults}}
+ CODE id-errcode-referral
+}
+
+securityError ERROR ::= {
+ PARAMETER OPTIONALLY-PROTECTED
+ {SET {problem [0] SecurityProblem,
+ spkmInfo [1] SPKM-ERROR,
+ COMPONENTS OF CommonResults}}
+ CODE id-errcode-securityError
+}
+
+SecurityProblem ::= INTEGER {
+ inappropriateAuthentication(1), invalidCredentials(2),
+ insufficientAccessRights(3), invalidSignature(4), protectionRequired(5),
+ noInformation(6), blockedCredentials(7), invalidQOPMatch(8), spkmError(9)
+}
+
+serviceError ERROR ::= {
+ PARAMETER OPTIONALLY-PROTECTED
+ {SET {problem [0] ServiceProblem,
+ COMPONENTS OF CommonResults}}
+ CODE id-errcode-serviceError
+}
+
+ServiceProblem ::= INTEGER {
+ busy(1), unavailable(2), unwillingToPerform(3), chainingRequired(4),
+ unableToProceed(5), invalidReference(6), timeLimitExceeded(7),
+ administrativeLimitExceeded(8), loopDetected(9),
+ unavailableCriticalExtension(10), outOfScope(11), ditError(12),
+ invalidQueryReference(13), requestedServiceNotAvailable(14),
+ relaxationNotSupported(15), unsupportedMatchingUse(16)}
+
+updateError ERROR ::= {
+ PARAMETER OPTIONALLY-PROTECTED
+ {SET {problem [0] UpdateProblem,
+ attributeInfo
+ [1] SET SIZE (1..MAX) OF
+ CHOICE {attributeType AttributeType,
+ attribute Attribute} OPTIONAL,
+ COMPONENTS OF CommonResults}}
+ CODE id-errcode-updateError
+}
+
+UpdateProblem ::= INTEGER {
+ namingViolation(1), objectClassViolation(2), notAllowedOnNonLeaf(3),
+ notAllowedOnRDN(4), entryAlreadyExists(5), affectsMultipleDSAs(6),
+ objectClassModificationProhibited(7), noSuchSuperior(8), notAncestor(9),
+ parentNotAncestor(10), hierarchyRuleViolation(11), familyRuleViolation(12)
+}
+
+-- attribute types
+id-at-family-information OBJECT IDENTIFIER ::= {id-at 64}
+
+END -- DirectoryAbstractService
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/DirectoryAccessProtocol.asn1 b/asn1/DirectoryAccessProtocol.asn1
new file mode 100644
index 0000000..fbe1a90
--- /dev/null
+++ b/asn1/DirectoryAccessProtocol.asn1
@@ -0,0 +1,169 @@
+-- Module DirectoryAccessProtocol (X.519:02/2001)
+DirectoryAccessProtocol {joint-iso-itu-t ds(5) module(1) dap(11) 4} DEFINITIONS
+::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ directoryAbstractService, protocolObjectIdentifiers
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ -- from ITU-T Rec. X.511 | ISO/IEC 9594-3
+ abandon, addEntry, compare, directoryBind, directoryUnbind, list, modifyDN,
+ modifyEntry, read, removeEntry, search
+ FROM DirectoryAbstractService {joint-iso-itu-t ds(5) module(1)
+ directoryAbstractService(2) 4}
+ -- from ITU-T Rec. X.519 | ISO/IEC 9594-5
+ id-ac-directoryAccessAC, id-as-directoryAccessAS, id-contract-dap,
+ id-package-dapConnection, id-package-modify, id-package-read,
+ id-package-search, id-rosObject-dapDSA, id-rosObject-directory,
+ id-rosObject-dua
+ FROM ProtocolObjectIdentifiers {joint-iso-itu-t ds(5) module(1)
+ protocolObjectIdentifiers(4) 4}
+ -- from ITU-T Rec. X.880 | ISO/IEC 13712-1
+ Code, CONNECTION-PACKAGE, CONTRACT, OPERATION, OPERATION-PACKAGE,
+ ROS-OBJECT-CLASS
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ Bind{}, InvokeId, ROS{}, Unbind{}
+ FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t
+ remote-operations(4) generic-ROS-PDUs(6) version1(0)}
+ -- from ITU-T Rec. X.881 | ISO/IEC 13712-2
+ APPLICATION-CONTEXT
+ FROM Remote-Operations-Information-Objects-extensions {joint-iso-itu-t
+ remote-operations(4) informationObjects-extensions(8) version1(0)}
+ -- from ITU-T Rec. X.882 | ISO/IEC 13712-3
+ acse, pData
+ FROM Remote-Operations-Realizations {joint-iso-itu-t remote-operations(4)
+ realizations(9) version1(0)}
+ acse-abstract-syntax
+ FROM Remote-Operations-Abstract-Syntaxes {joint-iso-itu-t
+ remote-operations(4) remote-operations-abstract-syntaxes(12) version1(0)};
+
+-- application contexts
+directoryAccessAC APPLICATION-CONTEXT ::= {
+ CONTRACT dapContract
+ ESTABLISHED BY acse
+ INFORMATION TRANSFER BY pData
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | directoryAccessAbstractSyntax}
+ APPLICATION CONTEXT NAME id-ac-directoryAccessAC
+}
+
+-- ROS objects
+dua ROS-OBJECT-CLASS ::= {INITIATES {dapContract}
+ ID id-rosObject-dua
+}
+
+directory ROS-OBJECT-CLASS ::= {
+ RESPONDS {dapContract}
+ ID id-rosObject-directory
+}
+
+dap-dsa ROS-OBJECT-CLASS ::= {
+ RESPONDS {dapContract}
+ ID id-rosObject-dapDSA
+}
+
+-- contracts
+dapContract CONTRACT ::= {
+ CONNECTION dapConnectionPackage
+ INITIATOR CONSUMER OF {readPackage | searchPackage | modifyPackage}
+ ID id-contract-dap
+}
+
+-- connection package
+dapConnectionPackage CONNECTION-PACKAGE ::= {
+ BIND directoryBind
+ UNBIND directoryUnbind
+ ID id-package-dapConnection
+}
+
+-- read package
+readPackage OPERATION-PACKAGE ::= {
+ CONSUMER INVOKES {read | compare | abandon}
+ ID id-package-read
+}
+
+-- search package
+searchPackage OPERATION-PACKAGE ::= {
+ CONSUMER INVOKES {list | search}
+ ID id-package-search
+}
+
+-- modify Package
+modifyPackage OPERATION-PACKAGE ::= {
+ CONSUMER INVOKES {addEntry | removeEntry | modifyEntry | modifyDN}
+ ID id-package-modify
+}
+
+-- abstract syntaxes
+directoryAccessAbstractSyntax ABSTRACT-SYNTAX ::= {
+ DAP-PDUs
+ IDENTIFIED BY id-as-directoryAccessAS
+}
+
+DAP-PDUs ::= CHOICE {
+ basicRos ROS{{DAP-InvokeIDSet}, {DAP-Invokable}, {DAP-Returnable}},
+ bind Bind{directoryBind},
+ unbind Unbind{directoryUnbind}
+}
+
+DAP-InvokeIDSet ::= InvokeId(ALL EXCEPT absent:NULL)
+
+DAP-Invokable OPERATION ::=
+ {read | compare | abandon | list | search | addEntry | removeEntry |
+ modifyEntry | modifyDN}
+
+DAP-Returnable OPERATION ::=
+ {read | compare | abandon | list | search | addEntry | removeEntry |
+ modifyEntry | modifyDN}
+
+-- remote operation codes
+id-opcode-read Code ::= local:1
+
+id-opcode-compare Code ::= local:2
+
+id-opcode-abandon Code ::= local:3
+
+id-opcode-list Code ::= local:4
+
+id-opcode-search Code ::= local:5
+
+id-opcode-addEntry Code ::= local:6
+
+id-opcode-removeEntry Code ::= local:7
+
+id-opcode-modifyEntry Code ::= local:8
+
+id-opcode-modifyDN Code ::= local:9
+
+-- remote error codes
+id-errcode-attributeError Code ::= local:1
+
+id-errcode-nameError Code ::= local:2
+
+id-errcode-serviceError Code ::= local:3
+
+id-errcode-referral Code ::= local:4
+
+id-errcode-abandoned Code ::= local:5
+
+id-errcode-securityError Code ::= local:6
+
+id-errcode-abandonFailed Code ::= local:7
+
+id-errcode-updateError Code ::= local:8
+
+-- remote error code for DSP
+id-errcode-dsaReferral Code ::= local:9
+
+END -- DirectoryAccessProtocol
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/DirectoryInformationShadowProtocol.asn1 b/asn1/DirectoryInformationShadowProtocol.asn1
new file mode 100644
index 0000000..2165917
--- /dev/null
+++ b/asn1/DirectoryInformationShadowProtocol.asn1
@@ -0,0 +1,252 @@
+-- Module DirectoryInformationShadowProtocol (X.519:02/2001)
+DirectoryInformationShadowProtocol {joint-iso-itu-t ds(5) module(1) disp(16) 4}
+DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ directoryShadowAbstractService, protocolObjectIdentifiers
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ -- from ITU-T Rec. X.519 | ISO/IEC 9594-5
+ id-ac-shadowConsumerInitiatedAC, id-ac-shadowConsumerInitiatedAsynchronousAC,
+ id-ac-shadowSupplierInitiatedAC,
+ id-ac-shadowSupplierInitiatedAsynchronousAC,
+ id-ac-reliableShadowConsumerInitiatedAC,
+ id-ac-reliableShadowSupplierInitiatedAC, id-as-directoryReliableShadowAS,
+ id-as-directoryShadowAS, id-as-reliableShadowBindingAS,
+ id-contract-shadowConsumer, id-contract-shadowSupplier,
+ id-package-dispConnection, id-package-shadowConsumer,
+ id-package-shadowSupplier, id-rosObject-initiatingConsumerDSA,
+ id-rosObject-initiatingSupplierDSA, id-rosObject-respondingSupplierDSA,
+ id-rosObject-respondingConsumerDSA
+ FROM ProtocolObjectIdentifiers {joint-iso-itu-t ds(5) module(1)
+ protocolObjectIdentifiers(4) 4}
+ -- from ITU-T Rec. X.525 | ISO/IEC 9594-9
+ coordinateShadowUpdate, dSAShadowBind, dSAShadowUnbind, requestShadowUpdate,
+ updateShadow
+ FROM DirectoryShadowAbstractService {joint-iso-itu-t ds(5) module(1)
+ directoryShadowAbstractService(15) 4}
+ -- from ITU-T Rec. X.880 | ISO/IEC 13712-1
+ Code, CONNECTION-PACKAGE, CONTRACT, OPERATION, OPERATION-PACKAGE,
+ ROS-OBJECT-CLASS
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ Bind{}, InvokeId, ROS{}, Unbind{}
+ FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t
+ remote-operations(4) generic-ROS-PDUs(6) version1(0)}
+ -- from ITU-T Rec. X.881 | ISO/IEC 13712-2
+ APPLICATION-CONTEXT
+ FROM Remote-Operations-Information-Objects-extensions {joint-iso-itu-t
+ remote-operations(4) informationObjects-extensions(8) version1(0)}
+ -- from ITU-T Rec. X.882 | ISO/IEC 13712-3
+ acse, association-by-RTSE, pData, transfer-by-RTSE
+ FROM Remote-Operations-Realizations {joint-iso-itu-t remote-operations(4)
+ realizations(9) version1(0)}
+ acse-abstract-syntax
+ FROM Remote-Operations-Abstract-Syntaxes {joint-iso-itu-t
+ remote-operations(4) remote-operations-abstract-syntaxes(12) version1(0)}
+ -- from ITU-T Rec. X.218 | ISO/IEC 9066-1
+ RTORQapdu, RTOACapdu, RTORJapdu
+ FROM Reliable-Transfer-APDU {joint-iso-itu-t reliable-transfer(3) apdus(0)};
+
+RTSE-apdus ::= CHOICE {
+ rtorq-apdu [16] IMPLICIT RTORQapdu,
+ rtoac-apdu [17] IMPLICIT RTOACapdu,
+ rtorj-apdu [18] IMPLICIT RTORJapdu,
+ rttp-apdu RTTPapdu,
+ rttr-apdu RTTRapdu,
+ rtab-apdu [22] IMPLICIT RTABapdu
+}
+
+RTTPapdu ::= -- priority-- INTEGER
+
+RTTRapdu ::= OCTET STRING
+
+RTABapdu ::= SET {
+ abortReason [0] IMPLICIT AbortReason OPTIONAL,
+ reflectedParameter [1] IMPLICIT BIT STRING OPTIONAL,
+ -- 8 bits maximum, only if abortReason is invalidParameter
+ userdataAB [2] TYPE-IDENTIFIER.&Type OPTIONAL
+} -- only in normal mode and if abortReason
+
+-- is userError
+AbortReason ::= INTEGER {
+ localSystemProblem(0),
+ invalidParameter(1), -- reflectedParameter supplied
+ unrecognizedActivity(2),
+ temporaryProblem(3),
+ -- the RTSE cannot accept a session for a period of time
+ protocolError(4), -- RTSE level protocol error
+ permanentProblem(5), --provider-abort solely in normal mode
+ userError(6), -- user-abort solely in normal mode
+ transferCompleted(7) -- activity can't be discarded--}
+
+-- application contexts
+shadowSupplierInitiatedAC APPLICATION-CONTEXT ::= {
+ CONTRACT shadowSupplierContract
+ ESTABLISHED BY acse
+ INFORMATION TRANSFER BY pData
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | directoryShadowAbstractSyntax}
+ APPLICATION CONTEXT NAME id-ac-shadowSupplierInitiatedAC
+}
+
+shadowSupplierInitiatedAsynchronousAC APPLICATION-CONTEXT ::= {
+ CONTRACT shadowSupplierContract
+ ESTABLISHED BY acse
+ INFORMATION TRANSFER BY pData
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | directoryShadowAbstractSyntax}
+ APPLICATION CONTEXT NAME id-ac-shadowSupplierInitiatedAsynchronousAC
+}
+
+shadowConsumerInitiatedAC APPLICATION-CONTEXT ::= {
+ CONTRACT shadowConsumerContract
+ ESTABLISHED BY acse
+ INFORMATION TRANSFER BY pData
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | directoryShadowAbstractSyntax}
+ APPLICATION CONTEXT NAME id-ac-shadowConsumerInitiatedAC
+}
+
+shadowConsumerInitiatedAsynchronousAC APPLICATION-CONTEXT ::= {
+ CONTRACT shadowConsumerContract
+ ESTABLISHED BY acse
+ INFORMATION TRANSFER BY pData
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | directoryShadowAbstractSyntax}
+ APPLICATION CONTEXT NAME id-ac-shadowConsumerInitiatedAsynchronousAC
+}
+
+reliableShadowSupplierInitiatedAC APPLICATION-CONTEXT ::= {
+ CONTRACT shadowSupplierContract
+ ESTABLISHED BY association-by-RTSE
+ INFORMATION TRANSFER BY transfer-by-RTSE
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | reliableShadowBindingAbstractSyntax |
+ directoryReliableShadowAbstractSyntax}
+ APPLICATION CONTEXT NAME id-ac-reliableShadowSupplierInitiatedAC
+}
+
+reliableShadowConsumerInitiatedAC APPLICATION-CONTEXT ::= {
+ CONTRACT shadowConsumerContract
+ ESTABLISHED BY association-by-RTSE
+ INFORMATION TRANSFER BY transfer-by-RTSE
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | reliableShadowBindingAbstractSyntax |
+ directoryReliableShadowAbstractSyntax}
+ APPLICATION CONTEXT NAME id-ac-reliableShadowConsumerInitiatedAC
+}
+
+-- ROS objects
+initiating-consumer-dsa ROS-OBJECT-CLASS ::= {
+ INITIATES {shadowConsumerContract}
+ ID id-rosObject-initiatingConsumerDSA
+}
+
+responding-supplier-dsa ROS-OBJECT-CLASS ::= {
+ RESPONDS {shadowConsumerContract}
+ ID id-rosObject-respondingSupplierDSA
+}
+
+initiating-supplier-dsa ROS-OBJECT-CLASS ::= {
+ INITIATES {shadowSupplierContract}
+ ID id-rosObject-initiatingSupplierDSA
+}
+
+responding-consumer-dsa ROS-OBJECT-CLASS ::= {
+ RESPONDS {shadowSupplierContract}
+ ID id-rosObject-respondingConsumerDSA
+}
+
+-- contracts
+shadowConsumerContract CONTRACT ::= {
+ CONNECTION dispConnectionPackage
+ INITIATOR CONSUMER OF {shadowConsumerPackage}
+ ID id-contract-shadowConsumer
+}
+
+shadowSupplierContract CONTRACT ::= {
+ CONNECTION dispConnectionPackage
+ RESPONDER CONSUMER OF {shadowSupplierPackage}
+ ID id-contract-shadowSupplier
+}
+
+-- connection package
+dispConnectionPackage CONNECTION-PACKAGE ::= {
+ BIND dSAShadowBind
+ UNBIND dSAShadowUnbind
+ ID id-package-dispConnection
+}
+
+-- packages
+shadowConsumerPackage OPERATION-PACKAGE ::= {
+ CONSUMER INVOKES {requestShadowUpdate}
+ SUPPLIER INVOKES {updateShadow}
+ ID id-package-shadowConsumer
+}
+
+shadowSupplierPackage OPERATION-PACKAGE ::= {
+ SUPPLIER INVOKES {coordinateShadowUpdate | updateShadow}
+ ID id-package-shadowSupplier
+}
+
+-- abstract syntaxes
+directoryShadowAbstractSyntax ABSTRACT-SYNTAX ::= {
+ DISP-PDUs
+ IDENTIFIED BY id-as-directoryShadowAS
+}
+
+directoryReliableShadowAbstractSyntax ABSTRACT-SYNTAX ::= {
+ Reliable-DISP-PDUs
+ IDENTIFIED BY id-as-directoryReliableShadowAS
+}
+
+reliableShadowBindingAbstractSyntax ABSTRACT-SYNTAX ::= {
+ ReliableShadowBinding-PDUs
+ IDENTIFIED BY id-as-reliableShadowBindingAS
+}
+
+DISP-PDUs ::= CHOICE {
+ basicROS ROS{{DISP-InvokeIDSet}, {DISP-Invokable}, {DISP-Returnable}},
+ bind Bind{dSAShadowBind},
+ unbind Unbind{dSAShadowUnbind}
+}
+
+Reliable-DISP-PDUs ::=
+ ROS{{DISP-InvokeIDSet}, {DISP-Invokable}, {DISP-Returnable}}
+
+ReliableShadowBinding-PDUs ::= CHOICE {
+ rTS [0] RTSE-apdus,
+ bind Bind{dSAShadowBind},
+ unbind Unbind{dSAShadowUnbind}
+}
+
+DISP-InvokeIDSet ::= InvokeId(ALL EXCEPT absent:NULL)
+
+DISP-Invokable OPERATION ::=
+ {requestShadowUpdate | updateShadow | coordinateShadowUpdate}
+
+DISP-Returnable OPERATION ::=
+ {requestShadowUpdate | updateShadow | coordinateShadowUpdate}
+
+-- remote operation codes
+id-opcode-requestShadowUpdate Code ::= local:1
+
+id-opcode-updateShadow Code ::= local:2
+
+id-opcode-coordinateShadowUpdate Code ::= local:3
+
+-- remote error codes
+id-errcode-shadowError Code ::= local:1
+
+END -- DirectoryInformationShadowProtocol
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/DirectoryOperationalBindingManagementProtocol.asn1 b/asn1/DirectoryOperationalBindingManagementProtocol.asn1
new file mode 100644
index 0000000..cee035b
--- /dev/null
+++ b/asn1/DirectoryOperationalBindingManagementProtocol.asn1
@@ -0,0 +1,125 @@
+-- Module DirectoryOperationalBindingManagementProtocol (X.519:02/2001)
+DirectoryOperationalBindingManagementProtocol {joint-iso-itu-t ds(5)
+ module(1) dop(17) 4} DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ directoryAbstractService, opBindingManagement, protocolObjectIdentifiers
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ dSAOperationalBindingManagementBind, dSAOperationalBindingManagementUnbind,
+ establishOperationalBinding, modifyOperationalBinding,
+ terminateOperationalBinding
+ FROM OperationalBindingManagement {joint-iso-itu-t ds(5) module(1)
+ opBindingManagement(18) 4}
+ -- from ITU-T Rec. X.511 | ISO/IEC 9594-3
+ directoryBind, directoryUnbind
+ FROM DirectoryAbstractService {joint-iso-itu-t ds(5) module(1)
+ directoryAbstractService(2) 4}
+ -- from ITU-T Rec. X.519 | ISO/IEC 9594-5
+ id-ac-directoryOperationalBindingManagementAC,
+ id-as-directoryOperationalBindingManagementAS, id-contract-dop,
+ id-package-operationalBindingManagement, id-package-dopConnection,
+ id-rosObject-dopDSA
+ FROM ProtocolObjectIdentifiers {joint-iso-itu-t ds(5) module(1)
+ protocolObjectIdentifiers(4) 4}
+ -- from ITU-T Rec. X.880 | ISO/IEC 13712-1
+ Code, CONNECTION-PACKAGE, CONTRACT, OPERATION, OPERATION-PACKAGE,
+ ROS-OBJECT-CLASS
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ Bind{}, InvokeId, ROS{}, Unbind{}
+ FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t
+ remote-operations(4) generic-ROS-PDUs(6) version1(0)}
+ -- from ITU-T Rec. X.881 | ISO/IEC 13712-2
+ APPLICATION-CONTEXT
+ FROM Remote-Operations-Information-Objects-extensions {joint-iso-itu-t
+ remote-operations(4) informationObjects-extensions(8) version1(0)}
+ -- from ITU-T Rec. X.882 | ISO/IEC 13712-3
+ acse, pData
+ FROM Remote-Operations-Realizations {joint-iso-itu-t remote-operations(4)
+ realizations(9) version1(0)}
+ acse-abstract-syntax
+ FROM Remote-Operations-Abstract-Syntaxes {joint-iso-itu-t
+ remote-operations(4) remote-operations-abstract-syntaxes(12) version1(0)};
+
+-- application contexts
+directoryOperationalBindingManagementAC APPLICATION-CONTEXT ::= {
+ CONTRACT dopContract
+ ESTABLISHED BY acse
+ INFORMATION TRANSFER BY pData
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax |
+ directoryOperationalBindingManagementAbstractSyntax}
+ APPLICATION CONTEXT NAME id-ac-directoryOperationalBindingManagementAC
+}
+
+-- ROS objects
+dop-dsa ROS-OBJECT-CLASS ::= {BOTH {dopContract}
+ ID id-rosObject-dopDSA
+}
+
+-- contracts
+dopContract CONTRACT ::= {
+ CONNECTION dopConnectionPackage
+ OPERATIONS OF {dopPackage}
+ ID id-contract-dop
+}
+
+-- connection package
+dopConnectionPackage CONNECTION-PACKAGE ::= {
+ BIND dSAOperationalBindingManagementBind
+ UNBIND dSAOperationalBindingManagementUnbind
+ ID id-package-dopConnection
+}
+
+-- packages
+dopPackage OPERATION-PACKAGE ::= {
+ CONSUMER INVOKES
+ {establishOperationalBinding | modifyOperationalBinding |
+ terminateOperationalBinding}
+ ID id-package-operationalBindingManagement
+}
+
+-- abstract syntaxes
+directoryOperationalBindingManagementAbstractSyntax ABSTRACT-SYNTAX ::=
+{DOP-PDUs
+ IDENTIFIED BY id-as-directoryOperationalBindingManagementAS
+}
+
+DOP-PDUs ::= CHOICE {
+ basicRos ROS{{DOP-InvokeIDSet}, {DOP-Invokable}, {DOP-Returnable}},
+ bind Bind{directoryBind},
+ unbind Unbind{directoryUnbind}
+}
+
+DOP-InvokeIDSet ::= InvokeId(ALL EXCEPT absent:NULL)
+
+DOP-Invokable OPERATION ::=
+ {establishOperationalBinding | modifyOperationalBinding |
+ terminateOperationalBinding}
+
+DOP-Returnable OPERATION ::=
+ {establishOperationalBinding | modifyOperationalBinding |
+ terminateOperationalBinding}
+
+-- remote operation codes
+id-op-establishOperationalBinding Code ::= local:100
+
+id-op-modifyOperationalBinding Code ::= local:102
+
+id-op-terminateOperationalBinding Code ::= local:101
+
+-- remote error codes
+id-err-operationalBindingError Code ::= local:100
+
+END -- DirectoryOperationalBindingManagementProtocol
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/DirectoryOperationalBindingTypes.asn1 b/asn1/DirectoryOperationalBindingTypes.asn1
new file mode 100644
index 0000000..1d1d4d8
--- /dev/null
+++ b/asn1/DirectoryOperationalBindingTypes.asn1
@@ -0,0 +1,26 @@
+-- Module DirectoryOperationalBindingTypes (X.519:02/2001)
+DirectoryOperationalBindingTypes {joint-iso-itu-t ds(5) module(1)
+ directoryOperationalBindingTypes(25) 4} DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ id-ob
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4};
+
+id-op-binding-shadow OBJECT IDENTIFIER ::= {id-ob 1}
+
+id-op-binding-hierarchical OBJECT IDENTIFIER ::= {id-ob 2}
+
+id-op-binding-non-specific-hierarchical OBJECT IDENTIFIER ::= {id-ob 3}
+
+END -- DirectoryOperationalBindingTypes
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/DirectoryShadowAbstractService.asn1 b/asn1/DirectoryShadowAbstractService.asn1
new file mode 100644
index 0000000..27f04fc
--- /dev/null
+++ b/asn1/DirectoryShadowAbstractService.asn1
@@ -0,0 +1,324 @@
+-- Module DirectoryShadowAbstractService (X.525:02/2001)
+DirectoryShadowAbstractService {joint-iso-itu-t ds(5) module(1)
+ directoryShadowAbstractService(15) 4} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ directoryAbstractService, directoryOperationalBindingTypes,
+ informationFramework, disp, distributedOperations,
+ dsaOperationalAttributeTypes, enhancedSecurity, opBindingManagement
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ Attribute, AttributeType, CONTEXT, DistinguishedName,
+ RelativeDistinguishedName, SubtreeSpecification
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 4}
+ OPERATIONAL-BINDING, OperationalBindingID
+ FROM OperationalBindingManagement {joint-iso-itu-t ds(5) module(1)
+ opBindingManagement(18) 4}
+ DSEType, SupplierAndConsumers
+ FROM DSAOperationalAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ dsaOperationalAttributeTypes(22) 4}
+ OPTIONALLY-PROTECTED{}, OPTIONALLY-PROTECTED-SEQ{}
+ FROM EnhancedSecurity {joint-iso-itu-t ds(5) module(1) enhancedSecurity(28)
+ 4}
+ -- from ITU-T Rec. X.511 | ISO/IEC 9594-3
+ CommonResultsSeq, ContextSelection, directoryBind, directoryUnbind,
+ EntryModification, SecurityParameters
+ FROM DirectoryAbstractService {joint-iso-itu-t ds(5) module(1)
+ directoryAbstractService(2) 4}
+ -- from ITU-T Rec. X.518 | ISO/IEC 9594-4
+ AccessPoint
+ FROM DistributedOperations {joint-iso-itu-t ds(5) module(1)
+ distributedOperations(3) 4}
+ -- from ITU-T Rec. X.519 | ISO/IEC 9594-5
+ id-op-binding-shadow
+ FROM DirectoryOperationalBindingTypes {joint-iso-itu-t ds(5) module(1)
+ directoryOperationalBindingTypes(25) 4}
+ id-errcode-shadowError, id-opcode-coordinateShadowUpdate,
+ id-opcode-requestShadowUpdate, id-opcode-updateShadow,
+ reliableShadowSupplierInitiatedAC, reliableShadowConsumerInitiatedAC,
+ shadowConsumerInitiatedAC, shadowSupplierInitiatedAC
+ FROM DirectoryInformationShadowProtocol {joint-iso-itu-t ds(5) module(1)
+ disp(16) 4}
+ -- from ITU-T Rec. X.880 | ISO/IEC 13712-1
+ ERROR, OPERATION
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)};
+
+-- bind and unbind operations
+dSAShadowBind OPERATION ::= directoryBind
+
+dSAShadowUnbind OPERATION ::= directoryUnbind
+
+-- shadow operational binding
+shadowOperationalBinding OPERATIONAL-BINDING ::= {
+ AGREEMENT ShadowingAgreementInfo
+ APPLICATION CONTEXTS
+ {{shadowSupplierInitiatedAC
+ APPLIES TO {All-operations-supplier-initiated}} |
+ {shadowConsumerInitiatedAC
+ APPLIES TO {All-operations-consumer-initiated}} |
+ {reliableShadowSupplierInitiatedAC
+ APPLIES TO {All-operations-supplier-initiated}} |
+ {reliableShadowConsumerInitiatedAC
+ APPLIES TO {All-operations-consumer-initiated}}}
+ ASYMMETRIC ROLE-A
+ { -- shadow supplier roleESTABLISHMENT-INITIATOR TRUE
+ ESTABLISHMENT-PARAMETER NULL
+ MODIFICATION-INITIATOR TRUE
+ TERMINATION-INITIATOR TRUE}
+ ROLE-B
+ { -- shadow consumer roleESTABLISHMENT-INITIATOR TRUE
+ ESTABLISHMENT-PARAMETER NULL
+ MODIFICATION-INITIATOR TRUE
+ MODIFICATION-PARAMETER ModificationParameter
+ TERMINATION-INITIATOR TRUE}
+ ID id-op-binding-shadow
+}
+
+-- types
+ModificationParameter ::= SEQUENCE {
+ secondaryShadows SET OF SupplierAndConsumers
+}
+
+AgreementID ::= OperationalBindingID
+
+ShadowingAgreementInfo ::= SEQUENCE {
+ shadowSubject UnitOfReplication,
+ updateMode UpdateMode DEFAULT supplierInitiated:onChange:TRUE,
+ master AccessPoint OPTIONAL,
+ secondaryShadows [2] BOOLEAN DEFAULT FALSE
+}
+
+UnitOfReplication ::= SEQUENCE {
+ area AreaSpecification,
+ attributes AttributeSelection,
+ knowledge Knowledge OPTIONAL,
+ subordinates BOOLEAN DEFAULT FALSE,
+ contextSelection ContextSelection OPTIONAL,
+ supplyContexts
+ [0] CHOICE {allContexts NULL,
+ selectedContexts SET SIZE (1..MAX) OF CONTEXT.&id} OPTIONAL
+}
+
+AreaSpecification ::= SEQUENCE {
+ contextPrefix DistinguishedName,
+ replicationArea SubtreeSpecification
+}
+
+Knowledge ::= SEQUENCE {
+ knowledgeType ENUMERATED {master(0), shadow(1), both(2)},
+ extendedKnowledge BOOLEAN DEFAULT FALSE
+}
+
+AttributeSelection ::= SET OF ClassAttributeSelection
+
+ClassAttributeSelection ::= SEQUENCE {
+ class OBJECT IDENTIFIER OPTIONAL,
+ classAttributes ClassAttributes DEFAULT allAttributes:NULL
+}
+
+ClassAttributes ::= CHOICE {
+ allAttributes NULL,
+ include [0] AttributeTypes,
+ exclude [1] AttributeTypes
+}
+
+AttributeTypes ::= SET OF AttributeType
+
+UpdateMode ::= CHOICE {
+ supplierInitiated [0] SupplierUpdateMode,
+ consumerInitiated [1] ConsumerUpdateMode
+}
+
+SupplierUpdateMode ::= CHOICE {
+ onChange BOOLEAN,
+ scheduled SchedulingParameters
+}
+
+ConsumerUpdateMode ::= SchedulingParameters
+
+SchedulingParameters ::= SEQUENCE {
+ periodic PeriodicStrategy OPTIONAL, -- shall be present if othertimes is set to FALSE
+ othertimes BOOLEAN DEFAULT FALSE
+}
+
+PeriodicStrategy ::= SEQUENCE {
+ beginTime Time OPTIONAL,
+ windowSize INTEGER,
+ updateInterval INTEGER
+}
+
+Time ::= GeneralizedTime
+
+-- as per 34.2 b) and c) of CCITT Rec. X.208 and ISO/IEC 8824
+-- shadow operations, arguments, and results
+All-operations-consumer-initiated OPERATION ::=
+ {requestShadowUpdate | updateShadow}
+
+All-operations-supplier-initiated OPERATION ::=
+ {coordinateShadowUpdate | updateShadow}
+
+coordinateShadowUpdate OPERATION ::= {
+ ARGUMENT CoordinateShadowUpdateArgument
+ RESULT CoordinateShadowUpdateResult
+ ERRORS {shadowError}
+ CODE id-opcode-coordinateShadowUpdate
+}
+
+CoordinateShadowUpdateArgument ::=
+ OPTIONALLY-PROTECTED
+ {[0] SEQUENCE {agreementID AgreementID,
+ lastUpdate Time OPTIONAL,
+ updateStrategy
+ CHOICE {standard
+ ENUMERATED {noChanges(0), incremental(1),
+ total(2)},
+ other EXTERNAL},
+ securityParameters SecurityParameters OPTIONAL}}
+
+CoordinateShadowUpdateResult ::= CHOICE {
+ null NULL,
+ information
+ OPTIONALLY-PROTECTED{[0] SEQUENCE {greementID AgreementID,
+ lastUpdate Time OPTIONAL,
+ COMPONENTS OF CommonResultsSeq
+ }}
+}
+
+requestShadowUpdate OPERATION ::= {
+ ARGUMENT RequestShadowUpdateArgument
+ RESULT RequestShadowUpdateResult
+ ERRORS {shadowError}
+ CODE id-opcode-requestShadowUpdate
+}
+
+RequestShadowUpdateArgument ::=
+ OPTIONALLY-PROTECTED
+ {[0] SEQUENCE {agreementID AgreementID,
+ lastUpdate Time OPTIONAL,
+ requestedStrategy
+ CHOICE {standard ENUMERATED {incremental(1), total(2)},
+ other EXTERNAL},
+ securityParameters SecurityParameters OPTIONAL}}
+
+RequestShadowUpdateResult ::= CHOICE {
+ null NULL,
+ information
+ OPTIONALLY-PROTECTED{[0] SEQUENCE {agreementID AgreementID,
+ lastUpdate Time OPTIONAL,
+ COMPONENTS OF CommonResultsSeq
+ }}
+}
+
+updateShadow OPERATION ::= {
+ ARGUMENT UpdateShadowArgument
+ RESULT UpdateShadowResult
+ ERRORS {shadowError}
+ CODE id-opcode-updateShadow
+}
+
+UpdateShadowArgument ::=
+ OPTIONALLY-PROTECTED
+ {[0] SEQUENCE {agreementID AgreementID,
+ updateTime Time,
+ updateWindow UpdateWindow OPTIONAL,
+ updatedInfo RefreshInformation,
+ securityParameters SecurityParameters OPTIONAL}}
+
+UpdateShadowResult ::= CHOICE {
+ null NULL,
+ information
+ OPTIONALLY-PROTECTED{[0] SEQUENCE {agreementID AgreementID,
+ lastUpdate Time OPTIONAL,
+ COMPONENTS OF CommonResultsSeq
+ }}
+}
+
+UpdateWindow ::= SEQUENCE {start Time,
+ stop Time
+}
+
+RefreshInformation ::= CHOICE {
+ noRefresh NULL,
+ total [0] TotalRefresh,
+ incremental [1] IncrementalRefresh,
+ otherStrategy EXTERNAL
+}
+
+TotalRefresh ::= SEQUENCE {
+ sDSE SDSEContent OPTIONAL,
+ subtree SET SIZE (1..MAX) OF Subtree OPTIONAL
+}
+
+SDSEContent ::= SEQUENCE {
+ sDSEType SDSEType,
+ subComplete [0] BOOLEAN DEFAULT FALSE,
+ attComplete [1] BOOLEAN OPTIONAL,
+ attributes SET OF Attribute,
+ attValIncomplete SET OF AttributeType DEFAULT {}
+}
+
+SDSEType ::= DSEType
+
+Subtree ::= SEQUENCE {
+ rdn RelativeDistinguishedName,
+ COMPONENTS OF TotalRefresh
+}
+
+IncrementalRefresh ::= SEQUENCE OF IncrementalStepRefresh
+
+IncrementalStepRefresh ::= SEQUENCE {
+ sDSEChanges
+ CHOICE {add [0] SDSEContent,
+ remove NULL,
+ modify [1] ContentChange} OPTIONAL,
+ subordinateUpdates SEQUENCE SIZE (1..MAX) OF SubordinateChanges OPTIONAL
+}
+
+ContentChange ::= SEQUENCE {
+ rename
+ CHOICE {newRDN RelativeDistinguishedName,
+ newDN DistinguishedName} OPTIONAL,
+ attributeChanges
+ CHOICE {replace [0] SET SIZE (1..MAX) OF Attribute,
+ changes [1] SEQUENCE SIZE (1..MAX) OF EntryModification
+ } OPTIONAL,
+ sDSEType SDSEType,
+ subComplete [2] BOOLEAN DEFAULT FALSE,
+ attComplete [3] BOOLEAN OPTIONAL,
+ attValIncomplete SET OF AttributeType DEFAULT {}
+}
+
+SubordinateChanges ::= SEQUENCE {
+ subordinate RelativeDistinguishedName,
+ changes IncrementalStepRefresh
+}
+
+-- errors and parameters
+shadowError ERROR ::= {
+ PARAMETER OPTIONALLY-PROTECTED-SEQ
+ {SEQUENCE {problem ShadowProblem,
+ lastUpdate Time OPTIONAL,
+ updateWindow UpdateWindow OPTIONAL,
+ COMPONENTS OF CommonResultsSeq}}
+ CODE id-errcode-shadowError
+}
+
+ShadowProblem ::= INTEGER {
+ invalidAgreementID(1), inactiveAgreement(2), invalidInformationReceived(3),
+ unsupportedStrategy(4), missedPrevious(5), fullUpdateRequired(6),
+ unwillingToPerform(7), unsuitableTiming(8), updateAlreadyReceived(9),
+ invalidSequencing(10), insufficientResources(11)}
+
+END -- DirectoryShadowAbstractService
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/DirectorySystemProtocol.asn1 b/asn1/DirectorySystemProtocol.asn1
new file mode 100644
index 0000000..664e7fc
--- /dev/null
+++ b/asn1/DirectorySystemProtocol.asn1
@@ -0,0 +1,125 @@
+-- Module DirectorySystemProtocol (X.519:02/2001)
+DirectorySystemProtocol {joint-iso-itu-t ds(5) module(1) dsp(12) 4} DEFINITIONS
+::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ distributedOperations, protocolObjectIdentifiers
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ -- from ITU-T Rec. X.518 | ISO/IEC 9594-4
+ chainedAbandon, chainedAddEntry, chainedCompare, chainedList,
+ chainedModifyDN, chainedModifyEntry, chainedRead, chainedRemoveEntry,
+ chainedSearch, dSABind, dSAUnbind
+ FROM DistributedOperations {joint-iso-itu-t ds(5) module(1)
+ distributedOperations(3) 4}
+ -- from ITU-T Rec. X.519 | ISO/IEC 9594-5
+ id-ac-directorySystemAC, id-as-directorySystemAS, id-contract-dsp,
+ id-package-chainedModify, id-package-chainedRead, id-package-chainedSearch,
+ id-package-dspConnection, id-rosObject-dspDSA
+ FROM ProtocolObjectIdentifiers {joint-iso-itu-t ds(5) module(1)
+ protocolObjectIdentifiers(4) 4}
+ -- from ITU-T Rec. X.880 | ISO/IEC 13712-1
+ Code, CONNECTION-PACKAGE, CONTRACT, OPERATION, OPERATION-PACKAGE,
+ ROS-OBJECT-CLASS
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ Bind{}, InvokeId, ROS{}, Unbind{}
+ FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t
+ remote-operations(4) generic-ROS-PDUs(6) version1(0)}
+ -- from ITU-T Rec. X.881 | ISO/IEC 13712-2
+ APPLICATION-CONTEXT
+ FROM Remote-Operations-Information-Objects-extensions {joint-iso-itu-t
+ remote-operations(4) informationObjects-extensions(8) version1(0)}
+ -- from ITU-T Rec. X.882 | ISO/IEC 13712-3
+ acse, pData
+ FROM Remote-Operations-Realizations {joint-iso-itu-t remote-operations(4)
+ realizations(9) version1(0)}
+ acse-abstract-syntax
+ FROM Remote-Operations-Abstract-Syntaxes {joint-iso-itu-t
+ remote-operations(4) remote-operations-abstract-syntaxes(12) version1(0)};
+
+-- application contexts
+directorySystemAC APPLICATION-CONTEXT ::= {
+ CONTRACT dspContract
+ ESTABLISHED BY acse
+ INFORMATION TRANSFER BY pData
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | directorySystemAbstractSyntax}
+ APPLICATION CONTEXT NAME id-ac-directorySystemAC
+}
+
+-- ROS objects
+dsp-dsa ROS-OBJECT-CLASS ::= {BOTH {dspContract}
+ ID id-rosObject-dspDSA
+}
+
+-- contracts
+dspContract CONTRACT ::= {
+ CONNECTION dspConnectionPackage
+ OPERATIONS OF
+ {chainedReadPackage | chainedSearchPackage | chainedModifyPackage}
+ ID id-contract-dsp
+}
+
+-- connection package
+dspConnectionPackage CONNECTION-PACKAGE ::= {
+ BIND dSABind
+ UNBIND dSAUnbind
+ ID id-package-dspConnection
+}
+
+-- chained read package
+chainedReadPackage OPERATION-PACKAGE ::= {
+ OPERATIONS {chainedRead | chainedCompare | chainedAbandon}
+ ID id-package-chainedRead
+}
+
+-- chained search package
+chainedSearchPackage OPERATION-PACKAGE ::= {
+ OPERATIONS {chainedList | chainedSearch}
+ ID id-package-chainedSearch
+}
+
+-- chained modify package
+chainedModifyPackage OPERATION-PACKAGE ::= {
+ OPERATIONS
+ {chainedAddEntry | chainedRemoveEntry | chainedModifyEntry |
+ chainedModifyDN}
+ ID id-package-chainedModify
+}
+
+-- abstract syntaxes
+directorySystemAbstractSyntax ABSTRACT-SYNTAX ::= {
+ DSP-PDUs
+ IDENTIFIED BY id-as-directorySystemAS
+}
+
+DSP-PDUs ::= CHOICE {
+ basicRos ROS{{DSP-InvokeIDSet}, {DSP-Invokable}, {DSP-Returnable}},
+ bind Bind{dSABind},
+ unbind Unbind{dSAUnbind}
+}
+
+DSP-InvokeIDSet ::= InvokeId(ALL EXCEPT absent:NULL)
+
+DSP-Invokable OPERATION ::=
+ {chainedRead | chainedCompare | chainedAbandon | chainedList | chainedSearch
+ | chainedAddEntry | chainedRemoveEntry | chainedModifyEntry |
+ chainedModifyDN}
+
+DSP-Returnable OPERATION ::=
+ {chainedRead | chainedCompare | chainedAbandon | chainedList | chainedSearch
+ | chainedAddEntry | chainedRemoveEntry | chainedModifyEntry |
+ chainedModifyDN}
+
+END -- DirectorySystemProtocol
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/DistributedOperations.asn1 b/asn1/DistributedOperations.asn1
new file mode 100644
index 0000000..a6da31b
--- /dev/null
+++ b/asn1/DistributedOperations.asn1
@@ -0,0 +1,193 @@
+-- Module DistributedOperations (X.518:02/2001)
+DistributedOperations {joint-iso-itu-t ds(5) module(1) distributedOperations(3)
+ 4} DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ basicAccessControl, dap, directoryAbstractService, enhancedSecurity,
+ informationFramework, selectedAttributeTypes, serviceAdministration
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ DistinguishedName, Name, RDNSequence
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 4}
+ MRMapping, SearchRuleId
+ FROM ServiceAdministration {joint-iso-itu-t ds(5) module(1)
+ serviceAdministration(33) 4}
+ AuthenticationLevel
+ FROM BasicAccessControl {joint-iso-itu-t ds(5) module(1)
+ basicAccessControl(24) 4}
+ OPTIONALLY-PROTECTED{}
+ FROM EnhancedSecurity {joint-iso-itu-t ds(5) module(1) enhancedSecurity(28)
+ 4}
+ -- from ITU-T Rec. X.511 | ISO/IEC 9594-3
+ abandon, addEntry, CommonResults, compare, directoryBind, directoryUnbind,
+ list, modifyDN, modifyEntry, read, referral, removeEntry, search,
+ SecurityParameters
+ FROM DirectoryAbstractService {joint-iso-itu-t ds(5) module(1)
+ directoryAbstractService(2) 4}
+ -- from ITU-T Rec. X.519 | ISO/IEC 9594-5
+ id-errcode-dsaReferral
+ FROM DirectoryAccessProtocol {joint-iso-itu-t ds(5) module(1) dap(11) 4}
+ -- from ITU-T Rec. X.520 | ISO/IEC 9594-6
+ PresentationAddress, ProtocolInformation, UniqueIdentifier
+ FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ selectedAttributeTypes(5) 4}
+ -- from ITU-T Rec. X.880 | ISO/IEC 13712-1
+ ERROR, OPERATION
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)};
+
+-- parameterized type for deriving chained operations
+chained{OPERATION:operation} OPERATION ::= {
+ ARGUMENT OPTIONALLY-PROTECTED
+ {SET {chainedArgument ChainingArguments,
+ argument [0] operation.&ArgumentType}}
+ RESULT OPTIONALLY-PROTECTED
+ {SET {chainedResult ChainingResults,
+ result [0] operation.&ResultType}}
+ ERRORS
+ {operation.&Errors EXCEPT referral | dsaReferral}
+ CODE operation.&operationCode
+}
+
+-- bind and unbind operations
+dSABind OPERATION ::= directoryBind
+
+dSAUnbind OPERATION ::= directoryUnbind
+
+-- chained operations
+chainedRead OPERATION ::= chained{read}
+
+chainedCompare OPERATION ::= chained{compare}
+
+chainedAbandon OPERATION ::= abandon
+
+chainedList OPERATION ::= chained{list}
+
+chainedSearch OPERATION ::= chained{search}
+
+chainedAddEntry OPERATION ::= chained{addEntry}
+
+chainedRemoveEntry OPERATION ::= chained{removeEntry}
+
+chainedModifyEntry OPERATION ::= chained{modifyEntry}
+
+chainedModifyDN OPERATION ::= chained{modifyDN}
+
+-- errors and parameters
+dsaReferral ERROR ::= {
+ PARAMETER OPTIONALLY-PROTECTED
+ {SET {reference [0] ContinuationReference,
+ contextPrefix [1] DistinguishedName OPTIONAL,
+ COMPONENTS OF CommonResults}}
+ CODE id-errcode-dsaReferral
+}
+
+-- common arguments and results
+ChainingArguments ::= SET {
+ originator [0] DistinguishedName OPTIONAL,
+ targetObject [1] DistinguishedName OPTIONAL,
+ operationProgress
+ [2] OperationProgress DEFAULT {nameResolutionPhase notStarted},
+ traceInformation [3] TraceInformation,
+ aliasDereferenced [4] BOOLEAN DEFAULT FALSE,
+ aliasedRDNs [5] INTEGER OPTIONAL,
+ -- only present in 1988 systems
+ returnCrossRefs [6] BOOLEAN DEFAULT FALSE,
+ referenceType [7] ReferenceType DEFAULT superior,
+ info [8] DomainInfo OPTIONAL,
+ timeLimit [9] Time OPTIONAL,
+ securityParameters [10] SecurityParameters DEFAULT {},
+ entryOnly [11] BOOLEAN DEFAULT FALSE,
+ uniqueIdentifier [12] UniqueIdentifier OPTIONAL,
+ authenticationLevel [13] AuthenticationLevel OPTIONAL,
+ exclusions [14] Exclusions OPTIONAL,
+ excludeShadows [15] BOOLEAN DEFAULT FALSE,
+ nameResolveOnMaster [16] BOOLEAN DEFAULT FALSE,
+ operationIdentifier [17] INTEGER OPTIONAL,
+ searchRuleId [18] SearchRuleId OPTIONAL,
+ chainedRelaxation [19] MRMapping OPTIONAL,
+ relatedEntry [20] INTEGER OPTIONAL
+}
+
+Time ::= CHOICE {utcTime UTCTime,
+ generalizedTime GeneralizedTime
+}
+
+DomainInfo ::= ABSTRACT-SYNTAX.&Type
+
+ChainingResults ::= SET {
+ info [0] DomainInfo OPTIONAL,
+ crossReferences [1] SEQUENCE SIZE (1..MAX) OF CrossReference OPTIONAL,
+ securityParameters [2] SecurityParameters DEFAULT {},
+ alreadySearched [3] Exclusions OPTIONAL
+}
+
+CrossReference ::= SET {
+ contextPrefix [0] DistinguishedName,
+ accessPoint [1] AccessPointInformation
+}
+
+OperationProgress ::= SET {
+ nameResolutionPhase
+ [0] ENUMERATED {notStarted(1), proceeding(2), completed(3)},
+ nextRDNToBeResolved [1] INTEGER OPTIONAL
+}
+
+TraceInformation ::= SEQUENCE OF TraceItem
+
+TraceItem ::= SET {
+ dsa [0] Name,
+ targetObject [1] Name OPTIONAL,
+ operationProgress [2] OperationProgress
+}
+
+ReferenceType ::= ENUMERATED {
+ superior(1), subordinate(2), cross(3), nonSpecificSubordinate(4),
+ supplier(5), master(6), immediateSuperior(7), self(8)}
+
+AccessPoint ::= SET {
+ ae-title [0] Name,
+ address [1] PresentationAddress,
+ protocolInformation [2] SET SIZE (1..MAX) OF ProtocolInformation OPTIONAL
+}
+
+MasterOrShadowAccessPoint ::= SET {
+ COMPONENTS OF AccessPoint,
+ category [3] ENUMERATED {master(0), shadow(1)} DEFAULT master,
+ chainingRequired [5] BOOLEAN DEFAULT FALSE
+}
+
+MasterAndShadowAccessPoints ::= SET SIZE (1..MAX) OF MasterOrShadowAccessPoint
+
+AccessPointInformation ::= SET {
+ COMPONENTS OF MasterOrShadowAccessPoint,
+ additionalPoints [4] MasterAndShadowAccessPoints OPTIONAL
+}
+
+Exclusions ::= SET SIZE (1..MAX) OF RDNSequence
+
+ContinuationReference ::= SET {
+ targetObject [0] Name,
+ aliasedRDNs [1] INTEGER OPTIONAL, -- only present in 1988 systems
+ operationProgress [2] OperationProgress,
+ rdnsResolved [3] INTEGER OPTIONAL,
+ referenceType [4] ReferenceType,
+ accessPoints [5] SET OF AccessPointInformation,
+ entryOnly [6] BOOLEAN DEFAULT FALSE,
+ exclusions [7] Exclusions OPTIONAL,
+ returnToDUA [8] BOOLEAN DEFAULT FALSE,
+ nameResolveOnMaster [9] BOOLEAN DEFAULT FALSE
+}
+
+END -- DistributedOperations
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/EnhancedSecurity.asn1 b/asn1/EnhancedSecurity.asn1
new file mode 100644
index 0000000..3879987
--- /dev/null
+++ b/asn1/EnhancedSecurity.asn1
@@ -0,0 +1,367 @@
+-- Module EnhancedSecurity (X.501:02/2001)
+EnhancedSecurity {joint-iso-itu-t ds(5) module(1) enhancedSecurity(28) 4}
+DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- EXPORTS All
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ authenticationFramework, basicAccessControl, certificateExtensions,
+ id-at, id-avc, id-mr, informationFramework, upperBounds
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ Attribute, ATTRIBUTE, AttributeType, Context, CONTEXT, MATCHING-RULE,
+ Name, objectIdentifierMatch, SupportedAttributes
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 4}
+ AttributeTypeAndValue
+ FROM BasicAccessControl {joint-iso-itu-t ds(5) module(1)
+ basicAccessControl(24) 4}
+ -- from ITU-T Rec. X.509 | ISO/IEC 9594-8
+ AlgorithmIdentifier, CertificateSerialNumber, ENCRYPTED{}, HASH{},
+ SIGNED{}
+ FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
+ authenticationFramework(7) 4}
+ GeneralName, KeyIdentifier
+ FROM CertificateExtensions {joint-iso-itu-t ds(5) module(1)
+ certificateExtensions(26) 4}
+ ub-privacy-mark-length
+ FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4};
+
+-- from GULS
+-- SECURITY-TRANSFORMATION, PROTECTION-MAPPING, PROTECTED
+-- FROM Notation { joint-iso-ccitt genericULS (20) modules (1) notation (1) }
+--dirSignedTransformation, KEY-INFORMATION
+-- FROM GulsSecurityTransformations { joint-iso-ccitt genericULS (20) modules (1)
+-- gulsSecurityTransformations (3) }
+-- signed
+-- FROM GulsSecurityTransformations { joint-iso-ccitt genericULS (20) modules (1)
+-- dirProtectionMappings (4) };
+-- The "signed" Protection Mapping and associated "dirSignedTransformations" imported
+-- from the Generic Upper Layers Security specification (ITU-T Rec. X.830 | ISO/IEC 11586-1)
+-- results in identical encoding as the same data type used with the SIGNED as defined in
+-- ITU-T REC. X.509 | ISO/IEC 9594-8
+-- The three statements below are provided temporarily to allow signed operations to be supported as in edition 3.
+OPTIONALLY-PROTECTED{Type} ::= CHOICE {unsigned Type,
+ signed SIGNED{Type}
+}
+
+OPTIONALLY-PROTECTED-SEQ{Type} ::= CHOICE {
+ unsigned Type,
+ signed [0] SIGNED{Type}
+}
+
+-- The following out-commented ASN.1 specification are know to be erroneous and are therefore deprecated.
+-- genEncryptedTransform {KEY-INFORMATION: SupportedKIClasses } SECURITY-TRANSFORMATION ::=
+-- {
+-- IDENTIFIER { enhancedSecurity gen-encrypted(2) }
+-- INITIAL-ENCODING-RULES { joint-iso-itu-t asn1(1) ber(1) }
+-- This default for initial encoding rules may be overridden
+-- using a static protected parameter (initEncRules).
+-- XFORMED-DATA-TYPE SEQUENCE {
+-- initEncRules OBJECT IDENTIFIER DEFAULT { joint-iso-itu-t asn1(1) ber(1) },
+-- encAlgorithm AlgorithmIdentifier OPTIONAL, -- -- Identifies the encryption algorithm,
+-- keyInformation SEQUENCE {
+-- kiClass KEY-INFORMATION.&kiClass ({SupportedKIClasses}),
+-- keyInfo KEY-INFORMATION.&KiType ({SupportedKIClasses} {@kiClass})
+-- } OPTIONAL,
+-- Key information may assume various formats, governed by supported members
+-- of the KEY-INFORMATION information object class (defined in ITU-T
+-- Rec. X.830 | ISO/IEC 11586-1)
+-- encData BIT STRING ( CONSTRAINED BY {
+-- the encData value shall be generated following
+-- the procedure specified in 17.3.1-- -- })
+-- }
+-- }
+-- encrypted PROTECTION-MAPPING ::= {
+-- SECURITY-TRANSFORMATION { genEncryptedTransform } }
+-- signedAndEncrypt PROTECTION-MAPPING ::= {
+-- SECURITY-TRANSFORMATION { signedAndEncryptedTransform } }
+-- signedAndEncryptedTransform {KEY-INFORMATION: SupportedKIClasses}
+-- SECURITY-TRANSFORMATION ::= {
+-- IDENTIFIER { enhancedSecurity dir-encrypt-sign (1) }
+-- INITIAL-ENCODING-RULES { joint-iso-itu-t asn1 (1) ber-derived (2) distinguished-encoding (1) }
+-- XFORMED-DATA-TYPE
+-- PROTECTED
+-- {
+-- PROTECTED
+-- {
+-- ABSTRACT-SYNTAX.&Type,
+-- signed
+-- },
+-- encrypted
+-- }
+-- }
+-- OPTIONALLY-PROTECTED {ToBeProtected, PROTECTION-MAPPING:generalProtection} ::=
+-- CHOICE {
+-- toBeProtected ToBeProtected,
+--no DIRQOP specified for operation
+-- signed PROTECTED {ToBeProtected, signed},
+--DIRQOP is Signed
+-- protected [APPLICATION 0]
+-- PROTECTED { ToBeProtected, generalProtection } }
+--DIRQOP is other than Signed
+-- defaultDirQop ATTRIBUTE ::= {
+-- WITH SYNTAX OBJECT IDENTIFIER
+-- EQUALITY MATCHING RULE objectIdentifierMatch
+-- USAGE directoryOperation
+-- ID id-at-defaultDirQop }
+-- DIRQOP ::= CLASS
+-- This information object class is used to define the quality of protection
+-- required throughout directory operation.
+-- The Quality Of Protection can be signed, encrypted, signedAndEncrypt
+-- {
+-- &dirqop-Id OBJECT IDENTIFIER UNIQUE,
+-- &dirBindError-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dirErrors-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapReadArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapReadRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapCompareArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapCompareRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapListArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapListRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapSearchArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapSearchRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapAbandonArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapAbandonRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapAddEntryArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapAddEntryRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapRemoveEntryArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapRemoveEntryRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapModifyEntryArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapModifyEntryRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapModifyDNArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dapModifyDNRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dspChainedOp-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dispShadowAgreeInfo-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dispCoorShadowArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dispCoorShadowRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dispUpdateShadowArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dispUpdateShadowRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dispRequestShadowUpdateArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dispRequestShadowUpdateRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dopEstablishOpBindArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dopEstablishOpBindRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dopModifyOpBindArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dopModifyOpBindRes-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dopTermOpBindArg-QOP PROTECTION-MAPPING:protectionReqd,
+-- &dopTermOpBindRes-QOP PROTECTION-MAPPING:protectionReqd
+-- }
+-- WITH SYNTAX
+-- {
+-- DIRQOP-ID &dirqop-Id
+-- DIRECTORYBINDERROR-QOP &dirBindError-QOP
+-- DIRERRORS-QOP &dirErrors-QOP
+-- DAPREADARG-QOP &dapReadArg-QOP
+-- DAPREADRES-QOP &dapReadRes-QOP
+-- DAPCOMPAREARG-QOP &dapCompareArg-QOP
+-- DAPCOMPARERES-QOP &dapCompareRes-QOP
+-- DAPLISTARG-QOP &dapListArg-QOP
+-- DAPLISTRES-QOP &dapListRes-QOP
+-- DAPSEARCHARG-QOP &dapSearchArg-QOP
+-- DAPSEARCHRES-QOP &dapSearchRes-QOP
+-- DAPABANDONARG-QOP &dapAbandonArg-QOP
+-- DAPABANDONRES-QOP &dapAbandonRes-QOP
+-- DAPADDENTRYARG-QOP &dapAddEntryArg-QOP
+-- DAPADDENTRYRES-QOP &dapAddEntryRes-QOP
+-- DAPREMOVEENTRYARG-QOP &dapRemoveEntryArg-QOP
+-- DAPREMOVEENTRYRES-QOP &dapRemoveEntryRes-QOP
+-- DAPMODIFYENTRYARG-QOP &dapModifyEntryArg-QOP
+-- DAPMODIFYENTRYRES-QOP &dapModifyEntryRes-QOP
+-- DAPMODIFYDNARG-QOP &dapModifyDNArg-QOP
+-- DAPMODIFYDNRES-QOP &dapModifyDNRes-QOP
+-- DSPCHAINEDOP-QOP &dspChainedOp-QOP
+-- DISPSHADOWAGREEINFO-QOP &dispShadowAgreeInfo-QOP
+-- DISPCOORSHADOWARG-QOP &dispCoorShadowArg-QOP
+-- DISPCOORSHADOWRES-QOP &dispCoorShadowRes-QOP
+-- DISPUPDATESHADOWARG-QOP &dispUpdateShadowArg-QOP
+-- DISPUPDATESHADOWRES-QOP &dispUpdateShadowRes-QOP
+-- DISPREQUESTSHADOWUPDATEARG-QOP &dispRequestShadowUpdateArg-QOP
+-- DISPREQUESTSHADOWUPDATERES-QOP &dispRequestShadowUpdateRes-QOP
+-- DOPESTABLISHOPBINDARG-QOP &dopEstablishOpBindArg-QOP
+-- DOPESTABLISHOPBINDRES-QOP &dopEstablishOpBindRes-QOP
+-- DOPMODIFYOPBINDARG-QOP &dopModifyOpBindArg-QOP
+-- DOPMODIFYOPBINDRES-QOP &dopModifyOpBindRes-QOP
+-- DOPTERMINATEOPBINDARG-QOP &dopTermOpBindArg-QOP
+-- DOPTERMINATEOPBINDRES-QOP &dopTermOpBindRes-QOP
+--}
+attributeValueSecurityLabelContext CONTEXT ::= {
+ WITH SYNTAX
+ SignedSecurityLabel -- At most one security label context can be assigned to an
+ -- attribute value
+ ID id-avc-attributeValueSecurityLabelContext
+}
+
+SignedSecurityLabel ::=
+ SIGNED
+ {SEQUENCE {attHash HASH{AttributeTypeAndValue},
+ issuer Name OPTIONAL, -- name of labelling authority
+ keyIdentifier KeyIdentifier OPTIONAL,
+ securityLabel SecurityLabel}}
+
+SecurityLabel ::= SET {
+ security-policy-identifier SecurityPolicyIdentifier OPTIONAL,
+ security-classification SecurityClassification OPTIONAL,
+ privacy-mark PrivacyMark OPTIONAL,
+ security-categories SecurityCategories OPTIONAL
+}(ALL EXCEPT ({ --none, at least one component shall be presen--}))
+
+SecurityPolicyIdentifier ::= OBJECT IDENTIFIER
+
+SecurityClassification ::= INTEGER {
+ unmarked(0), unclassified(1), restricted(2), confidential(3), secret(4),
+ top-secret(5)}
+
+PrivacyMark ::= PrintableString(SIZE (1..ub-privacy-mark-length))
+
+SecurityCategories ::= SET SIZE (1..MAX) OF SecurityCategory
+
+clearance ATTRIBUTE ::= {WITH SYNTAX Clearance
+ ID id-at-clearance
+}
+
+Clearance ::= SEQUENCE {
+ policyId OBJECT IDENTIFIER,
+ classList ClassList DEFAULT {unclassified},
+ securityCategories SET SIZE (1..MAX) OF SecurityCategory OPTIONAL
+}
+
+ClassList ::= BIT STRING {
+ unmarked(0), unclassified(1), restricted(2), confidential(3), secret(4),
+ topSecret(5)}
+
+SecurityCategory ::= SEQUENCE {
+ type [0] SECURITY-CATEGORY.&id({SecurityCategoriesTable}),
+ value [1] EXPLICIT SECURITY-CATEGORY.&Type({SecurityCategoriesTable}{@type})
+}
+
+SECURITY-CATEGORY ::= TYPE-IDENTIFIER
+
+SecurityCategoriesTable SECURITY-CATEGORY ::=
+ {...}
+
+attributeIntegrityInfo ATTRIBUTE ::= {
+ WITH SYNTAX AttributeIntegrityInfo
+ ID id-at-attributeIntegrityInfo
+}
+
+AttributeIntegrityInfo ::=
+ SIGNED
+ {SEQUENCE {scope Scope, -- Identifies the attributes protected
+ signer Signer OPTIONAL, -- Authority or data originators name
+ attribsHash AttribsHash}} -- Hash value of protected attributes
+
+Signer ::= CHOICE {
+ thisEntry [0] EXPLICIT ThisEntry,
+ thirdParty [1] SpecificallyIdentified
+}
+
+ThisEntry ::= CHOICE {onlyOne NULL,
+ specific IssuerAndSerialNumber
+}
+
+IssuerAndSerialNumber ::= SEQUENCE {
+ issuer Name,
+ serial CertificateSerialNumber
+}
+
+SpecificallyIdentified ::= SEQUENCE {
+ name GeneralName,
+ issuer GeneralName OPTIONAL,
+ serial CertificateSerialNumber OPTIONAL
+}
+(WITH COMPONENTS {
+ ...,
+ issuer PRESENT,
+ serial PRESENT
+ } | (WITH COMPONENTS {
+ ...,
+ issuer ABSENT,
+ serial ABSENT
+ }))
+
+Scope ::= CHOICE {
+ wholeEntry [0] NULL, -- Signature protects all attribute values in this entry
+ selectedTypes [1] SelectedTypes
+ -- Signature protects all attribute values of the selected attribute types
+}
+
+SelectedTypes ::= SEQUENCE SIZE (1..MAX) OF AttributeType
+
+AttribsHash ::= HASH{SEQUENCE SIZE (1..MAX) OF Attribute}
+
+-- Attribute type and values with associated context values for the selected Scope
+attributeValueIntegrityInfoContext CONTEXT ::= {
+ WITH SYNTAX AttributeValueIntegrityInfo
+ ID id-avc-attributeValueIntegrityInfoContext
+}
+
+AttributeValueIntegrityInfo ::=
+ SIGNED
+ {SEQUENCE {signer Signer OPTIONAL, -- Authority or data originators name
+ aVIHash AVIHash}} -- Hash value of protected attribute
+
+AVIHash ::= HASH{AttributeTypeValueContexts}
+
+-- Attribute type and value with associated context values
+AttributeTypeValueContexts ::= SEQUENCE {
+ type ATTRIBUTE.&id({SupportedAttributes}),
+ value ATTRIBUTE.&Type({SupportedAttributes}{@type}),
+ contextList SET SIZE (1..MAX) OF Context OPTIONAL
+}
+
+-- The following out-commented ASN.1 specification are know to be erroneous and are therefore deprecated.
+-- EncryptedAttributeSyntax {AttributeSyntax} ::= SEQUENCE {
+-- keyInfo SEQUENCE OF KeyIdOrProtectedKey,
+-- encAlg AlgorithmIdentifier,
+-- encValue ENCRYPTED { AttributeSyntax } }
+-- KeyIdOrProtectedKey ::= SEQUENCE {
+-- keyIdentifier [0] KeyIdentifier OPTIONAL,
+-- protectedKeys [1] ProtectedKey OPTIONAL }
+-- At least one key identifier or protected key shall be present
+-- ProtectedKey ::= SEQUENCE {
+-- authReaders AuthReaders,-- -- if absent, use attribute in authorized reader entry
+-- keyEncAlg AlgorithmIdentifier OPTIONAL, -- -- algorithm to encrypt encAttrKey
+-- encAttKey EncAttKey }
+-- confidentiality key protected with authorized user's
+-- protection mechanism
+-- AuthReaders ::= SEQUENCE OF Name
+-- EncAttKey ::= PROTECTED {SymmetricKey, keyProtection}
+-- SymmetricKey ::= BIT STRING
+-- keyProtection PROTECTION-MAPPING ::= {
+-- SECURITY-TRANSFORMATION {genEncryption} }
+-- confKeyInfo ATTRIBUTE ::= {
+-- WITH SYNTAX ConfKeyInfo
+-- EQUALITY MATCHING RULE readerAndKeyIDMatch
+-- ID id-at-confKeyInfo }
+-- ConfKeyInfo ::= SEQUENCE {
+-- keyIdentifier KeyIdentifier,
+-- protectedKey ProtectedKey }
+-- readerAndKeyIDMatch MATCHING-RULE ::= {
+-- SYNTAX ReaderAndKeyIDAssertion
+-- ID id-mr-readerAndKeyIDMatch }
+-- ReaderAndKeyIDAssertion ::= SEQUENCE {
+-- keyIdentifier KeyIdentifier,
+-- authReaders AuthReaders OPTIONAL }
+-- Object identifier assignments
+-- attributes
+id-at-clearance OBJECT IDENTIFIER ::=
+ {id-at 55}
+
+-- id-at-defaultDirQop OBJECT IDENTIFIER ::= {id-at 56}
+id-at-attributeIntegrityInfo OBJECT IDENTIFIER ::=
+ {id-at 57}
+
+-- id-at-confKeyInfo OBJECT IDENTIFIER ::= {id-at 60}
+-- matching rules
+-- id-mr-readerAndKeyIDMatch OBJECT IDENTIFIER ::= {id-mr 43}
+-- contexts
+id-avc-attributeValueSecurityLabelContext OBJECT IDENTIFIER ::=
+ {id-avc 3}
+
+id-avc-attributeValueIntegrityInfoContext OBJECT IDENTIFIER ::= {id-avc 4}
+
+END -- EnhancedSecurity
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/HierarchicalOperationalBindings.asn1 b/asn1/HierarchicalOperationalBindings.asn1
new file mode 100644
index 0000000..490fe89
--- /dev/null
+++ b/asn1/HierarchicalOperationalBindings.asn1
@@ -0,0 +1,127 @@
+-- Module HierarchicalOperationalBindings (X.518:02/2001)
+HierarchicalOperationalBindings {joint-iso-itu-t ds(5) module(1)
+ hierarchicalOperationalBindings(20) 4} DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ directoryOperationalBindingTypes, distributedOperations, dsp,
+ informationFramework, opBindingManagement
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ Attribute, DistinguishedName, RelativeDistinguishedName
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 4}
+ OPERATIONAL-BINDING
+ FROM OperationalBindingManagement {joint-iso-itu-t ds(5) module(1)
+ opBindingManagement(18) 4}
+ -- from ITU-T Rec. X.518 | ISO/IEC 9594-4
+ MasterAndShadowAccessPoints
+ FROM DistributedOperations {joint-iso-itu-t ds(5) module(1)
+ distributedOperations(3) 4}
+ -- from ITU-T Rec. X.519 | ISO/IEC 9594-5
+ directorySystemAC
+ FROM DirectorySystemProtocol {joint-iso-itu-t ds(5) module(1) dsp(12) 4}
+ id-op-binding-hierarchical, id-op-binding-non-specific-hierarchical
+ FROM DirectoryOperationalBindingTypes {joint-iso-itu-t ds(5) module(1)
+ directoryOperationalBindingTypes(25) 4};
+
+-- types
+HierarchicalAgreement ::= SEQUENCE {
+ rdn [0] RelativeDistinguishedName,
+ immediateSuperior [1] DistinguishedName
+}
+
+SuperiorToSubordinate ::= SEQUENCE {
+ contextPrefixInfo [0] DITcontext,
+ entryInfo [1] SET SIZE (1..MAX) OF Attribute OPTIONAL,
+ immediateSuperiorInfo [2] SET SIZE (1..MAX) OF Attribute OPTIONAL
+}
+
+DITcontext ::= SEQUENCE OF Vertex
+
+Vertex ::= SEQUENCE {
+ rdn [0] RelativeDistinguishedName,
+ admPointInfo [1] SET SIZE (1..MAX) OF Attribute OPTIONAL,
+ subentries [2] SET SIZE (1..MAX) OF SubentryInfo OPTIONAL,
+ accessPoints [3] MasterAndShadowAccessPoints OPTIONAL
+}
+
+SubentryInfo ::= SEQUENCE {
+ rdn [0] RelativeDistinguishedName,
+ info [1] SET OF Attribute
+}
+
+SubordinateToSuperior ::= SEQUENCE {
+ accessPoints [0] MasterAndShadowAccessPoints OPTIONAL,
+ alias [1] BOOLEAN DEFAULT FALSE,
+ entryInfo [2] SET SIZE (1..MAX) OF Attribute OPTIONAL,
+ subentries [3] SET SIZE (1..MAX) OF SubentryInfo OPTIONAL
+}
+
+SuperiorToSubordinateModification ::=
+ SuperiorToSubordinate(WITH COMPONENTS {
+ ...,
+ entryInfo ABSENT
+ })
+
+NonSpecificHierarchicalAgreement ::= SEQUENCE {
+ immediateSuperior [1] DistinguishedName
+}
+
+NHOBSuperiorToSubordinate ::=
+ SuperiorToSubordinate(WITH COMPONENTS {
+ ...,
+ entryInfo ABSENT
+ })
+
+NHOBSubordinateToSuperior ::= SEQUENCE {
+ accessPoints [0] MasterAndShadowAccessPoints OPTIONAL,
+ subentries [3] SET SIZE (1..MAX) OF SubentryInfo OPTIONAL
+}
+
+-- operational binding information objects
+hierarchicalOperationalBinding OPERATIONAL-BINDING ::= {
+ AGREEMENT HierarchicalAgreement
+ APPLICATION CONTEXTS {{directorySystemAC}}
+ ASYMMETRIC ROLE-A
+ { -- superior DSAESTABLISHMENT-INITIATOR TRUE
+ ESTABLISHMENT-PARAMETER SuperiorToSubordinate
+ MODIFICATION-INITIATOR TRUE
+ MODIFICATION-PARAMETER SuperiorToSubordinateModification
+ TERMINATION-INITIATOR TRUE}
+ ROLE-B
+ { -- subordinate DSAESTABLISHMENT-INITIATOR TRUE
+ ESTABLISHMENT-PARAMETER SubordinateToSuperior
+ MODIFICATION-INITIATOR TRUE
+ MODIFICATION-PARAMETER SubordinateToSuperior
+ TERMINATION-INITIATOR TRUE}
+ ID id-op-binding-hierarchical
+}
+
+nonSpecificHierarchicalOperationalBinding OPERATIONAL-BINDING ::= {
+ AGREEMENT NonSpecificHierarchicalAgreement
+ APPLICATION CONTEXTS {{directorySystemAC}}
+ ASYMMETRIC ROLE-A
+ { -- superior DSAESTABLISHMENT-PARAMETER NHOBSuperiorToSubordinate
+ MODIFICATION-INITIATOR TRUE
+ MODIFICATION-PARAMETER NHOBSuperiorToSubordinate
+ TERMINATION-INITIATOR TRUE}
+ ROLE-B
+ { -- subordinate DSAESTABLISHMENT-INITIATOR TRUE
+ ESTABLISHMENT-PARAMETER NHOBSubordinateToSuperior
+ MODIFICATION-INITIATOR TRUE
+ MODIFICATION-PARAMETER NHOBSubordinateToSuperior
+ TERMINATION-INITIATOR TRUE}
+ ID id-op-binding-non-specific-hierarchical
+}
+
+END -- HierarchicalOperationalBindings
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/IPMSExtendedBodyPartTypes.asn1 b/asn1/IPMSExtendedBodyPartTypes.asn1
new file mode 100644
index 0000000..9805a61
--- /dev/null
+++ b/asn1/IPMSExtendedBodyPartTypes.asn1
@@ -0,0 +1,102 @@
+-- Module IPMSExtendedBodyPartTypes (X.420:06/1999)
+IPMSExtendedBodyPartTypes {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ extended-body-part-types(7) version-1994(0)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything.
+IMPORTS
+ -- IPMS Information Objects
+ BilaterallyDefinedBodyPart, EncryptedData, EncryptedParameters,
+ EXTENDED-BODY-PART-TYPE, G3FacsimileData, G3FacsimileParameters,
+ G4Class1BodyPart, IA5TextData, IA5TextParameters, MessageData,
+ MessageParameters, MixedModeBodyPart, NationallyDefinedBodyPart,
+ TeletexData, TeletexParameters, VideotexData, VideotexParameters
+ --==
+ FROM IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ information-objects(2) version-1999(1)}
+ -- IPMS Object Identifiers
+ id-ep-encrypted, id-ep-g3-facsimile, id-ep-ia5-text, id-ep-message,
+ id-ep-teletex, id-ep-videotex, id-et-bilaterally-defined, id-et-encrypted,
+ id-et-g3-facsimile, id-et-g4-class1, id-et-ia5-text, id-et-message,
+ id-et-mixed-mode, id-et-nationally-defined, id-et-teletex, id-et-videotex
+ --==
+ FROM IPMSObjectIdentifiers {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ object-identifiers(0) version-1999(1)};
+
+-- Extended IA5 Text body part
+ia5-text-body-part EXTENDED-BODY-PART-TYPE ::= {
+ PARAMETERS {IA5TextParameters
+ IDENTIFIED BY id-ep-ia5-text},
+ DATA {IA5TextData
+ IDENTIFIED BY id-et-ia5-text}
+}
+
+-- Extended G3 Facsimile body part
+g3-facsimile-body-part EXTENDED-BODY-PART-TYPE ::= {
+ PARAMETERS {G3FacsimileParameters
+ IDENTIFIED BY id-ep-g3-facsimile},
+ DATA {G3FacsimileData
+ IDENTIFIED BY id-et-g3-facsimile}
+}
+
+-- Extended G4 Class 1 body part
+g4-class1-body-part EXTENDED-BODY-PART-TYPE ::= {
+ DATA {G4Class1BodyPart
+ IDENTIFIED BY id-et-g4-class1}
+}
+
+-- Extended Teletex body part
+teletex-body-part EXTENDED-BODY-PART-TYPE ::= {
+ PARAMETERS {TeletexParameters
+ IDENTIFIED BY id-ep-teletex},
+ DATA {TeletexData
+ IDENTIFIED BY id-et-teletex}
+}
+
+-- Extended Videotex body part
+videotex-body-part EXTENDED-BODY-PART-TYPE ::= {
+ PARAMETERS {VideotexParameters
+ IDENTIFIED BY id-ep-videotex},
+ DATA {VideotexData
+ IDENTIFIED BY id-et-videotex}
+}
+
+-- Extended Encrypted body part
+encrypted-body-part EXTENDED-BODY-PART-TYPE ::= {
+ PARAMETERS {EncryptedParameters
+ IDENTIFIED BY id-ep-encrypted},
+ DATA {EncryptedData
+ IDENTIFIED BY id-et-encrypted}
+}
+
+-- Extended Message body part
+message-body-part EXTENDED-BODY-PART-TYPE ::= {
+ PARAMETERS {MessageParameters
+ IDENTIFIED BY id-ep-message},
+ DATA {MessageData
+ IDENTIFIED BY id-et-message}
+}
+
+-- Extended Mixed-mode body part
+mixed-mode-body-part EXTENDED-BODY-PART-TYPE ::= {
+ DATA {MixedModeBodyPart
+ IDENTIFIED BY id-et-mixed-mode}
+}
+
+-- Extended Bilaterally Defined body part
+bilaterally-defined-body-part EXTENDED-BODY-PART-TYPE ::= {
+ DATA {BilaterallyDefinedBodyPart
+ IDENTIFIED BY id-et-bilaterally-defined}
+}
+
+-- Extended Nationally Defined body part
+nationally-defined-body-part EXTENDED-BODY-PART-TYPE ::= {
+ DATA {NationallyDefinedBodyPart
+ IDENTIFIED BY id-et-nationally-defined}
+}
+
+END -- of IPMSExtendedBodyPartTypes
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/IPMSExtendedBodyPartTypes2.asn1 b/asn1/IPMSExtendedBodyPartTypes2.asn1
new file mode 100644
index 0000000..b39e03c
--- /dev/null
+++ b/asn1/IPMSExtendedBodyPartTypes2.asn1
@@ -0,0 +1,37 @@
+-- Module IPMSExtendedBodyPartTypes2 (X.420:06/1999)
+IPMSExtendedBodyPartTypes2 {iso standard mhs(10021) ipms(7) modules(0)
+ extended-body-part-types-2(1)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything.
+IMPORTS
+ -- IPMS Information Objects
+ EXTENDED-BODY-PART-TYPE
+ --==
+ FROM IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ information-objects(2) version-1999(1)}
+ -- IPMS Object Identifiers
+ id-ep-general-text, id-et-general-text
+ --==
+ FROM IPMSObjectIdentifiers {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ object-identifiers(0) version-1999(1)};
+
+-- General Text body part
+general-text-body-part EXTENDED-BODY-PART-TYPE ::= {
+ PARAMETERS {GeneralTextParameters
+ IDENTIFIED BY id-ep-general-text},
+ DATA {GeneralTextData
+ IDENTIFIED BY id-et-general-text}
+}
+
+GeneralTextParameters ::= SET OF CharacterSetRegistration
+
+GeneralTextData ::= GeneralString
+
+CharacterSetRegistration ::= INTEGER(1..32767)
+
+END -- of IPMSExtendedBodyPartTypes2
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/IPMSExtendedVoiceBodyPartType.asn1 b/asn1/IPMSExtendedVoiceBodyPartType.asn1
new file mode 100644
index 0000000..171f4b4
--- /dev/null
+++ b/asn1/IPMSExtendedVoiceBodyPartType.asn1
@@ -0,0 +1,39 @@
+-- Module IPMSExtendedVoiceBodyPartType (X.420:06/1999)
+IPMSExtendedVoiceBodyPartType {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ extended-voice-body-part-type(11)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything.
+IMPORTS
+ -- IPMS Information Objects
+ EXTENDED-BODY-PART-TYPE
+ --==
+ FROM IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ information-objects(2) version-1999(1)}
+ -- IPMS Object Identifiers
+ id-ep-voice, id-et-voice
+ --==
+ FROM IPMSObjectIdentifiers {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ object-identifiers(0) version-1999(1)};
+
+-- Extended Voice body part
+voice-body-part EXTENDED-BODY-PART-TYPE ::= {
+ PARAMETERS {VoiceParameters
+ IDENTIFIED BY id-ep-voice},
+ DATA {VoiceData
+ IDENTIFIED BY id-et-voice}
+}
+
+VoiceParameters ::= SEQUENCE {
+ voice-message-duration [0] INTEGER OPTIONAL, -- In seconds
+ voice-encoding-type [1] OBJECT IDENTIFIER,
+ supplementary-information [2] IA5String OPTIONAL
+}
+
+VoiceData ::= OCTET STRING
+
+END -- of IPMSExtendedVoiceBodyPartType
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/IPMSFileTransferBodyPartType.asn1 b/asn1/IPMSFileTransferBodyPartType.asn1
new file mode 100644
index 0000000..59de6d1
--- /dev/null
+++ b/asn1/IPMSFileTransferBodyPartType.asn1
@@ -0,0 +1,253 @@
+-- Module IPMSFileTransferBodyPartType (X.420:06/1999)
+IPMSFileTransferBodyPartType {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ file-transfer-body-part-type(9)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything.
+IMPORTS
+ -- FTAM Attribute Types
+ Attribute-Extensions, Concurrency-Access, Date-and-Time-Attribute,
+ Legal-Qualification-Attribute, Object-Availability-Attribute,
+ Object-Size-Attribute, Pathname, Permitted-Actions-Attribute,
+ Private-Use-Attribute
+ --==
+ FROM ISO8571-FTAM {iso standard 8571 application-context(1) iso-ftam(1)}
+ -- ACSE definitions of AP-title and AE-qualifier
+ AE-qualifier, AP-title
+ --==
+ FROM ACSE-1 {joint-iso-itu-t association-control(2) modules(0) apdus(0)
+ version1(1)}
+ -- IPMS Information Objects
+ EXTENDED-BODY-PART-TYPE, ExtensionsField
+ --==
+ FROM IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ information-objects(2) version-1999(1)}
+ -- IPMS Object Identifiers
+ id-ep-file-transfer, id-et-file-transfer
+ --==
+ FROM IPMSObjectIdentifiers {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ object-identifiers(0) version-1999(1)}
+ -- MTS Abstract Service
+ ORName
+ --==
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)};
+
+-- File Transfer body part
+file-transfer-body-part EXTENDED-BODY-PART-TYPE ::= {
+ PARAMETERS {FileTransferParameters
+ IDENTIFIED BY id-ep-file-transfer},
+ DATA {FileTransferData
+ IDENTIFIED BY id-et-file-transfer}
+}
+
+FileTransferParameters ::= SEQUENCE {
+ related-stored-file [0] RelatedStoredFile OPTIONAL,
+ contents-type
+ [1] ContentsTypeParameter
+ DEFAULT
+ document-type:
+ {document-type-name
+ {iso standard 8571 document-type(5) unstructured-binary(3)}},
+ environment [2] EnvironmentParameter OPTIONAL,
+ compression [3] CompressionParameter OPTIONAL,
+ file-attributes [4] FileAttributes OPTIONAL,
+ extensions [5] ExtensionsField OPTIONAL
+}
+
+FileTransferData ::= SEQUENCE OF EXTERNAL
+
+-- This conveys a sequence of data values representing file contents;
+-- The rules for generating this sequence are implied by the value of the contents-type parameter.
+RelatedStoredFile ::=
+ SET OF
+ SEQUENCE {file-identifier FileIdentifier,
+ relationship
+ Relationship DEFAULT explicit-relationship:unspecified
+ }
+
+FileIdentifier ::= CHOICE {
+ pathname-and-version [0] PathnameandVersion,
+ cross-reference [1] CrossReference
+}
+
+PathnameandVersion ::= SEQUENCE {
+ pathname [0] Pathname-Attribute,
+ file-version [1] GraphicString OPTIONAL
+}
+
+CrossReference ::= SEQUENCE {
+ application-cross-reference [0] OCTET STRING,
+ message-reference [1] MessageReference OPTIONAL,
+ body-part-reference [2] INTEGER OPTIONAL
+}
+
+MessageReference ::= SET {
+ user [0] ORName OPTIONAL,
+ -- Defined in 8.5.5 of ITU-T Rec. X.411 | ISO/IEC 10021-4
+ user-relative-identifier [1] PrintableString
+}
+
+Relationship ::= CHOICE {
+ explicit-relationship [0] ExplicitRelationship,
+ descriptive-relationship [1] GraphicString
+}
+
+ExplicitRelationship ::= INTEGER {
+ unspecified(0), new-file(1), replacement(2), extension(3)}
+
+ContentsTypeParameter ::= Contents-Type-Attribute
+
+Contents-Type-Attribute ::= CHOICE {
+ document-type
+ [0] SEQUENCE {document-type-name Document-Type-Name,
+ parameter [0] DOCUMENT-PARAMETER.&Type OPTIONAL
+ },
+ -- The actual types to be used for values of the parameter field
+ -- are defined in the named document type.
+ constraint-set-and-abstract-syntax
+ [1] SEQUENCE {constraint-set-name Constraint-Set-Name,
+ abstract-syntax-name Abstract-Syntax-Name}
+}
+
+Document-Type-Name ::= OBJECT IDENTIFIER
+
+DOCUMENT-PARAMETER ::= CLASS {&Type
+}
+
+Constraint-Set-Name ::= OBJECT IDENTIFIER
+
+Abstract-Syntax-Name ::= OBJECT IDENTIFIER
+
+EnvironmentParameter ::= SEQUENCE {
+ application-reference [0] GeneralIdentifier OPTIONAL,
+ machine [1] GeneralIdentifier OPTIONAL,
+ operating-system [2] OBJECT IDENTIFIER OPTIONAL,
+ user-visible-string [3] SEQUENCE OF GraphicString OPTIONAL
+}
+
+GeneralIdentifier ::= CHOICE {
+ registered-identifier [0] OBJECT IDENTIFIER,
+ descriptive-identifier [1] SEQUENCE OF GraphicString
+}
+
+CompressionParameter ::= SEQUENCE {
+ compression-algorithm-id
+ [0] COMPRESSION-ALGORITHM.&id({CompressionAlgorithmTable}),
+ compression-algorithm-param
+ [1] COMPRESSION-ALGORITHM.&Type
+ ({CompressionAlgorithmTable}{@compression-algorithm-id})
+}
+
+COMPRESSION-ALGORITHM ::= TYPE-IDENTIFIER
+
+CompressionAlgorithmTable COMPRESSION-ALGORITHM ::=
+ {...}
+
+FileAttributes ::= SEQUENCE {
+ pathname Pathname-Attribute OPTIONAL,
+ permitted-actions
+ [1] Permitted-Actions-Attribute OPTIONAL,
+ storage-account [3] Account-Attribute OPTIONAL,
+ date-and-time-of-creation
+ [4] Date-and-Time-Attribute OPTIONAL,
+ date-and-time-of-last-modification
+ [5] Date-and-Time-Attribute OPTIONAL,
+ date-and-time-of-last-read-access
+ [6] Date-and-Time-Attribute OPTIONAL,
+ date-and-time-of-last-attribute-modification
+ [7] Date-and-Time-Attribute OPTIONAL,
+ identity-of-creator
+ [8] User-Identity-Attribute OPTIONAL,
+ identity-of-last-modifier
+ [9] User-Identity-Attribute OPTIONAL,
+ identity-of-last-reader
+ [10] User-Identity-Attribute OPTIONAL,
+ identity-of-last-attribute-modifier
+ [11] User-Identity-Attribute OPTIONAL,
+ object-availability
+ [12] Object-Availability-Attribute OPTIONAL,
+ object-size
+ [13] Object-Size-Attribute OPTIONAL,
+ future-object-size
+ [14] Object-Size-Attribute OPTIONAL,
+ access-control
+ [15] Access-Control-Attribute OPTIONAL,
+ legal-qualifications
+ [16] Legal-Qualification-Attribute OPTIONAL,
+ private-use
+ [17] Private-Use-Attribute OPTIONAL,
+ attribute-extensions
+ [22] Attribute-Extensions OPTIONAL
+}
+
+Pathname-Attribute ::= CHOICE {
+ incomplete-pathname [0] Pathname,
+ complete-pathname [23] Pathname
+}
+
+Account-Attribute ::= CHOICE {
+ no-value-available [0] NULL,
+ -- Indicates partial support of this attribute
+ actual-values Account
+}
+
+Account ::= GraphicString
+
+User-Identity-Attribute ::= CHOICE {
+ no-value-available [0] NULL,
+ -- Indicates partial support of this attribute.
+ actual-values User-Identity
+}
+
+User-Identity ::= GraphicString
+
+Access-Control-Attribute ::= CHOICE {
+ no-value-available [0] NULL,
+ -- Indicates partial support of this attribute.
+ actual-values [1] SET OF Access-Control-Element
+}
+
+-- The semantics of this attribute are described in ISO 8571-2
+Access-Control-Element ::= SEQUENCE {
+ action-list [0] Access-Request,
+ concurrency-access [1] Concurrency-Access OPTIONAL,
+ identity [2] User-Identity OPTIONAL,
+ passwords [3] Access-Passwords OPTIONAL,
+ location [4] Application-Entity-Title OPTIONAL
+}
+
+Access-Request ::= BIT STRING {
+ read(0), insert(1), replace(2), extend(3), erase(4), read-attribute(5),
+ change-attribute(6), delete-object(7)}
+
+Access-Passwords ::= SEQUENCE {
+ read-password [0] Password,
+ insert-password [1] Password,
+ replace-password [2] Password,
+ extend-password [3] Password,
+ erase-password [4] Password,
+ read-attribute-password [5] Password,
+ change-attribute-password [6] Password,
+ delete-password [7] Password,
+ pass-passwords [8] Pass-Passwords,
+ link-password [9] Password
+}
+
+Password ::= CHOICE {
+ graphic-string GraphicString,
+ octet-string OCTET STRING
+}
+
+Pass-Passwords ::= SEQUENCE OF Password
+
+Application-Entity-Title ::= SEQUENCE {
+ ap-title AP-title,
+ ae-qualifier AE-qualifier
+}
+
+END -- of IPMSFileTransferBodyPartType
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/IPMSForwardedContentBodyPartType.asn1 b/asn1/IPMSForwardedContentBodyPartType.asn1
new file mode 100644
index 0000000..57faac6
--- /dev/null
+++ b/asn1/IPMSForwardedContentBodyPartType.asn1
@@ -0,0 +1,53 @@
+-- Module IPMSForwardedContentBodyPartType (X.420:06/1999)
+IPMSForwardedContentBodyPartType {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ forwarded-content-body-part-type(15)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything.
+IMPORTS
+ -- MTS Abstract Service
+ Content, ExtendedContentType, MessageDeliveryIdentifier, MessageDeliveryTime,
+ MessageSubmissionEnvelope, OriginatingMTACertificate,
+ OtherMessageDeliveryFields, ProofOfSubmission
+ --==
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)}
+ -- IPMS Information Objects
+ EXTENDED-BODY-PART-TYPE
+ --==
+ FROM IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ information-objects(2) version-1999(1)}
+ -- IPMS Object Identifiers
+ id-ep-content, id-et-content
+ --==
+ FROM IPMSObjectIdentifiers {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ object-identifiers(0) version-1999(1)};
+
+-- Forwarded Content body part
+content-body-part{ExtendedContentType:content-type} EXTENDED-BODY-PART-TYPE ::=
+ {
+ PARAMETERS
+ {ForwardedContentParameters
+ IDENTIFIED BY {id-ep-content content-type}},
+ DATA {Content
+ IDENTIFIED BY {id-et-content content-type}}
+}
+
+ForwardedContentParameters ::= SET {
+ delivery-time [0] MessageDeliveryTime OPTIONAL,
+ delivery-envelope [1] OtherMessageDeliveryFields OPTIONAL,
+ mts-identifier [2] MessageDeliveryIdentifier OPTIONAL,
+ submission-proof [3] SubmissionProof OPTIONAL
+}
+
+SubmissionProof ::= SET {
+ proof-of-submission [0] ProofOfSubmission,
+ originating-MTA-certificate [1] OriginatingMTACertificate,
+ message-submission-envelope MessageSubmissionEnvelope
+}
+
+END -- of IPMSForwardedContentBodyPartType
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/IPMSForwardedReportBodyPartType.asn1 b/asn1/IPMSForwardedReportBodyPartType.asn1
new file mode 100644
index 0000000..4e46c76
--- /dev/null
+++ b/asn1/IPMSForwardedReportBodyPartType.asn1
@@ -0,0 +1,41 @@
+-- Module IPMSForwardedReportBodyPartType (X.420:06/1999)
+IPMSForwardedReportBodyPartType {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ forwarded-report-body-part-type(12)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything.
+IMPORTS
+ -- MTS Abstract Service
+ ReportDeliveryArgument
+ --==
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)}
+ -- IPMS Information Objects
+ EXTENDED-BODY-PART-TYPE, IPN, MessageParameters
+ --==
+ FROM IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ information-objects(2) version-1999(1)}
+ -- IPMS Object Identifiers
+ id-ep-notification, id-et-report, id-et-notification
+ --==
+ FROM IPMSObjectIdentifiers {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ object-identifiers(0) version-1999(1)};
+
+-- Report body part
+report-body-part EXTENDED-BODY-PART-TYPE ::= {
+ DATA {ReportDeliveryArgument
+ IDENTIFIED BY id-et-report}
+}
+
+-- Notification body part
+notification-body-part EXTENDED-BODY-PART-TYPE ::= {
+ PARAMETERS {MessageParameters
+ IDENTIFIED BY id-ep-notification},
+ DATA {IPN IDENTIFIED BY id-et-notification}
+}
+
+END -- of IPMSForwardedReportBodyPartType
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/IPMSHeadingExtensions.asn1 b/asn1/IPMSHeadingExtensions.asn1
new file mode 100644
index 0000000..752e8d0
--- /dev/null
+++ b/asn1/IPMSHeadingExtensions.asn1
@@ -0,0 +1,246 @@
+-- Module IPMSHeadingExtensions (X.420:06/1999)
+IPMSHeadingExtensions {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ heading-extensions(6) version-1999(1)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything.
+IMPORTS
+ -- IPMS Information Objects
+ IPMS-EXTENSION, ORDescriptor, RecipientSpecifier, ThisIPMField, BodyPart
+ --==
+ FROM IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ information-objects(2) version-1999(1)}
+ -- MTS Abstract Service
+ ExtendedCertificates, SecurityLabel, UniversalOrBMPString{}
+ --==
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)}
+ -- Directory Authentication Framework
+ AlgorithmIdentifier, SIGNATURE{}, SIGNED{}
+ --==
+ FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
+ authenticationFramework(7) 3}
+ -- Directory Certificate Extensions
+ CertificateAssertion
+ --==
+ FROM CertificateExtensions {joint-iso-itu-t ds(5) module(1)
+ certificateExtensions(26) 0}
+ -- IPMS upper bounds
+ ub-alpha-code-length, ub-circulation-list-members, ub-distribution-codes,
+ ub-extended-subject-length, ub-information-categories,
+ ub-information-category-length, ub-manual-handling-instruction-length,
+ ub-manual-handling-instructions, ub-originators-reference-length,
+ ub-precedence
+ --==
+ FROM IPMSUpperBounds {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ upper-bounds(10) version-1999(1)}
+ -- IPMS Object Identifiers
+ id-hex-authorization-time, id-hex-auto-submitted,
+ id-hex-body-part-signatures, id-hex-circulation-list-recipients,
+ id-hex-distribution-codes, id-hex-extended-subject, id-hex-incomplete-copy,
+ id-hex-information-category, id-hex-ipm-security-label, id-hex-languages,
+ id-hex-manual-handling-instructions, id-hex-originators-reference,
+ id-hex-precedence-policy-id, id-rex-circulation-list-indicator,
+ id-rex-precedence
+ --==
+ FROM IPMSObjectIdentifiers {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ object-identifiers(0) version-1999(1)};
+
+-- Incomplete Copy
+incomplete-copy IPMS-EXTENSION ::= {
+ VALUE IncompleteCopy,
+ IDENTIFIED BY id-hex-incomplete-copy
+}
+
+IncompleteCopy ::= NULL
+
+-- Languages
+languages IPMS-EXTENSION ::= {
+ VALUE SET OF Language,
+ IDENTIFIED BY id-hex-languages
+}
+
+Language ::= PrintableString(SIZE (2 | 5))
+
+-- Auto-submitted
+auto-submitted IPMS-EXTENSION ::= {
+ VALUE AutoSubmitted,
+ IDENTIFIED BY id-hex-auto-submitted
+}
+
+AutoSubmitted ::= ENUMERATED {
+ not-auto-submitted(0), auto-generated(1), auto-replied(2)}
+
+body-part-signatures IPMS-EXTENSION ::= {
+ VALUE BodyPartSignatures,
+ IDENTIFIED BY id-hex-body-part-signatures
+}
+
+BodyPartSignatures ::=
+ SET OF
+ SET {body-part-number BodyPartNumber,
+ body-part-signature BodyPartSignature,
+ originator-certificate-selector [1] CertificateAssertion OPTIONAL,
+ originator-certificates [0] ExtendedCertificates OPTIONAL,
+ ...}
+
+BodyPartNumber ::= INTEGER(1..MAX)
+
+BodyPartSignature ::=
+ SIGNATURE
+ {SEQUENCE {signature-algorithm-identifier AlgorithmIdentifier,
+ body-part BodyPart,
+ body-part-security-label SecurityLabel OPTIONAL
+ }}
+
+ipm-security-label IPMS-EXTENSION ::= {
+ VALUE IPMSecurityLabel,
+ IDENTIFIED BY id-hex-ipm-security-label
+}
+
+IPMSecurityLabel ::= SEQUENCE {
+ content-security-label [0] SecurityLabel,
+ heading-security-label [1] SecurityLabel OPTIONAL,
+ body-part-security-labels [2] SEQUENCE OF BodyPartSecurityLabel OPTIONAL
+}
+
+BodyPartSecurityLabel ::= CHOICE {
+ body-part-unlabelled [0] NULL,
+ body-part-security-label [1] SecurityLabel
+}
+
+-- Authorization Time
+authorization-time IPMS-EXTENSION ::= {
+ VALUE AuthorizationTime,
+ IDENTIFIED BY id-hex-authorization-time
+}
+
+AuthorizationTime ::= GeneralizedTime
+
+-- Circulation List
+circulation-list-recipients IPMS-EXTENSION ::= {
+ VALUE CirculationList,
+ IDENTIFIED BY id-hex-circulation-list-recipients
+}
+
+CirculationList ::=
+ SEQUENCE (SIZE (2..ub-circulation-list-members)) OF CirculationMember
+
+CirculationMember ::= SET {
+ circulation-recipient
+ RecipientSpecifier
+ (WITH COMPONENTS {
+ ...,
+ recipient (WITH COMPONENTS {
+ ...,
+ formal-name PRESENT
+ })
+ }),
+ checked Checkmark OPTIONAL
+}
+
+Checkmark ::= CHOICE {
+ simple NULL,
+ timestamped CirculationTime,
+ signed CirculationSignature
+}
+
+CirculationTime ::= GeneralizedTime
+
+CirculationSignature ::=
+ SIGNED
+ {SEQUENCE {algorithm-identifier CirculationSignatureAlgorithmIdentifier,
+ this-IPM ThisIPMField,
+ timestamp CirculationTime}}
+
+CirculationSignatureAlgorithmIdentifier ::= AlgorithmIdentifier
+
+-- Circulation List Indicator
+circulation-list-indicator IPMS-EXTENSION ::= {
+ VALUE NULL,
+ IDENTIFIED BY id-rex-circulation-list-indicator
+}
+
+-- Distribution Codes
+distribution-codes IPMS-EXTENSION ::= {
+ VALUE DistributionCodes,
+ IDENTIFIED BY id-hex-distribution-codes
+}
+
+DistributionCodes ::=
+ SEQUENCE (SIZE (1..ub-distribution-codes)) OF DistributionCode
+
+DistributionCode ::= SEQUENCE {
+ oid-code OBJECT IDENTIFIER OPTIONAL,
+ alphanumeric-code AlphaCode OPTIONAL,
+ or-descriptor [0] ORDescriptor OPTIONAL
+}
+
+AlphaCode ::= UniversalOrBMPString{ub-alpha-code-length}
+
+-- Extended Subject
+extended-subject IPMS-EXTENSION ::= {
+ VALUE ExtendedSubject,
+ IDENTIFIED BY id-hex-extended-subject
+}
+
+ExtendedSubject ::= UniversalOrBMPString{ub-extended-subject-length}
+
+-- Information category
+information-category IPMS-EXTENSION ::= {
+ VALUE InformationCategories,
+ IDENTIFIED BY id-hex-information-category
+}
+
+InformationCategories ::=
+ SEQUENCE (SIZE (1..ub-information-categories)) OF InformationCategory
+
+InformationCategory ::= SEQUENCE {
+ reference [0] OBJECT IDENTIFIER OPTIONAL,
+ description [1] DescriptionString OPTIONAL
+}
+
+DescriptionString ::= UniversalOrBMPString{ub-information-category-length}
+
+-- Manual handling Instructions
+manual-handling-instructions IPMS-EXTENSION ::= {
+ VALUE ManualHandlingInstructions,
+ IDENTIFIED BY id-hex-manual-handling-instructions
+}
+
+ManualHandlingInstructions ::=
+ SEQUENCE (SIZE (1..ub-manual-handling-instructions)) OF
+ ManualHandlingInstruction
+
+ManualHandlingInstruction ::=
+ UniversalOrBMPString{ub-manual-handling-instruction-length}
+
+-- Originator's Reference
+originators-reference IPMS-EXTENSION ::= {
+ VALUE OriginatorsReference,
+ IDENTIFIED BY id-hex-originators-reference
+}
+
+OriginatorsReference ::= UniversalOrBMPString{ub-originators-reference-length}
+
+-- Precedence Policy Identifier
+precedence-policy-identifier IPMS-EXTENSION ::= {
+ VALUE PrecedencePolicyIdentifier,
+ IDENTIFIED BY id-hex-precedence-policy-id
+}
+
+PrecedencePolicyIdentifier ::= OBJECT IDENTIFIER
+
+-- Precedence
+precedence IPMS-EXTENSION ::= {
+ VALUE Precedence,
+ IDENTIFIED BY id-rex-precedence
+}
+
+Precedence ::= INTEGER(0..ub-precedence)
+
+END -- of IPMSHeadingExtensions
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/IPMSInformationObjects.asn1 b/asn1/IPMSInformationObjects.asn1
new file mode 100644
index 0000000..3fb0463
--- /dev/null
+++ b/asn1/IPMSInformationObjects.asn1
@@ -0,0 +1,626 @@
+-- Module IPMSInformationObjects (X.420:06/1999)
+IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ information-objects(2) version-1999(1)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything.
+IMPORTS
+ -- IPMS Extended Body Parts
+ bilaterally-defined-body-part, encrypted-body-part, g3-facsimile-body-part,
+ g4-class1-body-part, ia5-text-body-part, message-body-part,
+ mixed-mode-body-part, nationally-defined-body-part, teletex-body-part,
+ videotex-body-part
+ --==
+ FROM IPMSExtendedBodyPartTypes {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ extended-body-part-types(7) version-1994(0)}
+ general-text-body-part
+ --==
+ FROM IPMSExtendedBodyPartTypes2 {iso standard mhs(10021) ipms(7)
+ modules(0) extended-body-part-types-2(1)}
+ file-transfer-body-part
+ --==
+ FROM IPMSFileTransferBodyPartType {joint-iso-itu-t mhs(6) ipms(1)
+ modules(0) file-transfer-body-part-type(9)}
+ voice-body-part
+ --==
+ FROM IPMSExtendedVoiceBodyPartType {joint-iso-itu-t mhs(6) ipms(1)
+ modules(0) extended-voice-body-part-type(11)}
+ notification-body-part, report-body-part
+ --==
+ FROM IPMSForwardedReportBodyPartType {joint-iso-itu-t mhs(6) ipms(1)
+ modules(0) forwarded-report-body-part-type(12)}
+ content-body-part{}
+ --==
+ FROM IPMSForwardedContentBodyPartType {joint-iso-itu-t mhs(6) ipms(1)
+ modules(0) forwarded-content-body-part-type(15)}
+ pkcs7-body-part
+ --==
+ FROM PKCS7BodyPartType {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ pkcs7-body-part-type(16)}
+ -- IPMS Heading Extensions
+ authorization-time, auto-submitted, body-part-signatures,
+ circulation-list-indicator, circulation-list-recipients,
+ distribution-codes, extended-subject, incomplete-copy,
+ information-category, ipm-security-label, languages,
+ manual-handling-instructions, originators-reference, precedence,
+ precedence-policy-identifier
+ --==
+ FROM IPMSHeadingExtensions {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ heading-extensions(6) version-1999(1)}
+ -- IPMS Security Extensions
+ body-part-encryption-token, BodyPartTokens, forwarded-content-token,
+ ForwardedContentToken, ipn-security-response, recipient-security-request
+ --==
+ FROM IPMSSecurityExtensions {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ ipm-security-extensions(14) version-1999(1)}
+ -- IPMS Upper bounds
+ ub-auto-forward-comment, ub-free-form-name, ub-local-ipm-identifier,
+ ub-subject-field, ub-telephone-number
+ --==
+ FROM IPMSUpperBounds {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ upper-bounds(10) version-1999(1)}
+ -- ODIF
+ Interchange-Data-Element
+ --==
+ FROM Interchange-Data-Elements {2 8 1 5 5}
+ -- MTS Abstract Service
+ EncodedInformationTypes, ExtendedCertificates, EXTENSION,
+ G3FacsimileNonBasicParameters, MessageDeliveryTime, ORName,
+ OtherMessageDeliveryFields, SupplementaryInformation,
+ TeletexNonBasicParameters
+ --==
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)}
+ -- MS Abstract Service
+ MS-EXTENSION, SequenceNumber
+ --==
+ FROM MSAbstractService {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ abstract-service(1) version-1999(1)}
+ -- Directory Authentication Framework
+ AlgorithmIdentifier, ENCRYPTED{}
+ --==
+ FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
+ authenticationFramework(7) 3}
+ -- IPMS Object Identifiers
+ id-mst-assembly-capability, id-mst-assembly-instructions,
+ id-mst-invalid-assembly-instructions, id-mst-invalid-ipn,
+ id-mst-originator-body-part-encryption-token,
+ id-mst-originator-forwarded-content-token,
+ id-mst-suspend-auto-acknowledgement, id-mst-prevent-nrn-generation,
+ id-on-absence-advice, id-on-change-of-address-advice
+ --==
+ FROM IPMSObjectIdentifiers {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ object-identifiers(0) version-1999(1)};
+
+Time ::= UTCTime
+
+-- Information object
+InformationObject ::= CHOICE {ipm [0] IPM,
+ ipn [1] IPN
+}
+
+-- IPM
+IPM ::= SEQUENCE {heading Heading,
+ body Body
+}
+
+-- MTS Extensions
+IPMPerRecipientEnvelopeExtensions EXTENSION ::=
+ {blind-copy-recipients | body-part-encryption-token |
+ forwarded-content-token, ...}
+
+-- IPMS Extensions
+IPMSExtension{IPMS-EXTENSION:ChosenFrom} ::= SEQUENCE {
+ type IPMS-EXTENSION.&id({ChosenFrom}),
+ value IPMS-EXTENSION.&Type({ChosenFrom}{@type}) DEFAULT NULL:NULL
+}
+
+IPMS-EXTENSION ::= CLASS {&id OBJECT IDENTIFIER UNIQUE,
+ &Type DEFAULT NULL
+}WITH SYNTAX {[VALUE &Type,]
+ IDENTIFIED BY &id
+}
+
+PrivateIPMSExtensions IPMS-EXTENSION ::=
+ {...}
+
+-- Heading
+Heading ::= SET {
+ this-IPM ThisIPMField,
+ originator [0] OriginatorField OPTIONAL,
+ authorizing-users [1] AuthorizingUsersField OPTIONAL,
+ primary-recipients [2] PrimaryRecipientsField DEFAULT {},
+ copy-recipients [3] CopyRecipientsField DEFAULT {},
+ blind-copy-recipients [4] BlindCopyRecipientsField OPTIONAL,
+ replied-to-IPM [5] RepliedToIPMField OPTIONAL,
+ obsoleted-IPMs [6] ObsoletedIPMsField DEFAULT {},
+ related-IPMs [7] RelatedIPMsField DEFAULT {},
+ subject [8] EXPLICIT SubjectField OPTIONAL,
+ expiry-time [9] ExpiryTimeField OPTIONAL,
+ reply-time [10] ReplyTimeField OPTIONAL,
+ reply-recipients [11] ReplyRecipientsField OPTIONAL,
+ importance [12] ImportanceField DEFAULT normal,
+ sensitivity [13] SensitivityField OPTIONAL,
+ auto-forwarded [14] AutoForwardedField DEFAULT FALSE,
+ extensions [15] ExtensionsField DEFAULT {}
+}
+
+-- Heading component types
+IPMIdentifier ::= [APPLICATION 11] SET {
+ user ORName OPTIONAL,
+ user-relative-identifier LocalIPMIdentifier
+}
+
+LocalIPMIdentifier ::= PrintableString(SIZE (0..ub-local-ipm-identifier))
+
+RecipientSpecifier ::= SET {
+ recipient [0] ORDescriptor,
+ notification-requests [1] NotificationRequests DEFAULT {},
+ reply-requested [2] BOOLEAN DEFAULT FALSE,
+ recipient-extensions [3] RecipientExtensionsField OPTIONAL
+}
+
+ORDescriptor ::= SET {
+ formal-name ORName OPTIONAL,
+ free-form-name [0] FreeFormName OPTIONAL,
+ telephone-number [1] TelephoneNumber OPTIONAL
+}
+
+FreeFormName ::= TeletexString(SIZE (0..ub-free-form-name))
+
+TelephoneNumber ::= PrintableString(SIZE (0..ub-telephone-number))
+
+NotificationRequests ::= BIT STRING {
+ rn(0), nrn(1), ipm-return(2), an-supported(3), suppress-an(4)}
+
+RecipientExtensionsField ::= SET OF IPMSExtension{{RecipientExtensions}}
+
+RecipientExtensions IPMS-EXTENSION ::=
+ {circulation-list-indicator | precedence | recipient-security-request |
+ PrivateIPMSExtensions, ...}
+
+-- This IPM heading field
+ThisIPMField ::= IPMIdentifier
+
+-- Originator heading field
+OriginatorField ::= ORDescriptor
+
+-- Authorizing Users heading field
+AuthorizingUsersField ::= SEQUENCE OF AuthorizingUsersSubfield
+
+AuthorizingUsersSubfield ::= ORDescriptor
+
+-- Primary Recipients heading field
+PrimaryRecipientsField ::= SEQUENCE OF PrimaryRecipientsSubfield
+
+PrimaryRecipientsSubfield ::= RecipientSpecifier
+
+-- Copy Recipients heading field
+CopyRecipientsField ::= SEQUENCE OF CopyRecipientsSubfield
+
+CopyRecipientsSubfield ::= RecipientSpecifier
+
+-- Blind Copy Recipients heading field
+BlindCopyRecipientsField ::= SEQUENCE OF BlindCopyRecipientsSubfield
+
+BlindCopyRecipientsSubfield ::= RecipientSpecifier
+
+-- Blind Copy Recipients envelope field
+blind-copy-recipients EXTENSION ::= {
+ BlindCopyRecipientsField,
+ IDENTIFIED BY standard-extension:41
+}
+
+-- Replied-to IPM heading field
+RepliedToIPMField ::= IPMIdentifier
+
+-- Obsoleted IPMs heading field
+ObsoletedIPMsField ::= SEQUENCE OF ObsoletedIPMsSubfield
+
+ObsoletedIPMsSubfield ::= IPMIdentifier
+
+-- Related IPMs heading field
+RelatedIPMsField ::= SEQUENCE OF RelatedIPMsSubfield
+
+RelatedIPMsSubfield ::= IPMIdentifier
+
+-- Subject heading field
+SubjectField ::= TeletexString(SIZE (0..ub-subject-field))
+
+-- Expiry Time heading field
+ExpiryTimeField ::= Time
+
+-- Reply Time heading field
+ReplyTimeField ::= Time
+
+-- Reply Recipients heading field
+ReplyRecipientsField ::= SEQUENCE OF ReplyRecipientsSubfield
+
+ReplyRecipientsSubfield ::=
+ ORDescriptor(WITH COMPONENTS {
+ ...,
+ formal-name PRESENT
+ })
+
+-- Importance heading field
+ImportanceField ::= ENUMERATED {low(0), normal(1), high(2)}
+
+-- Sensitivity heading field
+SensitivityField ::= ENUMERATED {
+ personal(1), private(2), company-confidential(3)}
+
+-- Auto-forwarded heading field
+AutoForwardedField ::= BOOLEAN
+
+-- Extensions heading field
+ExtensionsField ::= SET OF IPMSExtension{{HeadingExtensions}}
+
+HeadingExtensions IPMS-EXTENSION ::=
+ {authorization-time | auto-submitted | body-part-signatures |
+ circulation-list-recipients | distribution-codes | extended-subject |
+ incomplete-copy | information-category | ipm-security-label | languages |
+ manual-handling-instructions | originators-reference |
+ precedence-policy-identifier | PrivateIPMSExtensions, ...}
+
+-- Body
+Body ::= SEQUENCE OF BodyPart
+
+BodyPart ::= CHOICE {
+ basic
+ CHOICE {ia5-text [0] IA5TextBodyPart,
+ g3-facsimile [3] G3FacsimileBodyPart,
+ g4-class1 [4] G4Class1BodyPart,
+ teletex [5] TeletexBodyPart,
+ videotex [6] VideotexBodyPart,
+ encrypted [8] EncryptedBodyPart,
+ message [9] MessageBodyPart,
+ mixed-mode [11] MixedModeBodyPart,
+ bilaterally-defined [14] BilaterallyDefinedBodyPart,
+ nationally-defined [7] NationallyDefinedBodyPart},
+ extended [15] ExtendedBodyPart{{IPMBodyPartTable}}
+}
+
+-- Extended body part
+ExtendedBodyPart{EXTENDED-BODY-PART-TYPE:IPMBodyPartTable} ::= SEQUENCE {
+ parameters [0] INSTANCE OF TYPE-IDENTIFIER OPTIONAL,
+ data INSTANCE OF TYPE-IDENTIFIER
+}
+(CONSTRAINED BY { -- must correspond to the &parameters field and &data field of a member of --
+ IPMBodyPartTable})
+
+IPMBodyPartTable EXTENDED-BODY-PART-TYPE ::=
+ {StandardBodyParts | ApplicationSpecificBodyParts}
+
+StandardBodyParts EXTENDED-BODY-PART-TYPE ::=
+ {ia5-text-body-part | g3-facsimile-body-part | g4-class1-body-part |
+ teletex-body-part | videotex-body-part | encrypted-body-part |
+ message-body-part | mixed-mode-body-part | bilaterally-defined-body-part |
+ nationally-defined-body-part | general-text-body-part |
+ file-transfer-body-part | voice-body-part | report-body-part |
+ notification-body-part |
+ content-body-part{{1 2 3 -- RELATIVE-OID to be provided --}} |
+ pkcs7-body-part, ...}
+
+ApplicationSpecificBodyParts EXTENDED-BODY-PART-TYPE ::=
+ {--any body part defined in other Specifications, or for proprietary or private use
+ ...}
+
+EXTENDED-BODY-PART-TYPE ::= CLASS {
+ &parameters TYPE-IDENTIFIER OPTIONAL,
+ &data TYPE-IDENTIFIER
+}WITH SYNTAX {[PARAMETERS &parameters,]
+ DATA &data
+}
+
+-- IA5 Text body part
+IA5TextBodyPart ::= SEQUENCE {
+ parameters IA5TextParameters,
+ data IA5TextData
+}
+
+IA5TextParameters ::= SET {repertoire [0] Repertoire DEFAULT ia5
+}
+
+IA5TextData ::= IA5String
+
+Repertoire ::= ENUMERATED {ita2(2), ia5(5)}
+
+-- G3 Facsimile body part
+G3FacsimileBodyPart ::= SEQUENCE {
+ parameters G3FacsimileParameters,
+ data G3FacsimileData
+}
+
+G3FacsimileParameters ::= SET {
+ number-of-pages [0] INTEGER OPTIONAL,
+ non-basic-parameters [1] G3FacsimileNonBasicParameters OPTIONAL
+}
+
+G3FacsimileData ::= SEQUENCE OF BIT STRING
+
+-- G4 Class 1 and Mixed-mode body parts
+G4Class1BodyPart ::= SEQUENCE OF Interchange-Data-Element
+
+MixedModeBodyPart ::= SEQUENCE OF Interchange-Data-Element
+
+-- Teletex body part
+TeletexBodyPart ::= SEQUENCE {
+ parameters TeletexParameters,
+ data TeletexData
+}
+
+TeletexParameters ::= SET {
+ number-of-pages [0] INTEGER OPTIONAL,
+ telex-compatible [1] BOOLEAN DEFAULT FALSE,
+ non-basic-parameters [2] TeletexNonBasicParameters OPTIONAL
+}
+
+TeletexData ::= SEQUENCE OF TeletexString
+
+-- Videotex body part
+VideotexBodyPart ::= SEQUENCE {
+ parameters VideotexParameters,
+ data VideotexData
+}
+
+VideotexParameters ::= SET {syntax [0] VideotexSyntax OPTIONAL
+}
+
+VideotexSyntax ::= INTEGER {
+ ids(0), data-syntax1(1), data-syntax2(2), data-syntax3(3)}
+
+VideotexData ::= VideotexString
+
+-- Encrypted body part
+EncryptedBodyPart ::= SEQUENCE {
+ parameters EncryptedParameters,
+ data EncryptedData
+}
+
+EncryptedParameters ::= SET {
+ algorithm-identifier AlgorithmIdentifier,
+ originator-certificates ExtendedCertificates OPTIONAL,
+ ...
+}
+
+EncryptedData ::= BIT STRING(CONSTRAINED BY {BodyPart})
+
+-- Message body part
+MessageBodyPart ::= SEQUENCE {
+ parameters MessageParameters,
+ data MessageData
+}
+
+MessageParameters ::= SET {
+ delivery-time [0] MessageDeliveryTime OPTIONAL,
+ delivery-envelope [1] OtherMessageDeliveryFields OPTIONAL
+}
+
+MessageData ::= IPM
+
+-- Bilaterally Defined body part
+BilaterallyDefinedBodyPart ::= OCTET STRING
+
+-- Nationally Defined body part
+NATIONAL-BODY-PARTS ::= CLASS {&Type
+}
+
+NationallyDefinedBodyPart ::= NATIONAL-BODY-PARTS.&Type
+
+-- Provided for Historic reasons. Use is strongly deprecated.
+-- IPN
+IPN ::= SET {
+ -- common-fields --COMPONENTS OF CommonFields,
+ choice
+ [0] CHOICE {non-receipt-fields [0] NonReceiptFields,
+ receipt-fields [1] ReceiptFields,
+ other-notification-type-fields
+ [2] OtherNotificationTypeFields}
+}
+
+RN ::=
+ IPN
+ (WITH COMPONENTS {
+ ...,
+ choice (WITH COMPONENTS {
+ receipt-fields PRESENT
+ })
+ })
+
+NRN ::=
+ IPN
+ (WITH COMPONENTS {
+ ...,
+ choice (WITH COMPONENTS {
+ non-receipt-fields PRESENT
+ })
+ })
+
+ON ::=
+ IPN
+ (WITH COMPONENTS {
+ ...,
+ choice (WITH COMPONENTS {
+ other-notification-type-fields PRESENT
+ })
+ })
+
+CommonFields ::= SET {
+ subject-ipm SubjectIPMField,
+ ipn-originator [1] IPNOriginatorField OPTIONAL,
+ ipm-intended-recipient [2] IPMIntendedRecipientField OPTIONAL,
+ conversion-eits ConversionEITsField OPTIONAL,
+ notification-extensions [3] NotificationExtensionsField OPTIONAL
+}
+
+NonReceiptFields ::= SET {
+ non-receipt-reason [0] NonReceiptReasonField,
+ discard-reason [1] DiscardReasonField OPTIONAL,
+ auto-forward-comment [2] AutoForwardCommentField OPTIONAL,
+ returned-ipm [3] ReturnedIPMField OPTIONAL,
+ nrn-extensions [4] NRNExtensionsField OPTIONAL
+}
+
+ReceiptFields ::= SET {
+ receipt-time [0] ReceiptTimeField,
+ acknowledgment-mode [1] AcknowledgmentModeField DEFAULT manual,
+ suppl-receipt-info [2] SupplReceiptInfoField OPTIONAL,
+ rn-extensions [3] RNExtensionsField OPTIONAL
+}
+
+-- Common fields
+SubjectIPMField ::= IPMIdentifier
+
+IPNOriginatorField ::= ORDescriptor
+
+IPMIntendedRecipientField ::= ORDescriptor
+
+ConversionEITsField ::= EncodedInformationTypes
+
+NotificationExtensionsField ::= SET OF IPMSExtension{{NotificationExtensions}}
+
+NotificationExtensions IPMS-EXTENSION ::=
+ {ipn-security-response | PrivateIPMSExtensions, ...}
+
+-- Non-receipt fields
+NonReceiptReasonField ::= ENUMERATED {
+ ipm-discarded(0), ipm-auto-forwarded(1), ...
+ }
+
+-- ITU-T version:
+DiscardReasonField ::= ENUMERATED {
+ ipm-expired(0), ipm-obsoleted(1), user-subscription-terminated(2),
+ not-used(3)}
+
+-- ISO/IEC version:
+--DiscardReasonField ::= ENUMERATED {
+-- ipm-expired (0),
+-- ipm-obsoleted (1),
+-- user-subscription-terminated (2),
+-- The following value may not be supported by implementations of earlier versions of this Specification
+-- ipm-deleted (3),
+-- ... }
+AutoForwardCommentField ::=
+ AutoForwardComment
+
+AutoForwardComment ::= PrintableString(SIZE (0..ub-auto-forward-comment))
+
+ReturnedIPMField ::= IPM
+
+NRNExtensionsField ::= SET OF IPMSExtension{{NRNExtensions}}
+
+NRNExtensions IPMS-EXTENSION ::= {PrivateIPMSExtensions, ...}
+
+-- Receipt fields
+ReceiptTimeField ::= Time
+
+AcknowledgmentModeField ::= ENUMERATED {manual(0), automatic(1)}
+
+SupplReceiptInfoField ::= SupplementaryInformation
+
+RNExtensionsField ::= SET OF IPMSExtension{{RNExtensions}}
+
+RNExtensions IPMS-EXTENSION ::= {PrivateIPMSExtensions, ...}
+
+-- Other Notification Type fields
+OtherNotificationTypeFields ::= SET OF IPMSExtension{{OtherNotifications}}
+
+OtherNotifications IPMS-EXTENSION ::=
+ {AdviceNotifications | PrivateIPMSExtensions, ...}
+
+AdviceNotifications IPMS-EXTENSION ::=
+ {absence-advice | change-of-address-advice, ...}
+
+-- Advice Notification fields
+absence-advice IPMS-EXTENSION ::= {
+ VALUE AbsenceAdvice,
+ IDENTIFIED BY id-on-absence-advice
+}
+
+AbsenceAdvice ::= SEQUENCE {
+ advice BodyPart OPTIONAL,
+ next-available Time OPTIONAL
+}
+
+-- at least one component shall be present
+change-of-address-advice IPMS-EXTENSION ::= {
+ VALUE ChangeOfAddressAdvice,
+ IDENTIFIED BY id-on-change-of-address-advice
+}
+
+ChangeOfAddressAdvice ::= SEQUENCE {
+ new-address
+ [0] ORDescriptor(WITH COMPONENTS {
+ ...,
+ formal-name PRESENT
+ }),
+ effective-from [1] Time OPTIONAL
+}
+
+-- Message Store Realization
+prevent-nrn-generation MS-EXTENSION ::= {
+ NULL
+ IDENTIFIED BY id-mst-prevent-nrn-generation
+}
+
+suspend-auto-acknowledgement MS-EXTENSION ::= {
+ NULL
+ IDENTIFIED BY id-mst-suspend-auto-acknowledgement
+}
+
+assembly-capability MS-EXTENSION ::= {
+ NULL
+ IDENTIFIED BY id-mst-assembly-capability
+}
+
+IPMSubmissionOptions MS-EXTENSION ::=
+ {ipm-assembly-instructions | originator-body-part-encryption-token |
+ originator-forwarded-content-token, ...} -- For future extension additions
+
+ipm-assembly-instructions MS-EXTENSION ::= {
+ IPMAssemblyInstructions
+ IDENTIFIED BY id-mst-assembly-instructions
+}
+
+IPMAssemblyInstructions ::= SET {assembly-instructions [0] BodyPartReferences
+}
+
+BodyPartReferences ::= SEQUENCE OF BodyPartReference
+
+BodyPartReference ::= CHOICE {
+ stored-entry [0] SequenceNumber,
+ stored-content [1] SequenceNumber,
+ submitted-body-part [2] INTEGER(1..MAX),
+ stored-body-part
+ [3] SEQUENCE {message-entry SequenceNumber,
+ body-part-number INTEGER(1..MAX)}
+}
+
+originator-body-part-encryption-token MS-EXTENSION ::= {
+ BodyPartTokens
+ IDENTIFIED BY id-mst-originator-body-part-encryption-token
+}
+
+originator-forwarded-content-token MS-EXTENSION ::= {
+ ForwardedContentToken
+ IDENTIFIED BY id-mst-originator-forwarded-content-token
+}
+
+IPMSubmissionErrors MS-EXTENSION ::=
+ {invalid-assembly-instructions | invalid-ipn, ...
+ } -- For future extension additions
+
+invalid-assembly-instructions MS-EXTENSION ::= {
+ BodyPartReferences
+ IDENTIFIED BY id-mst-invalid-assembly-instructions
+}
+
+invalid-ipn MS-EXTENSION ::= {NULL
+ IDENTIFIED BY id-mst-invalid-ipn
+}
+
+END -- of IPMSInformationObjects
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/IPMSObjectIdentifiers.asn1 b/asn1/IPMSObjectIdentifiers.asn1
new file mode 100644
index 0000000..6e5c01a
--- /dev/null
+++ b/asn1/IPMSObjectIdentifiers.asn1
@@ -0,0 +1,507 @@
+-- Module IPMSObjectIdentifiers (X.420:06/1999)
+IPMSObjectIdentifiers {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ object-identifiers(0) version-1999(1)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything.
+IMPORTS -- nothing -- ;
+
+ID ::= OBJECT IDENTIFIER
+
+-- Interpersonal Messaging (not definitive)
+id-ipms ID ::=
+ {joint-iso-itu-t mhs(6) ipms(1)} -- not definitive
+
+-- Categories
+id-mod ID ::= {id-ipms 0} -- modules; not definitive
+
+id-ot ID ::= {id-ipms 1} -- object types
+
+id-pt ID ::= {id-ipms 2} -- port types
+
+id-et ID ::= {id-ipms 4} -- extended body part types
+
+id-hex ID ::= {id-ipms 5} -- heading extensions
+
+id-sat ID ::= {id-ipms 6} -- summary attributes
+
+id-hat ID ::= {id-ipms 7} -- heading attributes
+
+id-bat ID ::= {id-ipms 8} -- body attributes
+
+id-nat ID ::= {id-ipms 9} -- notification attributes
+
+id-mct ID ::= {id-ipms 10} -- message content types
+
+id-ep ID ::= {id-ipms 11} -- extended body part parameters
+
+id-eit ID ::= {id-ipms 12} -- encoded information types
+
+id-cat ID ::= {id-ipms 13} -- correlation attributes
+
+id-mr ID ::= {id-ipms 14} -- matching-rules
+
+id-aa ID ::= {id-ipms 15} -- auto-actions
+
+id-aae ID ::= {id-ipms 16} -- auto-action errors
+
+id-mst ID ::= {id-ipms 17} -- message store types
+
+id-sec ID ::= {id-ipms 18} -- ipm security extensions
+
+id-on ID ::= {id-ipms 19} -- other notification type extensions
+
+id-rex ID ::= {id-ipms 20} -- recipient extensions
+
+-- Modules
+id-mod-object-identifiers ID ::= {id-mod 0} -- not definitive
+
+id-mod-functional-objects ID ::= {id-mod 1} -- not definitive
+
+id-mod-information-objects ID ::= {id-mod 2} -- not definitive
+
+id-mod-abstract-service ID ::= {id-mod 3} -- not definitive
+
+id-mod-heading-extensions ID ::= {id-mod 6} -- not definitive
+
+id-mod-extended-body-part-types ID ::= {id-mod 7} -- not definitive
+
+id-mod-message-store-attributes ID ::= {id-mod 8} -- not definitive
+
+id-mod-file-transfer-body-part-type ID ::= {id-mod 9} -- not definitive
+
+id-mod-upper-bounds ID ::= {id-mod 10} -- not definitive
+
+id-mod-extended-voice-body-part-type ID ::= {id-mod 11} -- not definitive
+
+id-mod-forwarded-report-body-part-type ID ::= {id-mod 12} -- not definitive
+
+id-mod-auto-actions ID ::= {id-mod 13} -- not definitive
+
+id-mod-ipm-security-extensions ID ::= {id-mod 14} -- not definitive
+
+id-mod-forwarded-content-body-part-type ID ::= {id-mod 15} -- not definitive
+
+id-mod-pkcs7-body-part-type ID ::= {id-mod 16} -- not definitive
+
+-- Object types
+id-ot-ipms-user ID ::= {id-ot 1}
+
+id-ot-ipms ID ::= {id-ot 2}
+
+-- Port types
+id-pt-origination ID ::= {id-pt 0}
+
+id-pt-reception ID ::= {id-pt 1}
+
+id-pt-management ID ::= {id-pt 2}
+
+-- Extended body part types
+id-et-ia5-text ID ::= {id-et 0}
+
+id-et-g3-facsimile ID ::= {id-et 2}
+
+id-et-g4-class1 ID ::= {id-et 3}
+
+id-et-teletex ID ::= {id-et 4}
+
+id-et-videotex ID ::= {id-et 5}
+
+id-et-encrypted ID ::= {id-et 6}
+
+id-et-message ID ::= {id-et 7}
+
+id-et-mixed-mode ID ::= {id-et 8}
+
+id-et-bilaterally-defined ID ::= {id-et 9}
+
+id-et-nationally-defined ID ::= {id-et 10}
+
+id-et-general-text ID ::= {id-et 11}
+
+id-et-file-transfer ID ::= {id-et 12}
+
+-- Value {id-et 13} is no longer defined
+id-et-report ID ::= {id-et 14}
+
+id-et-notification ID ::= {id-et 15}
+
+id-et-voice ID ::= {id-et 16}
+
+id-et-content ID ::=
+ {id-et 17} -- This value is not used directly, only as a prefix
+
+id-et-pkcs7 ID ::= {id-et 18}
+
+-- Heading extensions
+id-hex-incomplete-copy ID ::= {id-hex 0}
+
+id-hex-languages ID ::= {id-hex 1}
+
+id-hex-auto-submitted ID ::= {id-hex 2}
+
+id-hex-body-part-signatures ID ::= {id-hex 3}
+
+id-hex-ipm-security-label ID ::= {id-hex 4}
+
+id-hex-authorization-time ID ::= {id-hex 5}
+
+id-hex-circulation-list-recipients ID ::= {id-hex 6}
+
+id-hex-distribution-codes ID ::= {id-hex 7}
+
+id-hex-extended-subject ID ::= {id-hex 8}
+
+id-hex-information-category ID ::= {id-hex 9}
+
+id-hex-manual-handling-instructions ID ::= {id-hex 10}
+
+id-hex-originators-reference ID ::= {id-hex 11}
+
+id-hex-precedence-policy-id ID ::= {id-hex 12}
+
+-- Summary attributes
+id-sat-ipm-entry-type ID ::= {id-sat 0}
+
+id-sat-ipm-synopsis ID ::= {id-sat 1}
+
+id-sat-body-parts-summary ID ::= {id-sat 2}
+
+id-sat-ipm-auto-discarded ID ::= {id-sat 3}
+
+-- Heading attributes
+id-hat-heading ID ::= {id-hat 0}
+
+id-hat-this-ipm ID ::= {id-hat 1}
+
+id-hat-originator ID ::= {id-hat 2}
+
+id-hat-replied-to-IPM ID ::= {id-hat 3}
+
+id-hat-subject ID ::= {id-hat 4}
+
+id-hat-expiry-time ID ::= {id-hat 5}
+
+id-hat-reply-time ID ::= {id-hat 6}
+
+id-hat-importance ID ::= {id-hat 7}
+
+id-hat-sensitivity ID ::= {id-hat 8}
+
+id-hat-auto-forwarded ID ::= {id-hat 9}
+
+id-hat-authorizing-users ID ::= {id-hat 10}
+
+id-hat-primary-recipients ID ::= {id-hat 11}
+
+id-hat-copy-recipients ID ::= {id-hat 12}
+
+id-hat-blind-copy-recipients ID ::= {id-hat 13}
+
+id-hat-obsoleted-IPMs ID ::= {id-hat 14}
+
+id-hat-related-IPMs ID ::= {id-hat 15}
+
+id-hat-reply-recipients ID ::= {id-hat 16}
+
+id-hat-incomplete-copy ID ::= {id-hat 17}
+
+id-hat-languages ID ::= {id-hat 18}
+
+id-hat-rn-requestors ID ::= {id-hat 19}
+
+id-hat-nrn-requestors ID ::= {id-hat 20}
+
+id-hat-reply-requestors ID ::= {id-hat 21}
+
+id-hat-auto-submitted ID ::= {id-hat 22}
+
+id-hat-body-part-signatures ID ::= {id-hat 23}
+
+id-hat-ipm-security-label ID ::= {id-hat 24}
+
+id-hat-body-part-security-label ID ::= {id-hat 25}
+
+id-hat-body-part-encryption-token ID ::= {id-hat 26}
+
+id-hat-authorization-time ID ::= {id-hat 27}
+
+id-hat-circulation-list-recipients ID ::= {id-hat 28}
+
+id-hat-distribution-codes ID ::= {id-hat 29}
+
+id-hat-extended-subject ID ::= {id-hat 30}
+
+id-hat-information-category ID ::= {id-hat 31}
+
+id-hat-manual-handling-instructions ID ::= {id-hat 32}
+
+id-hat-originators-reference ID ::= {id-hat 33}
+
+id-hat-precedence-policy-id ID ::= {id-hat 34}
+
+id-hat-forwarded-content-token ID ::= {id-hat 35}
+
+id-hat-forwarding-token ID ::= {id-hat 36}
+
+id-hat-precedence ID ::= {id-hat 37}
+
+id-hat-body-part-signature-verification-status ID ::= {id-hat 38}
+
+-- Body attributes
+id-bat-body ID ::= {id-bat 0}
+
+id-bat-ia5-text-body-parts ID ::= {id-bat 1}
+
+id-bat-g3-facsimile-body-parts ID ::= {id-bat 3}
+
+id-bat-g4-class1-body-parts ID ::= {id-bat 4}
+
+id-bat-teletex-body-parts ID ::= {id-bat 5}
+
+id-bat-videotex-body-parts ID ::= {id-bat 6}
+
+id-bat-encrypted-body-parts ID ::= {id-bat 7}
+
+id-bat-message-body-parts ID ::= {id-bat 8}
+
+id-bat-mixed-mode-body-parts ID ::= {id-bat 9}
+
+id-bat-bilaterally-defined-body-parts ID ::= {id-bat 10}
+
+id-bat-nationally-defined-body-parts ID ::= {id-bat 11}
+
+id-bat-extended-body-part-types ID ::= {id-bat 12}
+
+id-bat-ia5-text-parameters ID ::= {id-bat 13}
+
+id-bat-g3-facsimile-parameters ID ::= {id-bat 15}
+
+id-bat-teletex-parameters ID ::= {id-bat 16}
+
+id-bat-videotex-parameters ID ::= {id-bat 17}
+
+id-bat-encrypted-parameters ID ::= {id-bat 18}
+
+id-bat-message-parameters ID ::= {id-bat 19}
+
+id-bat-ia5-text-data ID ::= {id-bat 20}
+
+id-bat-g3-facsimile-data ID ::= {id-bat 22}
+
+id-bat-teletex-data ID ::= {id-bat 23}
+
+id-bat-videotex-data ID ::= {id-bat 24}
+
+id-bat-encrypted-data ID ::= {id-bat 25}
+
+id-bat-message-data ID ::= {id-bat 26}
+
+-- Notification attributes
+id-nat-subject-ipm ID ::= {id-nat 0}
+
+id-nat-ipn-originator ID ::= {id-nat 1}
+
+id-nat-ipm-intended-recipient ID ::= {id-nat 2}
+
+id-nat-conversion-eits ID ::= {id-nat 3}
+
+id-nat-non-receipt-reason ID ::= {id-nat 4}
+
+id-nat-discard-reason ID ::= {id-nat 5}
+
+id-nat-auto-forward-comment ID ::= {id-nat 6}
+
+id-nat-returned-ipm ID ::= {id-nat 7}
+
+id-nat-receipt-time ID ::= {id-nat 8}
+
+id-nat-acknowledgment-mode ID ::= {id-nat 9}
+
+id-nat-suppl-receipt-info ID ::= {id-nat 10}
+
+id-nat-notification-extensions ID ::= {id-nat 11}
+
+id-nat-nrn-extensions ID ::= {id-nat 12}
+
+id-nat-rn-extensions ID ::= {id-nat 13}
+
+id-nat-other-notification-type-fields ID ::= {id-nat 14}
+
+-- Correlation attributes
+id-cat-correlated-delivered-ipns ID ::= {id-cat 0}
+
+id-cat-correlated-delivered-replies ID ::= {id-cat 1}
+
+id-cat-delivered-ipn-summary ID ::= {id-cat 2}
+
+id-cat-delivered-replies-summary ID ::= {id-cat 3}
+
+id-cat-forwarded-ipms ID ::= {id-cat 4}
+
+id-cat-forwarding-ipms ID ::= {id-cat 5}
+
+id-cat-ipm-recipients ID ::= {id-cat 6}
+
+id-cat-obsoleted-ipms ID ::= {id-cat 7}
+
+id-cat-obsoleting-ipms ID ::= {id-cat 8}
+
+id-cat-related-ipms ID ::= {id-cat 9}
+
+id-cat-relating-ipms ID ::= {id-cat 10}
+
+id-cat-replied-to-ipm ID ::= {id-cat 11}
+
+id-cat-replying-ipms ID ::= {id-cat 12}
+
+id-cat-revised-reply-time ID ::= {id-cat 13}
+
+id-cat-submitted-ipn-status ID ::= {id-cat 14}
+
+id-cat-submitted-ipns ID ::= {id-cat 15}
+
+id-cat-submitted-reply-status ID ::= {id-cat 16}
+
+id-cat-subject-ipm ID ::= {id-cat 17}
+
+id-cat-recipient-category ID ::= {id-cat 18}
+
+-- Message content types (for use by MS and Directory)
+id-mct-p2-1984 ID ::=
+ {id-mct 0} -- P2 1984
+
+id-mct-p2-1988 ID ::= {id-mct 1} -- P2 1988
+
+-- Extended body part parameters
+id-ep-ia5-text ID ::= {id-ep 0}
+
+id-ep-g3-facsimile ID ::= {id-ep 2}
+
+id-ep-teletex ID ::= {id-ep 4}
+
+id-ep-videotex ID ::= {id-ep 5}
+
+id-ep-encrypted ID ::= {id-ep 6}
+
+id-ep-message ID ::= {id-ep 7}
+
+id-ep-general-text ID ::= {id-ep 11}
+
+id-ep-file-transfer ID ::= {id-ep 12}
+
+-- Value {id-ep 13} is no longer defined
+id-ep-notification ID ::= {id-ep 15}
+
+id-ep-voice ID ::= {id-ep 16}
+
+id-ep-content ID ::=
+ {id-ep 17} -- This value is not used directly, only as a prefix
+
+-- Encoded Information Types
+id-eit-file-transfer ID ::= {id-eit 0}
+
+id-eit-voice ID ::= {id-eit 1}
+
+-- Voice Encoded Information Types
+id-voice-11khz-sample ID ::=
+ {id-eit-voice 0}
+
+id-voice-22khz-sample ID ::= {id-eit-voice 1}
+
+id-voice-cd-quality ID ::= {id-eit-voice 2}
+
+id-voice-g711-mu-law ID ::= {id-eit-voice 3}
+
+id-voice-g726-32k-adpcm ID ::= {id-eit-voice 4}
+
+id-voice-g728-16k-ld-celp ID ::= {id-eit-voice 5}
+
+-- Matching-rules
+id-mr-ipm-identifier ID ::= {id-mr 0}
+
+id-mr-or-descriptor ID ::= {id-mr 1}
+
+id-mr-or-descriptor-elements ID ::= {id-mr 2}
+
+id-mr-or-descriptor-substring-elements ID ::= {id-mr 3}
+
+id-mr-recipient-specifier ID ::= {id-mr 4}
+
+id-mr-recipient-specifier-elements ID ::= {id-mr 5}
+
+id-mr-recipient-specifier-substring-elements ID ::= {id-mr 6}
+
+id-mr-ipm-location ID ::= {id-mr 7}
+
+id-mr-or-descriptor-single-element ID ::= {id-mr 8}
+
+id-mr-recipient-specifier-single-element ID ::= {id-mr 9}
+
+id-mr-circulation-member ID ::= {id-mr 10}
+
+id-mr-circulation-member-elements ID ::= {id-mr 11}
+
+id-mr-circulation-member-substring-elements ID ::= {id-mr 12}
+
+id-mr-circulation-member-single-element ID ::= {id-mr 13}
+
+id-mr-circulation-member-checkmark ID ::= {id-mr 14}
+
+id-mr-distribution-code ID ::= {id-mr 15}
+
+id-mr-information-category ID ::= {id-mr 16}
+
+-- Auto-actions
+id-aa-ipm-auto-acknowledgement ID ::= {id-aa 0}
+
+id-aa-ipm-auto-correlate ID ::= {id-aa 1}
+
+id-aa-ipm-auto-discard ID ::= {id-aa 2}
+
+id-aa-ipm-auto-advise ID ::= {id-aa 3}
+
+-- Auto-action-errors
+id-aae-auto-discard-error ID ::= {id-aae 0}
+
+id-aae-auto-forwarding-loop ID ::= {id-aae 1}
+
+id-aae-duplicate-ipn ID ::= {id-aae 2}
+
+-- Message Store types
+id-mst-invalid-assembly-instructions ID ::= {id-mst 0}
+
+id-mst-invalid-ipn ID ::= {id-mst 1}
+
+id-mst-assembly-instructions ID ::= {id-mst 2}
+
+id-mst-suspend-auto-acknowledgement ID ::= {id-mst 3}
+
+id-mst-prevent-nrn-generation ID ::= {id-mst 4}
+
+id-mst-originator-body-part-encryption-token ID ::= {id-mst 5}
+
+id-mst-originator-forwarded-content-token ID ::= {id-mst 6}
+
+id-mst-assembly-capability ID ::= {id-mst 7}
+
+-- Security extensions
+id-sec-ipm-security-request ID ::= {id-sec 0}
+
+id-sec-security-common-fields ID ::= {id-sec 1}
+
+-- Other notification types
+id-on-absence-advice ID ::= {id-on 0}
+
+id-on-change-of-address-advice ID ::= {id-on 1}
+
+-- Recipient extensions
+id-rex-circulation-list-indicator ID ::= {id-rex 0}
+
+id-rex-precedence ID ::= {id-rex 1}
+
+END -- of IPMSObjectIdentifiers
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/IPMSSecurityExtensions.asn1 b/asn1/IPMSSecurityExtensions.asn1
new file mode 100644
index 0000000..8c692cc
--- /dev/null
+++ b/asn1/IPMSSecurityExtensions.asn1
@@ -0,0 +1,143 @@
+-- Module IPMSSecurityExtensions (X.420:06/1999)
+IPMSSecurityExtensions {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ ipm-security-extensions(14) version-1999(1)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything
+IMPORTS
+ -- MTS Abstract Service
+ Certificates, Content, ContentIntegrityCheck, ExtendedCertificates,
+ EXTENSION, MessageOriginAuthenticationCheck, MessageToken, EncryptionKey
+ --==
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)}
+ -- IPMS Information Objects
+ IPMS-EXTENSION
+ --==
+ FROM IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ information-objects(2) version-1999(1)}
+ -- IPMS Heading Extensions
+ BodyPartNumber
+ --==
+ FROM IPMSHeadingExtensions {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ heading-extensions(6) version-1999(1)}
+ -- Directory Authentication Framework
+ AlgorithmIdentifier, ENCRYPTED{}
+ --==
+ FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
+ authenticationFramework(7) 3}
+ -- Directory Certificate Extensions
+ CertificateAssertion
+ --==
+ FROM CertificateExtensions {joint-iso-itu-t ds(5) module(1)
+ certificateExtensions(26) 0}
+ -- IPMS Object Identifiers
+ id-sec-ipm-security-request, id-sec-security-common-fields
+ --==
+ FROM IPMSObjectIdentifiers {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ object-identifiers(0) version-1999(1)};
+
+-- Recipient Security Request
+recipient-security-request IPMS-EXTENSION ::= {
+ VALUE RecipientSecurityRequest,
+ IDENTIFIED BY id-sec-ipm-security-request
+}
+
+RecipientSecurityRequest ::= BIT STRING {
+ content-non-repudiation(0), content-proof(1), ipn-non-repudiation(2),
+ ipn-proof(3)}
+
+-- IPN Security Response
+ipn-security-response IPMS-EXTENSION ::= {
+ VALUE IpnSecurityResponse,
+ IDENTIFIED BY id-sec-security-common-fields
+}
+
+IpnSecurityResponse ::= SET {
+ content-or-arguments
+ CHOICE {original-content OriginalContent,
+ original-security-arguments
+ SET {original-content-integrity-check
+ [0] OriginalContentIntegrityCheck OPTIONAL,
+ original-message-origin-authentication-check
+ [1] OriginalMessageOriginAuthenticationCheck OPTIONAL,
+ original-message-token
+ [2] OriginalMessageToken OPTIONAL}},
+ security-diagnostic-code SecurityDiagnosticCode OPTIONAL
+}
+
+-- MTS security fields
+OriginalContent ::= Content
+
+OriginalContentIntegrityCheck ::= ContentIntegrityCheck
+
+OriginalMessageOriginAuthenticationCheck ::= MessageOriginAuthenticationCheck
+
+OriginalMessageToken ::= MessageToken
+
+-- Security Diagnostic Codes
+SecurityDiagnosticCode ::= INTEGER {
+ integrity-failure-on-subject-message(0),
+ integrity-failure-on-forwarded-message(1),
+ moac-failure-on-subject-message(2), unsupported-security-policy(3),
+ unsupported-algorithm-identifier(4), decryption-failed(5), token-error(6),
+ unable-to-sign-notification(7), unable-to-sign-message-receipt(8),
+ authentication-failure-on-subject-message(9),
+ security-context-failure-message(10), message-sequence-failure(11),
+ message-security-labelling-failure(12), repudiation-failure-of-message(13),
+ failure-of-proof-of-message(14), signature-key-unobtainable(15),
+ decryption-key-unobtainable(16), key-failure(17),
+ unsupported-request-for-security-service(18),
+ inconsistent-request-for-security-service(19),
+ ipn-non-repudiation-provided-instead-of-content-proof(20),
+ token-decryption-failed(21), double-enveloping-message-restoring-failure(22),
+ unauthorised-dl-member(23), reception-security-failure(24),
+ unsuitable-alternate-recipient(25), security-services-refusal(26),
+ unauthorised-recipient(27), unknown-certification-authority-name(28),
+ unknown-dl-name(29), unknown-originator-name(30), unknown-recipient-name(31),
+ security-policy-violation(32)}
+
+-- Security Envelope Extensions
+body-part-encryption-token EXTENSION ::= {
+ BodyPartTokens,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:43
+}
+
+BodyPartTokens ::=
+ SET OF
+ SET {body-part-number BodyPartNumber,
+ body-part-choice
+ CHOICE {encryption-token EncryptionToken,
+ message-or-content-body-part [0] BodyPartTokens}
+ }
+
+EncryptionToken ::= SET {
+ encryption-algorithm-identifier AlgorithmIdentifier,
+ encrypted-key ENCRYPTED{EncryptionKey},
+ recipient-certificate-selector [0] CertificateAssertion OPTIONAL,
+ recipient-certificate [1] Certificates OPTIONAL,
+ originator-certificate-selector [2] CertificateAssertion OPTIONAL,
+ originator-certificates [3] ExtendedCertificates OPTIONAL,
+ ...
+}
+
+forwarded-content-token EXTENSION ::= {
+ ForwardedContentToken,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:44
+}
+
+ForwardedContentToken ::=
+ SET OF
+ SET {body-part-number BodyPartNumber,
+ body-part-choice
+ CHOICE {forwarding-token MessageToken,
+ message-or-content-body-part ForwardedContentToken
+ }}
+
+END -- of IPMSSecurityExtensions
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/IPMSUpperBounds.asn1 b/asn1/IPMSUpperBounds.asn1
new file mode 100644
index 0000000..27324f6
--- /dev/null
+++ b/asn1/IPMSUpperBounds.asn1
@@ -0,0 +1,46 @@
+-- Module IPMSUpperBounds (X.420:06/1999)
+IPMSUpperBounds {joint-iso-itu-t mhs(6) ipms(1) modules(0) upper-bounds(10)
+ version-1999(1)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything.
+IMPORTS -- nothing -- ;
+
+-- Upper bounds
+ub-alpha-code-length INTEGER ::= 16
+
+ub-auto-forward-comment INTEGER ::= 256
+
+ub-circulation-list-members INTEGER ::= 256
+
+ub-distribution-codes INTEGER ::= 16
+
+ub-extended-subject-length INTEGER ::= 256
+
+ub-free-form-name INTEGER ::= 64
+
+ub-information-categories INTEGER ::= 16
+
+ub-information-category-length INTEGER ::= 64
+
+ub-ipm-identifier-suffix INTEGER ::= 2
+
+ub-local-ipm-identifier INTEGER ::= 64
+
+ub-manual-handling-instruction-length INTEGER ::= 128
+
+ub-manual-handling-instructions INTEGER ::= 16
+
+ub-originators-reference-length INTEGER ::= 64
+
+ub-precedence INTEGER ::= 127
+
+ub-subject-field INTEGER ::= 128
+
+ub-telephone-number INTEGER ::= 32
+
+END -- of IPMSUpperBounds
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/ISO8571-FTAM.asn1 b/asn1/ISO8571-FTAM.asn1
new file mode 100644
index 0000000..5458350
--- /dev/null
+++ b/asn1/ISO8571-FTAM.asn1
@@ -0,0 +1,1451 @@
+-- Module ISO8571-FTAM (ISO 8571-4:1988)
+--
+-- Copyright © ISO/IEC 1988. This version of
+-- this ASN.1 module is part of ISO/IEC 8571-4:1988;
+-- see the ISO|IEC text itself for full legal notices.
+--
+ISO8571-FTAM {iso standard 8571 application-context(1) iso-ftam(1)} DEFINITIONS
+::=
+BEGIN
+
+PDU ::= CHOICE {
+ fTAM-Regime-PDU FTAM-Regime-PDU,
+ file-PDU File-PDU,
+ bulk-Data-PDU Bulk-Data-PDU,
+ fSM-PDU FSM-PDU
+}
+
+FTAM-Regime-PDU ::= CHOICE {
+ f-initialize-request [0] IMPLICIT F-INITIALIZE-request,
+ f-initialize-response [1] IMPLICIT F-INITIALIZE-response,
+ f-terminate-request [2] IMPLICIT F-TERMINATE-request,
+ f-terminate-response [3] IMPLICIT F-TERMINATE-response,
+ f-u-abort-request [4] IMPLICIT F-U-ABORT-request,
+ f-p-abort-request [5] IMPLICIT F-P-ABORT-request
+}
+
+F-INITIALIZE-request ::= SEQUENCE {
+ protocol-Version Protocol-Version DEFAULT {version-1},
+ implementation-information Implementation-Information OPTIONAL,
+ presentation-tontext-management [2] IMPLICIT BOOLEAN DEFAULT FALSE,
+ service-class Service-Class DEFAULT {transfer-class},
+ -- Only the valid combinations as specified in ISO 8571-3 are allowed.
+ functional-units Functional-Units,
+ attribute-groups Attribute-Groups DEFAULT {},
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ ftam-quality-of-Service FTAM-Quality-of-Service,
+ contents-type-list Contents-Type-List OPTIONAL,
+ initiator-identity User-Identity OPTIONAL,
+ account Account OPTIONAL,
+ filestore-password Password OPTIONAL,
+ checkpoint-window [8] IMPLICIT INTEGER DEFAULT 1
+}
+
+-- lf the recovery or restart data transfer functional units are
+-- not available, the Checkpoint-window Parameter shall not be sent.
+F-INITIALIZE-response ::= SEQUENCE {
+ state-result State-Result DEFAULT success,
+ action-result Action-Result DEFAULT success,
+ protocol-Version Protocol-Version DEFAULT {version-1},
+ implementation-information Implementation-Information OPTIONAL,
+ presentation-tontext-management [2] IMPLICIT BOOLEAN DEFAULT FALSE,
+ service-class Service-Class DEFAULT {transfer-class},
+ -- Only the valid combinations as specified in ISO 8571-3 are allowed.
+ functional-units Functional-Units,
+ attribute-groups Attribute-Groups DEFAULT {},
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ ftam-quality-of-Service FTAM-Quality-of-Service,
+ contents-type-list Contents-Type-List OPTIONAL,
+ diagnostic Diagnostic OPTIONAL,
+ checkpoint-window [8] IMPLICIT INTEGER DEFAULT 1
+}
+
+-- If the recovery or restart data transfer functional units are
+-- not available, the Checkpoint-window Parameter shall not be sent.
+Protocol-Version ::= [0] IMPLICIT BIT STRING {version-1(0), version-2(1)
+}
+
+Implementation-Information ::= [1] IMPLICIT GraphicString
+
+-- This Parameter is provided solely for the convenience of implementors
+-- needing to distinguish between implernentations of a specific version number
+-- of different equipment, it shall not be the subject of conformance test.
+Service-Class ::= [3] IMPLICIT BIT STRING {
+ unconstrained-class(0), management-class(1), transfer-class(2),
+ transfer-and-management-class(3), access-class(4)}
+
+Functional-Units ::= [4] IMPLICIT BIT STRING {
+ read(2), write(3), file-access(4), limited-file-management(5),
+ enhanced-file-management(6), grouping(7), fadu-locking(8), recovery(9),
+ restart-data-transfer(10), limited-filestore-management(11),
+ enhanced-filestore-management(12), object-manipulation(13),
+ group-manipulation(14), consecutive-access(15), concurrent-access(16)
+}
+
+-- Values 2 to 14 are Chosen to align with numbering scheme used in ISO 8571-3.
+Attribute-Groups ::= [5] IMPLICIT BIT STRING {
+ storage(0), security(1), private(2), extension(3)}
+
+-- The extension bit is defined if and only if the limited-filestore-management
+-- or the group-manipulation functional units are available.
+FTAM-Quality-of-Service ::= [6] IMPLICIT INTEGER {
+ no-recovery(0), class-1-recovery(1), class-2-recovery(2), class-3-recovery(3)
+}
+
+Contents-Type-List ::=
+ [7] IMPLICIT
+ SEQUENCE OF
+ CHOICE {document-type-name Document-Type-Name,
+ abstract-Syntax-name Abstract-Syntax-Name}
+
+F-TERMINATE-request ::= SEQUENCE {
+ shared-ASE-information Shared-ASE-Information OPTIONAL
+}
+
+F-TERMINATE-response ::= SEQUENCE {
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ charging Charging OPTIONAL
+}
+
+F-U-ABORT-request ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-P-ABORT-request ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ diagnostic Diagnostic OPTIONAL
+}
+
+File-PDU ::= CHOICE {
+ f-select-request [6] IMPLICIT F-SELECT-request,
+ f-select-response [7] IMPLICIT F-SELECT-response,
+ f-deselect-request [8] IMPLICIT F-DESELECT-request,
+ f-deselect-response [9] IMPLICIT F-DESELECT-response,
+ f-create-request [10] IMPLICIT F-CREATE-request,
+ f-create-response [11] IMPLICIT F-CREATE-response,
+ f-delete-request [12] IMPLICIT F-DELETE-request,
+ f-delete-response [13] IMPLICIT F-DELETE-response,
+ f-read-attrib-request [14] IMPLICIT F-READ-ATTRIB-request,
+ f-read-attrib-response [15] IMPLICIT F-READ-ATTRIB-response,
+ f-Change-attrib-reques [16] IMPLICIT F-CHANGE-ATTRIB-request,
+ f-Change-attrib-respon [17] IMPLICIT F-CHANGE-ATTRIB-response,
+ f-open-request [18] IMPLICIT F-OPEN-request,
+ f-open-response [19] IMPLICIT F-OPEN-response,
+ f-close-request [20] IMPLICIT F-CLOSE-request,
+ f-close-response [21] IMPLICIT F-CLOSE-response,
+ f-begin-group-request [22] IMPLICIT F-BEGIN-GROUP-request,
+ f-begin-group-response [23] IMPLICIT F-BEGIN-GROUP-response,
+ f-end-group-request [24] IMPLICIT F-END-GROUP-request,
+ f-end-group-response [25] IMPLICIT F-END-GROUP-response,
+ f-recover-request [26] IMPLICIT F-RECOVER-request,
+ f-recover-response [27] IMPLICIT F-RECOVER-response,
+ f-locate-request [28] IMPLICIT F-LOCATE-request,
+ f-locate-response [29] IMPLICIT F-LOCATE-response,
+ f-erase-request [30] IMPLICIT F-ERASE-request,
+ f-erase-response [31] IMPLICIT F-ERASE-response
+}
+
+F-SELECT-request ::= SEQUENCE {
+ attributes Select-Attributes,
+ requested-access Access-Request,
+ access-passwords Access-Passwords OPTIONAL,
+ path-access-passwords Path-Access-Passwords OPTIONAL,
+ -- This Parameter tan only be sent when the
+ -- limited-filestore-management or the object-manipulation or
+ -- the group-manipulation functional units are available.
+ concurrency-control Concurrency-Control OPTIONAL,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ account Account OPTIONAL
+}
+
+F-SELECT-response ::= SEQUENCE {
+ state-result State-Result DEFAULT success,
+ action-result Action-Result DEFAULT success,
+ attributes Select-Attributes,
+ referent-indicator Referent-Indicator OPTIONAL,
+ -- This Parameter tan only be sent when the
+ -- limited-filestore-management functional unit is available.
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-DESELECT-request ::= SEQUENCE {
+ shared-ASE-information Shared-ASE-Information OPTIONAL
+}
+
+F-DESELECT-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ charging Charging OPTIONAL,
+ -- Present if and only if the account field was present on
+ -- the PDU which established the selection regime.
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-CREATE-request ::= SEQUENCE {
+ override [0] IMPLICIT Override DEFAULT create-failure,
+ initial-attributes Create-Attributes,
+ create-password Password OPTIONAL,
+ requested-access Access-Request,
+ access-passwords Access-Passwords OPTIONAL,
+ path-access-passwords Path-Access-Passwords OPTIONAL,
+ -- This Parameter tan only be sent when the
+ -- limited-filestore-management or the Object-manipulation or
+ -- the group-manipulation functional units are available.
+ concurrency-control Concurrency-Control OPTIONAL,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ account Account OPTIONAL
+}
+
+F-CREATE-response ::= SEQUENCE {
+ state-result State-Result DEFAULT success,
+ action-result Action-Result DEFAULT success,
+ initial-attributes Create-Attributes,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-DELETE-request ::= SEQUENCE {
+ shared-ASE-information Shared-ASE-Information OPTIONAL
+}
+
+F-DELETE-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ charging Charging OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-READ-ATTRIB-request ::= SEQUENCE {
+ attribute-names [0] IMPLICIT Attribute-Names,
+ attribute-extension-names [1] IMPLICIT Attribute-Extension-Names OPTIONAL
+}
+
+-- This Parameter tan only be sent when the
+-- limited-filestore-management functional unit is available.
+F-READ-ATTRIB-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ attributes Read-Attributes OPTIONAL,
+ -- Password values within the access control tan not be read by means
+ -- of the read attribute action. Whether other Parts of the access
+ -- control Object attribute tan be read by means of the read
+ -- attribute action is decided locally by the responding entity, and
+ -- it shall not be the subject of conformance test.
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-CHANGE-ATTRIB-request ::= SEQUENCE {attributes Change-Attributes
+}
+
+F-CHANGE-ATTRIB-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ attributes Change-Attributes OPTIONAL,
+ -- Password values within access control attribute are never returned.
+ -- Other attributes are retumed as an implementation choice.
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-OPEN-request ::= SEQUENCE {
+ processing-mode
+ [0] IMPLICIT BIT STRING {f-read(0), f-insert(1), f-replace(2), f-extend(3),
+ f-erase(4)} DEFAULT {f-read},
+ contents-type
+ [1] CHOICE {unknown [0] IMPLICIT NULL,
+ proposed [1] Contents-Type-Attribute},
+ concurrency-control Concurrency-Control OPTIONAL,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ enable-fadu-locking [2] IMPLICIT BOOLEAN DEFAULT FALSE,
+ activity-identifier Activity-Identifier OPTIONAL,
+ -- Only used in the recovery functional unit.
+ recovery-mode
+ [3] IMPLICIT INTEGER {none(0), at-start-of-file(1),
+ at-any-active-Checkpoint(2)} DEFAULT none,
+ remove-contexts [4] IMPLICIT SET OF Abstract-Syntax-Name OPTIONAL,
+ define-contexts [5] IMPLICIT SET OF Abstract-Syntax-Name OPTIONAL,
+ -- The following are conditional on the negotiation of the consecutive overlap or
+ -- concurrent overlap functional units.
+ degree-of-overlap Degree-Of-Overlap OPTIONAL,
+ transfer-window [7] IMPLICIT INTEGER OPTIONAL
+}
+
+F-OPEN-response ::= SEQUENCE {
+ state-result State-Result DEFAULT success,
+ action-result Action-Result DEFAULT success,
+ contents-type [1] Contents-Type-Attribute,
+ concurrency-control Concurrency-Control OPTIONAL,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL,
+ recovery-mode
+ [3] IMPLICIT INTEGER {none(0), at-start-of-file(1),
+ at-any-active-Checkpoint(2)} DEFAULT none,
+ presentation-action [6] IMPLICIT BOOLEAN DEFAULT FALSE,
+ -- This flag is set if the responder is going to follow this response
+ -- by a P-ALTER-CONTEXT exchange.
+ --The following are conditional on the negotiation of the concecutive access
+ -- or concurent access functional units.
+ degree-of-overlap Degree-Of-Overlap OPTIONAL,
+ transfer-window [7] IMPLICIT INTEGER OPTIONAL
+}
+
+F-CLOSE-request ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-CLOSE-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-BEGIN-GROUP-request ::= SEQUENCE {threshold [0] IMPLICIT INTEGER
+}
+
+F-BEGIN-GROUP-response ::= SEQUENCE {
+}
+
+-- No elements defined, shall be empty.
+F-END-GROUP-request ::= SEQUENCE {
+}
+
+-- No elements defined, shall be empty.
+F-END-GROUP-response ::= SEQUENCE {
+}
+
+-- No elements defined, shall be empty.
+F-RECOVER-request ::= SEQUENCE {
+ activity-identifier Activity-Identifier,
+ bulk-transfer-number [0] IMPLICIT INTEGER,
+ -- If concurrent access was in use then this parameter indicates the read bulk
+ -- transfer.
+ requested-access Access-Request,
+ access-passwords Access-Passwords OPTIONAL,
+ recovefy-Point [2] IMPLICIT INTEGER DEFAULT 0,
+ -- Zero indicates beginning of file
+ -- Point after last Checkpoint indicates end of file
+ remove-contexts
+ [3] IMPLICIT SET OF Abstract-Syntax-Name OPTIONAL,
+ define-contexts
+ [4] IMPLICIT SET OF Abstract-Syntax-Name OPTIONAL,
+ -- The following are conditional on the negotiation of overlapped access.
+ concurrent-bulk-transfer-number [7] IMPLICIT INTEGER OPTIONAL,
+ -- conditional on use of concurrent access
+ concurrent-recovery-point [8] IMPLICIT INTEGER OPTIONAL,
+ -- conditional on use of concurrent access. Zero indicates beginning of file
+ -- point after last checkpoint indicates end of file
+ last-transfer-end-read-response [9] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-write-response [10] IMPLICIT INTEGER OPTIONAL
+}
+
+F-RECOVER-response ::= SEQUENCE {
+ state-result State-Result DEFAULT success,
+ action-result Action-Result DEFAULT success,
+ contents-type [1] Contents-Type-Attribute,
+ recovety-Point [2] IMPLICIT INTEGER DEFAULT 0,
+ -- Zero indicates beginning of file.
+ -- Point after last Checkpoint indicates end of file.
+ diagnostic Diagnostic OPTIONAL,
+ presentation-action [6] IMPLICIT BOOLEAN DEFAULT FALSE,
+ -- This flag is set if the responder is going to follow this response
+ -- by a P-ALTER-CONTEXT exchange.
+ -- The following are conditional on the negotiation of overlapped access.
+ concurrent-recovery-point [8] IMPLICIT INTEGER OPTIONAL,
+ -- conditional on use of concurrent access. Zero indicates beginning of file; point after
+ -- last checkpoint indicates end of file
+ last-transfer-end-read-request [9] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-write-request [10] IMPLICIT INTEGER OPTIONAL
+}
+
+F-LOCATE-request ::= SEQUENCE {
+ file-access-data-unit-identity FADU-Identity,
+ fadu-lock FADU-Lock OPTIONAL
+}
+
+F-LOCATE-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ file-access-data-unit-identity FADU-Identity OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-ERASE-request ::= SEQUENCE {file-access-data-unit-identity FADU-Identity
+}
+
+F-ERASE-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ diagnostic Diagnostic OPTIONAL
+}
+
+Bulk-Data-PDU ::= CHOICE {
+ f-read-request [32] IMPLICIT F-READ-request,
+ f-write-request [33] IMPLICIT F-WRITE-request,
+ -- There is no F-DATA FPDU, the contents of a file
+ -- are transferred in a different presentation context
+ -- and there is therefore no need to define the types
+ -- of file contents in the FTAM PCI abstract Syntax.
+ -- File contents data are carried in values of the
+ -- data type Data-Element as defined in ISO 8571-2.
+ f-data-end-request [34] IMPLICIT F-DATA-END-request,
+ f-transfer-end-request [35] IMPLICIT F-TRANSFER-END-request,
+ f-transfer-end-response [36] IMPLICIT F-TRANSFER-END-response,
+ f-cancel-request [37] IMPLICIT F-CANCEL-request,
+ f-cancel-response [38] IMPLICIT F-CANCEL-response,
+ -- There is no F-CHECK PDU.
+ f-restart-request [39] IMPLICIT F-RESTART-request,
+ f-restart-response [40] IMPLICIT F-RESTART-response
+}
+
+F-READ-request ::= SEQUENCE {
+ file-access-data-unit-identity FADU-Identity,
+ access-context Access-Context,
+ fadu-lock FADU-Lock OPTIONAL,
+ -- The following is conditional on the negotiation of consecutive of concurrent access.
+ transfer-number [0] IMPLICIT INTEGER OPTIONAL
+}
+
+F-WRITE-request ::= SEQUENCE {
+ file-access-data-unit-Operation
+ [0] IMPLICIT INTEGER {insert(0), replace(1), extend(2)},
+ file-access-data-unit-identity FADU-Identity,
+ fadu-lock FADU-Lock OPTIONAL,
+ -- The following is conditional on the negotiation of consecutive or concurrent access.
+ transfer-number [1] IMPLICIT INTEGER OPTIONAL
+}
+
+F-DATA-END-request ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-TRANSFER-END-request ::= SEQUENCE {
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ -- The following are conditional on the negotiation of consecutive or concurrent access.
+ request-type Request-Type OPTIONAL,
+ transfer-number [0] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-read-response [1] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-write-response [2] IMPLICIT INTEGER OPTIONAL
+}
+
+F-TRANSFER-END-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL,
+ -- The following are conditional on the negotiation of consecutive or concurrent access.
+ request-type Request-Type OPTIONAL,
+ transfer-number [0] IMPLICIT INTEGER OPTIONAL
+}
+
+F-CANCEL-request ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL,
+ -- The following are conditional on the negotiation of consecutive or concurrent access.
+ request-type Request-Type,
+ transfer-number [0] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-read-request [1] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-read-response [2] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-write-request [3] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-write-response [4] IMPLICIT INTEGER OPTIONAL
+}
+
+F-CANCEL-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL,
+ -- The following are conditional on the negotiation of consecutive or concurrent access.
+ request-type Request-Type OPTIONAL,
+ transfer-number [0] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-read-request [1] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-read-response [2] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-write-request [3] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-write-response [4] IMPLICIT INTEGER OPTIONAL
+}
+
+F-CHECK-request ::= SEQUENCE {
+ checkpoint-identifier [0] IMPLICIT INTEGER,
+ transfer-number [1] IMPLICIT INTEGER
+}
+
+F-CHECK-response ::= SEQUENCE {
+ checkpoint-identifier [0] IMPLICIT INTEGER,
+ transfer-number [1] IMPLICIT INTEGER
+}
+
+F-RESTART-request ::= SEQUENCE {
+ checkpoint-identifier [0] IMPLICIT INTEGER,
+ -- The following are conditional on the negotiation of consecutive or concurrent access.
+ request-type Request-Type OPTIONAL,
+ transfer-number [1] IMPLICIT INTEGER,
+ last-transfer-end-read-request [2] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-read-response [3] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-write-request [4] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-write-response [5] IMPLICIT INTEGER OPTIONAL
+}
+
+F-RESTART-response ::= SEQUENCE {
+ checkpoint-identifier [0] IMPLICIT INTEGER,
+ -- The following are conditional on the negotiation of consecutive or concurrent access.
+ request-type Request-Type OPTIONAL,
+ transfer-number [1] IMPLICIT INTEGER,
+ last-transfer-end-read-request [2] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-read-response [3] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-write-request [4] IMPLICIT INTEGER OPTIONAL,
+ last-transfer-end-write-response [5] IMPLICIT INTEGER OPTIONAL
+}
+
+Degree-Of-Overlap ::= [APPLICATION 30] IMPLICIT INTEGER {
+ normal(0), consecutive(1), concurrent(2)}
+
+Request-Type ::= [APPLICATION 31] IMPLICIT INTEGER {read(0), write(1)}
+
+Abstract-Syntax-Name ::= [APPLICATION 0] IMPLICIT OBJECT IDENTIFIER
+
+Access-Context ::= [APPLICATION 1] IMPLICIT SEQUENCE {
+ access-context
+ [0] IMPLICIT INTEGER {hierarchical-all-data-units(0),--HA--
+ hierarchical-no-data-units(1),--HN--
+ flat-all-data-units(2),--FA--
+ flat-one-level-data-unit(3),--FL--
+ flat-Single-data-unit(4),--FS--
+ unstructured-all-data-units(5),--UA--
+ unstructured-Single-data-unit(6)}, --US
+ level-number [1] IMPLICIT INTEGER OPTIONAL
+}
+
+-- Present if and only if flat-one-level-data-units
+-- (access context FL) is selected.
+-- As defined in ISO 8571-2.
+Access-Passwords ::= [APPLICATION 2] IMPLICIT SEQUENCE {
+ read-password [0] Password,
+ insert-password [1] Password,
+ replace-password [2] Password,
+ extend-password [3] Password,
+ erase-password [4] Password,
+ read-attribute-password [5] Password,
+ change-attribute-password [6] Password,
+ delete-password [7] Password,
+ pass-passwords [8] IMPLICIT Pass-Passwords OPTIONAL,
+ link-password [9] Password OPTIONAL
+}
+
+-- The pass-passwords and the link-password must be included in the
+-- access-passwords if and only if the limited-filestore-management
+-- or the Object-manipulation or the group-manipulation functional
+-- units are available.
+Access-Request ::= [APPLICATION 3] IMPLICIT BIT STRING {
+ read(0), insert(1), replace(2), extend(3), erase(4), read-attribute(5),
+ change-attribute(6), delete-Object(7)}
+
+Account ::= [APPLICATION 4] IMPLICIT GraphicString
+
+Action-Result ::= [APPLICATION 5] IMPLICIT INTEGER {
+ success(0), transient-error(1), permanent-error(2)}
+
+Activity-Identifier ::= [APPLICATION 6] IMPLICIT INTEGER
+
+Application-Entity-Title ::= [APPLICATION 7] AE-title
+
+-- As defined in ISO 8650.
+Change-Attributes ::= [APPLICATION 8] IMPLICIT SEQUENCE {
+ -- Kerne1 Group
+ pathname Pathname-Attribute OPTIONAL,
+ -- Storage group
+ storage-account [3] Account-Attribute OPTIONAL,
+ object-availability [12] Object-Availability-Attribute OPTIONAL,
+ future-Object-size [14] Object-Size-Attribute OPTIONAL,
+ -- Security group
+ access-control [15] Access-Control-Change-Attribute OPTIONAL,
+ path-access-control [21] Access-Control-Change-Attribute OPTIONAL,
+ -- This Parameter tan only be sent when the
+ -- enhanced-filestore-management functional unit is available.
+ legal-qualification [16] Legal-Qualification-Attribute OPTIONAL,
+ -- Private group
+ private-use [17] Private-Use-Attribute OPTIONAL,
+ -- Attribute Extensions group
+ attribute-extensions [22] IMPLICIT Attribute-Extensions OPTIONAL
+}
+
+-- This Parameter tan only be sent when the
+-- enhanced-filestore-management functional unit is available.
+-- Atleast one attribute shall be present in the Change-Attributes
+-- Parameter on the request PDU.
+Charging ::=
+ [APPLICATION 9] IMPLICIT
+ SEQUENCE OF
+ SEQUENCE {resource-identifier [0] IMPLICIT GraphicString,
+ charging-unit [1] IMPLICIT GraphicString,
+ charging-value [2] IMPLICIT INTEGER}
+
+Concurrency-Control ::= [APPLICATION 10] IMPLICIT SEQUENCE {
+ read [0] IMPLICIT Lock,
+ insert [1] IMPLICIT Lock,
+ replace [2] IMPLICIT Lock,
+ extend [3] IMPLICIT Lock,
+ erase [4] IMPLICIT Lock,
+ read-attribute [5] IMPLICIT Lock,
+ change-attribute [6] IMPLICIT Lock,
+ delete-Object [7] IMPLICIT Lock
+}
+
+Lock ::= INTEGER {not-required(0), shared(1), exclusive(2), no-access(3)}
+
+Constraint-Set-Name ::= [APPLICATION 11] IMPLICIT OBJECT IDENTIFIER
+
+Create-Attributes ::= [APPLICATION 12] IMPLICIT SEQUENCE {
+ -- Kerne1 Group
+ pathname Pathname-Attribute,
+ object-type [18] IMPLICIT Object-Type-Attribute DEFAULT file,
+ -- This Parameter tan be sent if and only if the
+ -- limited-filestore-management functional unit is available.
+ permitted-actions [1] IMPLICIT Permitted-Actions-Attribute,
+ contents-type [2] Contents-Type-Attribute,
+ -- Storage group
+ storage-account [3] Account-Attribute OPTIONAL,
+ object-availability [12] Object-Availability-Attribute OPTIONAL,
+ future-Object-size [14] Object-Size-Attribute OPTIONAL,
+ -- Security group
+ access-control [15] Access-Control-Attribute OPTIONAL,
+ path-access-control [21] Access-Control-Attribute OPTIONAL,
+ -- This Parameter tan be sent if and only if the
+ -- enhanced-filestore-management functional unit is available.
+ legal-qualification [16] Legal-Qualification-Attribute OPTIONAL,
+ -- Private group
+ private-use [17] Private-Use-Attribute OPTIONAL,
+ -- Attribute Extensions group
+ attribute-extensions [22] IMPLICIT Attribute-Extensions OPTIONAL
+}
+
+-- This Parameter tan only be sent when the
+-- limited-filestore-management functional unit is available.
+Diagnostic ::=
+ [APPLICATION 13] IMPLICIT
+ SEQUENCE OF
+ SEQUENCE {diagnostic-type
+ [0] IMPLICIT INTEGER {informative(0), transient(1),
+ permanent(2)},
+ error-identifier [1] IMPLICIT INTEGER,
+ -- As defined in ISO 8571-3.
+ error-observer [2] IMPLICIT Entity-Reference,
+ error-Source [3] IMPLICIT Entity-Reference,
+ suggested-delay [4] IMPLICIT INTEGER OPTIONAL,
+ further-details [5] IMPLICIT GraphicString OPTIONAL
+ }
+
+Entity-Reference ::= INTEGER {
+ no-categorization-possible(0), initiating-file-service-user(1),
+ initiating-file-protocol-machine(2),
+ service-supporting-the-file-protocol-machine(3),
+ responding-file-protocol-machine(4), responding-file-service-user(5)
+}
+
+--NOTE
+-- 1. The values 0 and 3 are only valid as values in error-source.
+-- 2. The value 5 corresponds to the virtual filestore.
+Document-Type-Name ::= [APPLICATION 14] IMPLICIT OBJECT IDENTIFIER
+
+FADU-Identity ::= [APPLICATION 15] CHOICE {
+ first-last [0] IMPLICIT INTEGER {first(0), last(1)},
+ relative [1] IMPLICIT INTEGER {previous(0), current(1), next(2)},
+ begin-end [2] IMPLICIT INTEGER {begin(0), end(1)},
+ single-name [3] IMPLICIT Node-Name,
+ name-list [4] IMPLICIT SEQUENCE OF Node-Name,
+ fadu-number [5] IMPLICIT INTEGER
+}
+
+-- As defined in ISO 8571-2.
+Node-Name ::= EXTERNAL
+
+-- The type to be used for Node-Name is defined in IS08571-FADU.
+FADU-Lock ::= [APPLICATION 16] IMPLICIT INTEGER {off(0), on(1)}
+
+Password ::= [APPLICATION 17] CHOICE {
+ graphicString GraphicString,
+ octetString OCTET STRING
+}
+
+Read-Attributes ::= [APPLICATION 18] IMPLICIT SEQUENCE {
+ -- Kerne1 Group
+ pathname Pathname-Attribute OPTIONAL,
+ object-type
+ [18] IMPLICIT Object-Type-Attribute OPTIONAL,
+ -- This Parameter tan be sent if and only if
+ -- the limited-filestore-management functional unit is available.
+ permitted-actions
+ [1] IMPLICIT Permitted-Actions-Attribute OPTIONAL,
+ contents-type
+ [2] Contents-Type-Attribute OPTIONAL,
+ linked-Object
+ [19] Pathname-Attribute OPTIONAL,
+ -- This Parameter tan be sent if and only if
+ -- the limited-filestore-management functional unit is available.
+ child-objects
+ [23] Child-Objects-Attribute OPTIONAL,
+ -- This Parameter tan be sent if and only if
+ -- the limited-filestore-management functional unit is available.
+ -- Storage group
+ primaty-pathname
+ [20] Pathname-Attribute OPTIONAL,
+ storage-account [3] Account-Attribute OPTIONAL,
+ date-and-time-of-creation
+ [4] Date-and-Time-Attribute OPTIONAL,
+ date-and-time-of-last-modification
+ [5] Date-and-Time-Attribute OPTIONAL,
+ date-and-time-of-last-read-access
+ [6] Date-and-Time-Attribute OPTIONAL,
+ date-and-time-of-last-attribute-modification
+ [7] Date-and-Time-Attribute OPTIONAL,
+ identity-of-creator
+ [8] User-Identity-Attribute OPTIONAL,
+ identity-of-last-modifier
+ [9] User-Identity-Attribute OPTIONAL,
+ identity-of-last-reader
+ [10] User-Identity-Attribute OPTIONAL,
+ identity-last-attribute-modifier
+ [11] User-Identity-Attribute OPTIONAL,
+ object-availability
+ [12] Object-Availability-Attribute OPTIONAL,
+ object-size
+ [13] Object-Size-Attribute OPTIONAL,
+ future-Object-size
+ [14] Object-Size-Attribute OPTIONAL,
+ -- Security group
+ access-control
+ [15] Access-Control-Attribute OPTIONAL,
+ path-access-control
+ [21] Access-Control-Attribute OPTIONAL,
+ -- This Parameter tan be sent if and only if
+ -- the limited-filestore-management functional unit is available.
+ legal-qualification
+ [16] Legal-Qualification-Attribute OPTIONAL,
+ -- Private group
+ private-use
+ [17] Private-Use-Attribute OPTIONAL,
+ -- Attribute Extensions group
+ attribute-extensions
+ [22] IMPLICIT Attribute-Extensions OPTIONAL
+}
+
+-- This Parameter tan be sent if and only if
+-- the limited-filestore-management functional unit is available.
+Select-Attributes ::= [APPLICATION 19] IMPLICIT SEQUENCE {
+ -- Kerne1 Group
+ pathname Pathname-Attribute
+}
+
+Shared-ASE-Information ::= [APPLICATION 20] IMPLICIT EXTERNAL
+
+-- This field may be used to convey commitment control as described
+-- in ISO 8571-3.
+State-Result ::= [APPLICATION 21] IMPLICIT INTEGER {success(0), failure(1)
+}
+
+User-Identity ::= [APPLICATION 22] IMPLICIT GraphicString
+
+Access-Control-Attribute ::= CHOICE {
+ no-value-available [0] IMPLICIT NULL,
+ -- Indicates partial support of this attribute.
+ -- This value shall only appear in response PDUs.
+ actual-values [1] IMPLICIT SET OF Access-Control-Element
+}
+
+-- The semantics of this attribute is described in ISO 8571-2.
+Access-Control-Change-Attribute ::= CHOICE {
+ no-value-available [0] IMPLICIT NULL,
+ -- Indicates partial support of this attribute.
+ -- This value shall only appear in response PDUs.
+ actual-values
+ [1] IMPLICIT SEQUENCE {insert-values
+ [0] IMPLICIT SET OF Access-Control-Element
+ OPTIONAL,
+ -- This field is used by the Change attribute actions to indicate
+ -- new values to be inserted in the access control Object attribute.
+ delete-values
+ [1] IMPLICIT SET OF Access-Control-Element
+ OPTIONAL}
+}
+
+-- This field is used by the Change attribute action to indicate
+-- old values to be removed from the access control Object
+-- attribute.
+-- The semantics of this attribute is described in ISO 8571-2.
+Access-Control-Element ::= SEQUENCE {
+ action-list [0] IMPLICIT Access-Request,
+ concurrency-access [1] IMPLICIT Concurrency-Access OPTIONAL,
+ identity [2] IMPLICIT User-Identity OPTIONAL,
+ passwords [3] IMPLICIT Access-Passwords OPTIONAL,
+ location [4] IMPLICIT Application-Entity-Title OPTIONAL
+}
+
+Concurrency-Access ::= SEQUENCE {
+ read [0] IMPLICIT Concurrency-Key,
+ insert [1] IMPLICIT Concurrency-Key,
+ replace [2] IMPLICIT Concurrency-Key,
+ extend [3] IMPLICIT Concurrency-Key,
+ erase [4] IMPLICIT Concurrency-Key,
+ read-attribute [5] IMPLICIT Concurrency-Key,
+ change-attribute [6] IMPLICIT Concurrency-Key,
+ delete-Object [7] IMPLICIT Concurrency-Key
+}
+
+Concurrency-Key ::= BIT STRING {
+ not-required(0), shared(1), exclusive(2), no-access(3)}
+
+Account-Attribute ::= CHOICE {
+ no-value-available [0] IMPLICIT NULL,
+ -- Indicates partial support of this attribute.
+ -- This value shall only appear in response PDUs.
+ actual-values Account
+}
+
+Contents-Type-Attribute ::= CHOICE {
+ document-type
+ [0] IMPLICIT SEQUENCE {document-type-name Document-Type-Name,
+ parameter
+ [0] TYPE-IDENTIFIER.&Type OPTIONAL},
+ -- The actual types to be used for values of the Parameter field
+ -- are defined in the named document type.
+ constraint-set-and-abstract-Syntax
+ [1] IMPLICIT SEQUENCE {constraint-set-name Constraint-Set-Name,
+ abstract-Syntax-name Abstract-Syntax-Name
+ }
+}
+
+Date-and-Time-Attribute ::= CHOICE {
+ no-value-available [0] IMPLICIT NULL,
+ -- Indicates partial support of this attribute.
+ -- This value shall only appear in response PDUs.
+ actual-values [1] IMPLICIT GeneralizedTime
+}
+
+Object-Availability-Attribute ::= CHOICE {
+ no-value-available [0] IMPLICIT NULL,
+ -- Indicates partial support of this attribute.
+ -- This value shall only appear in response PDUs.
+ actual-values
+ [1] IMPLICIT INTEGER {immediate-availability(0), deferred-availability(1)}
+}
+
+Pathname-Attribute ::= CHOICE {
+ incomplete-pathname [0] IMPLICIT Pathname,
+ complete-pathname [APPLICATION 23] IMPLICIT Pathname
+}
+
+Object-Size-Attribute ::= CHOICE {
+ no-value-available [0] IMPLICIT NULL,
+ -- Indicates partial support of this attribute.
+ -- This value shall only appear in response PDUs.
+ actual-values [1] IMPLICIT INTEGER
+}
+
+Legal-Qualification-Attribute ::= CHOICE {
+ no-value-available [0] IMPLICIT NULL,
+ -- Indicates partial support of this attribute.
+ -- This value shall only appear in response PDUs.
+ actual-values [1] IMPLICIT GraphicString
+}
+
+Permitted-Actions-Attribute ::= BIT STRING -- Actions available
+ {
+ read(0), insert(1), replace(2), extend(3), erase(4), read-attribute(5),
+ change-attribute(6), delete-Object(7), pass(11),
+ link(12),
+ -- FADU-Identity groups available
+ traversal(8), reverse-traversal(9), random-Order(10)}
+
+Private-Use-Attribute ::= CHOICE {
+ no-value-available [0] IMPLICIT NULL,
+ -- Indicates partial support of this attribute.
+ -- This value shall only appear in response PDUs.
+ abstract-Syntax-not-supported [1] IMPLICIT NULL,
+ -- Indicates that abstract Syntax is not available.
+ actual-values [2] IMPLICIT EXTERNAL
+}
+
+Object-Type-Attribute ::= INTEGER {file(0), file-directory(1), reference(2)}
+
+User-Identity-Attribute ::= CHOICE {
+ no-value-available [0] IMPLICIT NULL,
+ -- Indicates partial support of this attribute.
+ -- This value shall only appear in response PDUs.
+ actual-values User-Identity
+}
+
+Child-Objects-Attribute ::= SET OF GraphicString
+
+FSM-PDU ::= CHOICE {
+ f-Change-prefix-request [41] IMPLICIT F-CHANGE-PREFIX-request,
+ f-Change-prefix-response [42] IMPLICIT F-CHANGE-PREFIX-response,
+ f-list-request [43] IMPLICIT F-LIST-request,
+ f-list-response [44] IMPLICIT F-LIST-response,
+ f-group-select-request [45] IMPLICIT F-GROUP-SELECT-request,
+ f-group-select-response [46] IMPLICIT F-GROUP-SELECT-response,
+ f-group-delete-request [47] IMPLICIT F-GROUP-DELETE-request,
+ f-group-delete-response [48] IMPLICIT F-GROUP-DELETE-response,
+ f-group-move-request [49] IMPLICIT F-GROUP-MOVE-request,
+ f-group-move-response [50] IMPLICIT F-GROUP-MOVE-response,
+ f-group-copy-request [51] IMPLICIT F-GROUP-COPY-request,
+ f-group-copy-response [52] IMPLICIT F-GROUP-COPY-response,
+ f-group-list-request [53] IMPLICIT F-GROUP-LIST-request,
+ f-group-list-response [54] IMPLICIT F-GROUP-LIST-response,
+ f-group-Change-attrib-request [55] IMPLICIT F-GROUP-CHANGE-ATTRIB-request,
+ f-group-Change-attrib-response [56] IMPLICIT F-GROUP-CHANGE-ATTRIB-response,
+ f-select-another-request [57] IMPLICIT F-SELECT-ANOTHER-request,
+ f-select-another-response [58] IMPLICIT F-SELECT-ANOTHER-response,
+ f-create-directory-request [59] IMPLICIT F-CREATE-DIRECTORY-request,
+ f-create-directory-response [60] IMPLICIT F-CREATE-DIRECTORY-response,
+ f-link-request [61] IMPLICIT F-LINK-request,
+ f-link-response [62] IMPLICIT F-LINK-response,
+ f-unlink-request [63] IMPLICIT F-UNLINK-request,
+ f-unlink-response [64] IMPLICIT F-UNLINK-response,
+ f-read-link-attrib-request [65] IMPLICIT F-READ-LINK-ATTRIB-request,
+ f-read-link-attrib-response [66] IMPLICIT F-READ-LINK-ATTRIB-response,
+ f-Change-link-attrib-request [67] IMPLICIT F-CHANGE-LINK-ATTRIB-request,
+ f-Change-Iink-attrib-response [68] IMPLICIT F-CHANGE-LINK-ATTRIB-response,
+ f-move-request [69] IMPLICIT F-MOVE-request,
+ f-move-response [70] IMPLICIT F-MOVE-response,
+ f-copy-request [71] IMPLICIT F-COPY-request,
+ f-copy-response [72] IMPLICIT F-COPY-response
+}
+
+F-CHANGE-PREFIX-request ::= SEQUENCE {
+ reset [0] IMPLICIT BOOLEAN DEFAULT FALSE,
+ destination-file-directory Destination-File-Directory,
+ access-passwords Access-Passwords OPTIONAL,
+ path-access-passwords Path-Access-Passwords OPTIONAL
+}
+
+F-CHANGE-PREFIX-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ destination-file-directory Destination-File-Directory OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-LIST-request ::= SEQUENCE {
+ attribute-value-asset-tions Attribute-Value-Assertions,
+ scope Scope,
+ access-passwords Access-Passwords OPTIONAL,
+ path-access-passwords Path-Access-Passwords OPTIONAL,
+ attribute-names [0] IMPLICIT Attribute-Names,
+ attribute-extension-names [1] IMPLICIT Attribute-Extension-Names OPTIONAL
+}
+
+F-LIST-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ objects-attributes-list Objects-Attributes-List OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-GROUP-SELECT-request ::= SEQUENCE {
+ attribute-value-assertions Attribute-Value-Assertions,
+ requested-access Access-Request,
+ access-passwords Access-Passwords OPTIONAL,
+ path-access-passwords Path-Access-Passwords OPTIONAL,
+ concurrency-control Concurrency-Control OPTIONAL,
+ maximum-set-size [0] IMPLICIT INTEGER DEFAULT 0,
+ -- 0 implies no limit.
+ scope Scope,
+ account Account OPTIONAL,
+ shared-ASE-information Shared-ASE-Information OPTIONAL
+}
+
+F-GROUP-SELECT-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-GROUP-DELETE-request ::= SEQUENCE {
+ request-Operation-result Request-Operation-Result OPTIONAL,
+ shared-ASE-information Shared-ASE-Information OPTIONAL
+}
+
+F-GROUP-DELETE-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ charging Charging OPTIONAL,
+ operation-result Operation-Result OPTIONAL,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-GROUP-MOVE-request ::= SEQUENCE {
+ destination-file-directory Destination-File-Directory,
+ override [0] IMPLICIT Override DEFAULT create-failure,
+ -- Only the values create-failure (0}
+ -- and delete-and-create-with-new-attributes (3) are allowed.
+ error-action [11] IMPLICIT Error-Action,
+ create-password Password OPTIONAL,
+ access-passwords Access-Passwords OPTIONAL,
+ path-access-passwords Path-Access-Passwords OPTIONAL,
+ request-Operation-result Request-Operation-Result OPTIONAL,
+ attributes Change-Attributes OPTIONAL
+}
+
+F-GROUP-MOVE-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ destination-file-directory Destination-File-Directory OPTIONAL,
+ operation-result Operation-Result OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-GROUP-COPY-request ::= SEQUENCE {
+ destination-file-directory Destination-File-Directory,
+ override [0] IMPLICIT Override DEFAULT create-failure,
+ -- Only the values create-failure (0)
+ -- and delete-and-create-with-new-attributes (3) are allowed.
+ error-action [1] IMPLICIT Error-Action,
+ create-password Password OPTIONAL,
+ access-passwords Access-Passwords OPTIONAL,
+ path-access-passwords Path-Access-Passwords OPTIONAL,
+ request-Operation-result Request-Operation-Result OPTIONAL,
+ attributes Change-Attributes OPTIONAL
+}
+
+F-GROUP-COPY-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ destination-file-directory Destination-File-Directory OPTIONAL,
+ operation-result Operation-Result OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-GROUP-LIST-request ::= SEQUENCE {
+ attribute-names [0] IMPLICIT Attribute-Names,
+ attribute-extension-names [2] IMPLICIT Attribute-Extension-Names OPTIONAL
+}
+
+F-GROUP-LIST-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ objects-attributes-list Objects-Attributes-List OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-GROUP-CHANGE-ATTRIB-request ::= SEQUENCE {
+ attributes Change-Attributes,
+ error-action [1] IMPLICIT Error-Action,
+ request-Operation-result Request-Operation-Result OPTIONAL,
+ shared-ASE-information Shared-ASE-Information OPTIONAL
+}
+
+F-GROUP-CHANGE-ATTRIB-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ operation-result Operation-Result OPTIONAL,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-SELECT-ANOTHER-request ::= SEQUENCE {
+ shared-ASE-information Shared-ASE-Information OPTIONAL
+}
+
+F-SELECT-ANOTHER-response ::= SEQUENCE {
+ state-result State-Result DEFAULT success,
+ action-result Action-Result DEFAULT success,
+ last-member-indicator [0] IMPLICIT BOOLEAN DEFAULT FALSE,
+ referent-indicator Referent-Indicator OPTIONAL,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-CREATE-DIRECTORY-request ::= SEQUENCE {
+ initial-attributes Create-Attributes,
+ create-password Password OPTIONAL,
+ requested-access Access-Request,
+ shared-ASE-infonnation Shared-ASE-Information OPTIONAL,
+ account Account OPTIONAL
+}
+
+F-CREATE-DIRECTORY-response ::= SEQUENCE {
+ state-result State-Result DEFAULT success,
+ action-result Action-Result DEFAULT success,
+ initial-attributes Create-Attributes,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-LINK-request ::= SEQUENCE {
+ initial-attributes Create-Attributes,
+ target-object Pathname-Attribute,
+ create-password Password OPTIONAL,
+ requested-access Access-Request,
+ access-passwords Access-Passwords OPTIONAL,
+ path-access-passwords Path-Access-Passwords OPTIONAL,
+ concurrency-control Concurrency-Control OPTIONAL,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ account Account OPTIONAL
+}
+
+F-LINK-response ::= SEQUENCE {
+ state-result State-Result DEFAULT success,
+ action-result Action-Result DEFAULT success,
+ initial-attributes Create-Attributes,
+ target-Object Pathname-Attribute,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-UNLINK-request ::= SEQUENCE {
+ shared-ASE-information Shared-ASE-Information OPTIONAL
+}
+
+F-UNLINK-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ shared-ASE-information Shared-ASE-Information OPTIONAL,
+ charging Charging OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-READ-LINK-ATTRIB-request ::= SEQUENCE {
+ attribute-names [0] IMPLICIT Attribute-Names,
+ attribute-extension-names [1] IMPLICIT Attribute-Extension-Names OPTIONAL
+}
+
+F-READ-LINK-ATTRIB-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ attributes Read-Attributes OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-CHANGE-LINK-ATTRIB-request ::= SEQUENCE {attributes Change-Attributes
+}
+
+F-CHANGE-LINK-ATTRIB-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ attributes Change-Attributes OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-MOVE-request ::= SEQUENCE {
+ destination-file-directory Destination-File-Directory,
+ override [0] IMPLICIT Override DEFAULT create-failure,
+ -- Only the values create-failure (0)
+ -- and delete-and-create-with-new-attributes (3) are ailowed.
+ create-password Password OPTIONAL,
+ access-passwords Access-Passwords OPTIONAL,
+ path-access-passwords Path-Access-Passwords OPTIONAL,
+ attributes Change-Attributes OPTIONAL
+}
+
+F-MOVE-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ destination-file-directory Destination-File-Directory OPTIONAL,
+ attributes Change-Attributes OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+F-COPY-request ::= SEQUENCE {
+ destination-file-directory Destination-File-Directory,
+ override [0] IMPLICIT Override DEFAULT create-failure,
+ -- Only the values create-failure (0)
+ -- and delete-and-create-with-new-attributes (3) are allowed.
+ create-password Password OPTIONAL,
+ access-passwords Access-Passwords OPTIONAL,
+ path-access-passwords Path-Access-Passwords OPTIONAL,
+ attributes Change-Attributes OPTIONAL
+}
+
+F-COPY-response ::= SEQUENCE {
+ action-result Action-Result DEFAULT success,
+ destination-file-directory Destination-File-Directory OPTIONAL,
+ attributes Change-Attributes OPTIONAL,
+ diagnostic Diagnostic OPTIONAL
+}
+
+Attribute-Extension-Names ::= SEQUENCE OF Attribute-Extension-Set-Name
+
+Attribute-Extension-Set-Name ::= SEQUENCE {
+ extension-set-identifier [0] IMPLICIT Extension-Set-Identifier,
+ extension-attribute-names [1] SEQUENCE OF Extension-Attribute-identifier
+}
+
+Attribute-Extensions ::= SEQUENCE OF Attribute-Extension-Set
+
+Attribute-Extension-Set ::= SEQUENCE {
+ extension-set-identifier [0] IMPLICIT Extension-Set-Identifier,
+ extension-set-attributes [1] SEQUENCE OF Extension-Attribute
+}
+
+Extension-Attribute ::= SEQUENCE {
+ extension-attribute-identifier TYPE-IDENTIFIER.&id({Extension-Attributes}),
+ extension-attribute
+ TYPE-IDENTIFIER.&Type
+ ({Extension-Attributes}{@extension-attribute-identifier})
+}
+
+Extension-Attributes TYPE-IDENTIFIER ::=
+ {...} -- dynamically extensible
+
+Extension-Set-Identifier ::= OBJECT IDENTIFIER
+
+Extension-Attribute-identifier ::= OBJECT IDENTIFIER
+
+Attribute-Value-Assertions ::= [APPLICATION 26] IMPLICIT OR-Set
+
+Scope ::=
+ [APPLICATION 28] IMPLICIT
+ SEQUENCE OF
+ SEQUENCE {root-directory [0] Pathname-Attribute OPTIONAL,
+ retrieval-scope [1] IMPLICIT INTEGER {child(0), all(1)}
+ }
+
+OR-Set ::= SEQUENCE OF AND-Set
+
+AND-Set ::=
+ SEQUENCE OF
+ CHOICE {-- Kernel group
+ pathname-Pattern
+ [0] IMPLICIT Pathname-Pattern,
+ object-type-Pattern
+ [18] IMPLICIT Integer-Pattern,
+ permitted-actions-Pattern
+ [1] IMPLICIT Bitstring-Pattern,
+ contents-type-Pattern
+ [2] Contents-Type-Pattern,
+ linked-Object-Pattern
+ [19] IMPLICIT Pathname-Pattern,
+ child-objects-Pattern
+ [23] IMPLICIT Pathname-Pattern,
+ -- Storage group
+ primaty-pathname-Pattern
+ [20] IMPLICIT Pathname-Pattern,
+ storage-account-Pattern
+ [3] IMPLICIT String-Pattern,
+ date-and-time-of-creation-Pattern
+ [4] IMPLICIT Date-and-Time-Pattern,
+ date-and-time-of-last-modification-Pattern
+ [5] IMPLICIT Date-and-Time-Pattern,
+ date-and-time-of-last-read-access-Pattern
+ [6] IMPLICIT Date-and-Time-Pattern,
+ date-and-time-of-last-attribute-modification-Pattern
+ [7] IMPLICIT Date-and-Time-Pattern,
+ identity-of-creator-Pattern
+ [8] IMPLICIT User-Identity-Pattern,
+ identity-of-last-modifier-Pattern
+ [9] IMPLICIT User-Identity-Pattern,
+ identity-of-last-reader-Pattern
+ [10] IMPLICIT User-Identity-Pattern,
+ identity-of-last-attribute-modifier-Pattern
+ [11] IMPLICIT User-Identity-Pattern,
+ object-availabiiity-Pattern
+ [12] IMPLICIT Boolean-Pattern,
+ object-size-Pattern
+ [13] IMPLICIT Integer-Pattern,
+ future-object-size-Pattern
+ [14] IMPLICIT Integer-Pattern,
+ -- Security group
+ -- Access control searches are disallowed.
+ legal-quailfication-Pattern
+ [16] IMPLICIT String-Pattern,
+ -- Private group
+ -- Private use searches are disallowed.
+ -- Attribute Extensions group
+ attribute-extensions-pattern
+ [22] IMPLICIT Attribute-Extensions-Pattern}
+
+User-Identity-Pattern ::= String-Pattern
+
+Equality-Comparision ::= BIT STRING {
+ no-value-available-matches(0),
+ -- Set impies “No Value Available” matches the test.
+ -- Clear implies “No Value Availabie” fails the test.
+ equals-matches(1)
+
+-- Set implies equal items match the test.
+-- Clear implies equal items fail the test.
+}
+
+Relational-Comparision ::= BIT STRING {
+ no-value-available-matches(0),
+ -- Set impies “No Value Available” matches the test.
+ -- Clear implies “No Value Available” fails the test.
+ equals-matches(1),
+ -- Set implies equal items match the test.’
+ -- Clear implies equal items fail the test.
+ less-than-matches(2),
+ -- Set implies a value less than the test cke matches.
+ -- Clear implies a value less than the test case fails.
+ greater-than-matches(3)
+
+-- Set implies a value greater than the test case matches.
+-- Clear implies a value greater than the test case fails.
+}
+
+-- Bits 1 through 3 shall not all have the Same value.
+Pathname-Pattern ::= SEQUENCE {
+ equality-comparision [0] IMPLICIT Equality-Comparision,
+ pathname-value
+ [1] IMPLICIT SEQUENCE OF
+ CHOICE {string-match [2] IMPLICIT String-Pattern,
+ any-match [3] IMPLICIT NULL}
+}
+
+String-Pattern ::= SEQUENCE {
+ equality-comparision [0] IMPLICIT Equality-Comparision,
+ string-value
+ [1] IMPLICIT SEQUENCE OF
+ CHOICE {substring-match
+ [2] IMPLICIT GraphicString,
+ any-match [3] IMPLICIT NULL,
+ number-of-characters-match [4] IMPLICIT INTEGER
+ }
+}
+
+Bitstring-Pattern ::= SEQUENCE {
+ equality-comparision [0] IMPLICIT Equality-Comparision,
+ match-bitstring [1] IMPLICIT BIT STRING,
+ significance-bitstring [2] IMPLICIT BIT STRING
+}
+
+Date-and-Time-Pattern ::= SEQUENCE {
+ relational-camparision [0] IMPLICIT Equality-Comparision,
+ time-and-date-value [1] IMPLICIT GeneralizedTime
+}
+
+Integer-Pattern ::= SEQUENCE {
+ relational-comparision [0] IMPLICIT Relational-Comparision,
+ integer-value [1] IMPLICIT INTEGER
+}
+
+Object-Identifier-Pattern ::= SEQUENCE {
+ equality-comparision [0] IMPLICIT Equality-Comparision,
+ object-identifier-value [1] IMPLICIT OBJECT IDENTIFIER
+}
+
+Boolean-Pattern ::= SEQUENCE {
+ equality-comparision [0] IMPLICIT Equality-Comparision,
+ boolean-value [1] IMPLICIT BOOLEAN
+}
+
+Other-Pattern ::= Equality-Comparision
+
+-- Matches against “No Value Available”.
+Contents-Type-Pattern ::= CHOICE {
+ document-type-Pattern
+ [0] IMPLICIT Object-Identifier-Pattern,
+ constraint-set-abstract-Syntax-Pattern
+ [1] IMPLICIT SEQUENCE {constraint-Set-Pattern
+ [2] IMPLICIT Object-Identifier-Pattern OPTIONAL,
+ -- Absent implies any Object Identifier is equal.
+ abstract-Syntax-Pattern
+ [3] IMPLICIT Object-Identifier-Pattern OPTIONAL
+ -- Absent implies any Object identifier is equal.
+ }
+}
+
+Attribute-Extensions-Pattern ::=
+ SEQUENCE OF
+ SEQUENCE {extension-set-identifier
+ [0] IMPLICIT Extension-Set-Identifier,
+ extension-set-attribute-Patterns
+ [1] IMPLICIT SEQUENCE OF
+ SEQUENCE {extension-attribute-identifier
+ TYPE-IDENTIFIER.&id
+ ({Extension-attribute-Patterns}),
+ extension-attribute-Pattern
+ TYPE-IDENTIFIER.&Type
+ ({Extension-attribute-Patterns}
+ {@.extension-attribute-identifier})
+ }}
+
+-- conjunction with the extention attribute in Order to
+-- perform Pattern matthing operations on it. it may be
+-- defined in terms of other Patterns within this
+-- Standard.
+Extension-attribute-Patterns TYPE-IDENTIFIER ::=
+ {...} -- dynamically extensible information object set
+
+Destination-File-Directory ::= [APPLICATION 24] Pathname-Attribute
+
+Objects-Attributes-List ::=
+ [APPLICATION 25] IMPLICIT SEQUENCE OF Read-Attributes
+
+Override ::= INTEGER {
+ create-failure(0), select-old-Object(1),
+ delete-and-create-with-old-attributes(2),
+ delete-and-create-with-new-attributes(3)}
+
+Error-Action ::= INTEGER {terminate(0), continue(1)}
+
+Operation-Result ::= [APPLICATION 30] CHOICE {
+ success-Object-count [0] IMPLICIT INTEGER,
+ success-Object-names [1] IMPLICIT SEQUENCE OF Pathname
+}
+
+Pathname ::= SEQUENCE OF GraphicString
+
+Pass-Passwords ::= SEQUENCE OF Password
+
+-- There is a one-to-one correspondence between the elements of
+-- Pass-Passwords and the non-terminal elements of the specified
+-- Pathname.
+Path-Access-Passwords ::=
+ [APPLICATION 27] IMPLICIT
+ SEQUENCE OF
+ SEQUENCE {read-password [0] Password,
+ insert-password [1] Password,
+ replace-password [2] Password,
+ extend-password [3] Password,
+ erase-password [4] Password,
+ read-attribute-password [5] Password,
+ change-attribute-password [6] Password,
+ delete-password [7] Password,
+ pass-passwords [8] IMPLICIT Pass-Passwords,
+ link-password [9] Password}
+
+-- There is a one-to-one correspondence between the elements of
+-- Path-Access-Passwords and the non-terminal elements sf the
+-- specified Pathname.
+Request-Operation-Result ::= [APPLICATION 31] IMPLICIT INTEGER {
+ summary(0), fiii-list(1)}
+
+Attribute-Names ::= BIT STRING -- Kernel group
+ {
+ read-pathname(0), read-Object-type(18), read-permitted-actions(1),
+ read-contents-type(2), read-linked-Object(19),
+ read-Child-objects(23),
+ -- Storage group
+ read-primary-pathname(20), read-storage-account(3),
+ read-date-and-time-of-creation(4),
+ read-date-and-time-of-last-modification(5),
+ read-date-and-time-of-last-read-access(6),
+ read-date-and-time-of-last-attribute-modification(7),
+ read-identity-of-creator(8), read-identity-of-last-modifier(9),
+ read-identity-of-last-reader(10),
+ read-identity-of-last-attribute-modifier(11), read-Object-availability(12),
+ read-Object-size(13),
+ read-future-Object-size(14),
+ -- Security group
+ read-access-control(15), read-path-access-control(21),
+ read-l8gal-qualifiCatiOnS(16),
+ -- Private group
+ read-private-use(17)}
+
+-- Bits 19 through 23 arc defined if and only if the limited-fil8Store-manag8m8nt
+-- or group-manipulation functionat units are available.
+Referent-Indicator ::= [APPLICATION 29] IMPLICIT BOOLEAN
+
+-- dw: definition of AE-title, as defined in ISO 8650:1988/Cor.1:1990
+-- dw: defined in-line here so we don't need to import it, original comments
+-- dw: are as they appear in the 8650:1988 Annex E
+AP-title ::= TYPE-IDENTIFIER.&Type
+
+-- The exact definition and values used for AP-title
+-- should be chosen taking into account the ongoing
+-- work in areas of naming, the Directory, and the
+-- Registration Authority procedures for AE titles,
+-- AE titles, and AE qualifiers
+AE-qualifier ::= TYPE-IDENTIFIER.&Type
+
+-- The exact definition and values used for AE-qualifier
+-- should be chosen taking into account the ongoing
+-- work in areas of naming, the Directory, and the
+-- Registration Authority procedures for AE titles,
+-- AE titles, and AE qualifiers
+AE-title ::= SEQUENCE {ap AP-title,
+ ae AE-qualifier
+}
+
+END
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
+
diff --git a/asn1/InformationFramework.asn1 b/asn1/InformationFramework.asn1
index 58d934b..51a70ff 100644
--- a/asn1/InformationFramework.asn1
+++ b/asn1/InformationFramework.asn1
@@ -1,9 +1,6 @@
--- Module InformationFramework (X.501 TC2:08/1997)
--- See also ITU-T X.501 (1997) Technical Cor. 2 (02/2001)
--- See also the index of all ASN.1 assignments needed in this document
-
+-- Module InformationFramework (X.501:02/2001)
InformationFramework {joint-iso-itu-t ds(5) module(1) informationFramework(1)
- 3} DEFINITIONS ::=
+ 4} DEFINITIONS ::=
BEGIN
-- EXPORTS All -
@@ -12,21 +9,26 @@ BEGIN
-- Directory services. Other applications may use them for their own purposes, but this will not constrain
-- extensions and modifications needed to maintain or improve the Directory service.
IMPORTS
- id-oc, id-at, id-mr, id-oa, id-sc, id-ar, id-nf, selectedAttributeTypes,
- directoryAbstractService, upperBounds
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ directoryAbstractService, id-ar, id-at, id-mr, id-nf, id-oa, id-oc,
+ id-sc, selectedAttributeTypes, serviceAdministration, upperBounds
FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
- usefulDefinitions(0) 3}
- commonName, generalizedTimeMatch, generalizedTimeOrderingMatch, booleanMatch,
- integerMatch, integerOrderingMatch, objectIdentifierFirstComponentMatch,
- integerFirstComponentMatch, DirectoryString{}
- FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
- selectedAttributeTypes(5) 3}
- TypeAndContextAssertion, ServiceControlOptions, SearchControlOptions,
- HierarchySelections, FamilyGrouping, FamilyReturn
+ usefulDefinitions(0) 4}
+ SearchRule
+ FROM ServiceAdministration {joint-iso-itu-t ds(5) module(1)
+ serviceAdministration(33) 4}
+ -- from ITU-T Rec. X.511 | ISO/IEC 9594-3
+ TypeAndContextAssertion
FROM DirectoryAbstractService {joint-iso-itu-t ds(5) module(1)
- directoryAbstractService(2) 3}
+ directoryAbstractService(2) 4}
+ -- from ITU-T Rec. X.520 | ISO/IEC 9594-6
+ booleanMatch, commonName, DirectoryString{}, generalizedTimeMatch,
+ generalizedTimeOrderingMatch, integerFirstComponentMatch, integerMatch,
+ integerOrderingMatch, objectIdentifierFirstComponentMatch
+ FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ selectedAttributeTypes(5) 4}
ub-search
- FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 3};
+ FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4};
-- attribute data types
Attribute ::= SEQUENCE {
@@ -53,8 +55,7 @@ Context ::= SEQUENCE {
AttributeValueAssertion ::= SEQUENCE {
type ATTRIBUTE.&id({SupportedAttributes}),
assertion
- ATTRIBUTE.&equality-match.&AssertionType
- ({SupportedAttributes}{@type}),
+ ATTRIBUTE.&equality-match.&AssertionType({SupportedAttributes}{@type}),
assertedContexts
CHOICE {allContexts [0] NULL,
selectedContexts [1] SET SIZE (1..MAX) OF ContextAssertion
@@ -64,8 +65,7 @@ AttributeValueAssertion ::= SEQUENCE {
ContextAssertion ::= SEQUENCE {
contextType CONTEXT.&id({SupportedContexts}),
contextValues
- SET SIZE (1..MAX) OF
- CONTEXT.&Assertion({SupportedContexts}{@contextType})
+ SET SIZE (1..MAX) OF CONTEXT.&Assertion({SupportedContexts}{@contextType})
}
AttributeTypeAssertion ::= SEQUENCE {
@@ -104,8 +104,7 @@ AttributeTypeAndDistinguishedValue ::= SEQUENCE {
valuesWithContext
SET SIZE (1..MAX) OF
SEQUENCE {distingAttrValue
- [0] ATTRIBUTE.&Type({SupportedAttributes}{@type})
- OPTIONAL,
+ [0] ATTRIBUTE.&Type({SupportedAttributes}{@type}) OPTIONAL,
contextList SET SIZE (1..MAX) OF Context} OPTIONAL
}
@@ -223,9 +222,9 @@ aliasedEntryName ATTRIBUTE ::= {
-- MATCHING-RULE information object class specification
MATCHING-RULE ::= CLASS {
- &ParentMatchingRules MATCHING-RULE.&id OPTIONAL,
+ &ParentMatchingRules MATCHING-RULE OPTIONAL,
&AssertionType OPTIONAL,
- &uniqueMatchIndicator ATTRIBUTE.&id OPTIONAL,
+ &uniqueMatchIndicator ATTRIBUTE OPTIONAL,
&id OBJECT IDENTIFIER UNIQUE
}
WITH SYNTAX {
@@ -298,7 +297,7 @@ WITH SYNTAX {
DITStructureRule ::= SEQUENCE {
ruleIdentifier RuleIdentifier,
- -- must be unique within the scope of the subschema
+ -- shall be unique within the scope of the subschema
nameForm NAME-FORM.&id,
superiorStructureRules SET SIZE (1..MAX) OF RuleIdentifier OPTIONAL
}
@@ -393,6 +392,19 @@ serviceAdminSubentry OBJECT-CLASS ::= {
}
-- attributes
+subtreeSpecification ATTRIBUTE ::= {
+ WITH SYNTAX SubtreeSpecification
+ USAGE directoryOperation
+ ID id-oa-subtreeSpecification
+}
+
+administrativeRole ATTRIBUTE ::= {
+ WITH SYNTAX OBJECT-CLASS.&id
+ EQUALITY MATCHING RULE objectIdentifierMatch
+ USAGE directoryOperation
+ ID id-oa-administrativeRole
+}
+
createTimestamp ATTRIBUTE ::= {
WITH SYNTAX GeneralizedTime
-- as per 41.3 b) or c) of ITU-T Rec. X.680 | ISO/IEC 8824-1
@@ -494,19 +506,6 @@ hasSubordinates ATTRIBUTE ::= {
ID id-oa-hasSubordinates
}
-administrativeRole ATTRIBUTE ::= {
- WITH SYNTAX OBJECT-CLASS.&id
- EQUALITY MATCHING RULE objectIdentifierMatch
- USAGE directoryOperation
- ID id-oa-administrativeRole
-}
-
-subtreeSpecification ATTRIBUTE ::= {
- WITH SYNTAX SubtreeSpecification
- USAGE directoryOperation
- ID id-oa-subtreeSpecification
-}
-
collectiveExclusions ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
@@ -531,12 +530,11 @@ searchRules ATTRIBUTE ::= {
SearchRuleDescription ::= SEQUENCE {
COMPONENTS OF SearchRule,
name [28] SET SIZE (1..MAX) OF DirectoryString{ub-search} OPTIONAL,
- description [29] DirectoryString{ub-search} OPTIONAL,
- obsolete [30] BOOLEAN DEFAULT FALSE
+ description [29] DirectoryString{ub-search} OPTIONAL
}
hierarchyLevel ATTRIBUTE ::= {
- WITH SYNTAX INTEGER
+ WITH SYNTAX HierarchyLevel
EQUALITY MATCHING RULE integerMatch
ORDERING MATCHING RULE integerOrderingMatch
SINGLE VALUE TRUE
@@ -545,8 +543,10 @@ hierarchyLevel ATTRIBUTE ::= {
ID id-oa-hierarchyLevel
}
+HierarchyLevel ::= INTEGER
+
hierarchyBelow ATTRIBUTE ::= {
- WITH SYNTAX BOOLEAN
+ WITH SYNTAX HierarchyBelow
EQUALITY MATCHING RULE booleanMatch
SINGLE VALUE TRUE
NO USER MODIFICATION TRUE
@@ -554,6 +554,8 @@ hierarchyBelow ATTRIBUTE ::= {
ID id-oa-hierarchyBelow
}
+HierarchyBelow ::= BOOLEAN
+
hierarchyParent ATTRIBUTE ::= {
WITH SYNTAX DistinguishedName
EQUALITY MATCHING RULE distinguishedNameMatch
@@ -562,221 +564,6 @@ hierarchyParent ATTRIBUTE ::= {
ID id-oa-hierarchyParent
}
-SearchRule ::= SEQUENCE {
- COMPONENTS OF SearchRuleId,
- serviceType [1] OBJECT IDENTIFIER OPTIONAL,
- userClass [2] INTEGER OPTIONAL,
- inputAttributeTypes
- [3] SEQUENCE SIZE (1..MAX) OF RequestAttribute OPTIONAL,
- attributeCombination [4] AttributeCombination DEFAULT and:{},
- outputAttributeTypes [5] SEQUENCE SIZE (1..MAX) OF ResultAttribute OPTIONAL,
- defaultControls [6] ControlOptions OPTIONAL,
- mandatoryControls [7] ControlOptions OPTIONAL,
- searchRuleControls [8] ControlOptions OPTIONAL,
- familyGrouping [9] FamilyGrouping OPTIONAL,
- familyReturn [10] FamilyReturn OPTIONAL,
- relaxation [11] RelaxationPolicy OPTIONAL,
- additionalControl [12] SEQUENCE SIZE (1..MAX) OF AttributeType OPTIONAL,
- allowedSubset [13] AllowedSubset DEFAULT '111'B,
- imposedSubset [14] ImposedSubset OPTIONAL,
- entryLimit [15] EntryLimit OPTIONAL
-}
-
-SearchRuleId ::= SEQUENCE {id INTEGER,
- dmdId [0] OBJECT IDENTIFIER
-}
-
-AllowedSubset ::= BIT STRING {baseObject(0), oneLevel(1), wholeSubtree(2)}
-
-ImposedSubset ::= ENUMERATED {baseObject(0), oneLevel(1), wholeSubtree(2)}
-
-RequestAttribute ::= SEQUENCE {
- attributeType ATTRIBUTE.&id({SupportedAttributes}),
- includeSubtypes [0] BOOLEAN DEFAULT FALSE,
- selectedValues
- [1] SEQUENCE SIZE (0..MAX) OF
- ATTRIBUTE.&Type({SupportedAttributes}{@attributeType}) OPTIONAL,
- defaultValues
- [2] SEQUENCE SIZE (0..MAX) OF
- SEQUENCE {entryType OBJECT-CLASS.&id OPTIONAL,
- values
- SEQUENCE OF
- ATTRIBUTE.&Type
- ({SupportedAttributes}{@attributeType})} OPTIONAL,
- contexts [3] SEQUENCE SIZE (0..MAX) OF ContextProfile OPTIONAL,
- contextCombination [4] ContextCombination DEFAULT and:{},
- matchingUse [5] SEQUENCE SIZE (1..MAX) OF MatchingUse OPTIONAL
-}
-
-ContextProfile ::= SEQUENCE {
- contextType CONTEXT.&id({SupportedContexts}),
- contextValue
- SEQUENCE SIZE (1..MAX) OF
- CONTEXT.&Assertion({SupportedContexts}{@contextType}) OPTIONAL
-}
-
-ContextCombination ::= CHOICE {
- context [0] CONTEXT.&id,
- and [1] SEQUENCE OF ContextCombination,
- or [2] SEQUENCE OF ContextCombination,
- not [3] ContextCombination
-}
-
-MatchingUse ::= SEQUENCE {
- restrictionType
- MATCHING-RESTRICTION.&id({SupportedMatchingRestrictions}),
- restrictionValue
- MATCHING-RESTRICTION.&Restriction
- ({SupportedMatchingRestrictions}{@restrictionType})
-}
-
--- Definition of the following information object set is deferred, perhaps to standardized
--- profiles or to protocol implementation conformance statements. The set is required to
--- specify a table constraint on the components of SupportedMatchingRestrictions
-SupportedMatchingRestrictions MATCHING-RESTRICTION ::=
- {...}
-
-AttributeCombination ::= CHOICE {
- attribute [0] AttributeType,
- and [1] SEQUENCE OF AttributeCombination,
- or [2] SEQUENCE OF AttributeCombination,
- not [3] AttributeCombination
-}
-
-ResultAttribute ::= SEQUENCE {
- attributeType ATTRIBUTE.&id({SupportedAttributes}),
- outputValues
- CHOICE {selectedValues
- SEQUENCE SIZE (1..MAX) OF
- ATTRIBUTE.&Type({SupportedAttributes}{@attributeType}),
- matchedValuesOnly NULL} OPTIONAL,
- contexts [0] SEQUENCE SIZE (1..MAX) OF ContextProfile OPTIONAL
-}
-
-OutputValues ::= CHOICE {
- selectedValues
- SEQUENCE SIZE (1..MAX) OF ATTRIBUTE.&Type({SupportedAttributes}),
- matchedValuesOnly NULL
-}
-
-ControlOptions ::= SEQUENCE {
- serviceControls [0] ServiceControlOptions DEFAULT {},
- searchOptions [1] SearchControlOptions DEFAULT {searchAliases},
- hierarchyOptions [2] HierarchySelections OPTIONAL
-}
-
-EntryLimit ::= SEQUENCE {default INTEGER,
- max INTEGER
-}
-
-RelaxationPolicy ::= SEQUENCE {
- basic [0] MRMapping DEFAULT {},
- tightenings [1] SEQUENCE SIZE (1..MAX) OF MRMapping OPTIONAL,
- relaxations [2] SEQUENCE SIZE (1..MAX) OF MRMapping OPTIONAL,
- maximum [3] INTEGER OPTIONAL, -- mandatory if tightenings is present
- minimum [4] INTEGER DEFAULT 1
-}
-
-MRMapping ::= SEQUENCE {
- mapping [0] SEQUENCE SIZE (1..MAX) OF Mapping OPTIONAL,
- substitution [1] SEQUENCE SIZE (1..MAX) OF MRSubstitution OPTIONAL
-}
-
-Mapping ::= SEQUENCE {
- mappingFunction
- OBJECT IDENTIFIER
- (CONSTRAINED BY {-- shall be an--
-
- -- object identifier of a mapping-based matching algorithm -- }),
- level INTEGER DEFAULT 0
-}
-
-MRSubstitution ::= SEQUENCE {
- attribute AttributeType,
- oldMatchingRule [0] MATCHING-RULE.&id OPTIONAL,
- newMatchingRule [1] MATCHING-RULE.&id OPTIONAL
-}
-
-SEARCH-RULE ::= CLASS {
- &dmdId OBJECT IDENTIFIER,
- &serviceType OBJECT IDENTIFIER OPTIONAL,
- &userClass INTEGER OPTIONAL,
- &InputAttributeTypes REQUEST-ATTRIBUTE OPTIONAL,
- &combination AttributeCombination OPTIONAL,
- &OutputAttributeTypes RESULT-ATTRIBUTE OPTIONAL,
- &defaultControls ControlOptions OPTIONAL,
- &mandatoryControls ControlOptions OPTIONAL,
- &searchRuleControls ControlOptions OPTIONAL,
- &familyGrouping FamilyGrouping OPTIONAL,
- &familyReturn FamilyReturn OPTIONAL,
- &additionalControl AttributeType OPTIONAL,
- &relaxation RelaxationPolicy OPTIONAL,
- &entryLimit EntryLimit OPTIONAL,
- &allowedSubset AllowedSubset DEFAULT '111'B,
- &imposedSubset ImposedSubset OPTIONAL,
- &id INTEGER UNIQUE
-}
-WITH SYNTAX {
- DMD ID &dmdId
- [SERVICE-TYPE &serviceType]
- [USER-CLASS &userClass]
- [INPUT ATTRIBUTES &InputAttributeTypes]
- [COMBINATION &combination]
- [OUTPUT ATTRIBUTES &OutputAttributeTypes]
- [DEFAULT CONTROL &defaultControls]
- [MANDATORY CONTROL &mandatoryControls]
- [SEARCH-RULE CONTROL &searchRuleControls]
- [FAMILY-GROUPING &familyGrouping]
- [FAMILY-RETURN &familyReturn]
- [ADDITIONAL CONTROL &additionalControl]
- [RELAXATION &relaxation]
- [ALLOWED SUBSET &allowedSubset]
- [IMPOSED SUBSET &imposedSubset]
- [ENTRY LIMIT &entryLimit]
- ID &id
-}
-
-REQUEST-ATTRIBUTE ::= CLASS {
- &attributeType ATTRIBUTE.&id,
- &SelectedValues ATTRIBUTE.&Type OPTIONAL,
- &DefaultValues SEQUENCE {entryType OBJECT-CLASS.&id OPTIONAL,
- values SEQUENCE OF ATTRIBUTE.&Type
- } OPTIONAL,
- &contexts SEQUENCE OF ContextProfile OPTIONAL,
- &contextCombination ContextCombination OPTIONAL,
- &MatchingUse MatchingUse OPTIONAL,
- &includeSubtypes BOOLEAN DEFAULT FALSE
-}
-WITH SYNTAX {
- ATTRIBUTE TYPE &attributeType
- [SELECTED VALUES &SelectedValues]
- [DEFAULT VALUES &DefaultValues]
- [CONTEXTS &contexts]
- [CONTEXT COMBINATION &contextCombination]
- [MATCHING USE &MatchingUse]
- [INCLUDE SUBTYPES &includeSubtypes]
-}
-
-RESULT-ATTRIBUTE ::= CLASS {
- &attributeType ATTRIBUTE.&id,
- &outputValues OutputValues OPTIONAL,
- &contexts ContextProfile OPTIONAL
-}
-WITH SYNTAX {
- ATTRIBUTE TYPE &attributeType
- [OUTPUT VALUES &outputValues]
- [CONTEXTS &contexts]
-}
-
-MATCHING-RESTRICTION ::= CLASS {
- &Restriction ,
- &Rules MATCHING-RULE.&id,
- &id OBJECT IDENTIFIER UNIQUE
-}WITH SYNTAX {RESTRICTION &Restriction
- RULES &Rules
- ID &id
-}
-
-- object identifier assignments
-- object classes
id-oc-top OBJECT IDENTIFIER ::=
@@ -873,4 +660,5 @@ id-ar-serviceSpecificArea OBJECT IDENTIFIER ::= {id-ar 8}
END -- InformationFramework
--- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/Interchange-Data-Elements.asn1 b/asn1/Interchange-Data-Elements.asn1
new file mode 100644
index 0000000..5375252
--- /dev/null
+++ b/asn1/Interchange-Data-Elements.asn1
@@ -0,0 +1,56 @@
+-- Module Interchange-Data-Elements (T.415:03/1993)
+Interchange-Data-Elements {2 8 1 5 5} DEFINITIONS ::=
+BEGIN
+
+EXPORTS Interchange-Data-Element;
+
+IMPORTS
+ Document-Profile-Descriptor
+ FROM Document-Profile-Descriptor -- see 7.7
+
+ Layout-Class-Descriptor, Layout-Object-Descriptor
+ FROM Layout-Descriptors -- see 7.9
+
+ Logical-Class-Descriptor, Logical-Object-Descriptor
+ FROM Logical-Descriptors -- see 7.10
+
+ Presentation-Style-Descriptor, Layout-Style-Descriptor
+ FROM Style-Descriptors -- see 7.11
+
+ Text-Unit
+ FROM Text-Units -- see 7.13
+
+ Sealed-Doc-Prof-Descriptor, Enciphered-Doc-Prof-Descriptor,
+ Preenciphered-Bodypart-Descriptor, Postenciphered-Bodypart-Descriptor
+ FROM Protected-Part-Descriptors -- see 7.15
+
+ Link-Class-Descriptor, Link-Descriptor, Enciphered-Link-Descriptor
+ FROM Link-Descriptors {2 8 1 14 3};
+
+-- See ITU-T Rec. T.424 | ISO/IEC 8613-14
+Interchange-Data-Element ::= CHOICE {
+ document-profile [0] IMPLICIT Document-Profile-Descriptor,
+ layout-object-class [1] IMPLICIT Layout-Class-Descriptor,
+ layout-object [2] IMPLICIT Layout-Object-Descriptor,
+ content-portion [3] IMPLICIT Text-Unit,
+ logical-object-class [5] IMPLICIT Logical-Class-Descriptor,
+ logical-object [6] IMPLICIT Logical-Object-Descriptor,
+ presentation-style
+ [7] IMPLICIT Presentation-Style-Descriptor,
+ layout-style [8] IMPLICIT Layout-Style-Descriptor,
+ sealed-doc-prof-descriptor [9] IMPLICIT Sealed-Doc-Prof-Descriptor,
+ enciphered-doc-prof-descriptor
+ [10] IMPLICIT Enciphered-Doc-Prof-Descriptor,
+ preenciphered-bodypart-descriptor
+ [11] IMPLICIT Preenciphered-Bodypart-Descriptor,
+ postenciphered-bodypart-descriptor
+ [12] IMPLICIT Postenciphered-Bodypart-Descriptor,
+ link-class [13] IMPLICIT Link-Class-Descriptor,
+ link [14] IMPLICIT Link-Descriptor,
+ enciphered-link-descriptor [15] IMPLICIT Enciphered-Link-Descriptor
+}
+
+END
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MHSObjectIdentifiers.asn1 b/asn1/MHSObjectIdentifiers.asn1
new file mode 100644
index 0000000..187c3c8
--- /dev/null
+++ b/asn1/MHSObjectIdentifiers.asn1
@@ -0,0 +1,187 @@
+-- Module MHSObjectIdentifiers (X.402:06/1999)
+MHSObjectIdentifiers {joint-iso-itu-t mhs(6) arch(5) modules(0)
+ object-identifiers(0) version-1999(1)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything.
+IMPORTS -- nothing -- ;
+
+ID ::= OBJECT IDENTIFIER
+
+-- MHS Aspects
+id-mhs-protocols ID ::= {joint-iso-itu-t mhs(6) protocols(0)}
+
+-- MHS Application Contexts and Protocols
+-- See ITU-T Rec. X.419 | ISO/IEC 10021-6.
+id-ipms ID ::=
+ {joint-iso-itu-t mhs(6) ipms(1)}
+
+-- Interpersonal Messaging
+-- See ITU-T Rec. X.420 | ISO/IEC 10021-7.
+-- Value {joint-iso-itu-t mhs(6) 2} is no longer defined
+id-mts ID ::=
+ {joint-iso-itu-t mhs(6) mts(3)}
+
+-- Message Transfer System
+-- See ITU-T Rec. X.411 | ISO/IEC 10021-4.
+id-ms ID ::=
+ {joint-iso-itu-t mhs(6) ms(4)}
+
+-- Message Store
+-- See ITU-T Rec. X.413 | ISO/IEC 10021-5.
+id-arch ID ::=
+ {joint-iso-itu-t mhs(6) arch(5)}
+
+-- Overall Architecture
+-- See this Specification.
+id-group ID ::=
+ {joint-iso-itu-t mhs(6) group(6)}
+
+-- Reserved.
+id-edims ID ::= {joint-iso-itu-t mhs(6) edims(7)}
+
+-- EDI Messaging
+-- See ITU-T Rec. X.435 | ISO/IEC 10021-9.
+id-management ID ::=
+ {joint-iso-itu-t mhs(6) management(9)}
+
+-- MHS Management
+-- See ITU-T Recs. X.460 - X.467 | ISO/IEC 11588.
+id-routing ID ::=
+ {joint-iso-itu-t mhs(6) routing(10)}
+
+-- MHS Routing
+-- See ITU-T Rec. X.412 | ISO/IEC 10021-10.
+-- Categories
+id-mod ID ::=
+ {id-arch 0} -- modules; not definitive
+
+id-oc ID ::= {id-arch 1} -- object classes
+
+id-at ID ::= {id-arch 2} -- attribute types
+
+-- Value {id-arch 3} is no longer defined
+id-mr ID ::=
+ {id-arch 4} -- matching rules
+
+id-con ID ::= {id-arch 5} -- contexts
+
+id-san ID ::= {id-arch 6} -- certificate subject alternative names
+
+-- Modules
+id-object-identifiers ID ::= {id-mod 0} -- not definitive
+
+id-directory-objects-and-attributes ID ::= {id-mod 1} -- not definitive
+
+-- Object classes
+id-oc-mhs-distribution-list ID ::= {id-oc 0}
+
+id-oc-mhs-message-store ID ::= {id-oc 1}
+
+id-oc-mhs-message-transfer-agent ID ::= {id-oc 2}
+
+id-oc-mhs-user ID ::= {id-oc 3}
+
+id-oc-mhs-user-agent ID ::= {id-oc 4}
+
+-- Attributes
+id-at-mhs-maximum-content-length ID ::= {id-at 0}
+
+id-at-mhs-deliverable-content-types ID ::= {id-at 1}
+
+id-at-mhs-exclusively-acceptable-eits ID ::= {id-at 2}
+
+id-at-mhs-dl-members ID ::= {id-at 3}
+
+id-at-mhs-dl-submit-permissions ID ::= {id-at 4}
+
+id-at-mhs-message-store-dn ID ::= {id-at 5}
+
+id-at-mhs-or-addresses ID ::= {id-at 6}
+
+-- Value {id-at 7} is no longer defined
+id-at-mhs-supported-automatic-actions ID ::=
+ {id-at 8}
+
+id-at-mhs-supported-content-types ID ::= {id-at 9}
+
+id-at-mhs-supported-attributes ID ::= {id-at 10}
+
+id-at-mhs-supported-matching-rules ID ::= {id-at 11}
+
+id-at-mhs-dl-archive-service ID ::= {id-at 12}
+
+id-at-mhs-dl-policy ID ::= {id-at 13}
+
+id-at-mhs-dl-related-lists ID ::= {id-at 14}
+
+id-at-mhs-dl-subscription-service ID ::= {id-at 15}
+
+id-at-mhs-or-addresses-with-capabilities ID ::= {id-at 16}
+
+id-at-mhs-acceptable-eits ID ::= {id-at 17}
+
+id-at-mhs-unacceptable-eits ID ::= {id-at 18}
+
+id-at-mhs-deliverable-classes ID ::= {id-at 19}
+
+id-at-encrypted-mhs-maximum-content-length ID ::= {id-at 0 2}
+
+id-at-encrypted-mhs-deliverable-content-types ID ::= {id-at 1 2}
+
+id-at-encrypted-mhs-exclusively-acceptable-eits ID ::= {id-at 2 2}
+
+id-at-encrypted-mhs-dl-members ID ::= {id-at 3 2}
+
+id-at-encrypted-mhs-dl-submit-permissions ID ::= {id-at 4 2}
+
+id-at-encrypted-mhs-message-store-dn ID ::= {id-at 5 2}
+
+id-at-encrypted-mhs-or-addresses ID ::= {id-at 6 2}
+
+id-at-encrypted-mhs-supported-automatic-actions ID ::= {id-at 8 2}
+
+id-at-encrypted-mhs-supported-content-types ID ::= {id-at 9 2}
+
+id-at-encrypted-mhs-supported-attributes ID ::= {id-at 10 2}
+
+id-at-encrypted-mhs-supported-matching-rules ID ::= {id-at 11 2}
+
+id-at-encrypted-mhs-dl-archive-service ID ::= {id-at 12 2}
+
+id-at-encrypted-mhs-dl-policy ID ::= {id-at 13 2}
+
+id-at-encrypted-mhs-dl-related-lists ID ::= {id-at 14 2}
+
+id-at-encrypted-mhs-dl-subscription-service ID ::= {id-at 15 2}
+
+id-at-encrypted-mhs-or-addresses-with-capabilities ID ::= {id-at 16 2}
+
+id-at-encrypted-mhs-acceptable-eits ID ::= {id-at 17 2}
+
+id-at-encrypted-mhs-unacceptable-eits ID ::= {id-at 18 2}
+
+id-at-encrypted-mhs-deliverable-classes ID ::= {id-at 19 2}
+
+-- Matching Rules
+id-mr-orname-exact-match ID ::= {id-mr 0}
+
+id-mr-address-capabilities-match ID ::= {id-mr 1}
+
+id-mr-capability-match ID ::= {id-mr 2}
+
+-- Contexts
+id-con-dl-administrator-annotation ID ::= {id-con 0}
+
+id-con-dl-nested-dl ID ::= {id-con 1}
+
+id-con-dl-reset-originator ID ::= {id-con 2}
+
+-- Certificate subject alternative names
+id-san-mta-name ID ::= {id-san 0}
+
+END -- of MHSObjectIdentifiers
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MHSProtocolObjectIdentifiers.asn1 b/asn1/MHSProtocolObjectIdentifiers.asn1
new file mode 100644
index 0000000..0b83d7b
--- /dev/null
+++ b/asn1/MHSProtocolObjectIdentifiers.asn1
@@ -0,0 +1,111 @@
+-- Module MHSProtocolObjectIdentifiers (X.419:06/1999)
+MHSProtocolObjectIdentifiers {joint-iso-itu-t mhs(6) protocols(0) modules(0)
+ object-identifiers(0) version-1994(0)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports Everything
+IMPORTS -- nothing -- ;
+
+ID ::= OBJECT IDENTIFIER
+
+-- MHS Protocols
+id-mhs-protocols ID ::=
+ {joint-iso-itu-t mhs(6) protocols(0)} -- not definitive
+
+-- Categories of Object Identifiers
+id-mod ID ::=
+ {id-mhs-protocols 0} -- modules
+
+id-ac ID ::= {id-mhs-protocols 1} -- application contexts
+
+id-as ID ::= {id-mhs-protocols 2} -- abstract syntaxes
+
+id-ase ID ::= {id-mhs-protocols 3} -- application service elements (obsolete)
+
+-- Modules
+id-mod-object-identifiers ID ::= {id-mod 0} -- not definitive
+
+id-mod-mts-access-protocol ID ::= {id-mod 1} -- not definitive
+
+id-mod-ms-access-protocol ID ::= {id-mod 2} -- not definitive
+
+id-mod-mts-transfer-protocol ID ::= {id-mod 3} -- not definitive
+
+-- Application Contexts
+-- MTS Access Protocol
+id-ac-mts-access-88 ID ::=
+ {id-ac 0}
+
+id-ac-mts-forced-access-88 ID ::= {id-ac 1}
+
+id-ac-mts-reliable-access-88 ID ::= {id-ac 2}
+
+id-ac-mts-forced-reliable-access-88 ID ::= {id-ac 3}
+
+id-ac-mts-access-94 ID ::= {id-ac 7}
+
+id-ac-mts-forced-access-94 ID ::= {id-ac 8}
+
+id-ac-mts-reliable-access-94 ID ::= {id-ac 9}
+
+id-ac-mts-forced-reliable-access-94 ID ::= {id-ac 10}
+
+-- MS Access Protocol
+id-ac-ms-access-88 ID ::= {id-ac 4}
+
+id-ac-ms-reliable-access-88 ID ::= {id-ac 5}
+
+id-ac-ms-access-94 ID ::= {id-ac 11}
+
+id-ac-ms-reliable-access-94 ID ::= {id-ac 12}
+
+-- MTS Transfer Protocol
+id-ac-mts-transfer ID ::= {id-ac 6}
+
+-- Abstract Syntaxes
+id-as-msse ID ::= {id-as 1}
+
+id-as-mdse-88 ID ::= {id-as 2}
+
+id-as-mrse-88 ID ::= {id-as 5}
+
+id-as-mase-88 ID ::= {id-as 6}
+
+id-as-mtse ID ::= {id-as 7}
+
+id-as-mts-rtse ID ::= {id-as 8}
+
+id-as-ms-88 ID ::= {id-as 9}
+
+id-as-ms-rtse ID ::= {id-as 10}
+
+id-as-mts ID ::= {id-as 11}
+
+id-as-mta-rtse ID ::= {id-as 12}
+
+id-as-ms-msse ID ::= {id-as 13}
+
+id-as-mdse-94 ID ::= {id-as 14}
+
+id-as-mrse-94 ID ::= {id-as 15}
+
+id-as-mase-94 ID ::= {id-as 16}
+
+id-as-ms-94 ID ::= {id-as 17}
+
+-- Application Service Elements
+id-ase-msse ID ::= {id-ase 0}
+
+id-ase-mdse ID ::= {id-ase 1}
+
+id-ase-mrse ID ::= {id-ase 2}
+
+id-ase-mase ID ::= {id-ase 3}
+
+id-ase-mtse ID ::= {id-ase 4}
+
+END --of MHSProtocolObjectIdentifiers
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MSAbstractService.asn1 b/asn1/MSAbstractService.asn1
new file mode 100644
index 0000000..d81468d
--- /dev/null
+++ b/asn1/MSAbstractService.asn1
@@ -0,0 +1,1085 @@
+-- Module MSAbstractService (X.413:06/1999)
+MSAbstractService {joint-iso-itu-t mhs(6) ms(4) modules(0) abstract-service(1)
+ version-1999(1)} DEFINITIONS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything
+IMPORTS
+ -- MTS information object classes
+ operationObject1, ABSTRACT-ERROR, ABSTRACT-OPERATION, EXTENSION, MHS-OBJECT,
+ PORT,
+ -- MTS objects and ports
+ administration, delivery, mts-user,
+ submission,
+ -- MTS abstract-operations and abstract-errors
+ cancel-deferred-delivery, element-of-service-not-subscribed,
+ inconsistent-request, new-credentials-unacceptable,
+ old-credentials-incorrectly-specified, originator-invalid,
+ recipient-improperly-specified, remote-bind-error, security-error,
+ submission-control, submission-control-violated,
+ unsupported-critical-function,
+ -- MTS abstract-service data-types
+ CertificateSelectors, Credentials, InitiatorCredentials,
+ MessageSubmissionArgument, MessageSubmissionResult, MessageToken,
+ ORAddressAndOrDirectoryName, ProbeSubmissionArgument,
+ ProbeSubmissionResult, ResponderCredentials, SecurityContext, SecurityLabel
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)}
+ -- MTS abstract-service 1988 ports
+ administration-88
+ --==
+ FROM MTSAbstractService88 {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1988(1988)}
+ -- MTS abstract-service upper bounds
+ ub-content-types, ub-encoded-information-types, ub-labels-and-redirections
+ --==
+ FROM MTSUpperBounds {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ upper-bounds(3) version-1999(1)}
+ -- MS X413ATTRIBUTE table
+ AttributeTable
+ --==
+ FROM MSGeneralAttributeTypes {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ general-attribute-types(2) version-1999(1)}
+ -- MS matching rule table
+ MatchingRuleTable
+ --==
+ FROM MSMatchingRules {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ general-matching-rules(5) version-1999(1)}
+ -- MS auto-action-table and auto-action-error table
+ AutoActionTable, AutoActionErrorTable
+ --==
+ FROM MSGeneralAutoActionTypes {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ general-auto-action-types(3) version-1994(0)}
+ -- MS object-identifiers
+ id-cp-ms-connection, id-crt-ms-access-88, id-crt-ms-access-94,
+ id-ext-modify-capability, id-ext-modify-retrieval-status-capability,
+ id-ext-originator-token, id-ext-originator-certificate-selectors-override,
+ id-ext-protected-change-credentials,
+ id-ext-protected-change-credentials-capability, id-ot-ms, id-ot-ms-user,
+ id-pt-retrieval-88, id-pt-retrieval-94, id-pt-ms-submission
+ --==
+ FROM MSObjectIdentifiers {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ object-identifiers(0) version-1999(1)}
+ -- MS Access abstract-operation and error codes
+ err-attribute-error, err-auto-action-request-error, err-ms-extension-error,
+ err-delete-error, err-entry-class-error, err-fetch-restriction-error,
+ err-invalid-parameters-error, err-message-group-error, err-modify-error,
+ err-range-error, err-security-error, err-sequence-number-error,
+ err-service-error, err-register-ms-error, op-alert, op-delete, op-fetch,
+ op-list, op-modify, op-ms-message-submission, op-ms-probe-submission,
+ op-register-ms, op-summarize
+ --==
+ FROM MSAccessProtocol {joint-iso-itu-t mhs(6) protocols(0) modules(0)
+ ms-access-protocol(2) version-1999(1)}
+ -- MS abstract-service upper bounds
+ ub-attributes-supported, ub-attribute-values, ub-auto-action-errors,
+ ub-auto-actions, ub-auto-registrations, ub-default-registrations,
+ ub-entry-classes, ub-error-reasons, ub-extensions, ub-group-depth,
+ ub-group-descriptor-length, ub-group-part-length, ub-matching-rules,
+ ub-message-groups, ub-messages, ub-modifications, ub-per-entry,
+ ub-per-auto-action, ub-service-information-length, ub-summaries,
+ ub-supplementary-info-length, ub-ua-registration-identifier-length,
+ ub-ua-registrations, ub-restrictions
+ --==
+ FROM MSUpperBounds {joint-iso-itu-t mhs(6) ms(4) modules(0) upper-bounds(4)
+ version-1994(0)}
+ -- MATCHING-RULE information object class
+ MATCHING-RULE
+ --==
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 3}
+ -- Remote Operations
+ CONTRACT, CONNECTION-PACKAGE
+ --==
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ emptyUnbind
+ FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t
+ remote-operations(4) useful-definitions(7) version1(0)};
+
+-- MS Abstract Objects
+ms MHS-OBJECT ::= {
+ IS {mts-user}
+ RESPONDS {ms-access-contract-88 | ms-access-contract-94}
+ ID id-ot-ms
+}
+
+ms-user MHS-OBJECT ::= {
+ INITIATES {ms-access-contract-88 | ms-access-contract-94}
+ ID id-ot-ms-user
+}
+
+-- Contracts
+ms-access-contract-94 CONTRACT ::= {
+ CONNECTION ms-connect
+ INITIATOR CONSUMER OF {retrieval | ms-submission | administration}
+ ID id-crt-ms-access-94
+}
+
+ms-access-contract-88 CONTRACT ::= {
+ CONNECTION ms-connect -- with all 1994 extensions omitted
+ INITIATOR CONSUMER OF {retrieval-88 | submission | administration-88}
+ ID id-crt-ms-access-88
+}
+
+-- Connection-package
+ms-connect CONNECTION-PACKAGE ::= {
+ BIND ms-bind
+ UNBIND ms-unbind
+ ID id-cp-ms-connection
+}
+
+-- MS Ports
+retrieval PORT ::= {
+ OPERATIONS {operationObject1, ...}
+ CONSUMER INVOKES
+ {summarize | list | fetch | delete | register-MS,
+ ... -- 1994 extension addition --, modify}
+ SUPPLIER INVOKES {alert}
+ ID id-pt-retrieval-94
+}
+
+retrieval-88 PORT ::= {
+ -- With all 1994 extensions to the abstract-operations absent
+ OPERATIONS {operationObject1, ...}
+ CONSUMER INVOKES {summarize | list | fetch | delete | register-MS}
+ SUPPLIER INVOKES {alert}
+ ID id-pt-retrieval-88
+}
+
+ms-submission PORT ::= {
+ OPERATIONS {operationObject1, ...}
+ CONSUMER INVOKES
+ {ms-message-submission | ms-probe-submission | ms-cancel-deferred-delivery}
+ SUPPLIER INVOKES {ms-submission-control}
+ ID id-pt-ms-submission
+}
+
+-- X413ATTRIBUTE information object class
+X413ATTRIBUTE ::= CLASS {
+ &id AttributeType UNIQUE,
+ &Type ,
+ &equalityMatch MATCHING-RULE OPTIONAL,
+ &substringsMatch MATCHING-RULE OPTIONAL,
+ &orderingMatch MATCHING-RULE OPTIONAL,
+ &numeration ENUMERATED {single-valued(0), multi-valued(1)},
+ -- 1994 extension
+ &OtherMatches MATCHING-RULE OPTIONAL
+}
+WITH SYNTAX {
+ WITH ATTRIBUTE-SYNTAX &Type,
+ [EQUALITY MATCHING-RULE &equalityMatch,]
+ [SUBSTRINGS MATCHING-RULE &substringsMatch,]
+ [ORDERING MATCHING-RULE &orderingMatch,]
+ [OTHER MATCHING-RULES &OtherMatches,]
+ NUMERATION &numeration,
+ ID &id
+}
+
+Attribute ::= SEQUENCE {
+ attribute-type X413ATTRIBUTE.&id({AttributeTable}),
+ attribute-values
+ SEQUENCE SIZE (1..ub-attribute-values) OF
+ X413ATTRIBUTE.&Type({AttributeTable}{@attribute-type})
+}
+
+AttributeType ::= OBJECT IDENTIFIER
+
+-- AUTO-ACTION information object class
+AUTO-ACTION ::= CLASS {
+ &id AutoActionType UNIQUE,
+ &RegistrationParameter OPTIONAL,
+ &Errors AUTO-ACTION-ERROR OPTIONAL
+}
+WITH SYNTAX {
+ [REGISTRATION PARAMETER IS &RegistrationParameter]
+ [ERRORS &Errors]
+ IDENTIFIED BY &id
+}
+
+AutoActionType ::= OBJECT IDENTIFIER
+
+AutoActionRegistration ::= SEQUENCE {
+ auto-action-type AUTO-ACTION.&id({AutoActionTable}),
+ registration-identifier [0] INTEGER(1..ub-per-auto-action) DEFAULT 1,
+ registration-parameter
+ [1] AUTO-ACTION.&RegistrationParameter
+ ({AutoActionTable}{@auto-action-type}) OPTIONAL
+}
+
+-- AUTO-ACTION-ERROR information object class
+AUTO-ACTION-ERROR ::=
+ ABSTRACT-ERROR
+
+AutoActionError ::= SET {
+ error-code [0] AUTO-ACTION-ERROR.&errorCode({AutoActionErrorTable}),
+ error-parameter
+ [1] AUTO-ACTION-ERROR.&ParameterType({AutoActionErrorTable}{@error-code})
+ OPTIONAL
+}
+
+-- MS-EXTENSION information object class
+MS-EXTENSION ::= TYPE-IDENTIFIER
+
+MSExtensionItem ::= INSTANCE OF MS-EXTENSION
+
+MSExtensions ::= SEQUENCE SIZE (1..ub-extensions) OF MSExtensionItem
+
+-- Common data-types related to the information model
+EntryClass ::= INTEGER {
+ delivery(0),
+ -- 1994 extensions
+ submission(1), draft(2), stored-message(3), delivery-log(4),
+ submission-log(5), message-log(6), auto-action-log(7)}(0..ub-entry-classes)
+
+EntryType ::= INTEGER {
+ delivered-message(0), delivered-report(1),
+ returned-content(2),
+ -- 1994 extensions
+ submitted-message(3), submitted-probe(4), draft-message(5),
+ auto-action-event(6)}
+
+SequenceNumber ::= INTEGER(0..ub-messages)
+
+RetrievalStatus ::= INTEGER {new(0), listed(1), processed(2)}
+
+MessageGroupName ::= SEQUENCE SIZE (1..ub-group-depth) OF GroupNamePart
+
+GroupNamePart ::= GeneralString(SIZE (1..ub-group-part-length))
+
+-- MS-bind abstract-operation
+ms-bind ABSTRACT-OPERATION ::= {
+ ARGUMENT MSBindArgument
+ RESULT MSBindResult
+ ERRORS {ms-bind-error}
+}
+
+MSBindArgument ::= SET {
+ initiator-name ORAddressAndOrDirectoryName,
+ initiator-credentials [2] InitiatorCredentials,
+ security-context [3] IMPLICIT SecurityContext OPTIONAL,
+ fetch-restrictions [4] Restrictions OPTIONAL -- default is none--,
+ ms-configuration-request [5] BOOLEAN DEFAULT FALSE,
+ -- 1994 extensions
+ ua-registration-identifier [6] RegistrationIdentifier OPTIONAL,
+ bind-extensions [7] MSExtensions OPTIONAL
+}
+
+Restrictions ::= SET {
+ allowed-content-types
+ [0] SET SIZE (1..ub-content-types) OF OBJECT IDENTIFIER OPTIONAL--default is no restriction--,
+ allowed-EITs [1] MS-EITs OPTIONAL --default is no restriction--,
+ maximum-attribute-length [2] INTEGER OPTIONAL --default is no restriction--
+}
+
+MS-EITs ::= SET SIZE (1..ub-encoded-information-types) OF MS-EIT
+
+MS-EIT ::= OBJECT IDENTIFIER
+
+RegistrationIdentifier ::=
+ PrintableString(SIZE (1..ub-ua-registration-identifier-length))
+
+MSBindResult ::= SET {
+ responder-credentials [2] ResponderCredentials,
+ available-auto-actions
+ [3] SET SIZE (1..ub-auto-actions) OF AUTO-ACTION.&id({AutoActionTable})
+ OPTIONAL,
+ available-attribute-types
+ [4] SET SIZE (1..ub-attributes-supported) OF
+ X413ATTRIBUTE.&id({AttributeTable}) OPTIONAL,
+ alert-indication [5] BOOLEAN DEFAULT FALSE,
+ content-types-supported
+ [6] SET SIZE (1..ub-content-types) OF OBJECT IDENTIFIER OPTIONAL,
+ -- 1994 extensions
+ entry-classes-supported
+ [7] SET SIZE (1..ub-entry-classes) OF EntryClass OPTIONAL,
+ matching-rules-supported
+ [8] SET SIZE (1..ub-matching-rules) OF OBJECT IDENTIFIER OPTIONAL,
+ bind-result-extensions [9] MSExtensions OPTIONAL,
+ message-group-depth [10] INTEGER(1..ub-group-depth) OPTIONAL,
+ auto-action-error-indication [11] AutoActionErrorIndication OPTIONAL,
+ unsupported-extensions
+ [12] SET SIZE (1..ub-extensions) OF OBJECT IDENTIFIER OPTIONAL,
+ ua-registration-id-unknown [13] BOOLEAN DEFAULT FALSE,
+ service-information
+ [14] GeneralString(SIZE (1..ub-service-information-length)) OPTIONAL
+}
+
+modify-capability MS-EXTENSION ::= {
+ NULL
+ IDENTIFIED BY id-ext-modify-capability
+}
+
+modify-retrieval-status-capability MS-EXTENSION ::= {
+ NULL
+ IDENTIFIED BY id-ext-modify-retrieval-status-capability
+}
+
+protected-change-credentials-capability MS-EXTENSION ::= {
+ ChangeCredentialsAlgorithms
+ IDENTIFIED BY id-ext-protected-change-credentials-capability
+}
+
+ChangeCredentialsAlgorithms ::= SET OF OBJECT IDENTIFIER
+
+AutoActionErrorIndication ::= CHOICE {
+ indication-only [0] NULL,
+ auto-action-log-entry [1] SequenceNumber
+}
+
+ms-bind-error ABSTRACT-ERROR ::= {
+ PARAMETER
+ CHOICE {unqualified-error BindProblem,
+ -- 1994 extension
+ qualified-error
+ SET {bind-problem [0] BindProblem,
+ supplementary-information
+ [1] GeneralString(SIZE (1..ub-supplementary-info-length))
+ OPTIONAL,
+ bind-extension-errors
+ [2] SET SIZE (1..ub-extensions) OF OBJECT IDENTIFIER
+ OPTIONAL}}
+}
+
+BindProblem ::= ENUMERATED {
+ authentication-error(0), unacceptable-security-context(1),
+ unable-to-establish-association(2), ... -- 1994 extension addition --,
+ bind-extension-problem(3), inadequate-association-confidentiality(4)
+}
+
+-- MS Unbind abstract-operation
+ms-unbind ABSTRACT-OPERATION ::= emptyUnbind
+
+-- Common data-types
+Range ::= CHOICE {
+ sequence-number-range [0] NumberRange,
+ creation-time-range [1] TimeRange
+}
+
+NumberRange ::= SEQUENCE {
+ from [0] SequenceNumber OPTIONAL -- omitted means no lower bound--,
+ to [1] SequenceNumber OPTIONAL -- omitted means no upper bound--
+}
+
+TimeRange ::= SEQUENCE {
+ from [0] CreationTime OPTIONAL -- omitted means no lower bound--,
+ to [1] CreationTime OPTIONAL -- omitted means no upper bound--
+}
+
+CreationTime ::= UTCTime
+
+Filter ::= CHOICE {
+ item [0] FilterItem,
+ and [1] SET OF Filter,
+ or [2] SET OF Filter,
+ not [3] Filter
+}
+
+FilterItem ::= CHOICE {
+ equality [0] AttributeValueAssertion,
+ substrings
+ [1] SEQUENCE {type X413ATTRIBUTE.&id({AttributeTable}),
+ strings
+ SEQUENCE OF
+ CHOICE {initial
+ [0] X413ATTRIBUTE.&Type
+ ({AttributeTable}{@substrings.type}),
+ any
+ [1] X413ATTRIBUTE.&Type
+ ({AttributeTable}{@substrings.type}),
+ final
+ [2] X413ATTRIBUTE.&Type
+ ({AttributeTable}{@substrings.type})
+ }},
+ greater-or-equal [2] AttributeValueAssertion,
+ less-or-equal [3] AttributeValueAssertion,
+ present [4] X413ATTRIBUTE.&id({AttributeTable}),
+ approximate-match [5] AttributeValueAssertion,
+ -- 1994 extension
+ other-match [6] MatchingRuleAssertion
+}
+
+MatchingRuleAssertion ::= SEQUENCE {
+ matching-rule [0] MATCHING-RULE.&id({MatchingRuleTable}),
+ attribute-type [1] X413ATTRIBUTE.&id,
+ match-value
+ [2] MATCHING-RULE.&AssertionType({MatchingRuleTable}{@matching-rule})
+}
+
+AttributeValueAssertion ::= SEQUENCE {
+ attribute-type X413ATTRIBUTE.&id({AttributeTable}),
+ attribute-value X413ATTRIBUTE.&Type({AttributeTable}{@attribute-type})
+}
+
+Selector ::= SET {
+ child-entries [0] BOOLEAN DEFAULT FALSE,
+ range [1] Range OPTIONAL -- default is unbounded --,
+ filter
+ [2] Filter
+ OPTIONAL -- default is all entries within the specified range --,
+ limit [3] INTEGER(1..ub-messages) OPTIONAL,
+ override [4] OverrideRestrictions OPTIONAL -- by default, --
+ -- any fetch-restrictions in force apply
+}
+
+OverrideRestrictions ::= BIT STRING {
+ override-content-types-restriction(0), override-EITs-restriction(1),
+ override-attribute-length-restriction(2)}(SIZE (1..ub-restrictions))
+
+EntryInformationSelection ::= SET SIZE (0..ub-per-entry) OF AttributeSelection
+
+AttributeSelection ::= SET {
+ type X413ATTRIBUTE.&id({AttributeTable}),
+ from
+ [0] INTEGER(1..ub-attribute-values)
+ OPTIONAL --used if type is multi valued--,
+ count
+ [1] INTEGER(0..ub-attribute-values)
+ OPTIONAL --used if type is multi valued--
+}
+
+EntryInformation ::= SEQUENCE {
+ sequence-number SequenceNumber,
+ attributes SET SIZE (1..ub-per-entry) OF Attribute OPTIONAL,
+ -- 1994 extension
+ value-count-exceeded
+ [0] SET SIZE (1..ub-per-entry) OF AttributeValueCount OPTIONAL
+}
+
+AttributeValueCount ::= SEQUENCE {
+ type [0] X413ATTRIBUTE.&id({AttributeTable}),
+ total [1] INTEGER
+}
+
+MSSubmissionOptions ::= SET {
+ object-entry-class
+ [0] EntryClass(submission | submission-log | draft) OPTIONAL,
+ disable-auto-modify [1] BOOLEAN DEFAULT FALSE,
+ add-message-group-names
+ [2] SET SIZE (1..ub-message-groups) OF MessageGroupName OPTIONAL,
+ ms-submission-extensions [3] MSExtensions OPTIONAL
+}
+
+originator-token MS-EXTENSION ::= {
+ OriginatorToken
+ IDENTIFIED BY id-ext-originator-token
+}
+
+OriginatorToken ::=
+ MessageToken
+ (CONSTRAINED BY {
+
+ -- Must contain an asymmetric-token with an encrypted-data component --})
+
+originator-certificate-selectors-override MS-EXTENSION ::= {
+ CertificateSelectors
+ (WITH COMPONENTS {
+ ...,
+ message-origin-authentication ABSENT
+ })
+ IDENTIFIED BY id-ext-originator-certificate-selectors-override
+}
+
+CommonSubmissionResults ::= SET {
+ created-entry [0] SequenceNumber OPTIONAL,
+ auto-action-error-indication [1] AutoActionErrorIndication OPTIONAL,
+ ms-submission-result-extensions [2] MSExtensions OPTIONAL
+}
+
+-- Retrieval Port abstract-operations
+summarize ABSTRACT-OPERATION ::= {
+ ARGUMENT SummarizeArgument
+ RESULT SummarizeResult
+ ERRORS
+ {attribute-error | invalid-parameters-error | range-error | security-error
+ | service-error, ... -- 1994 extension additions --, entry-class-error |
+ ms-extension-error}
+ LINKED {operationObject1, ...}
+ CODE op-summarize
+}
+
+SummarizeArgument ::= SET {
+ entry-class [0] EntryClass DEFAULT delivery,
+ selector [1] Selector,
+ summary-requests
+ [2] SEQUENCE SIZE (1..ub-summaries) OF X413ATTRIBUTE.&id({AttributeTable})
+ OPTIONAL -- absent if no summaries are requested--,
+ -- 1994 extension
+ summarize-extensions [3] MSExtensions OPTIONAL
+}
+
+SummarizeResult ::= SET {
+ next [0] SequenceNumber OPTIONAL,
+ count
+ [1] INTEGER(0..ub-messages)-- of the entries selected-- ,
+ span [2] Span OPTIONAL -- of the entries selected,---- omitted if count is zero --,
+ summaries
+ [3] SEQUENCE SIZE (1..ub-summaries) OF Summary OPTIONAL,
+ -- 1994 extension
+ summarize-result-extensions [4] MSExtensions OPTIONAL
+}
+
+Span ::= SEQUENCE {lowest [0] SequenceNumber,
+ highest [1] SequenceNumber
+}
+
+Summary ::= SET {
+ absent
+ [0] INTEGER(1..ub-messages)
+ OPTIONAL --count of entries where X413ATTRIBUTE is absent--,
+ present
+ [1] SET SIZE (1..ub-attribute-values)
+ OF--one for each X413ATTRIBUTE value present--
+ SEQUENCE {type X413ATTRIBUTE.&id({AttributeTable}),
+ value X413ATTRIBUTE.&Type({AttributeTable}{@.type}),
+ count INTEGER(1..ub-messages)} OPTIONAL
+}
+
+--
+list ABSTRACT-OPERATION ::= {
+ ARGUMENT ListArgument
+ RESULT ListResult
+ ERRORS
+ {attribute-error | invalid-parameters-error | range-error | security-error
+ | service-error, ... -- 1994 extension additions --, entry-class-error |
+ ms-extension-error}
+ LINKED {operationObject1, ...}
+ CODE op-list
+}
+
+ListArgument ::= SET {
+ entry-class [0] EntryClass DEFAULT delivery,
+ selector [1] Selector,
+ requested-attributes [3] EntryInformationSelection OPTIONAL,
+ -- 1994 extension
+ list-extensions [4] MSExtensions OPTIONAL
+}
+
+ListResult ::= SET {
+ next [0] SequenceNumber OPTIONAL,
+ requested
+ [1] SEQUENCE SIZE (1..ub-messages) OF EntryInformation OPTIONAL--omitted if none found--,
+ -- 1994 extension
+ list-result-extensions [2] MSExtensions OPTIONAL
+}
+
+--
+fetch ABSTRACT-OPERATION ::= {
+ ARGUMENT FetchArgument
+ RESULT FetchResult
+ ERRORS
+ {attribute-error | fetch-restriction-error | invalid-parameters-error |
+ range-error | security-error | sequence-number-error | service-error,
+ ... -- 1994 extension additions --, entry-class-error |
+ ms-extension-error}
+ LINKED {operationObject1, ...}
+ CODE op-fetch
+}
+
+FetchArgument ::= SET {
+ entry-class [0] EntryClass DEFAULT delivery,
+ item
+ CHOICE {search [1] Selector,
+ precise [2] SequenceNumber},
+ requested-attributes [3] EntryInformationSelection OPTIONAL,
+ -- 1994 extension
+ fetch-extensions [4] MSExtensions OPTIONAL
+}
+
+FetchResult ::= SET {
+ entry-information
+ [0] EntryInformation OPTIONAL --if an entry was selected--,
+ list
+ [1] SEQUENCE SIZE (1..ub-messages) OF SequenceNumber OPTIONAL,
+ next [2] SequenceNumber OPTIONAL,
+ -- 1994 extension
+ fetch-result-extensions [3] MSExtensions OPTIONAL
+}
+
+--
+delete ABSTRACT-OPERATION ::= {
+ ARGUMENT DeleteArgument
+ RESULT DeleteResult
+ ERRORS
+ {delete-error | invalid-parameters-error | range-error | security-error |
+ sequence-number-error | service-error,
+ ... -- 1994 extension additions --, entry-class-error |
+ ms-extension-error}
+ LINKED {operationObject1, ...}
+ CODE op-delete
+}
+
+DeleteArgument ::= SET {
+ entry-class [0] EntryClass DEFAULT delivery,
+ items
+ CHOICE {selector [1] Selector,
+ sequence-numbers [2] SET SIZE (1..ub-messages) OF SequenceNumber
+ },
+ -- 1994 extension
+ delete-extensions [3] MSExtensions OPTIONAL
+}
+
+DeleteResult ::= CHOICE {
+ delete-result-88 NULL,
+ -- 1994 extension
+ delete-result-94
+ SET {entries-deleted
+ [0] SEQUENCE SIZE (1..ub-messages) OF SequenceNumber OPTIONAL,
+ delete-result-extensions [1] MSExtensions OPTIONAL}
+}
+
+--
+register-MS ABSTRACT-OPERATION ::= {
+ ARGUMENT Register-MSArgument
+ RESULT Register-MSResult
+ ERRORS
+ {attribute-error | auto-action-request-error | invalid-parameters-error |
+ security-error | service-error | old-credentials-incorrectly-specified |
+ new-credentials-unacceptable, ... -- 1994 extension additions --,
+ message-group-error | ms-extension-error | register-ms-error}
+ LINKED {operationObject1, ...}
+ CODE op-register-ms
+}
+
+Register-MSArgument ::= SET {
+ auto-action-registrations
+ [0] SET SIZE (1..ub-auto-registrations) OF AutoActionRegistration OPTIONAL,
+ auto-action-deregistrations
+ [1] SET SIZE (1..ub-auto-registrations) OF AutoActionDeregistration
+ OPTIONAL,
+ list-attribute-defaults
+ [2] SET SIZE (0..ub-default-registrations) OF
+ X413ATTRIBUTE.&id({AttributeTable}) OPTIONAL,
+ fetch-attribute-defaults
+ [3] SET SIZE (0..ub-default-registrations) OF
+ X413ATTRIBUTE.&id({AttributeTable}) OPTIONAL,
+ change-credentials
+ [4] SEQUENCE {old-credentials
+ [0] Credentials(WITH COMPONENTS {
+ simple
+ }),
+ new-credentials
+ [1] Credentials(WITH COMPONENTS {
+ simple
+ })} OPTIONAL,
+ user-security-labels
+ [5] SET SIZE (1..ub-labels-and-redirections) OF SecurityLabel OPTIONAL,
+ -- 1994 extensions
+ ua-registrations
+ [6] SET SIZE (1..ub-ua-registrations) OF UARegistration OPTIONAL,
+ submission-defaults [7] MSSubmissionOptions OPTIONAL,
+ message-group-registrations [8] MessageGroupRegistrations OPTIONAL,
+ registration-status-request [9] RegistrationTypes OPTIONAL,
+ register-ms-extensions [10] MSExtensions OPTIONAL
+}
+
+AutoActionDeregistration ::= SEQUENCE {
+ auto-action-type AUTO-ACTION.&id({AutoActionTable}),
+ registration-identifier [0] INTEGER(1..ub-per-auto-action) DEFAULT 1
+}
+
+UARegistration ::= SET {
+ ua-registration-identifier [0] RegistrationIdentifier,
+ ua-list-attribute-defaults
+ [1] SET SIZE (0..ub-default-registrations) OF
+ X413ATTRIBUTE.&id({AttributeTable}) OPTIONAL,
+ ua-fetch-attribute-defaults
+ [2] SET SIZE (0..ub-default-registrations) OF
+ X413ATTRIBUTE.&id({AttributeTable}) OPTIONAL,
+ ua-submission-defaults [3] MSSubmissionOptions OPTIONAL,
+ content-specific-defaults [4] MSExtensions OPTIONAL
+}
+
+MessageGroupRegistrations ::=
+ SEQUENCE SIZE (1..ub-default-registrations) OF
+ CHOICE {register-group [0] MessageGroupNameAndDescriptor,
+ deregister-group [1] MessageGroupName,
+ change-descriptors [2] MessageGroupNameAndDescriptor}
+
+MessageGroupNameAndDescriptor ::= SET {
+ message-group-name [0] MessageGroupName,
+ message-group-descriptor
+ [1] GeneralString(SIZE (1..ub-group-descriptor-length)) OPTIONAL
+}
+
+RegistrationTypes ::= SET {
+ registrations
+ [0] BIT STRING {auto-action-registrations(0), list-attribute-defaults(1),
+ fetch-attribute-defaults(2), ua-registrations(3),
+ submission-defaults(4), message-group-registrations(5)}
+ OPTIONAL,
+ extended-registrations [1] SET OF MS-EXTENSION.&id OPTIONAL,
+ restrict-message-groups [2] MessageGroupsRestriction OPTIONAL
+}
+
+MessageGroupsRestriction ::= SET {
+ parent-group [0] MessageGroupName OPTIONAL,
+ immediate-descendants-only [1] BOOLEAN DEFAULT TRUE,
+ omit-descriptors [2] BOOLEAN DEFAULT TRUE
+}
+
+protected-change-credentials MS-EXTENSION ::= {
+ ProtectedChangeCredentials
+ IDENTIFIED BY id-ext-protected-change-credentials
+}
+
+ProtectedChangeCredentials ::= SEQUENCE {
+ algorithm-identifier [0] IMPLICIT OBJECT IDENTIFIER,
+ old-credentials
+ InitiatorCredentials(WITH COMPONENTS {
+ protected PRESENT
+ }),
+ password-delta [2] IMPLICIT BIT STRING
+}
+
+Register-MSResult ::= CHOICE {
+ no-status-information NULL,
+ -- 1994 extension
+ registered-information
+ SET {auto-action-registrations
+ [0] SET SIZE (1..ub-auto-registrations) OF AutoActionRegistration
+ OPTIONAL,
+ list-attribute-defaults
+ [1] SET SIZE (1..ub-default-registrations) OF
+ X413ATTRIBUTE.&id({AttributeTable}) OPTIONAL,
+ fetch-attribute-defaults
+ [2] SET SIZE (1..ub-default-registrations) OF
+ X413ATTRIBUTE.&id({AttributeTable}) OPTIONAL,
+ ua-registrations
+ [3] SET SIZE (1..ub-ua-registrations) OF UARegistration OPTIONAL,
+ submission-defaults [4] MSSubmissionOptions OPTIONAL,
+ message-group-registrations
+ [5] SET SIZE (1..ub-message-groups) OF
+ MessageGroupNameAndDescriptor OPTIONAL,
+ register-ms-result-extensions [6] MSExtensions OPTIONAL}
+}
+
+--
+alert ABSTRACT-OPERATION ::= {
+ ARGUMENT AlertArgument
+ RESULT AlertResult
+ ERRORS {security-error}
+ LINKED {operationObject1, ...}
+ CODE op-alert
+}
+
+AlertArgument ::= SET {
+ alert-registration-identifier [0] INTEGER(1..ub-auto-actions),
+ new-entry [2] EntryInformation OPTIONAL
+}
+
+AlertResult ::= NULL
+
+--
+modify ABSTRACT-OPERATION ::= {
+ ARGUMENT ModifyArgument
+ RESULT ModifyResult
+ ERRORS
+ {attribute-error | invalid-parameters-error | security-error |
+ sequence-number-error | service-error | modify-error |
+ message-group-error | entry-class-error | ms-extension-error,
+ ... -- For future extension additions --}
+ LINKED {operationObject1, ...}
+ CODE op-modify
+}
+
+ModifyArgument ::= SET {
+ entry-class [0] EntryClass DEFAULT delivery,
+ entries
+ CHOICE {selector [1] Selector,
+ specific-entries
+ [2] SEQUENCE SIZE (1..ub-messages) OF SequenceNumber},
+ modifications
+ [3] SEQUENCE SIZE (1..ub-modifications) OF EntryModification,
+ modify-extensions [4] MSExtensions OPTIONAL
+}
+
+EntryModification ::= SET {
+ strict [0] BOOLEAN DEFAULT FALSE,
+ modification
+ CHOICE {add-attribute [1] Attribute,
+ remove-attribute [2] X413ATTRIBUTE.&id({AttributeTable}),
+ add-values [3] OrderedAttribute,
+ remove-values [4] OrderedAttribute}
+}
+
+OrderedAttribute ::= SEQUENCE {
+ attribute-type X413ATTRIBUTE.&id({AttributeTable}),
+ attribute-values
+ SEQUENCE SIZE (1..ub-attribute-values) OF
+ SEQUENCE {-- at least one must be specified
+ value
+ [0] X413ATTRIBUTE.&Type({AttributeTable}{@attribute-type})
+ OPTIONAL,
+ position [1] INTEGER(1..ub-attribute-values) OPTIONAL
+ }
+}
+
+ModifyResult ::= SET {
+ entries-modified
+ [0] SEQUENCE SIZE (1..ub-messages) OF SequenceNumber OPTIONAL,
+ modify-result-extensions [1] MSExtensions OPTIONAL
+}
+
+-- MS-submission Port abstract-operations
+ms-message-submission ABSTRACT-OPERATION ::= {
+ ARGUMENT MSMessageSubmissionArgument
+ RESULT MSMessageSubmissionResult
+ ERRORS
+ {submission-control-violated | element-of-service-not-subscribed |
+ originator-invalid | recipient-improperly-specified |
+ inconsistent-request | security-error | unsupported-critical-function |
+ remote-bind-error, ... -- 1994 extension additions --, ms-extension-error
+ | message-group-error | entry-class-error | service-error}
+ LINKED {operationObject1, ...}
+ CODE op-ms-message-submission
+}
+
+MSMessageSubmissionArgument ::= SEQUENCE {
+ COMPONENTS OF
+ MessageSubmissionArgument -- This imported type has IMPLICIT tags --,
+ -- 1994 extension
+ submission-options [4] MSSubmissionOptions OPTIONAL
+}
+
+forwarding-request EXTENSION ::= {
+ SequenceNumber,
+ IDENTIFIED BY standard-extension:36
+}
+
+MSMessageSubmissionResult ::= CHOICE {
+ mts-result
+ SET {COMPONENTS OF
+ MessageSubmissionResult-- This imported type has IMPLICIT tags -- ,
+ -- 1994 extension
+ ms-message-result [4] CommonSubmissionResults OPTIONAL},
+ -- 1994 extension
+ store-draft-result [4] CommonSubmissionResults
+}
+
+--
+ms-probe-submission ABSTRACT-OPERATION ::= {
+ ARGUMENT MSProbeSubmissionArgument
+ RESULT MSProbeSubmissionResult
+ ERRORS
+ {submission-control-violated | element-of-service-not-subscribed |
+ originator-invalid | recipient-improperly-specified |
+ inconsistent-request | security-error | unsupported-critical-function |
+ remote-bind-error, ... -- 1994 extension additions --, ms-extension-error
+ | message-group-error | entry-class-error | service-error}
+ LINKED {operationObject1, ...}
+ CODE op-ms-probe-submission
+}
+
+MSProbeSubmissionArgument ::= SET {
+ COMPONENTS OF
+ ProbeSubmissionArgument -- This imported type has IMPLICIT tags --,
+ -- 1994 extension
+ submission-options [4] MSSubmissionOptions OPTIONAL
+}
+
+MSProbeSubmissionResult ::= SET {
+ COMPONENTS OF
+ ProbeSubmissionResult -- This imported type has IMPLICIT tags --,
+ -- 1994 extension
+ ms-probe-result [4] CommonSubmissionResults OPTIONAL
+}
+
+ms-cancel-deferred-delivery ABSTRACT-OPERATION ::= cancel-deferred-delivery
+
+ms-submission-control ABSTRACT-OPERATION ::= submission-control
+
+-- Abstract-errors
+attribute-error ABSTRACT-ERROR ::= {
+ PARAMETER
+ SET {problems
+ [0] SET SIZE (1..ub-per-entry) OF
+ SET {problem [0] AttributeProblem,
+ type [1] X413ATTRIBUTE.&id({AttributeTable}),
+ value
+ [2] X413ATTRIBUTE.&Type({AttributeTable}{@.type})
+ OPTIONAL}}
+ CODE err-attribute-error
+}
+
+AttributeProblem ::= INTEGER {
+ invalid-attribute-value(0), unavailable-attribute-type(1),
+ inappropriate-matching(2), attribute-type-not-subscribed(3),
+ inappropriate-for-operation(4),
+ -- 1994 extensions
+ inappropriate-modification(5), single-valued-attribute(6)
+}(0..ub-error-reasons)
+
+--
+auto-action-request-error ABSTRACT-ERROR ::= {
+ PARAMETER
+ SET {problems
+ [0] SET SIZE (1..ub-auto-registrations) OF
+ SET {problem [0] AutoActionRequestProblem,
+ type [1] AUTO-ACTION.&id({AutoActionTable})
+ }}
+ CODE err-auto-action-request-error
+}
+
+AutoActionRequestProblem ::= INTEGER {
+ unavailable-auto-action-type(0),
+ auto-action-type-not-subscribed(1),
+ -- 1994 extension
+ not-willing-to-perform(2)}(0..ub-error-reasons)
+
+--
+delete-error ABSTRACT-ERROR ::= {
+ PARAMETER
+ SET {problems
+ [0] SET SIZE (1..ub-messages) OF
+ SET {problem [0] DeleteProblem,
+ sequence-number [1] SequenceNumber},
+ -- 1994 extension
+ entries-deleted
+ [1] SET SIZE (1..ub-messages) OF SequenceNumber OPTIONAL}
+ CODE err-delete-error
+}
+
+DeleteProblem ::= INTEGER {
+ child-entry-specified(0),
+ delete-restriction-problem(1),
+ -- 1994 extensions
+ new-entry-specified(2), entry-class-restriction(3), stored-message-exists(4)
+}(0..ub-error-reasons)
+
+--
+fetch-restriction-error ABSTRACT-ERROR ::= {
+ PARAMETER
+ SET {problems
+ [0] SET SIZE (1..ub-default-registrations) OF
+ SET {problem [3] FetchRestrictionProblem,
+ restriction
+ CHOICE {content-type [0] OBJECT IDENTIFIER,
+ eit [1] MS-EITs,
+ attribute-length [2] INTEGER}}}
+ CODE err-fetch-restriction-error
+}
+
+FetchRestrictionProblem ::= INTEGER {
+ content-type-problem(1), eit-problem(2), maximum-length-problem(3)
+}(0..ub-error-reasons)
+
+--
+invalid-parameters-error ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-invalid-parameters-error
+}
+
+--
+range-error ABSTRACT-ERROR ::= {
+ PARAMETER SET {problem [0] RangeProblem}
+ CODE err-range-error
+}
+
+RangeProblem ::= INTEGER {reversed(0)}(0..ub-error-reasons)
+
+--
+sequence-number-error ABSTRACT-ERROR ::= {
+ PARAMETER
+ SET {problems
+ [1] SET SIZE (1..ub-messages) OF
+ SET {problem [0] SequenceNumberProblem,
+ sequence-number [1] SequenceNumber}}
+ CODE err-sequence-number-error
+}
+
+SequenceNumberProblem ::= INTEGER {no-such-entry(0)}(0..ub-error-reasons)
+
+--
+service-error ABSTRACT-ERROR ::= {
+ PARAMETER ServiceErrorParameter
+ CODE err-service-error
+}
+
+ServiceErrorParameter ::= SET {
+ problem [0] ServiceProblem,
+ -- 1994 extension
+ supplementary-information
+ [1] GeneralString(SIZE (1..ub-supplementary-info-length)) OPTIONAL
+}
+
+ServiceProblem ::= INTEGER {busy(0), unavailable(1), unwilling-to-perform(2)
+}(0..ub-error-reasons)
+
+--
+message-group-error ABSTRACT-ERROR ::= {
+ PARAMETER MessageGroupErrorParameter
+ CODE err-message-group-error
+}
+
+MessageGroupErrorParameter ::= SET {
+ problem [0] MessageGroupProblem,
+ name [1] MessageGroupName
+}
+
+MessageGroupProblem ::= INTEGER {
+ name-not-registered(0), name-already-registered(1), parent-not-registered(2),
+ group-not-empty(3), name-in-use(4), child-group-registered(5),
+ group-depth-exceeded(6)}(0..ub-error-reasons)
+
+--
+ms-extension-error ABSTRACT-ERROR ::= {
+ PARAMETER MSExtensionErrorParameter
+ CODE err-ms-extension-error
+}
+
+MSExtensionErrorParameter ::= CHOICE {
+ ms-extension-problem [0] MSExtensionItem,
+ unknown-ms-extension [1] OBJECT IDENTIFIER
+}
+
+--
+register-ms-error ABSTRACT-ERROR ::= {
+ PARAMETER
+ SET {problem [0] RegistrationProblem,
+ registration-type [1] RegistrationTypes}
+ CODE err-register-ms-error
+}
+
+RegistrationProblem ::= ENUMERATED {
+ registration-not-supported(0), registration-improperly-specified(1),
+ registration-limit-exceeded(2), ... -- For future extension additions --
+ }
+
+--
+modify-error ABSTRACT-ERROR ::= {
+ PARAMETER ModifyErrorParameter
+ CODE err-modify-error
+}
+
+ModifyErrorParameter ::= SET {
+ entries-modified
+ [0] SEQUENCE SIZE (1..ub-messages) OF SequenceNumber OPTIONAL,
+ failing-entry [1] SequenceNumber,
+ modification-number [2] INTEGER,
+ problem [3] ModifyProblem
+}
+
+ModifyProblem ::= INTEGER {
+ attribute-not-present(0), value-not-present(1),
+ attribute-or-value-already-exists(2), invalid-position(3),
+ modify-restriction-problem(4)}(0..ub-error-reasons)
+
+--
+entry-class-error ABSTRACT-ERROR ::= {
+ PARAMETER EntryClassErrorParameter
+ CODE err-entry-class-error
+}
+
+EntryClassErrorParameter ::= SET {
+ entry-class [0] EntryClass,
+ problem
+ [1] BIT STRING {unsupported-entry-class(0), entry-class-not-subscribed(1),
+ inappropriate-entry-class(2)}
+}
+
+END -- of MS Abstract Service
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MSAccessProtocol.asn1 b/asn1/MSAccessProtocol.asn1
new file mode 100644
index 0000000..14751d9
--- /dev/null
+++ b/asn1/MSAccessProtocol.asn1
@@ -0,0 +1,256 @@
+-- Module MSAccessProtocol (X.419:06/1999)
+MSAccessProtocol {joint-iso-itu-t mhs(6) protocols(0) modules(0)
+ ms-access-protocol(2) version-1999(1)} DEFINITIONS ::=
+BEGIN
+
+-- Prologue
+IMPORTS
+ -- MS Abstract Service
+ ms-access-contract-88, ms-access-contract-94, ms-submission, retrieval,
+ retrieval-88
+ --==
+ FROM MSAbstractService {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ abstract-service(1) version-1999(1)}
+ -- Remote Operations
+ APPLICATION-CONTEXT
+ --==
+ FROM Remote-Operations-Information-Objects-extensions {joint-iso-itu-t
+ remote-operations(4) informationObjects-extensions(8) version1(0)}
+ Code
+ --==
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ Bind{}, InvokeId, Unbind{}
+ --==
+ FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t
+ remote-operations(4) generic-ROS-PDUs(6) version1(0)}
+ ROS-SingleAS{}
+ --==
+ FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t
+ remote-operations(4) useful-definitions(7) version1(0)}
+ acse, association-by-RTSE, pData, transfer-by-RTSE
+ --==
+ FROM Remote-Operations-Realizations {joint-iso-itu-t remote-operations(4)
+ realizations(9) version1(0)}
+ acse-abstract-syntax
+ --==
+ FROM Remote-Operations-Abstract-Syntaxes {joint-iso-itu-t
+ remote-operations(4) remote-operations-abstract-syntaxes(12) version1(0)}
+ -- Reliable Transfer
+ RTORQapdu, RTOACapdu, RTORJapdu
+ FROM Reliable-Transfer-APDU {joint-iso-itu-t reliable-transfer(3) apdus(0)}
+ -- MTS Access Protocol
+ message-administration-abstract-syntax-88,
+ message-administration-abstract-syntax-94,
+ message-submission-abstract-syntax
+ --==
+ FROM MTSAccessProtocol {joint-iso-itu-t mhs(6) protocols(0) modules(0)
+ mts-access-protocol(1) version-1999(1)}
+ -- Object Identifiers
+ id-ac-ms-access-88, id-ac-ms-access-94, id-ac-ms-reliable-access-88,
+ id-ac-ms-reliable-access-94, id-as-ms-msse, id-as-mase-88, id-as-mase-94,
+ id-as-mdse-88, id-as-mdse-94, id-as-mrse-88, id-as-mrse-94, id-as-ms-88,
+ id-as-ms-94, id-as-ms-rtse, id-as-msse
+ --==
+ FROM MHSProtocolObjectIdentifiers {joint-iso-itu-t mhs(6) protocols(0)
+ modules(0) object-identifiers(0) version-1994(0)};
+
+RTSE-apdus ::= CHOICE {
+ rtorq-apdu [16] IMPLICIT RTORQapdu,
+ rtoac-apdu [17] IMPLICIT RTOACapdu,
+ rtorj-apdu [18] IMPLICIT RTORJapdu,
+ rttp-apdu RTTPapdu,
+ rttr-apdu RTTRapdu,
+ rtab-apdu [22] IMPLICIT RTABapdu
+}
+
+RTTPapdu ::= -- priority-- INTEGER
+
+RTTRapdu ::= OCTET STRING
+
+RTABapdu ::= SET {
+ abortReason [0] IMPLICIT AbortReason OPTIONAL,
+ reflectedParameter [1] IMPLICIT BIT STRING OPTIONAL,
+ -- 8 bits maximum, only if abortReason is invalidParameter
+ userdataAB
+ [2] TYPE-IDENTIFIER.&Type
+ OPTIONAL -- only in normal mode and if abortReason--
+ -- is userError
+}
+
+AbortReason ::= INTEGER {
+ localSystemProblem(0),
+ invalidParameter(1), -- reflectedParameter supplied
+ unrecognizedActivity(2),
+ temporaryProblem(3),
+ -- the RTSE cannot accept a session for a period of time
+ protocolError(4), -- RTSE level protocol error
+ permanentProblem(5), --provider-abort solely in normal mode
+ userError(6), -- user-abort solely in normal mode
+ transferCompleted(7) -- activity can't be discarded--}
+
+-- APPLICATION-CONTEXTS
+-- 1994 Application Context omitting RTSE
+ms-access-94 APPLICATION-CONTEXT ::= {
+ CONTRACT ms-access-contract-94
+ ESTABLISHED BY acse
+ INFORMATION TRANSFER BY pData
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | ms-message-submission-abstract-syntax |
+ message-retrieval-abstract-syntax-94 |
+ message-administration-abstract-syntax-94 |
+ ms-bind-unbind-abstract-syntax-94}
+ APPLICATION CONTEXT NAME id-ac-ms-access-94
+}
+
+-- 1994 Application Context including RTSE
+ms-reliable-access-94 APPLICATION-CONTEXT ::= {
+ CONTRACT ms-access-contract-94
+ ESTABLISHED BY association-by-RTSE
+ INFORMATION TRANSFER BY transfer-by-RTSE
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | ms-message-submission-abstract-syntax |
+ message-retrieval-abstract-syntax-94 |
+ message-administration-abstract-syntax-94 |
+ ms-bind-unbind-rtse-abstract-syntax}
+ APPLICATION CONTEXT NAME id-ac-ms-reliable-access-94
+}
+
+-- 1988 Application Context omitting RTSE
+ms-access-88 APPLICATION-CONTEXT ::= {
+ CONTRACT ms-access-contract-88
+ ESTABLISHED BY acse
+ INFORMATION TRANSFER BY pData
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | message-submission-abstract-syntax |
+ message-retrieval-abstract-syntax-88 |
+ message-administration-abstract-syntax-88 |
+ ms-bind-unbind-abstract-syntax-88}
+ APPLICATION CONTEXT NAME id-ac-ms-access-88
+}
+
+-- 1988 Application Context including RTSE
+ms-reliable-access-88 APPLICATION-CONTEXT ::= {
+ CONTRACT ms-access-contract-88
+ ESTABLISHED BY association-by-RTSE
+ INFORMATION TRANSFER BY transfer-by-RTSE
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | message-submission-abstract-syntax |
+ message-retrieval-abstract-syntax-88 |
+ message-administration-abstract-syntax-88 |
+ ms-bind-unbind-rtse-abstract-syntax}
+ APPLICATION CONTEXT NAME id-ac-ms-reliable-access-88
+}
+
+-- ABSTRACT SYNTAXES
+-- Abstract-syntax for 1994 MS-bind and MS-unbind
+ms-bind-unbind-abstract-syntax-94 ABSTRACT-SYNTAX ::= {
+ MSBindUnbindPDUs94
+ IDENTIFIED BY id-as-ms-94
+}
+
+MSBindUnbindPDUs94 ::= CHOICE {
+ bind Bind{ms-access-contract-94.&connection.&bind},
+ unbind Unbind{ms-access-contract-94.&connection.&unbind}
+}
+
+-- Abstract-syntax for 1988 MS-bind and MS-unbind
+ms-bind-unbind-abstract-syntax-88 ABSTRACT-SYNTAX ::= {
+ MSBindUnbindPDUs88
+ IDENTIFIED BY id-as-ms-88
+}
+
+MSBindUnbindPDUs88 ::= CHOICE {
+ bind Bind{ms-access-contract-88.&connection.&bind},
+ unbind Unbind{ms-access-contract-88.&connection.&unbind}
+}
+
+-- Abstract-syntax for MS-bind and MS-unbind with RTSE
+ms-bind-unbind-rtse-abstract-syntax ABSTRACT-SYNTAX ::= {
+ RTSE-apdus -- With MS-bind and MS-unbind --
+ IDENTIFIED BY id-as-ms-rtse
+}
+
+-- Abstract Syntax for MS Message Submission Service Element
+ms-message-submission-abstract-syntax ABSTRACT-SYNTAX ::= {
+ MSMessageSubmissionPDUs
+ IDENTIFIED BY id-as-ms-msse
+}
+
+MSMessageSubmissionPDUs ::= ROS-SingleAS{{MSInvokeIds}, ms-submission}
+
+MSInvokeIds ::= InvokeId(ALL EXCEPT absent:NULL)
+
+-- Abstract Syntax for Message Retrieval Service Element 1994
+message-retrieval-abstract-syntax-94 ABSTRACT-SYNTAX ::= {
+ MessageRetrievalPDUs
+ IDENTIFIED BY id-as-mrse-94
+}
+
+-- Abstract Syntax for Message Retrieval Service Element 1988
+MessageRetrievalPDUs ::=
+ ROS-SingleAS{{MSInvokeIds}, retrieval}
+
+message-retrieval-abstract-syntax-88 ABSTRACT-SYNTAX ::= {
+ MessageRetrievalPDUs88
+ IDENTIFIED BY id-as-mrse-88
+}
+
+MessageRetrievalPDUs88 ::= ROS-SingleAS{{MSInvokeIds}, retrieval-88}
+
+-- Remote Operations
+op-ms-submission-control Code ::= local:2
+
+op-ms-message-submission Code ::= local:3
+
+op-ms-probe-submission Code ::= local:4
+
+op-ms-cancel-deferred-delivery Code ::= local:7
+
+op-summarize Code ::= local:20
+
+op-list Code ::= local:21
+
+op-fetch Code ::= local:22
+
+op-delete Code ::= local:23
+
+op-register-ms Code ::= local:24
+
+op-alert Code ::= local:25
+
+op-modify Code ::= local:26
+
+-- Remote Errors
+err-attribute-error Code ::= local:21
+
+err-auto-action-request-error Code ::= local:22
+
+err-delete-error Code ::= local:23
+
+err-fetch-restriction-error Code ::= local:24
+
+err-range-error Code ::= local:25 -- 1988 Application Contexts only
+
+err-security-error Code ::= local:26
+
+err-service-error Code ::= local:27
+
+err-sequence-number-error Code ::= local:28
+
+err-invalid-parameters-error Code ::= local:29
+
+err-message-group-error Code ::= local:30
+
+err-ms-extension-error Code ::= local:31
+
+err-register-ms-error Code ::= local:32
+
+err-modify-error Code ::= local:33
+
+err-entry-class-error Code ::= local:34
+
+END -- of MSAccessProtocol
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MSGeneralAttributeTypes.asn1 b/asn1/MSGeneralAttributeTypes.asn1
new file mode 100644
index 0000000..4138105
--- /dev/null
+++ b/asn1/MSGeneralAttributeTypes.asn1
@@ -0,0 +1,832 @@
+-- Module MSGeneralAttributeTypes (X.413:06/1999)
+MSGeneralAttributeTypes {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ general-attribute-types(2) version-1999(1)} DEFINITIONS ::=
+BEGIN
+
+-- Prologue
+IMPORTS
+ -- X413ATTRIBUTE information object class
+ X413ATTRIBUTE,
+ -- MS abstract-service data-types
+ AutoActionError, AutoActionType, CreationTime, EntryClassErrorParameter,
+ EntryType, MessageGroupName, MessageGroupErrorParameter, MS-EIT,
+ MSExtensionErrorParameter, RetrievalStatus, SequenceNumber,
+ ServiceErrorParameter
+ FROM MSAbstractService {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ abstract-service(1) version-1999(1)}
+ -- General-attribute-type Object Identifiers
+ id-att-ac-correlated-report-list, id-att-ac-report-subject-entry,
+ id-att-ac-report-summary, id-att-ac-uncorrelated-report-list,
+ id-att-auto-action-error, id-att-auto-action-registration-identifier,
+ id-att-auto-action-subject-entry, id-att-auto-action-type,
+ id-att-certificate-selectors, id-att-child-sequence-numbers,
+ id-att-content, id-att-content-confidentiality-algorithm-identifier,
+ id-att-content-correlator, id-att-content-identifier,
+ id-att-content-integrity-check, id-att-content-length,
+ id-att-content-returned, id-att-content-type,
+ id-att-conversion-with-loss-prohibited, id-att-converted-EITs,
+ id-att-creation-time, id-att-deferred-delivery-cancellation-time,
+ id-att-deferred-delivery-time, id-att-deletion-time, id-att-delivered-EITs,
+ id-att-delivery-flags, id-att-dl-exempted-recipients,
+ id-att-dl-expansion-history, id-att-dl-expansion-prohibited,
+ id-att-entry-type, id-att-internal-trace-information,
+ id-att-latest-delivery-time, id-att-locally-originated,
+ id-att-marked-for-deletion, id-att-message-delivery-envelope,
+ id-att-message-delivery-time, id-att-message-group-name,
+ id-att-message-identifier, id-att-message-notes,
+ id-att-message-origin-authentication-check, id-att-message-security-label,
+ id-att-message-submission-envelope, id-att-message-submission-time,
+ id-att-message-token, id-att-ms-originated, id-att-ms-submission-error,
+ id-att-multiple-originator-certificates, id-att-original-EITs,
+ id-att-originally-intended-recipient-name,
+ id-att-originating-MTA-certificate, id-att-originator-certificate,
+ id-att-originator-name, id-att-originator-report-request,
+ id-att-originator-return-address, id-att-other-recipient-names,
+ id-att-parent-sequence-number, id-att-per-message-indicators,
+ id-att-per-recipient-message-submission-fields,
+ id-att-per-recipient-probe-submission-fields,
+ id-att-per-recipient-report-delivery-fields, id-att-priority,
+ id-att-probe-origin-authentication-check, id-att-probe-submission-envelope,
+ id-att-proof-of-delivery-request, id-att-proof-of-submission,
+ id-att-recipient-certificate, id-att-recipient-names,
+ id-att-recipient-reassignment-prohibited, id-att-redirection-history,
+ id-att-report-delivery-envelope, id-att-reporting-DL-name,
+ id-att-reporting-MTA-certificate,
+ id-att-report-origin-authentication-check, id-att-retrieval-status,
+ id-att-security-classification, id-att-sequence-number,
+ id-att-signature-verification-status, id-att-storage-period,
+ id-att-storage-time, id-att-subject-submission-identifier,
+ id-att-this-recipient-name, id-att-trace-information
+ FROM MSObjectIdentifiers {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ object-identifiers(0) version-1999(1)}
+ -- Message Store matching-rules
+ bitStringMatch, contentCorrelatorMatch, contentIdentifierMatch,
+ mSSingleSubstringListElementsMatch, mSSingleSubstringListMatch,
+ mSSingleSubstringMatch, mSSubstringsMatch, mSStringCaseSensitiveMatch,
+ mSStringListElementsMatch, mSStringListMatch, mSStringMatch,
+ mSStringOrderingMatch, mTSIdentifierMatch, oRAddressElementsMatch,
+ oRAddressMatch, oRAddressSubstringElementsMatch, oRNameElementsMatch,
+ oRNameMatch, oRNameSingleElementMatch, oRNameSubstringElementsMatch,
+ redirectionOrDLExpansionElementsMatch, redirectionOrDLExpansionMatch,
+ redirectionOrDLExpansionSingleElementMatch,
+ redirectionOrDLExpansionSubstringElementsMatch, redirectionReasonMatch,
+ valueCountMatch
+ FROM MSMatchingRules {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ general-matching-rules(5) version-1999(1)}
+ -- MS abstract-service upper bounds
+ ub-entry-types, ub-message-notes-length
+ FROM MSUpperBounds {joint-iso-itu-t mhs(6) ms(4) modules(0) upper-bounds(4)
+ version-1994(0)}
+ -- MTS abstract-service data-types
+ CertificateSelectors, Content, ContentCorrelator, ContentIdentifier,
+ ContentIntegrityCheck, ContentLength, ConversionWithLossProhibited,
+ DeferredDeliveryTime, DeliveryFlags, DLExpansion, DLExpansionProhibited,
+ ExtendedCertificates, ImproperlySpecifiedRecipients, LatestDeliveryTime,
+ MessageDeliveryEnvelope, MessageDeliveryTime,
+ MessageOriginAuthenticationCheck, MessageSecurityLabel,
+ MessageSubmissionEnvelope, MessageSubmissionTime, MessageToken,
+ MTSIdentifier, OriginatingMTACertificate, OriginatorCertificate,
+ OriginatorReportRequest, OriginatorReturnAddress, ORName,
+ PerMessageIndicators, PerRecipientMessageSubmissionFields,
+ PerRecipientProbeSubmissionFields, PerRecipientReportDeliveryFields,
+ Priority, ProbeOriginAuthenticationCheck, ProbeSubmissionEnvelope,
+ ProofOfDeliveryRequest, ProofOfSubmission, RecipientReassignmentProhibited,
+ Redirection, ReportDeliveryEnvelope, ReportingDLName,
+ ReportingMTACertificate, ReportOriginAuthenticationCheck,
+ SecurityClassification, SecurityProblem, SubjectSubmissionIdentifier
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)}
+ -- MTS abstract-service upper bound
+ ub-recipients
+ FROM MTSUpperBounds {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ upper-bounds(3) version-1999(1)}
+ -- MTA abstract-service data-types
+ InternalTraceInformationElement, TraceInformationElement
+ FROM MTAAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mta-abstract-service(2) version-1999(1)}
+ -- Directory matching-rules
+ booleanMatch, integerMatch, integerOrderingMatch, uTCTimeMatch,
+ uTCTimeOrderingMatch
+ FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ selectedAttributeTypes(5) 3}
+ objectIdentifierMatch
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 3}
+ -- Authentication-service data-types
+ AlgorithmIdentifier
+ FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
+ authenticationFramework(7) 3};
+
+-- X413ATTRIBUTE table
+AttributeTable X413ATTRIBUTE ::=
+ {GeneralAttributes | ContentSpecificAttributes}
+
+GeneralAttributes X413ATTRIBUTE ::=
+ {ms-child-sequence-numbers | mt-content |
+ mt-content-confidentiality-algorithm-identifier | mt-content-correlator |
+ mt-content-identifier | mt-content-integrity-check | ms-content-length |
+ ms-content-returned | mt-content-type | mt-conversion-with-loss-prohibited |
+ mt-converted-EITs | ms-creation-time | ms-delivered-EITs | mt-delivery-flags
+ | mt-dl-expansion-history | ms-entry-type | mt-message-delivery-envelope |
+ mt-message-delivery-time | mt-message-identifier |
+ mt-message-origin-authentication-check | mt-message-security-label |
+ mt-message-submission-time | mt-message-token | mt-original-EITs |
+ mt-originally-intended-recipient-name | mt-originator-certificate |
+ mt-originator-name | mt-other-recipient-names | ms-parent-sequence-number |
+ mt-per-recipient-report-delivery-fields | mt-priority |
+ mt-proof-of-delivery-request | mt-redirection-history |
+ mt-report-delivery-envelope | mt-reporting-DL-name |
+ mt-reporting-MTA-certificate | mt-report-origin-authentication-check |
+ ms-retrieval-status | mt-security-classification | ms-sequence-number |
+ mt-subject-submission-identifier | mt-this-recipient-name,
+ ... -- 1994 extension additions --, ms-ac-correlated-report-list |
+ ms-ac-report-subject-entry | ms-ac-report-summary |
+ ms-ac-uncorrelated-report-list | ms-auto-action-error |
+ ms-auto-action-registration-identifier | ms-auto-action-subject-entry |
+ ms-auto-action-type | mt-certificate-selectors |
+ ms-deferred-delivery-cancellation-time | mt-deferred-delivery-time |
+ ms-deletion-time | mt-dl-exempted-recipients | mt-dl-expansion-prohibited |
+ mt-internal-trace-information | mt-latest-delivery-time |
+ ms-locally-originated | ms-marked-for-deletion | ms-message-group-name |
+ ms-message-notes | mt-message-submission-envelope |
+ mt-multiple-originator-certificates | ms-originated | ms-submission-error |
+ mt-originating-MTA-certificate | mt-originator-report-request |
+ mt-originator-return-address | mt-per-message-indicators |
+ mt-per-recipient-message-submission-fields |
+ mt-per-recipient-probe-submission-fields |
+ mt-probe-origin-authentication-check | mt-probe-submission-envelope |
+ mt-proof-of-submission | mt-recipient-certificate | ms-recipient-names |
+ mt-recipient-reassignment-prohibited | ms-signature-verification-status |
+ ms-storage-period | ms-storage-time | mt-trace-information}
+
+ContentSpecificAttributes X413ATTRIBUTE ::=
+ {...}
+
+-- Attribute-types
+ms-ac-correlated-report-list X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ReportLocation,
+ NUMERATION multi-valued,
+ ID id-att-ac-correlated-report-list
+}
+
+ReportLocation ::= CHOICE {
+ no-correlated-reports [0] NULL,
+ location [1] SEQUENCE OF PerRecipientReport
+}
+
+PerRecipientReport ::= SEQUENCE {
+ report-entry [0] SequenceNumber,
+ position [1] INTEGER(1..ub-recipients) DEFAULT 1
+}
+
+ms-ac-report-subject-entry X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX SequenceNumber,
+ EQUALITY MATCHING-RULE integerMatch,
+ ORDERING MATCHING-RULE integerOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-ac-report-subject-entry
+}
+
+ms-ac-report-summary X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ReportSummary,
+ EQUALITY MATCHING-RULE integerMatch,
+ ORDERING MATCHING-RULE integerOrderingMatch,
+ NUMERATION multi-valued,
+ ID id-att-ac-report-summary
+}
+
+ReportSummary ::= ENUMERATED {
+ no-report-requested(0) -- non-delivery report suppressed --,
+ no-report-received(1) -- non-delivery report requested --,
+ report-outstanding(2) -- delivery report requested --, delivery-cancelled(3),
+ delivery-report-from-another-recipient(4),
+ non-delivery-report-from-another-recipient(5),
+ delivery-report-from-intended-recipient(6),
+ non-delivery-report-from-intended-recipient(7)}
+
+ms-ac-uncorrelated-report-list X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX PerRecipientReport,
+ NUMERATION multi-valued,
+ ID id-att-ac-uncorrelated-report-list
+}
+
+ms-auto-action-error X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX AutoActionError,
+ NUMERATION single-valued,
+ ID id-att-auto-action-error
+}
+
+ms-auto-action-registration-identifier X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX INTEGER,
+ EQUALITY MATCHING-RULE integerMatch,
+ ORDERING MATCHING-RULE integerOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-auto-action-registration-identifier
+}
+
+ms-auto-action-subject-entry X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX SequenceNumber,
+ EQUALITY MATCHING-RULE integerMatch,
+ ORDERING MATCHING-RULE integerOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-auto-action-subject-entry
+}
+
+ms-auto-action-type X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX AutoActionType,
+ EQUALITY MATCHING-RULE objectIdentifierMatch,
+ NUMERATION single-valued,
+ ID id-att-auto-action-type
+}
+
+mt-certificate-selectors X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX CertificateSelectors,
+ NUMERATION single-valued,
+ ID id-att-certificate-selectors
+}
+
+ms-child-sequence-numbers X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX SequenceNumber,
+ NUMERATION multi-valued,
+ ID id-att-child-sequence-numbers
+}
+
+mt-content X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX Content,
+ NUMERATION single-valued,
+ ID id-att-content
+}
+
+mt-content-confidentiality-algorithm-identifier X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX AlgorithmIdentifier,
+ NUMERATION single-valued,
+ ID id-att-content-confidentiality-algorithm-identifier
+}
+
+mt-content-correlator X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ContentCorrelator,
+ EQUALITY MATCHING-RULE contentCorrelatorMatch,
+ NUMERATION single-valued,
+ ID id-att-content-correlator
+}
+
+mt-content-identifier X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ContentIdentifier,
+ EQUALITY MATCHING-RULE contentIdentifierMatch,
+ NUMERATION single-valued,
+ ID id-att-content-identifier
+}
+
+mt-content-integrity-check X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ContentIntegrityCheck,
+ NUMERATION single-valued,
+ ID id-att-content-integrity-check
+}
+
+ms-content-length X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ContentLength,
+ ORDERING MATCHING-RULE integerOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-content-length
+}
+
+ms-content-returned X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX BOOLEAN,
+ EQUALITY MATCHING-RULE booleanMatch,
+ NUMERATION single-valued,
+ ID id-att-content-returned
+}
+
+mt-content-type X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX OBJECT IDENTIFIER,
+ EQUALITY MATCHING-RULE objectIdentifierMatch,
+ NUMERATION single-valued,
+ ID id-att-content-type
+}
+
+mt-conversion-with-loss-prohibited X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ConversionWithLossProhibited,
+ EQUALITY MATCHING-RULE integerMatch,
+ NUMERATION single-valued,
+ ID id-att-conversion-with-loss-prohibited
+}
+
+mt-converted-EITs X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX MS-EIT,
+ EQUALITY MATCHING-RULE objectIdentifierMatch,
+ NUMERATION multi-valued,
+ ID id-att-converted-EITs
+}
+
+ms-creation-time X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX CreationTime,
+ EQUALITY MATCHING-RULE uTCTimeMatch,
+ ORDERING MATCHING-RULE uTCTimeOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-creation-time
+}
+
+ms-deferred-delivery-cancellation-time X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX DeferredDeliveryCancellationTime,
+ EQUALITY MATCHING-RULE uTCTimeMatch,
+ ORDERING MATCHING-RULE uTCTimeOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-deferred-delivery-cancellation-time
+}
+
+DeferredDeliveryCancellationTime ::= UTCTime
+
+mt-deferred-delivery-time X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX DeferredDeliveryTime,
+ EQUALITY MATCHING-RULE uTCTimeMatch,
+ ORDERING MATCHING-RULE uTCTimeOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-deferred-delivery-time
+}
+
+ms-deletion-time X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX DeletionTime,
+ EQUALITY MATCHING-RULE uTCTimeMatch,
+ ORDERING MATCHING-RULE uTCTimeOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-deletion-time
+}
+
+DeletionTime ::= UTCTime
+
+ms-delivered-EITs X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX MS-EIT,
+ EQUALITY MATCHING-RULE objectIdentifierMatch,
+ NUMERATION multi-valued,
+ ID id-att-delivered-EITs
+}
+
+mt-delivery-flags X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX DeliveryFlags,
+ EQUALITY MATCHING-RULE bitStringMatch,
+ NUMERATION single-valued,
+ ID id-att-delivery-flags
+}
+
+mt-dl-exempted-recipients X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ORName,
+ EQUALITY MATCHING-RULE oRNameMatch,
+ OTHER MATCHING-RULES
+ {oRNameElementsMatch | oRNameSubstringElementsMatch |
+ oRNameSingleElementMatch, ...},
+ NUMERATION multi-valued,
+ ID id-att-dl-exempted-recipients
+}
+
+mt-dl-expansion-history X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX DLExpansion,
+ OTHER MATCHING-RULES
+ {redirectionOrDLExpansionMatch | redirectionOrDLExpansionElementsMatch |
+ redirectionOrDLExpansionSubstringElementsMatch |
+ redirectionOrDLExpansionSingleElementMatch, ...},
+ NUMERATION multi-valued,
+ ID id-att-dl-expansion-history
+}
+
+mt-dl-expansion-prohibited X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX DLExpansionProhibited,
+ EQUALITY MATCHING-RULE integerMatch,
+ NUMERATION single-valued,
+ ID id-att-dl-expansion-prohibited
+}
+
+ms-entry-type X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX EntryType,
+ EQUALITY MATCHING-RULE integerMatch,
+ ORDERING MATCHING-RULE
+ integerOrderingMatch, -- rule not defined in 1988 Application Contexts
+
+ NUMERATION single-valued,
+ ID id-att-entry-type
+}
+
+mt-internal-trace-information X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX InternalTraceInformationElement,
+ NUMERATION multi-valued,
+ ID id-att-internal-trace-information
+}
+
+mt-latest-delivery-time X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX LatestDeliveryTime,
+ EQUALITY MATCHING-RULE uTCTimeMatch,
+ ORDERING MATCHING-RULE uTCTimeOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-latest-delivery-time
+}
+
+ms-locally-originated X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX NULL,
+ NUMERATION single-valued,
+ ID id-att-locally-originated
+}
+
+ms-marked-for-deletion X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX NULL,
+ NUMERATION single-valued,
+ ID id-att-marked-for-deletion
+}
+
+mt-message-delivery-envelope X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX MessageDeliveryEnvelope,
+ NUMERATION single-valued,
+ ID id-att-message-delivery-envelope
+}
+
+mt-message-delivery-time X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX MessageDeliveryTime,
+ EQUALITY MATCHING-RULE uTCTimeMatch,
+ ORDERING MATCHING-RULE uTCTimeOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-message-delivery-time
+}
+
+ms-message-group-name X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX MessageGroupName,
+ EQUALITY MATCHING-RULE mSStringListMatch,
+ OTHER MATCHING-RULES
+ {mSSingleSubstringListMatch | mSStringListElementsMatch |
+ mSSingleSubstringListElementsMatch | valueCountMatch, ...},
+ NUMERATION multi-valued,
+ ID id-att-message-group-name
+}
+
+mt-message-identifier X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX MTSIdentifier,
+ EQUALITY MATCHING-RULE
+ mTSIdentifierMatch, -- rule not defined in 1988 Application Contexts
+
+ NUMERATION single-valued,
+ ID id-att-message-identifier
+}
+
+ms-message-notes X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX GeneralString(SIZE (1..ub-message-notes-length)),
+ EQUALITY MATCHING-RULE mSStringMatch,
+ SUBSTRINGS MATCHING-RULE mSSubstringsMatch,
+ NUMERATION multi-valued,
+ ID id-att-message-notes
+}
+
+mt-message-origin-authentication-check X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX MessageOriginAuthenticationCheck,
+ NUMERATION single-valued,
+ ID id-att-message-origin-authentication-check
+}
+
+mt-message-security-label X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX MessageSecurityLabel,
+ NUMERATION single-valued,
+ ID id-att-message-security-label
+}
+
+mt-message-submission-envelope X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX MessageSubmissionEnvelope,
+ NUMERATION single-valued,
+ ID id-att-message-submission-envelope
+}
+
+mt-message-submission-time X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX MessageSubmissionTime,
+ EQUALITY MATCHING-RULE uTCTimeMatch,
+ ORDERING MATCHING-RULE uTCTimeOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-message-submission-time
+}
+
+mt-message-token X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX MessageToken,
+ NUMERATION single-valued,
+ ID id-att-message-token
+}
+
+ms-originated X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX NULL,
+ NUMERATION single-valued,
+ ID id-att-ms-originated
+}
+
+ms-submission-error X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX SubmissionError,
+ NUMERATION single-valued,
+ ID id-att-ms-submission-error
+}
+
+SubmissionError ::= CHOICE {
+ submission-control-violated [1] NULL,
+ originator-invalid [2] NULL,
+ recipient-improperly-specified [3] ImproperlySpecifiedRecipients,
+ element-of-service-not-subscribed [4] NULL,
+ inconsistent-request [11] NULL,
+ security-error [12] SecurityProblem,
+ unsupported-critical-function [13] NULL,
+ remote-bind-error [15] NULL,
+ service-error [27] ServiceErrorParameter,
+ message-group-error [30] MessageGroupErrorParameter,
+ ms-extension-error [31] MSExtensionErrorParameter,
+ entry-class-error [34] EntryClassErrorParameter
+}
+
+mt-multiple-originator-certificates X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ExtendedCertificates,
+ NUMERATION single-valued,
+ ID id-att-multiple-originator-certificates
+}
+
+mt-original-EITs X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX MS-EIT,
+ EQUALITY MATCHING-RULE objectIdentifierMatch,
+ NUMERATION multi-valued,
+ ID id-att-original-EITs
+}
+
+mt-originally-intended-recipient-name X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ORName,
+ EQUALITY MATCHING-RULE oRNameMatch,
+ OTHER MATCHING-RULES
+ {oRNameElementsMatch | oRNameSubstringElementsMatch |
+ oRNameSingleElementMatch, ...},
+ NUMERATION single-valued,
+ ID id-att-originally-intended-recipient-name
+}
+
+mt-originating-MTA-certificate X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX OriginatingMTACertificate,
+ NUMERATION single-valued,
+ ID id-att-originating-MTA-certificate
+}
+
+mt-originator-certificate X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX OriginatorCertificate,
+ NUMERATION single-valued,
+ ID id-att-originator-certificate
+}
+
+mt-originator-name X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ORName,
+ EQUALITY MATCHING-RULE oRNameMatch,
+ OTHER MATCHING-RULES
+ {oRNameElementsMatch | oRNameSubstringElementsMatch |
+ oRNameSingleElementMatch, ...},
+ NUMERATION single-valued,
+ ID id-att-originator-name
+}
+
+mt-originator-report-request X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX OriginatorReportRequest,
+ NUMERATION multi-valued,
+ ID id-att-originator-report-request
+}
+
+mt-originator-return-address X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX OriginatorReturnAddress,
+ NUMERATION single-valued,
+ ID id-att-originator-return-address
+}
+
+mt-other-recipient-names X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ORName,
+ EQUALITY MATCHING-RULE oRNameMatch,
+ OTHER MATCHING-RULES
+ {oRNameElementsMatch | oRNameSubstringElementsMatch |
+ oRNameSingleElementMatch, ...},
+ NUMERATION multi-valued,
+ ID id-att-other-recipient-names
+}
+
+ms-parent-sequence-number X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX SequenceNumber,
+ EQUALITY MATCHING-RULE integerMatch,
+ ORDERING MATCHING-RULE integerOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-parent-sequence-number
+}
+
+mt-per-message-indicators X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX PerMessageIndicators,
+ EQUALITY MATCHING-RULE bitStringMatch,
+ NUMERATION single-valued,
+ ID id-att-per-message-indicators
+}
+
+mt-per-recipient-message-submission-fields X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX PerRecipientMessageSubmissionFields,
+ NUMERATION multi-valued,
+ ID id-att-per-recipient-message-submission-fields
+}
+
+mt-per-recipient-probe-submission-fields X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX PerRecipientProbeSubmissionFields,
+ NUMERATION multi-valued,
+ ID id-att-per-recipient-probe-submission-fields
+}
+
+mt-per-recipient-report-delivery-fields X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX PerRecipientReportDeliveryFields,
+ NUMERATION multi-valued,
+ ID id-att-per-recipient-report-delivery-fields
+}
+
+mt-priority X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX Priority,
+ EQUALITY MATCHING-RULE integerMatch,
+ ORDERING MATCHING-RULE
+ integerOrderingMatch, -- rule not defined in 1988 Application Contexts
+
+ NUMERATION single-valued,
+ ID id-att-priority
+}
+
+mt-probe-origin-authentication-check X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ProbeOriginAuthenticationCheck,
+ NUMERATION single-valued,
+ ID id-att-probe-origin-authentication-check
+}
+
+mt-probe-submission-envelope X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ProbeSubmissionEnvelope,
+ NUMERATION single-valued,
+ ID id-att-probe-submission-envelope
+}
+
+mt-proof-of-delivery-request X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ProofOfDeliveryRequest,
+ EQUALITY MATCHING-RULE
+ integerMatch, -- rule not defined in 1988 Application Contexts
+
+ NUMERATION single-valued,
+ ID id-att-proof-of-delivery-request
+}
+
+mt-proof-of-submission X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ProofOfSubmission,
+ NUMERATION single-valued,
+ ID id-att-proof-of-submission
+}
+
+mt-recipient-certificate X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ExtendedCertificates,
+ NUMERATION single-valued,
+ ID id-att-recipient-certificate
+}
+
+ms-recipient-names X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ORName,
+ EQUALITY MATCHING-RULE oRNameMatch,
+ OTHER MATCHING-RULES
+ {oRNameElementsMatch | oRNameSubstringElementsMatch |
+ oRNameSingleElementMatch, ...},
+ NUMERATION multi-valued,
+ ID id-att-recipient-names
+}
+
+mt-recipient-reassignment-prohibited X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX RecipientReassignmentProhibited,
+ EQUALITY MATCHING-RULE integerMatch,
+ NUMERATION single-valued,
+ ID id-att-recipient-reassignment-prohibited
+}
+
+mt-redirection-history X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX Redirection,
+ OTHER MATCHING-RULES
+ {redirectionOrDLExpansionMatch | redirectionOrDLExpansionElementsMatch |
+ redirectionOrDLExpansionSubstringElementsMatch |
+ redirectionOrDLExpansionSingleElementMatch | redirectionReasonMatch,
+ ...},
+ NUMERATION multi-valued,
+ ID id-att-redirection-history
+}
+
+mt-report-delivery-envelope X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ReportDeliveryEnvelope,
+ NUMERATION single-valued,
+ ID id-att-report-delivery-envelope
+}
+
+mt-reporting-DL-name X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ReportingDLName,
+ EQUALITY MATCHING-RULE
+ oRNameMatch, -- rule not defined in 1988 Application Contexts
+
+ OTHER MATCHING-RULES
+ {oRNameElementsMatch | oRNameSubstringElementsMatch |
+ oRNameSingleElementMatch, ...},
+ NUMERATION single-valued,
+ ID id-att-reporting-DL-name
+}
+
+mt-reporting-MTA-certificate X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ReportingMTACertificate,
+ NUMERATION single-valued,
+ ID id-att-reporting-MTA-certificate
+}
+
+mt-report-origin-authentication-check X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ReportOriginAuthenticationCheck,
+ NUMERATION single-valued,
+ ID id-att-report-origin-authentication-check
+}
+
+ms-retrieval-status X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX RetrievalStatus,
+ EQUALITY MATCHING-RULE integerMatch,
+ NUMERATION single-valued,
+ ID id-att-retrieval-status
+}
+
+mt-security-classification X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX SecurityClassification,
+ EQUALITY MATCHING-RULE integerMatch,
+ NUMERATION single-valued,
+ ID id-att-security-classification
+}
+
+ms-sequence-number X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX SequenceNumber,
+ EQUALITY MATCHING-RULE integerMatch,
+ ORDERING MATCHING-RULE integerOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-sequence-number
+}
+
+ms-signature-verification-status X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX SignatureVerificationStatus,
+ NUMERATION single-valued,
+ ID id-att-signature-verification-status
+}
+
+SignatureVerificationStatus ::= SET {
+ content-integrity-check
+ [0] SignatureStatus DEFAULT signature-absent,
+ message-origin-authentication-check
+ [1] SignatureStatus DEFAULT signature-absent,
+ message-token
+ [2] SignatureStatus DEFAULT signature-absent,
+ report-origin-authentication-check
+ [3] SignatureStatus DEFAULT signature-absent,
+ proof-of-delivery
+ [4] SignatureStatus DEFAULT signature-absent,
+ proof-of-submission
+ [5] SignatureStatus DEFAULT signature-absent
+}
+
+SignatureStatus ::= INTEGER {
+ signature-absent(0), verification-in-progress(1), verification-succeeded(2),
+ verification-not-possible(3), content-converted(4), signature-encrypted(5),
+ algorithm-not-supported(6), certificate-not-obtainable(7),
+ verification-failed(8)}
+
+ms-storage-period X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX StoragePeriod,
+ EQUALITY MATCHING-RULE integerMatch,
+ ORDERING MATCHING-RULE integerOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-storage-period
+}
+
+StoragePeriod ::= INTEGER -- seconds
+
+ms-storage-time X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX StorageTime,
+ EQUALITY MATCHING-RULE uTCTimeMatch,
+ ORDERING MATCHING-RULE uTCTimeOrderingMatch,
+ NUMERATION single-valued,
+ ID id-att-storage-time
+}
+
+StorageTime ::= UTCTime
+
+mt-subject-submission-identifier X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX SubjectSubmissionIdentifier,
+ EQUALITY MATCHING-RULE
+ mTSIdentifierMatch, -- rule not defined in 1988 Application Contexts
+
+ NUMERATION single-valued,
+ ID id-att-subject-submission-identifier
+}
+
+mt-this-recipient-name X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX ORName,
+ EQUALITY MATCHING-RULE oRNameMatch,
+ OTHER MATCHING-RULES
+ {oRNameElementsMatch | oRNameSubstringElementsMatch |
+ oRNameSingleElementMatch, ...},
+ NUMERATION single-valued,
+ ID id-att-this-recipient-name
+}
+
+mt-trace-information X413ATTRIBUTE ::= {
+ WITH ATTRIBUTE-SYNTAX TraceInformationElement,
+ NUMERATION multi-valued,
+ ID id-att-trace-information
+}
+
+END -- of MSGeneralAttributeTypes
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MSGeneralAutoActionTypes.asn1 b/asn1/MSGeneralAutoActionTypes.asn1
new file mode 100644
index 0000000..eceae4a
--- /dev/null
+++ b/asn1/MSGeneralAutoActionTypes.asn1
@@ -0,0 +1,118 @@
+-- Module MSGeneralAutoActionTypes (X.413:06/1999)
+MSGeneralAutoActionTypes {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ general-auto-action-types(3) version-1994(0)} DEFINITIONS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything
+IMPORTS
+ -- AUTO-ACTION and AUTO-ACTION-ERROR information object classes
+ AUTO-ACTION,
+ AUTO-ACTION-ERROR,
+ -- MS abstract-service data-types and abstract-errors
+ EntryClass, EntryInformationSelection, EntryModification, Filter,
+ message-group-error, modify-error, service-error, SequenceNumber
+ --==
+ FROM MSAbstractService {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ abstract-service(1) version-1999(1)}
+ -- MS Object Identifiers
+ id-aae-auto-alert-error, id-act-auto-alert, id-act-auto-correlate-reports,
+ id-act-auto-delete, id-act-auto-modify
+ --==
+ FROM MSObjectIdentifiers {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ object-identifiers(0) version-1999(1)}
+ -- MS abstract-service upper bounds
+ ub-alert-addresses, ub-modifications, ub-supplementary-info-length
+ --==
+ FROM MSUpperBounds {joint-iso-itu-t mhs(6) ms(4) modules(0) upper-bounds(4)
+ version-1994(0)}
+ -- MTS abstract-service
+ security-error
+ --==
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)};
+
+-- Auto-action table information object set
+AutoActionTable AUTO-ACTION ::=
+ {GeneralAutoActions | ContentSpecificAutoActions}
+
+GeneralAutoActions AUTO-ACTION ::=
+ {auto-alert, ... -- 1994 extension additions --, auto-modify |
+ auto-correlate-reports | auto-delete}
+
+ContentSpecificAutoActions AUTO-ACTION ::=
+ {...}
+
+-- Auto-action error table information object set
+AutoActionErrorTable AUTO-ACTION-ERROR ::=
+ {GeneralAutoActionErrors | ContentSpecificAutoActionErrors}
+
+GeneralAutoActionErrors AUTO-ACTION-ERROR ::=
+ {auto-alert-error | modify-error | service-error | security-error |
+ message-group-error, ... -- For future extension additions --}
+
+ContentSpecificAutoActionErrors AUTO-ACTION-ERROR ::=
+ {...}
+
+-- Auto-action-types
+auto-alert AUTO-ACTION ::= {
+ REGISTRATION PARAMETER IS AutoAlertRegistrationParameter
+ ERRORS {auto-alert-error}
+ IDENTIFIED BY id-act-auto-alert
+}
+
+AutoAlertRegistrationParameter ::= SET {
+ filter [0] Filter OPTIONAL,
+ alert-destinations
+ [1] SEQUENCE SIZE (1..ub-alert-addresses) OF AlertDestination OPTIONAL,
+ requested-attributes [2] EntryInformationSelection OPTIONAL,
+ -- 1994 extension
+ suppress-alert-destinations [3] BOOLEAN DEFAULT TRUE
+}
+
+AlertDestination ::= SEQUENCE {
+ alert-address EXTERNAL,
+ alert-qualifier OCTET STRING OPTIONAL
+}
+
+--
+auto-modify AUTO-ACTION ::= {
+ REGISTRATION PARAMETER IS AutoModifyRegistrationParameter
+ ERRORS
+ {security-error | service-error | modify-error | message-group-error}
+ IDENTIFIED BY id-act-auto-modify
+}
+
+AutoModifyRegistrationParameter ::= SET {
+ entry-class [0] EntryClass DEFAULT delivery,
+ filter [1] Filter OPTIONAL,
+ modifications [2] SEQUENCE SIZE (1..ub-modifications) OF EntryModification
+}
+
+--
+auto-correlate-reports AUTO-ACTION ::= {
+ IDENTIFIED BY id-act-auto-correlate-reports
+}
+
+--
+auto-delete AUTO-ACTION ::= {
+ ERRORS {security-error}
+ IDENTIFIED BY id-act-auto-delete
+}
+
+-- Auto-action errors
+auto-alert-error AUTO-ACTION-ERROR ::= {
+ PARAMETER SEQUENCE SIZE (1..ub-alert-addresses) OF AutoAlertErrorIndication
+ CODE global:id-aae-auto-alert-error
+}
+
+AutoAlertErrorIndication ::= SET {
+ failing-alert-destination [0] AlertDestination OPTIONAL,
+ supplementary-information
+ [1] GeneralString(SIZE (1..ub-supplementary-info-length)) OPTIONAL
+}
+
+END -- of MSGeneralAutoActionTypes
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MSMatchingRules.asn1 b/asn1/MSMatchingRules.asn1
new file mode 100644
index 0000000..37c894d
--- /dev/null
+++ b/asn1/MSMatchingRules.asn1
@@ -0,0 +1,225 @@
+-- Module MSMatchingRules (X.413:06/1999)
+MSMatchingRules {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ general-matching-rules(5) version-1999(1)} DEFINITIONS ::=
+BEGIN
+
+-- Prologue
+--Exports everything
+IMPORTS
+ -- MATCHING-RULE information object class and Directory matching-rules
+ MATCHING-RULE, objectIdentifierMatch
+ --==
+ FROM InformationFramework
+ bitStringMatch, booleanMatch, generalizedTimeMatch,
+ generalizedTimeOrderingMatch, integerMatch, integerOrderingMatch,
+ uTCTimeMatch, uTCTimeOrderingMatch
+ --==
+ FROM SelectedAttributeTypes
+
+ -- Matching-rule Object Identifiers
+ id-mr-content-correlator-match, id-mr-content-identifier-match,
+ id-mr-ms-single-substring-list-elements-match,
+ id-mr-ms-single-substring-list-match, id-mr-ms-single-substring-match,
+ id-mr-ms-substrings-match, id-mr-msstring-case-sensitive-match,
+ id-mr-msstring-list-elements-match, id-mr-msstring-list-match,
+ id-mr-msstring-match, id-mr-msstring-ordering-match,
+ id-mr-mts-identifier-match, id-mr-oraddress-elements-match,
+ id-mr-oraddress-match, id-mr-oraddress-substring-elements-match,
+ id-mr-orname-elements-match, id-mr-orname-match,
+ id-mr-orname-single-element-match, id-mr-orname-substring-elements-match,
+ id-mr-redirection-or-dl-expansion-elements-match,
+ id-mr-redirection-or-dl-expansion-match,
+ id-mr-redirection-or-dl-expansion-single-element-match,
+ id-mr-redirection-or-dl-expansion-substring-elements-match,
+ id-mr-redirection-reason-match, id-mr-value-count-match
+ --==
+ FROM MSObjectIdentifiers {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ object-identifiers(0) version-1999(1)}
+ -- MS upper bounds
+ ub-attribute-values, ub-msstring-match
+ --==
+ FROM MSUpperBounds {joint-iso-itu-t mhs(6) ms(4) modules(0) upper-bounds(4)
+ version-1994(0)}
+ -- MTS abstract service
+ ContentCorrelator, ContentIdentifier, MTSIdentifier, ORAddress,
+ ORAddressAndOptionalDirectoryName, ORName, RedirectionReason
+ --==
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)};
+
+-- Matching rule table information object set
+MatchingRuleTable MATCHING-RULE ::=
+ {GeneralMatchingRules | ContentSpecificMatchingRules}
+
+GeneralMatchingRules MATCHING-RULE ::=
+ {bitStringMatch | booleanMatch | contentIdentifierMatch | integerMatch |
+ integerOrderingMatch | mSStringCaseSensitiveMatch | objectIdentifierMatch |
+ oRNameMatch | uTCTimeMatch | uTCTimeOrderingMatch,
+ ... -- 1994 extension additions --, contentCorrelatorMatch |
+ generalizedTimeMatch | generalizedTimeOrderingMatch | mSSingleSubstringMatch
+ | mSStringCaseSensitiveMatch | mSStringListElementsMatch | mSStringListMatch
+ | mSStringMatch | mSStringOrderingMatch | mSSingleSubstringListElementsMatch
+ | mSSingleSubstringListMatch | mSSubstringsMatch | mTSIdentifierMatch |
+ oRAddressElementsMatch | oRAddressMatch | oRAddressSubstringElementsMatch |
+ oRNameElementsMatch | oRNameMatch | oRNameSingleElementMatch |
+ oRNameSubstringElementsMatch | redirectionOrDLExpansionElementsMatch |
+ redirectionOrDLExpansionMatch | redirectionOrDLExpansionSingleElementMatch |
+ redirectionOrDLExpansionSubstringElementsMatch | redirectionReasonMatch |
+ valueCountMatch}
+
+ContentSpecificMatchingRules MATCHING-RULE ::=
+ {...}
+
+-- MS String assertion-syntax
+MSString{INTEGER:maxSize} ::= CHOICE {
+ printable PrintableString(SIZE (1..maxSize)),
+ teletex TeletexString(SIZE (1..maxSize)),
+ general GeneralString(SIZE (1..maxSize)),
+ universal UniversalString(SIZE (1..maxSize)),
+ bmp BMPString(SIZE (1..maxSize))
+}
+
+-- String matching-rules
+mSStringMatch MATCHING-RULE ::= {
+ SYNTAX MSString {ub-msstring-match}
+ ID id-mr-msstring-match
+}
+
+mSStringOrderingMatch MATCHING-RULE ::= {
+ SYNTAX MSString {ub-msstring-match}
+ ID id-mr-msstring-ordering-match
+}
+
+mSSubstringsMatch MATCHING-RULE ::= {
+ SYNTAX SubstringAssertion
+ ID id-mr-ms-substrings-match
+}
+
+SubstringAssertion ::=
+ SEQUENCE OF
+ CHOICE {initial [0] MSString{ub-msstring-match},
+ any [1] MSString{ub-msstring-match},
+ final [2] MSString{ub-msstring-match}}
+
+-- at most one initial and one final component
+mSSingleSubstringMatch MATCHING-RULE ::= {
+ SYNTAX MSString {ub-msstring-match}
+ ID id-mr-ms-single-substring-match
+}
+
+mSStringCaseSensitiveMatch MATCHING-RULE ::= {
+ SYNTAX MSString {ub-msstring-match}
+ ID id-mr-msstring-case-sensitive-match
+}
+
+mSStringListMatch MATCHING-RULE ::= {
+ SYNTAX SEQUENCE OF MSString{ub-msstring-match}
+ ID id-mr-msstring-list-match
+}
+
+mSStringListElementsMatch MATCHING-RULE ::= {
+ SYNTAX SEQUENCE OF MSString{ub-msstring-match}
+ ID id-mr-msstring-list-elements-match
+}
+
+mSSingleSubstringListMatch MATCHING-RULE ::= {
+ SYNTAX SEQUENCE OF MSString{ub-msstring-match}
+ ID id-mr-ms-single-substring-list-match
+}
+
+mSSingleSubstringListElementsMatch MATCHING-RULE ::= {
+ SYNTAX SEQUENCE OF MSString{ub-msstring-match}
+ ID id-mr-ms-single-substring-list-elements-match
+}
+
+-- Syntax-based matching-rule
+valueCountMatch MATCHING-RULE ::= {
+ SYNTAX INTEGER(1..ub-attribute-values)
+ ID id-mr-value-count-match
+}
+
+-- Matching-rules for complex Message Store attributes
+-- OR-address matching-rules
+oRAddressMatch MATCHING-RULE ::= {
+ SYNTAX ORAddress
+ ID id-mr-oraddress-match
+}
+
+oRAddressElementsMatch MATCHING-RULE ::= {
+ SYNTAX ORAddress
+ ID id-mr-oraddress-elements-match
+}
+
+oRAddressSubstringElementsMatch MATCHING-RULE ::= {
+ SYNTAX ORAddress
+ ID id-mr-oraddress-substring-elements-match
+}
+
+-- OR-name matching-rules
+oRNameMatch MATCHING-RULE ::= {SYNTAX ORName
+ ID id-mr-orname-match
+}
+
+oRNameElementsMatch MATCHING-RULE ::= {
+ SYNTAX ORName
+ ID id-mr-orname-elements-match
+}
+
+oRNameSubstringElementsMatch MATCHING-RULE ::= {
+ SYNTAX ORName
+ ID id-mr-orname-substring-elements-match
+}
+
+oRNameSingleElementMatch MATCHING-RULE ::= {
+ SYNTAX MSString {ub-msstring-match}
+ ID id-mr-orname-single-element-match
+}
+
+-- Redirection or DL-expansion matching rules
+redirectionOrDLExpansionMatch MATCHING-RULE ::= {
+ SYNTAX ORAddressAndOptionalDirectoryName
+ ID id-mr-redirection-or-dl-expansion-match
+}
+
+redirectionOrDLExpansionElementsMatch MATCHING-RULE ::= {
+ SYNTAX ORAddressAndOptionalDirectoryName
+ ID id-mr-redirection-or-dl-expansion-elements-match
+}
+
+redirectionOrDLExpansionSingleElementMatch MATCHING-RULE ::= {
+ SYNTAX MSString {ub-msstring-match}
+ ID id-mr-redirection-or-dl-expansion-single-element-match
+}
+
+redirectionOrDLExpansionSubstringElementsMatch MATCHING-RULE ::= {
+ SYNTAX ORAddressAndOptionalDirectoryName
+ ID id-mr-redirection-or-dl-expansion-substring-elements-match
+}
+
+redirectionReasonMatch MATCHING-RULE ::= {
+ SYNTAX RedirectionReason
+ ID id-mr-redirection-reason-match
+}
+
+-- MTS-identifier matching rule
+mTSIdentifierMatch MATCHING-RULE ::= {
+ SYNTAX MTSIdentifier
+ ID id-mr-mts-identifier-match
+}
+
+-- Content-correlator matching rule
+contentCorrelatorMatch MATCHING-RULE ::= {
+ SYNTAX ContentCorrelator
+ ID id-mr-content-correlator-match
+}
+
+-- Content-identifier matching rule
+contentIdentifierMatch MATCHING-RULE ::= {
+ SYNTAX ContentIdentifier
+ ID id-mr-content-identifier-match
+}
+
+END -- of MSMatchingRules
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MSObjectIdentifiers.asn1 b/asn1/MSObjectIdentifiers.asn1
new file mode 100644
index 0000000..df194f8
--- /dev/null
+++ b/asn1/MSObjectIdentifiers.asn1
@@ -0,0 +1,322 @@
+-- Module MSObjectIdentifiers (X.413:06/1999)
+MSObjectIdentifiers {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ object-identifiers(0) version-1999(1)} DEFINITIONS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything
+IMPORTS
+ ID, id-ms
+ --==
+ FROM MHSObjectIdentifiers {joint-iso-itu-t mhs(6) arch(5) modules(0)
+ object-identifiers(0) version-1999(1)};
+
+-- Categories
+id-mod -- modules -- ID ::= {id-ms 0}
+
+id-ot -- objects -- ID ::= {id-ms 1}
+
+id-pt -- port types -- ID ::= {id-ms 2}
+
+id-att -- attribute types -- ID ::= {id-ms 3}
+
+id-act -- auto-action types -- ID ::= {id-ms 4}
+
+id-crt -- contracts -- ID ::= {id-ms 5}
+
+id-cp -- connection-packages -- ID ::= {id-ms 6}
+
+id-aae -- auto-action-errors-- ID ::= {id-ms 7}
+
+id-mr -- matching-rules -- ID ::= {id-ms 8}
+
+id-ext -- extensions -- ID ::= {id-ms 9}
+
+id-alg -- algorithms -- ID ::= {id-ms 10}
+
+-- Modules
+id-mod-object-identifiers ID ::= {id-mod 0} -- not definitive
+
+id-mod-abstract-service ID ::= {id-mod 1} -- not definitive
+
+id-mod-attribute-types ID ::= {id-mod 2} -- not definitive
+
+id-mod-action-types ID ::= {id-mod 3} -- not definitive
+
+id-mod-upper-bounds ID ::= {id-mod 4} -- not definitive
+
+id-mod-matching-rules ID ::= {id-mod 5} -- not definitive
+
+-- Objects
+id-ot-ms ID ::= {id-ot 0}
+
+id-ot-ms-user ID ::= {id-ot 1}
+
+-- Port types
+id-pt-retrieval-88 ID ::= {id-pt 0}
+
+id-pt-retrieval-94 ID ::= {id-pt 1}
+
+id-pt-ms-submission ID ::= {id-pt 2}
+
+-- Contracts
+id-crt-ms-access-88 ID ::= {id-crt 0}
+
+id-crt-ms-access-94 ID ::= {id-crt 1}
+
+-- Connection-packages
+id-cp-ms-connection ID ::= {id-cp 0}
+
+-- Attribute-types
+id-att-ac-correlated-report-list ID ::= {id-att 42}
+
+id-att-ac-report-subject-entry ID ::= {id-att 76}
+
+id-att-ac-report-summary ID ::= {id-att 43}
+
+id-att-ac-uncorrelated-report-list ID ::= {id-att 44}
+
+id-att-auto-action-error ID ::= {id-att 46}
+
+id-att-auto-action-registration-identifier ID ::= {id-att 47}
+
+id-att-auto-action-subject-entry ID ::= {id-att 48}
+
+id-att-auto-action-type ID ::= {id-att 49}
+
+id-att-certificate-selectors ID ::= {id-att 80}
+
+id-att-child-sequence-numbers ID ::= {id-att 0}
+
+id-att-content ID ::= {id-att 1}
+
+id-att-content-confidentiality-algorithm-identifier ID ::= {id-att 2}
+
+id-att-content-correlator ID ::= {id-att 3}
+
+id-att-content-identifier ID ::= {id-att 4}
+
+id-att-content-integrity-check ID ::= {id-att 5}
+
+id-att-content-length ID ::= {id-att 6}
+
+id-att-content-returned ID ::= {id-att 7}
+
+id-att-content-type ID ::= {id-att 8}
+
+id-att-conversion-with-loss-prohibited ID ::= {id-att 9}
+
+id-att-converted-EITs ID ::= {id-att 10}
+
+id-att-creation-time ID ::= {id-att 11}
+
+id-att-deferred-delivery-cancellation-time ID ::= {id-att 50}
+
+id-att-deferred-delivery-time ID ::= {id-att 51}
+
+id-att-deletion-time ID ::= {id-att 52}
+
+id-att-delivered-EITs ID ::= {id-att 12}
+
+id-att-delivery-flags ID ::= {id-att 13}
+
+id-att-dl-exempted-recipients ID ::= {id-att 78}
+
+id-att-dl-expansion-history ID ::= {id-att 14}
+
+id-att-dl-expansion-prohibited ID ::= {id-att 53}
+
+id-att-entry-type ID ::= {id-att 16}
+
+id-att-internal-trace-information ID ::= {id-att 54}
+
+id-att-latest-delivery-time ID ::= {id-att 55}
+
+id-att-locally-originated ID ::= {id-att 77}
+
+id-att-marked-for-deletion ID ::= {id-att 56}
+
+id-att-message-delivery-envelope ID ::= {id-att 18}
+
+id-att-message-delivery-time ID ::= {id-att 20}
+
+id-att-message-group-name ID ::= {id-att 57}
+
+id-att-message-identifier ID ::= {id-att 19}
+
+id-att-message-notes ID ::= {id-att 58}
+
+id-att-message-origin-authentication-check ID ::= {id-att 21}
+
+id-att-message-security-label ID ::= {id-att 22}
+
+id-att-message-submission-envelope ID ::= {id-att 59}
+
+id-att-message-submission-time ID ::= {id-att 23}
+
+id-att-message-token ID ::= {id-att 24}
+
+id-att-ms-originated ID ::= {id-att 60}
+
+id-att-ms-submission-error ID ::= {id-att 61}
+
+id-att-multiple-originator-certificates ID ::= {id-att 81}
+
+id-att-original-EITs ID ::= {id-att 25}
+
+id-att-originally-intended-recipient-name ID ::= {id-att 17}
+
+id-att-originating-MTA-certificate ID ::= {id-att 62}
+
+id-att-originator-certificate ID ::= {id-att 26}
+
+id-att-originator-name ID ::= {id-att 27}
+
+id-att-originator-report-request ID ::= {id-att 63}
+
+id-att-originator-return-address ID ::= {id-att 64}
+
+id-att-other-recipient-names ID ::= {id-att 28}
+
+id-att-parent-sequence-number ID ::= {id-att 29}
+
+id-att-per-message-indicators ID ::= {id-att 65}
+
+id-att-per-recipient-message-submission-fields ID ::= {id-att 66}
+
+id-att-per-recipient-probe-submission-fields ID ::= {id-att 67}
+
+id-att-per-recipient-report-delivery-fields ID ::= {id-att 30}
+
+id-att-priority ID ::= {id-att 31}
+
+id-att-probe-origin-authentication-check ID ::= {id-att 68}
+
+id-att-probe-submission-envelope ID ::= {id-att 69}
+
+id-att-proof-of-delivery-request ID ::= {id-att 32}
+
+id-att-proof-of-submission ID ::= {id-att 70}
+
+id-att-recipient-certificate ID ::= {id-att 82}
+
+id-att-recipient-names ID ::= {id-att 71}
+
+id-att-recipient-reassignment-prohibited ID ::= {id-att 72}
+
+id-att-redirection-history ID ::= {id-att 33}
+
+id-att-report-delivery-envelope ID ::= {id-att 34}
+
+id-att-reporting-DL-name ID ::= {id-att 35}
+
+id-att-reporting-MTA-certificate ID ::= {id-att 36}
+
+id-att-report-origin-authentication-check ID ::= {id-att 37}
+
+id-att-retrieval-status ID ::= {id-att 15}
+
+id-att-security-classification ID ::= {id-att 38}
+
+id-att-sequence-number ID ::= {id-att 39}
+
+id-att-signature-verification-status ID ::= {id-att 79}
+
+id-att-storage-period ID ::= {id-att 73}
+
+id-att-storage-time ID ::= {id-att 74}
+
+id-att-subject-submission-identifier ID ::= {id-att 40}
+
+id-att-this-recipient-name ID ::= {id-att 41}
+
+id-att-trace-information ID ::= {id-att 75}
+
+-- Auto-action-types
+id-act-ipm-auto-forward ID ::=
+ {id-act 0} -- Reserved for use in
+
+-- ITU-T Rec. X.420 |
+-- ISO/IEC 10021-7
+id-act-auto-alert ID ::= {id-act 1}
+
+id-act-auto-correlate-reports ID ::= {id-act 2}
+
+id-act-auto-delete ID ::= {id-act 3}
+
+id-act-auto-modify ID ::= {id-act 4}
+
+-- Auto-action errors
+id-aae-auto-alert-error ID ::= {id-aae 0}
+
+-- Matching-rules
+id-mr-content-correlator-match ID ::= {id-mr 1}
+
+id-mr-content-identifier-match ID ::= {id-mr 2}
+
+id-mr-ms-single-substring-list-elements-match ID ::= {id-mr 3}
+
+id-mr-ms-single-substring-list-match ID ::= {id-mr 4}
+
+id-mr-ms-single-substring-match ID ::= {id-mr 5}
+
+id-mr-ms-substrings-match ID ::= {id-mr 6}
+
+id-mr-msstring-case-sensitive-match ID ::= {id-mr 7}
+
+id-mr-msstring-list-elements-match ID ::= {id-mr 8}
+
+id-mr-msstring-list-match ID ::= {id-mr 9}
+
+id-mr-msstring-match ID ::= {id-mr 10}
+
+id-mr-msstring-ordering-match ID ::= {id-mr 11}
+
+id-mr-mts-identifier-match ID ::= {id-mr 12}
+
+id-mr-oraddress-elements-match ID ::= {id-mr 13}
+
+id-mr-oraddress-match ID ::= {id-mr 14}
+
+id-mr-oraddress-substring-elements-match ID ::= {id-mr 15}
+
+id-mr-orname-elements-match ID ::= {id-mr 16}
+
+id-mr-orname-match ID ::= {id-mr 17}
+
+id-mr-orname-single-element-match ID ::= {id-mr 18}
+
+id-mr-orname-substring-elements-match ID ::= {id-mr 19}
+
+id-mr-redirection-or-dl-expansion-elements-match ID ::= {id-mr 20}
+
+id-mr-redirection-or-dl-expansion-match ID ::= {id-mr 21}
+
+id-mr-redirection-or-dl-expansion-single-element-match ID ::= {id-mr 25}
+
+id-mr-redirection-or-dl-expansion-substring-elements-match ID ::= {id-mr 22}
+
+id-mr-redirection-reason-match ID ::= {id-mr 23}
+
+id-mr-value-count-match ID ::= {id-mr 24}
+
+-- Extensions
+id-ext-modify-capability ID ::= {id-ext 0}
+
+id-ext-modify-retrieval-status-capability ID ::= {id-ext 1}
+
+id-ext-originator-certificate-selectors-override ID ::= {id-ext 2}
+
+id-ext-originator-token ID ::= {id-ext 3}
+
+id-ext-protected-change-credentials ID ::= {id-ext 4}
+
+id-ext-protected-change-credentials-capability ID ::= {id-ext 5}
+
+-- Algorithms
+id-alg-password-xor ID ::= {id-alg 0}
+
+END -- of MSObjectIdentifiers
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MSUpperBounds.asn1 b/asn1/MSUpperBounds.asn1
new file mode 100644
index 0000000..6494fbd
--- /dev/null
+++ b/asn1/MSUpperBounds.asn1
@@ -0,0 +1,77 @@
+-- Module MSUpperBounds (X.413:06/1999)
+MSUpperBounds {joint-iso-itu-t mhs(6) ms(4) modules(0) upper-bounds(4)
+ version-1994(0)} DEFINITIONS ::=
+BEGIN
+
+-- Exports everything
+IMPORTS -- nothing -- ;
+
+-- Upper Bounds
+ub-alert-addresses INTEGER ::= 16
+
+ub-attribute-values INTEGER ::= 32767 -- (215 - 1) the largest integer
+
+-- representable in 16 bits
+ub-attributes-supported INTEGER ::= 1024
+
+ub-auto-action-errors INTEGER ::= 32767 -- (215 - 1) the largest integer
+
+-- representable in 16 bits
+ub-auto-actions INTEGER ::= 128
+
+ub-auto-registrations INTEGER ::= 1024
+
+ub-default-registrations INTEGER ::= 1024
+
+ub-entry-classes INTEGER ::= 128
+
+ub-entry-types INTEGER ::= 16
+
+ub-error-reasons INTEGER ::= 16
+
+ub-extensions INTEGER ::= 32
+
+ub-group-depth INTEGER ::= 64
+
+ub-group-descriptor-length INTEGER ::= 256
+
+ub-group-part-length INTEGER ::= 128
+
+ub-information-bases INTEGER ::= 16
+
+ub-matching-rules INTEGER ::= 1024
+
+ub-message-groups INTEGER ::= 8192
+
+ub-message-notes-length INTEGER ::= 1024
+
+ub-messages INTEGER ::= 2147483647 -- (231 - 1) the largest integer
+
+-- representable in 32 bits
+ub-modifications INTEGER ::=
+ 32767 -- (215 - 1) the largest integer
+
+-- representable in 16 bits
+ub-msstring-match INTEGER ::= 512
+
+ub-per-auto-action INTEGER ::= 32767 -- (215 - 1) the largest integer
+
+-- representable in 16 bits
+ub-per-entry INTEGER ::= 1024
+
+ub-service-information-length INTEGER ::= 2048
+
+ub-summaries INTEGER ::= 16
+
+ub-supplementary-info-length INTEGER ::= 256
+
+ub-ua-registration-identifier-length INTEGER ::= 32
+
+ub-ua-registrations INTEGER ::= 128
+
+ub-restrictions INTEGER ::= 16
+
+END -- of MSUpperBounds
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MTAAbstractService.asn1 b/asn1/MTAAbstractService.asn1
new file mode 100644
index 0000000..38035c7
--- /dev/null
+++ b/asn1/MTAAbstractService.asn1
@@ -0,0 +1,481 @@
+-- Module MTAAbstractService (X.411:06/1999)
+MTAAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mta-abstract-service(2) version-1999(1)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything
+IMPORTS
+ -- Remote Operations
+ CONNECTION-PACKAGE, CONTRACT
+ --==
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ emptyUnbind
+ --==
+ FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t
+ remote-operations(4) useful-definitions(7) version1(0)}
+ -- MTS Abstract Service Parameters
+ ABSTRACT-ERROR, ABSTRACT-OPERATION, administration, AdministrationDomainName,
+ certificate-selectors, certificate-selectors-override, Content,
+ ContentIdentifier, ContentLength, ContentType,
+ content-confidentiality-algorithm-identifier, content-correlator,
+ content-integrity-check, conversion-with-loss-prohibited,
+ ConvertedEncodedInformationTypes, CountryName, DeferredDeliveryTime,
+ delivery, dl-exempted-recipients, dl-expansion-history,
+ dl-expansion-prohibited, ExplicitConversion, EXTENSION, ExtensionField{},
+ GlobalDomainIdentifier, InitiatorCredentials, latest-delivery-time,
+ message-origin-authentication-check, message-security-label, message-token,
+ MHS-OBJECT, MTAName, MTSIdentifier, multiple-originator-certificates,
+ ORAddressAndOptionalDirectoryName, OriginalEncodedInformationTypes,
+ originator-and-DL-expansion-history, originator-certificate,
+ originator-return-address, PerMessageIndicators, physical-delivery-modes,
+ physical-delivery-report-request, physical-forwarding-address,
+ physical-forwarding-address-request, physical-forwarding-prohibited,
+ physical-rendition-attributes, PORT, Priority, PrivateDomainIdentifier,
+ PrivateExtensions, probe-origin-authentication-check, proof-of-delivery,
+ proof-of-delivery-request, recipient-certificate,
+ recipient-number-for-advice, recipient-reassignment-prohibited,
+ redirection-history, registered-mail-type, reporting-DL-name,
+ reporting-MTA-certificate, reporting-MTA-name, ReportType,
+ report-origin-authentication-check, requested-delivery-method,
+ ResponderCredentials, SecurityContext, submission,
+ SupplementaryInformation, Time
+ --==
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)}
+ -- IPM Information Objects
+ IPMPerRecipientEnvelopeExtensions
+ --==
+ FROM IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ information-objects(2) version-1999(1)}
+ -- Object Identifiers
+ id-cp-mta-connect, id-ct-mta-transfer, id-ot-mta, id-pt-transfer
+ --==
+ FROM MTSObjectIdentifiers {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ object-identifiers(0) version-1999(1)}
+ -- Upper Bounds
+ ub-bit-options, ub-integer-options, ub-recipients, ub-transfers
+ --==
+ FROM MTSUpperBounds {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ upper-bounds(3) version-1999(1)};
+
+-- Objects
+mta MHS-OBJECT ::= {BOTH {mta-transfer}
+ ID id-ot-mta
+}
+
+-- Contracts
+mta-transfer CONTRACT ::= {
+ CONNECTION mta-connect
+ OPERATIONS OF {transfer}
+ ID id-ct-mta-transfer
+}
+
+-- Connection package
+mta-connect CONNECTION-PACKAGE ::= {
+ BIND mta-bind
+ UNBIND mta-unbind
+ ID id-cp-mta-connect
+}
+
+-- Ports
+transfer PORT ::= {
+ OPERATIONS {message-transfer | probe-transfer | report-transfer}
+ ID id-pt-transfer
+}
+
+-- MTA-bind and MTA-unbind
+mta-bind ABSTRACT-OPERATION ::= {
+ ARGUMENT MTABindArgument
+ RESULT MTABindResult
+ ERRORS {mta-bind-error}
+}
+
+mta-unbind ABSTRACT-OPERATION ::= emptyUnbind
+
+MTABindArgument ::= CHOICE {
+ unauthenticated NULL, -- if no authentication is required
+ authenticated
+ [1] SET {-- if authentication is required--initiator-name
+ [0] MTAName,
+ initiator-credentials
+ [1] InitiatorCredentials
+ (WITH COMPONENTS {
+ ...,
+ protected ABSENT
+ }),
+ security-context
+ [2] SecurityContext OPTIONAL
+ }
+}
+
+MTABindResult ::= CHOICE {
+ unauthenticated NULL, -- if no authentication is required
+ authenticated
+ [1] SET {-- if authentication is required--responder-name
+ [0] MTAName,
+ responder-credentials
+ [1] ResponderCredentials
+ (WITH COMPONENTS {
+ ...,
+ protected ABSENT
+ })}
+}
+
+mta-bind-error ABSTRACT-ERROR ::= {
+ PARAMETER
+ INTEGER {busy(0), authentication-error(2), unacceptable-dialogue-mode(3),
+ unacceptable-security-context(4),
+ inadequate-association-confidentiality(5)}(0..ub-integer-options)
+}
+
+-- Transfer Port
+message-transfer ABSTRACT-OPERATION ::= {ARGUMENT Message
+}
+
+probe-transfer ABSTRACT-OPERATION ::= {ARGUMENT Probe
+}
+
+report-transfer ABSTRACT-OPERATION ::= {ARGUMENT Report
+}
+
+Message ::= SEQUENCE {envelope MessageTransferEnvelope,
+ content Content
+}
+
+Probe ::= ProbeTransferEnvelope
+
+Report ::= SEQUENCE {
+ envelope ReportTransferEnvelope,
+ content ReportTransferContent
+}
+
+-- Message Transfer Envelope
+MessageTransferEnvelope ::= SET {
+ COMPONENTS OF PerMessageTransferFields,
+ per-recipient-fields
+ [2] SEQUENCE SIZE (1..ub-recipients) OF PerRecipientMessageTransferFields
+}
+
+PerMessageTransferFields ::= SET {
+ message-identifier MessageIdentifier,
+ originator-name OriginatorName,
+ original-encoded-information-types OriginalEncodedInformationTypes OPTIONAL,
+ content-type ContentType,
+ content-identifier ContentIdentifier OPTIONAL,
+ priority Priority DEFAULT normal,
+ per-message-indicators PerMessageIndicators DEFAULT {},
+ deferred-delivery-time [0] DeferredDeliveryTime OPTIONAL,
+ per-domain-bilateral-information
+ [1] SEQUENCE SIZE (1..ub-transfers) OF PerDomainBilateralInformation
+ OPTIONAL,
+ trace-information TraceInformation,
+ extensions
+ [3] SET OF ExtensionField{{MessageTransferExtensions}} DEFAULT {}
+}
+
+MessageTransferExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ recipient-reassignment-prohibited | dl-expansion-prohibited |
+ conversion-with-loss-prohibited | latest-delivery-time |
+ originator-return-address | originator-certificate |
+ content-confidentiality-algorithm-identifier |
+ message-origin-authentication-check | message-security-label |
+ content-correlator | dl-exempted-recipients | certificate-selectors |
+ multiple-originator-certificates | dl-expansion-history |
+ internal-trace-information | PrivateExtensions, ...}
+
+PerRecipientMessageTransferFields ::= SET {
+ recipient-name RecipientName,
+ originally-specified-recipient-number
+ [0] OriginallySpecifiedRecipientNumber,
+ per-recipient-indicators [1] PerRecipientIndicators,
+ explicit-conversion [2] ExplicitConversion OPTIONAL,
+ extensions
+ [3] SET OF ExtensionField{{PerRecipientMessageTransferExtensions}}
+ DEFAULT {}
+}
+
+PerRecipientMessageTransferExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ originator-requested-alternate-recipient | requested-delivery-method |
+ physical-forwarding-prohibited | physical-forwarding-address-request |
+ physical-delivery-modes | registered-mail-type | recipient-number-for-advice
+ | physical-rendition-attributes | physical-delivery-report-request |
+ message-token | content-integrity-check | proof-of-delivery-request |
+ certificate-selectors-override | recipient-certificate | redirection-history
+ | IPMPerRecipientEnvelopeExtensions | PrivateExtensions, ...}
+
+-- Probe Transfer Envelope
+ProbeTransferEnvelope ::= SET {
+ COMPONENTS OF PerProbeTransferFields,
+ per-recipient-fields
+ [2] SEQUENCE SIZE (1..ub-recipients) OF PerRecipientProbeTransferFields
+}
+
+PerProbeTransferFields ::= SET {
+ probe-identifier ProbeIdentifier,
+ originator-name OriginatorName,
+ original-encoded-information-types OriginalEncodedInformationTypes OPTIONAL,
+ content-type ContentType,
+ content-identifier ContentIdentifier OPTIONAL,
+ content-length [0] ContentLength OPTIONAL,
+ per-message-indicators PerMessageIndicators DEFAULT {},
+ per-domain-bilateral-information
+ [1] SEQUENCE SIZE (1..ub-transfers) OF PerDomainBilateralInformation
+ OPTIONAL,
+ trace-information TraceInformation,
+ extensions
+ [3] SET OF ExtensionField{{ProbeTransferExtensions}} DEFAULT {}
+}
+
+ProbeTransferExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ recipient-reassignment-prohibited | dl-expansion-prohibited |
+ conversion-with-loss-prohibited | originator-certificate |
+ message-security-label | content-correlator |
+ probe-origin-authentication-check | internal-trace-information |
+ PrivateExtensions, ...}
+
+PerRecipientProbeTransferFields ::= SET {
+ recipient-name RecipientName,
+ originally-specified-recipient-number
+ [0] OriginallySpecifiedRecipientNumber,
+ per-recipient-indicators [1] PerRecipientIndicators,
+ explicit-conversion [2] ExplicitConversion OPTIONAL,
+ extensions
+ [3] SET OF ExtensionField{{PerRecipientProbeTransferExtensions}}
+ DEFAULT {}
+}
+
+PerRecipientProbeTransferExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ originator-requested-alternate-recipient | requested-delivery-method |
+ physical-rendition-attributes | redirection-history | PrivateExtensions,
+ ...}
+
+-- Report Transfer Envelope
+ReportTransferEnvelope ::= SET {
+ report-identifier ReportIdentifier,
+ report-destination-name ReportDestinationName,
+ trace-information TraceInformation,
+ extensions
+ [1] SET OF ExtensionField{{ReportTransferEnvelopeExtensions}} DEFAULT {}
+}
+
+ReportTransferEnvelopeExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ message-security-label | redirection-history |
+ originator-and-DL-expansion-history | reporting-DL-name |
+ reporting-MTA-certificate | report-origin-authentication-check |
+ internal-trace-information | reporting-MTA-name | PrivateExtensions,
+ ...}
+
+-- Report Transfer Content
+ReportTransferContent ::= SET {
+ COMPONENTS OF PerReportTransferFields,
+ per-recipient-fields
+ [0] SEQUENCE SIZE (1..ub-recipients) OF PerRecipientReportTransferFields
+}
+
+PerReportTransferFields ::= SET {
+ subject-identifier SubjectIdentifier,
+ subject-intermediate-trace-information
+ SubjectIntermediateTraceInformation OPTIONAL,
+ original-encoded-information-types
+ OriginalEncodedInformationTypes OPTIONAL,
+ content-type ContentType OPTIONAL,
+ content-identifier ContentIdentifier OPTIONAL,
+ returned-content [1] Content OPTIONAL,
+ additional-information [2] AdditionalInformation OPTIONAL,
+ extensions
+ [3] SET OF ExtensionField{{ReportTransferContentExtensions}} DEFAULT {}
+}
+
+ReportTransferContentExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ content-correlator | PrivateExtensions, ...}
+
+PerRecipientReportTransferFields ::= SET {
+ actual-recipient-name [0] ActualRecipientName,
+ originally-specified-recipient-number
+ [1] OriginallySpecifiedRecipientNumber,
+ per-recipient-indicators [2] PerRecipientIndicators,
+ last-trace-information [3] LastTraceInformation,
+ originally-intended-recipient-name
+ [4] OriginallyIntendedRecipientName OPTIONAL,
+ supplementary-information [5] SupplementaryInformation OPTIONAL,
+ extensions
+ [6] SET OF ExtensionField{{PerRecipientReportTransferExtensions}}
+ DEFAULT {}
+}
+
+PerRecipientReportTransferExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ redirection-history | physical-forwarding-address | recipient-certificate |
+ proof-of-delivery | PrivateExtensions, ...}
+
+-- Envelope & Report Content Fields
+MessageIdentifier ::= MTSIdentifier
+
+OriginatorName ::= ORAddressAndOptionalDirectoryName
+
+PerDomainBilateralInformation ::= SEQUENCE {
+ COMPONENTS OF BILATERAL.&id,
+ bilateral-information BILATERAL.&Type
+}
+
+BILATERAL ::= CLASS {&id BilateralDomain UNIQUE,
+ &Type
+}WITH SYNTAX {&Type,
+ IDENTIFIED BY &id
+}
+
+BilateralDomain ::= SEQUENCE {
+ country-name CountryName,
+ domain
+ CHOICE {administration-domain-name AdministrationDomainName,
+ private-domain
+ SEQUENCE {administration-domain-name
+ [0] AdministrationDomainName,
+ private-domain-identifier
+ [1] PrivateDomainIdentifier}}
+}
+
+RecipientName ::= ORAddressAndOptionalDirectoryName
+
+OriginallySpecifiedRecipientNumber ::= INTEGER(1..ub-recipients)
+
+PerRecipientIndicators ::= BIT STRING {
+ responsibility(0),
+ -- responsible 'one', not-responsible 'zero'
+ originating-MTA-report(1),
+ originating-MTA-non-delivery-report(2),
+ -- either originating-MTA-report, or originating-MTA-non-delivery-report,
+ -- or both, shall be 'one':
+ -- originating-MTA-report bit 'one' requests a 'report';
+ -- originating-MTA-non-delivery-report bit 'one' requests a 'non-delivery-report';
+ -- both bits 'one' requests an 'audited-report';
+ -- bits 0 - 2 'don't care' for Report Transfer Content
+ originator-report(3),
+ originator-non-delivery-report(4),
+ -- at most one bit shall be 'one':
+ -- originator-report bit 'one' requests a 'report';
+ -- originator-non-delivery-report bit 'one' requests a 'non-delivery-report';
+ -- both bits 'zero' requests 'no-report'
+ reserved-5(5), reserved-6(6), reserved-7(7)
+
+-- reserved- bits 5 - 7 shall be 'zero' --}(SIZE (8..ub-bit-options))
+
+ProbeIdentifier ::= MTSIdentifier
+
+ReportIdentifier ::= MTSIdentifier
+
+ReportDestinationName ::= ORAddressAndOptionalDirectoryName
+
+SubjectIdentifier ::= MessageOrProbeIdentifier
+
+MessageOrProbeIdentifier ::= MTSIdentifier
+
+SubjectIntermediateTraceInformation ::= TraceInformation
+
+-- AdditionalInformation is retained for backwards compatibility only,
+-- and use in new systems is strongly deprecated
+ADDITIONAL ::= CLASS {&Type
+}
+
+AdditionalInformation ::=
+ ADDITIONAL.&Type -- maximum ub-additional-info octets including all encoding
+
+ActualRecipientName ::= ORAddressAndOptionalDirectoryName
+
+LastTraceInformation ::= SET {
+ arrival-time [0] ArrivalTime,
+ converted-encoded-information-types
+ ConvertedEncodedInformationTypes OPTIONAL,
+ report-type [1] ReportType
+}
+
+OriginallyIntendedRecipientName ::= ORAddressAndOptionalDirectoryName
+
+-- Extension Fields
+originator-requested-alternate-recipient EXTENSION ::= {
+ OriginatorRequestedAlternateRecipient,
+ IDENTIFIED BY standard-extension:2
+}
+
+OriginatorRequestedAlternateRecipient ::= ORAddressAndOptionalDirectoryName
+
+trace-information EXTENSION ::= {
+ TraceInformation,
+ IDENTIFIED BY standard-extension:37
+}
+
+internal-trace-information EXTENSION ::= {
+ InternalTraceInformation,
+ IDENTIFIED BY standard-extension:38
+}
+
+InternalTraceInformation ::=
+ SEQUENCE SIZE (1..ub-transfers) OF InternalTraceInformationElement
+
+InternalTraceInformationElement ::= SEQUENCE {
+ global-domain-identifier GlobalDomainIdentifier,
+ mta-name MTAName,
+ mta-supplied-information MTASuppliedInformation
+}
+
+MTASuppliedInformation ::= SET {
+ arrival-time [0] ArrivalTime,
+ routing-action [2] RoutingAction,
+ attempted CHOICE {mta MTAName,
+ domain GlobalDomainIdentifier} OPTIONAL,
+ -- additional-actions --COMPONENTS OF InternalAdditionalActions
+}
+
+InternalAdditionalActions ::= AdditionalActions
+
+-- Common Parameter Types
+TraceInformation ::=
+ [APPLICATION 9] SEQUENCE SIZE (1..ub-transfers) OF TraceInformationElement
+
+TraceInformationElement ::= SEQUENCE {
+ global-domain-identifier GlobalDomainIdentifier,
+ domain-supplied-information DomainSuppliedInformation
+}
+
+DomainSuppliedInformation ::= SET {
+ arrival-time [0] ArrivalTime,
+ routing-action [2] RoutingAction,
+ attempted-domain GlobalDomainIdentifier OPTIONAL,
+ -- additional-actions --COMPONENTS OF AdditionalActions
+}
+
+AdditionalActions ::= SET {
+ deferred-time [1] DeferredTime OPTIONAL,
+ converted-encoded-information-types
+ ConvertedEncodedInformationTypes OPTIONAL,
+ other-actions [3] OtherActions DEFAULT {}
+}
+
+RoutingAction ::= ENUMERATED {relayed(0), rerouted(1)}
+
+DeferredTime ::= Time
+
+ArrivalTime ::= Time
+
+OtherActions ::= BIT STRING {redirected(0), dl-operation(1)
+}(SIZE (0..ub-bit-options))
+
+END -- of MTA Abstract Service
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MTSAbstractService.asn1 b/asn1/MTSAbstractService.asn1
new file mode 100644
index 0000000..033ffdd
--- /dev/null
+++ b/asn1/MTSAbstractService.asn1
@@ -0,0 +1,2369 @@
+-- Module MTSAbstractService (X.411:06/1999)
+MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything
+IMPORTS
+ -- Remote Operations
+ CONNECTION-PACKAGE, CONTRACT, ERROR, OPERATION, OPERATION-PACKAGE,
+ ROS-OBJECT-CLASS
+ --==
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ emptyUnbind
+ --==
+ FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t
+ remote-operations(4) useful-definitions(7) version1(0)}
+ -- MTA Abstract Service
+ internal-trace-information, trace-information
+ --==
+ FROM MTAAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mta-abstract-service(2) version-1999(1)}
+ -- MS Abstract Service Extension
+ forwarding-request
+ --==
+ FROM MSAbstractService {joint-iso-itu-t mhs(6) ms(4) modules(0)
+ abstract-service(1) version-1999(1)}
+ -- IPM Information Objects
+ IPMPerRecipientEnvelopeExtensions
+ --==
+ FROM IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ information-objects(2) version-1999(1)}
+ -- Object Identifiers
+ id-att-physicalRendition-basic, id-cp-mts-connect, id-ct-mts-access,
+ id-ct-mts-forced-access, id-ot-mts, id-ot-mts-user, id-pt-administration,
+ id-pt-delivery, id-pt-submission, id-tok-asymmetricToken
+ --==
+ FROM MTSObjectIdentifiers {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ object-identifiers(0) version-1999(1)}
+ -- Operation and Error Codes
+ err-control-violates-registration,
+ err-deferred-delivery-cancellation-rejected, err-delivery-control-violated,
+ err-element-of-service-not-subscribed, err-inconsistent-request,
+ err-message-submission-identifier-invalid,
+ err-new-credentials-unacceptable,
+ err-old-credentials-incorrectly-specified, err-operation-refused,
+ err-originator-invalid, err-recipient-improperly-specified,
+ err-register-rejected, err-remote-bind-error, err-security-error,
+ err-submission-control-violated, err-unsupported-critical-function,
+ op-cancel-deferred-delivery, op-change-credentials, op-delivery-control,
+ op-message-delivery, op-message-submission, op-probe-submission,
+ op-register, op-report-delivery, op-submission-control
+ --==
+ FROM MTSAccessProtocol {joint-iso-itu-t mhs(6) protocols(0) modules(0)
+ mts-access-protocol(1) version-1999(1)}
+ -- Directory Definitions
+ Name
+ --==
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 3}
+ PresentationAddress
+ --==
+ FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ selectedAttributeTypes(5) 3}
+ ALGORITHM, AlgorithmIdentifier, Certificates, ENCRYPTED{}, SIGNATURE{},
+ SIGNED{}
+ --==
+ FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
+ authenticationFramework(7) 3}
+ -- Certificate Extensions
+ CertificateAssertion
+ --==
+ FROM CertificateExtensions {joint-iso-itu-t ds(5) module(1)
+ certificateExtensions(26) 0}
+ -- Upper Bounds
+ ub-bit-options, ub-built-in-content-type,
+ ub-built-in-encoded-information-types, ub-certificates,
+ ub-common-name-length, ub-content-id-length, ub-content-length,
+ ub-content-types, ub-country-name-alpha-length,
+ ub-country-name-numeric-length, ub-deliverable-class, ub-diagnostic-codes,
+ ub-dl-expansions, ub-domain-defined-attributes,
+ ub-domain-defined-attribute-type-length,
+ ub-domain-defined-attribute-value-length, ub-domain-name-length,
+ ub-encoded-information-types, ub-extension-attributes, ub-extension-types,
+ ub-e163-4-number-length, ub-e163-4-sub-address-length,
+ ub-generation-qualifier-length, ub-given-name-length, ub-initials-length,
+ ub-integer-options, ub-local-id-length, ub-mta-name-length,
+ ub-mts-user-types, ub-numeric-user-id-length, ub-organization-name-length,
+ ub-organizational-units, ub-organizational-unit-name-length,
+ ub-orig-and-dl-expansions, ub-password-length, ub-pds-name-length,
+ ub-pds-parameter-length, ub-pds-physical-address-lines,
+ ub-postal-code-length, ub-privacy-mark-length, ub-queue-size,
+ ub-reason-codes, ub-recipients, ub-recipient-number-for-advice-length,
+ ub-redirections, ub-redirection-classes, ub-restrictions,
+ ub-security-categories, ub-security-labels, ub-security-problems,
+ ub-supplementary-info-length, ub-surname-length, ub-terminal-id-length,
+ ub-tsap-id-length, ub-unformatted-address-length,
+ ub-universal-generation-qualifier-length, ub-universal-given-name-length,
+ ub-universal-initials-length, ub-universal-surname-length,
+ ub-x121-address-length
+ --==
+ FROM MTSUpperBounds {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ upper-bounds(3) version-1999(1)};
+
+operationObject1 OPERATION ::= {LINKED {operationObject2}
+}
+
+operationObject2 OPERATION ::= {LINKED {operationObject3}
+}
+
+operationObject3 OPERATION ::= {LINKED {operationObject4}
+}
+
+operationObject4 OPERATION ::= {LINKED {...}
+}
+
+-- Objects
+MHS-OBJECT ::= ROS-OBJECT-CLASS
+
+mts MHS-OBJECT ::= {
+ INITIATES {mts-forced-access-contract}
+ RESPONDS {mts-access-contract}
+ ID id-ot-mts
+}
+
+mts-user MHS-OBJECT ::= {
+ INITIATES {mts-access-contract}
+ RESPONDS {mts-forced-access-contract}
+ ID id-ot-mts-user
+}
+
+-- Contracts
+mts-access-contract CONTRACT ::= {
+ CONNECTION mts-connect
+ INITIATOR CONSUMER OF {submission | delivery | administration}
+ ID id-ct-mts-access
+}
+
+mts-forced-access-contract CONTRACT ::= {
+ CONNECTION mts-connect
+ RESPONDER CONSUMER OF {submission | delivery | administration}
+ ID id-ct-mts-forced-access
+}
+
+-- Connection package
+mts-connect CONNECTION-PACKAGE ::= {
+ BIND mts-bind
+ UNBIND mts-unbind
+ ID id-cp-mts-connect
+}
+
+-- Ports
+PORT ::= OPERATION-PACKAGE
+
+submission PORT ::= {
+ OPERATIONS {operationObject1, ...}
+ CONSUMER INVOKES
+ {message-submission | probe-submission | cancel-deferred-delivery, ...}
+ SUPPLIER INVOKES {submission-control, ...}
+ ID id-pt-submission
+}
+
+delivery PORT ::= {
+ OPERATIONS {operationObject1, ...}
+ CONSUMER INVOKES {delivery-control, ...}
+ SUPPLIER INVOKES {message-delivery | report-delivery, ...}
+ ID id-pt-delivery
+}
+
+administration PORT ::= {
+ OPERATIONS {change-credentials, ...}
+ CONSUMER INVOKES {register, ...}
+ SUPPLIER INVOKES {operationObject1, ...}
+ ID id-pt-administration
+}
+
+-- MTS-bind and MTS-unbind
+ABSTRACT-OPERATION ::= OPERATION
+
+ABSTRACT-ERROR ::= ERROR
+
+mts-bind ABSTRACT-OPERATION ::= {
+ ARGUMENT MTSBindArgument
+ RESULT MTSBindResult
+ ERRORS {mts-bind-error}
+}
+
+MTSBindArgument ::= SET {
+ initiator-name ObjectName,
+ messages-waiting [1] EXPLICIT MessagesWaiting OPTIONAL,
+ initiator-credentials [2] InitiatorCredentials,
+ security-context [3] SecurityContext OPTIONAL,
+ ...,
+ extensions
+ [5] SET OF ExtensionField{{MTSBindExtensions}} DEFAULT {}
+}
+
+MTSBindExtensions EXTENSION ::= {PrivateExtensions, ...}
+
+-- May contain private extensions and future standardised extensions
+MTSBindResult ::= SET {
+ responder-name ObjectName,
+ messages-waiting [1] EXPLICIT MessagesWaiting OPTIONAL,
+ responder-credentials [2] ResponderCredentials,
+ ...,
+ extensions
+ [5] SET OF ExtensionField{{MTSBindResultExtensions}} DEFAULT {}
+}
+
+MTSBindResultExtensions EXTENSION ::= {PrivateExtensions, ...}
+
+-- May contain private extensions and future standardised extensions
+mts-bind-error ABSTRACT-ERROR ::= {
+ PARAMETER
+ INTEGER {busy(0), authentication-error(2), unacceptable-dialogue-mode(3),
+ unacceptable-security-context(4),
+ inadequate-association-confidentiality(5)}(0..ub-integer-options)
+}
+
+mts-unbind ABSTRACT-OPERATION ::= emptyUnbind
+
+-- Association Control Parameters
+ObjectName ::= CHOICE {
+ user-agent ORAddressAndOptionalDirectoryName,
+ mTA [0] MTAName,
+ message-store [4] ORAddressAndOptionalDirectoryName
+}
+
+MessagesWaiting ::= SET {
+ urgent [0] DeliveryQueue,
+ normal [1] DeliveryQueue,
+ non-urgent [2] DeliveryQueue
+}
+
+DeliveryQueue ::= SET {
+ messages [0] INTEGER(0..ub-queue-size),
+ octets [1] INTEGER(0..ub-content-length) OPTIONAL
+}
+
+InitiatorCredentials ::= Credentials
+
+ResponderCredentials ::= Credentials
+
+Credentials ::= CHOICE {
+ simple Password,
+ strong [0] StrongCredentials,
+ ...,
+ protected [1] ProtectedPassword
+}
+
+Password ::= CHOICE {
+ ia5-string IA5String(SIZE (0..ub-password-length)),
+ octet-string OCTET STRING(SIZE (0..ub-password-length))
+}
+
+StrongCredentials ::= SET {
+ bind-token [0] Token OPTIONAL,
+ certificate [1] Certificates OPTIONAL,
+ ...,
+ certificate-selector [2] CertificateAssertion OPTIONAL
+}
+
+ProtectedPassword ::= SET {
+ signature
+ SIGNATURE{SET {password Password,
+ time1 [0] UTCTime OPTIONAL,
+ time2 [1] UTCTime OPTIONAL,
+ random1 [2] BIT STRING OPTIONAL,
+ random2 [3] BIT STRING OPTIONAL}},
+ time1 [0] UTCTime OPTIONAL,
+ time2 [1] UTCTime OPTIONAL,
+ random1 [2] BIT STRING OPTIONAL,
+ random2 [3] BIT STRING OPTIONAL
+}
+
+SecurityContext ::= SET SIZE (1..ub-security-labels) OF SecurityLabel
+
+-- Submission Port
+message-submission ABSTRACT-OPERATION ::= {
+ ARGUMENT MessageSubmissionArgument
+ RESULT MessageSubmissionResult
+ ERRORS
+ {submission-control-violated | element-of-service-not-subscribed |
+ originator-invalid | recipient-improperly-specified |
+ inconsistent-request | security-error | unsupported-critical-function |
+ remote-bind-error}
+ LINKED {operationObject1, ...}
+ INVOKE PRIORITY {4 | 6 | 7}
+ CODE op-message-submission
+}
+
+MessageSubmissionArgument ::= SEQUENCE {
+ envelope MessageSubmissionEnvelope,
+ content Content
+}
+
+MessageSubmissionResult ::= SET {
+ message-submission-identifier MessageSubmissionIdentifier,
+ message-submission-time [0] MessageSubmissionTime,
+ content-identifier ContentIdentifier OPTIONAL,
+ extensions
+ [1] SET OF ExtensionField{{MessageSubmissionResultExtensions}} DEFAULT {}
+}
+
+MessageSubmissionResultExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ originating-MTA-certificate | proof-of-submission | PrivateExtensions,
+ ...}
+
+probe-submission ABSTRACT-OPERATION ::= {
+ ARGUMENT ProbeSubmissionArgument
+ RESULT ProbeSubmissionResult
+ ERRORS
+ {submission-control-violated | element-of-service-not-subscribed |
+ originator-invalid | recipient-improperly-specified |
+ inconsistent-request | security-error | unsupported-critical-function |
+ remote-bind-error}
+ LINKED {operationObject1, ...}
+ INVOKE PRIORITY {5}
+ CODE op-probe-submission
+}
+
+ProbeSubmissionArgument ::= ProbeSubmissionEnvelope
+
+ProbeSubmissionResult ::= SET {
+ probe-submission-identifier ProbeSubmissionIdentifier,
+ probe-submission-time [0] ProbeSubmissionTime,
+ content-identifier ContentIdentifier OPTIONAL,
+ extensions
+ [1] SET OF ExtensionField{{ProbeResultExtensions}} DEFAULT {}
+}
+
+ProbeResultExtensions EXTENSION ::= {PrivateExtensions, ...}
+
+-- May contain private extensions and future standardised extensions,
+-- at most one instance of each extension type
+cancel-deferred-delivery ABSTRACT-OPERATION ::= {
+ ARGUMENT CancelDeferredDeliveryArgument
+ RESULT CancelDeferredDeliveryResult
+ ERRORS
+ {deferred-delivery-cancellation-rejected |
+ message-submission-identifier-invalid | remote-bind-error}
+ LINKED {operationObject1, ...}
+ INVOKE PRIORITY {3}
+ CODE op-cancel-deferred-delivery
+}
+
+CancelDeferredDeliveryArgument ::= MessageSubmissionIdentifier
+
+CancelDeferredDeliveryResult ::= NULL
+
+submission-control ABSTRACT-OPERATION ::= {
+ ARGUMENT SubmissionControlArgument
+ RESULT SubmissionControlResult
+ ERRORS {security-error | remote-bind-error}
+ LINKED {operationObject1, ...}
+ INVOKE PRIORITY {3}
+ CODE op-submission-control
+}
+
+SubmissionControlArgument ::= SubmissionControls
+
+SubmissionControlResult ::= Waiting
+
+submission-control-violated ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-submission-control-violated
+}
+
+element-of-service-not-subscribed ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-element-of-service-not-subscribed
+}
+
+deferred-delivery-cancellation-rejected ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-deferred-delivery-cancellation-rejected
+}
+
+originator-invalid ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-originator-invalid
+}
+
+recipient-improperly-specified ABSTRACT-ERROR ::= {
+ PARAMETER ImproperlySpecifiedRecipients
+ CODE err-recipient-improperly-specified
+}
+
+ImproperlySpecifiedRecipients ::=
+ SEQUENCE SIZE (1..ub-recipients) OF RecipientName
+
+message-submission-identifier-invalid ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-message-submission-identifier-invalid
+}
+
+inconsistent-request ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-inconsistent-request
+}
+
+security-error ABSTRACT-ERROR ::= {
+ PARAMETER SecurityProblem
+ CODE err-security-error
+}
+
+SecurityProblem ::= INTEGER {
+ assemby-instructions-conflict-with-security-services(0),
+ authentication-problem(1), authentication-failure-on-subject-message(2),
+ confidentiality-association-problem(3), decryption-failed(4),
+ decryption-key-unobtainable(5), failure-of-proof-of-message(6),
+ forbidden-user-security-label-register(7),
+ incompatible-change-with-original-security-context(8),
+ integrity-failure-on-subject-message(9), invalid-security-label(10),
+ invalid-security-label-update(11), key-failure(12),
+ mandatory-parameter-absence(13), operation-security-failure(14),
+ redirection-prohibited(15), refused-alternate-recipient-name(16),
+ repudiation-failure-of-message(17),
+ responder-credentials-checking-problem(18), security-context-failure(19),
+ security-context-problem(20), security-policy-violation(21),
+ security-services-refusal(22), token-decryption-failed(23), token-error(24),
+ unable-to-aggregate-security-labels(25), unauthorised-dl-name(26),
+ unauthorised-entry-class(27),
+ unauthorised-originally-intended-recipient-name(28),
+ unauthorised-originator-name(29), unauthorised-recipient-name(30),
+ unauthorised-security-label-update(31), unauthorised-user-name(32),
+ unknown-security-label(33), unsupported-algorithm-identifier(34),
+ unsupported-security-policy(35)}(0..ub-security-problems)
+
+unsupported-critical-function ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-unsupported-critical-function
+}
+
+remote-bind-error ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-remote-bind-error
+}
+
+-- Submission Port Parameters
+MessageSubmissionIdentifier ::= MTSIdentifier
+
+MessageSubmissionTime ::= Time
+
+ProbeSubmissionIdentifier ::= MTSIdentifier
+
+ProbeSubmissionTime ::= Time
+
+SubmissionControls ::=
+ Controls
+ (WITH COMPONENTS {
+ ...,
+ permissible-content-types ABSENT,
+ permissible-encoded-information-types ABSENT
+ })
+
+Waiting ::= SET {
+ waiting-operations [0] Operations DEFAULT {},
+ waiting-messages [1] WaitingMessages DEFAULT {},
+ waiting-content-types
+ [2] SET SIZE (0..ub-content-types) OF ContentType DEFAULT {},
+ waiting-encoded-information-types EncodedInformationTypes OPTIONAL
+}
+
+Operations ::= BIT STRING {
+ probe-submission-or-report-delivery(0),
+ message-submission-or-message-delivery(1)}(SIZE (0..ub-bit-options))
+
+-- holding 'one', not-holding 'zero'
+WaitingMessages ::= BIT STRING {
+ long-content(0), low-priority(1), other-security-labels(2)
+}(SIZE (0..ub-bit-options))
+
+-- Delivery Port
+message-delivery ABSTRACT-OPERATION ::= {
+ ARGUMENT MessageDeliveryArgument
+ RESULT MessageDeliveryResult
+ ERRORS
+ {delivery-control-violated | security-error |
+ unsupported-critical-function}
+ LINKED {operationObject1, ...}
+ INVOKE PRIORITY {4 | 6 | 7}
+ CODE op-message-delivery
+}
+
+MessageDeliveryArgument ::= SEQUENCE {
+ COMPONENTS OF MessageDeliveryEnvelope,
+ content Content
+}
+
+MessageDeliveryResult ::= SET {
+ recipient-certificate [0] RecipientCertificate OPTIONAL,
+ proof-of-delivery [1] IMPLICIT ProofOfDelivery OPTIONAL,
+ ...,
+ extensions
+ [2] SET OF ExtensionField{{MessageDeliveryResultExtensions}} DEFAULT {}
+}
+
+MessageDeliveryResultExtensions EXTENSION ::= {PrivateExtensions, ...}
+
+-- May contain private extensions and future standardised extensions
+report-delivery ABSTRACT-OPERATION ::= {
+ ARGUMENT ReportDeliveryArgument
+ RESULT ReportDeliveryResult
+ ERRORS
+ {delivery-control-violated | security-error |
+ unsupported-critical-function}
+ LINKED {operationObject1, ...}
+ INVOKE PRIORITY {5}
+ CODE op-report-delivery
+}
+
+ReportDeliveryArgument ::= SET {
+ COMPONENTS OF ReportDeliveryEnvelope,
+ returned-content [0] Content OPTIONAL
+}
+
+ReportDeliveryResult ::= CHOICE {
+ empty-result NULL,
+ ...,
+ extensions
+ SET SIZE (1..MAX) OF ExtensionField{{ReportDeliveryResultExtensions}}
+}
+
+ReportDeliveryResultExtensions EXTENSION ::= {PrivateExtensions, ...}
+
+-- May contain private extensions and future standardised extensions
+delivery-control ABSTRACT-OPERATION ::= {
+ ARGUMENT DeliveryControlArgument
+ RESULT DeliveryControlResult
+ ERRORS
+ {control-violates-registration | security-error | operation-refused}
+ LINKED {operationObject1, ...}
+ INVOKE PRIORITY {3}
+ CODE op-delivery-control
+}
+
+DeliveryControlArgument ::= SET {
+ COMPONENTS OF DeliveryControls,
+ extensions
+ [6] SET OF ExtensionField{{DeliveryControlExtensions}} DEFAULT {}
+}
+
+DeliveryControlExtensions EXTENSION ::= {PrivateExtensions, ...}
+
+-- May contain private extensions and future standardised extensions
+DeliveryControlResult ::= SET {
+ COMPONENTS OF Waiting,
+ extensions
+ [6] SET OF ExtensionField{{DeliveryControlResultExtensions}} DEFAULT {}
+}
+
+DeliveryControlResultExtensions EXTENSION ::= {PrivateExtensions, ...}
+
+-- May contain private extensions and future standardised extensions
+delivery-control-violated ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-delivery-control-violated
+}
+
+control-violates-registration ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-control-violates-registration
+}
+
+operation-refused ABSTRACT-ERROR ::= {
+ PARAMETER RefusedOperation
+ CODE err-operation-refused
+}
+
+RefusedOperation ::= SET {
+ refused-argument
+ CHOICE {built-in-argument [1] RefusedArgument,
+ refused-extension EXTENSION.&id},
+ refusal-reason [2] RefusalReason
+}
+
+RefusedArgument ::= INTEGER {
+ user-name(0), user-address(1), deliverable-content-types(2),
+ deliverable-maximum-content-length(3),
+ deliverable-encoded-information-types-constraints(4),
+ deliverable-security-labels(5), recipient-assigned-redirections(6),
+ restricted-delivery(7),
+ retrieve-registrations(8), -- value 9 reserved for possible future extension to Register arguments
+ restrict(10), permissible-operations(11), permissible-lowest-priority(12),
+ permissible-encoded-information-types(13), permissible-content-types(14),
+ permissible-maximum-content-length(15), permissible-security-context(16)
+}(0..ub-integer-options)
+
+RefusalReason ::= INTEGER {
+ facility-unavailable(0), facility-not-subscribed(1),
+ parameter-unacceptable(2)}(0..ub-integer-options)
+
+-- Delivery Port Parameters
+RecipientCertificate ::= Certificates
+
+ProofOfDelivery ::=
+ SIGNATURE
+ {SEQUENCE {algorithm-identifier
+ ProofOfDeliveryAlgorithmIdentifier,
+ delivery-time MessageDeliveryTime,
+ this-recipient-name ThisRecipientName,
+ originally-intended-recipient-name
+ OriginallyIntendedRecipientName OPTIONAL,
+ content Content,
+ content-identifier ContentIdentifier OPTIONAL,
+ message-security-label
+ MessageSecurityLabel OPTIONAL}}
+
+ProofOfDeliveryAlgorithmIdentifier ::= AlgorithmIdentifier
+
+DeliveryControls ::= Controls
+
+Controls ::= SET {
+ restrict [0] BOOLEAN DEFAULT TRUE,
+ -- update 'TRUE', remove 'FALSE'
+ permissible-operations [1] Operations OPTIONAL,
+ permissible-maximum-content-length [2] ContentLength OPTIONAL,
+ permissible-lowest-priority Priority OPTIONAL,
+ permissible-content-types [4] ContentTypes OPTIONAL,
+ permissible-encoded-information-types
+ PermissibleEncodedInformationTypes OPTIONAL,
+ permissible-security-context [5] SecurityContext OPTIONAL
+}
+
+-- Note - The Tags [0], [1] and [2] are altered for the Register operation only.
+PermissibleEncodedInformationTypes ::=
+ EncodedInformationTypesConstraints
+
+-- Administration Port
+register ABSTRACT-OPERATION ::= {
+ ARGUMENT RegisterArgument
+ RESULT RegisterResult
+ ERRORS
+ {register-rejected | remote-bind-error | operation-refused |
+ security-error}
+ LINKED {operationObject1, ...}
+ INVOKE PRIORITY {5}
+ CODE op-register
+}
+
+RegisterArgument ::= SET {
+ user-name UserName OPTIONAL,
+ user-address [0] UserAddress OPTIONAL,
+ deliverable-class
+ SET SIZE (1..ub-deliverable-class) OF DeliverableClass OPTIONAL,
+ default-delivery-controls [2] EXPLICIT DefaultDeliveryControls OPTIONAL,
+ redirections [3] Redirections OPTIONAL,
+ restricted-delivery [4] RestrictedDelivery OPTIONAL,
+ retrieve-registrations [5] RegistrationTypes OPTIONAL,
+ extensions
+ [6] SET OF ExtensionField{{RegisterExtensions}} DEFAULT {}
+}
+
+RegisterExtensions EXTENSION ::= {PrivateExtensions, ...}
+
+-- May contain private extensions and future standardised extensions
+RegisterResult ::= CHOICE {
+ empty-result NULL,
+ non-empty-result
+ SET {registered-information
+ [0] RegisterArgument
+ (WITH COMPONENTS {
+ ...,
+ retrieve-registrations ABSENT
+ }) OPTIONAL,
+ extensions
+ [1] SET OF ExtensionField{{RegisterResultExtensions}} DEFAULT {}
+ }
+}
+
+RegisterResultExtensions EXTENSION ::= {PrivateExtensions, ...}
+
+-- May contain private extensions and future standardised extensions
+change-credentials ABSTRACT-OPERATION ::= {
+ ARGUMENT ChangeCredentialsArgument
+ RESULT NULL
+ ERRORS
+ {new-credentials-unacceptable | old-credentials-incorrectly-specified |
+ remote-bind-error | security-error}
+ LINKED {operationObject1, ...}
+ INVOKE PRIORITY {5}
+ CODE op-change-credentials
+}
+
+ChangeCredentialsArgument ::= SET {
+ old-credentials [0] Credentials(WITH COMPONENTS {
+ simple
+ }),
+ new-credentials [1] Credentials(WITH COMPONENTS {
+ simple
+ })
+}
+
+register-rejected ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-register-rejected
+}
+
+new-credentials-unacceptable ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-new-credentials-unacceptable
+}
+
+old-credentials-incorrectly-specified ABSTRACT-ERROR ::= {
+ PARAMETER NULL
+ CODE err-old-credentials-incorrectly-specified
+}
+
+-- Administration Port Parameters
+UserName ::= ORAddressAndOptionalDirectoryName
+
+UserAddress ::= CHOICE {
+ x121
+ [0] SEQUENCE {x121-address
+ NumericString(SIZE (1..ub-x121-address-length)) OPTIONAL,
+ tsap-id
+ PrintableString(SIZE (1..ub-tsap-id-length)) OPTIONAL
+ },
+ presentation [1] PSAPAddress
+}
+
+PSAPAddress ::= PresentationAddress
+
+DeliverableClass ::=
+ MessageClass
+ (WITH COMPONENTS {
+ ...,
+ priority ABSENT,
+ -- The 'objects' component shall always be defaulted.
+ -- objects ABSENT,
+ -- A component with a DEFAULT clause cannot be ABSENT
+ applies-only-to ABSENT
+ })
+
+DefaultDeliveryControls ::=
+ Controls
+ (WITH COMPONENTS {
+ ...,
+
+ -- The 'restrict' component shall always be defaulted.
+ -- restrict ABSENT,
+ -- A component with a DEFAULT clause cannot be ABSENT
+ permissible-security-context ABSENT
+ })
+
+Redirections ::= SEQUENCE SIZE (1..ub-redirections) OF RecipientRedirection
+
+RecipientRedirection ::= SET {
+ redirection-classes
+ [0] SET SIZE (1..ub-redirection-classes) OF RedirectionClass OPTIONAL,
+ recipient-assigned-alternate-recipient
+ [1] RecipientAssignedAlternateRecipient OPTIONAL
+}
+
+RedirectionClass ::= MessageClass
+
+MessageClass ::= SET {
+ content-types [0] ContentTypes OPTIONAL,
+ maximum-content-length [1] ContentLength OPTIONAL,
+ encoded-information-types-constraints
+ [2] EncodedInformationTypesConstraints OPTIONAL,
+ security-labels [3] SecurityContext OPTIONAL,
+ priority [4] SET OF Priority OPTIONAL,
+ objects
+ [5] ENUMERATED {messages(0), reports(1), both(2), ...
+ } DEFAULT both,
+ applies-only-to [6] SEQUENCE OF Restriction OPTIONAL, -- Not considered in the case of Reports
+ extensions
+ [7] SET OF ExtensionField{{MessageClassExtensions}} DEFAULT {}
+}
+
+EncodedInformationTypesConstraints ::= SEQUENCE {
+ unacceptable-eits [0] ExtendedEncodedInformationTypes OPTIONAL,
+ acceptable-eits [1] ExtendedEncodedInformationTypes OPTIONAL,
+ exclusively-acceptable-eits [2] ExtendedEncodedInformationTypes OPTIONAL
+}
+
+MessageClassExtensions EXTENSION ::= {PrivateExtensions, ...}
+
+-- May contain private extensions and future standardised extensions
+RecipientAssignedAlternateRecipient ::=
+ ORAddressAndOrDirectoryName
+
+RestrictedDelivery ::= SEQUENCE SIZE (1..ub-restrictions) OF Restriction
+
+Restriction ::= SET {
+ permitted BOOLEAN DEFAULT TRUE,
+ source-type
+ BIT STRING {originated-by(0), redirected-by(1), dl-expanded-by(2)}
+ DEFAULT {originated-by, redirected-by, dl-expanded-by},
+ source-name ExactOrPattern OPTIONAL
+}
+
+ExactOrPattern ::= CHOICE {
+ exact-match [0] ORName,
+ pattern-match [1] ORName
+}
+
+RegistrationTypes ::= SEQUENCE {
+ standard-parameters
+ [0] BIT STRING {user-name(0), user-address(1), deliverable-class(2),
+ default-delivery-controls(3), redirections(4),
+ restricted-delivery(5)} OPTIONAL,
+ extensions [1] SET OF EXTENSION.&id({RegisterExtensions}) OPTIONAL
+}
+
+-- Message Submission Envelope
+MessageSubmissionEnvelope ::= SET {
+ COMPONENTS OF PerMessageSubmissionFields,
+ per-recipient-fields
+ [1] SEQUENCE SIZE (1..ub-recipients) OF
+ PerRecipientMessageSubmissionFields
+}
+
+PerMessageSubmissionFields ::= SET {
+ originator-name OriginatorName,
+ original-encoded-information-types OriginalEncodedInformationTypes OPTIONAL,
+ content-type ContentType,
+ content-identifier ContentIdentifier OPTIONAL,
+ priority Priority DEFAULT normal,
+ per-message-indicators PerMessageIndicators DEFAULT {},
+ deferred-delivery-time [0] DeferredDeliveryTime OPTIONAL,
+ extensions
+ [2] SET OF ExtensionField{{PerMessageSubmissionExtensions}} DEFAULT {}
+}
+
+PerMessageSubmissionExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ recipient-reassignment-prohibited | dl-expansion-prohibited |
+ conversion-with-loss-prohibited | latest-delivery-time |
+ originator-return-address | originator-certificate |
+ content-confidentiality-algorithm-identifier |
+ message-origin-authentication-check | message-security-label |
+ proof-of-submission-request | content-correlator | dl-exempted-recipients |
+ certificate-selectors | multiple-originator-certificates |
+ forwarding-request -- for MS Abstract Service only -- | PrivateExtensions,
+ ...}
+
+PerRecipientMessageSubmissionFields ::= SET {
+ recipient-name RecipientName,
+ originator-report-request [0] OriginatorReportRequest,
+ explicit-conversion [1] ExplicitConversion OPTIONAL,
+ extensions
+ [2] SET OF ExtensionField{{PerRecipientMessageSubmissionExtensions}}
+ DEFAULT {}
+}
+
+PerRecipientMessageSubmissionExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ originator-requested-alternate-recipient | requested-delivery-method |
+ physical-forwarding-prohibited | physical-forwarding-address-request |
+ physical-delivery-modes | registered-mail-type | recipient-number-for-advice
+ | physical-rendition-attributes | physical-delivery-report-request |
+ message-token | content-integrity-check | proof-of-delivery-request |
+ certificate-selectors-override | recipient-certificate |
+ IPMPerRecipientEnvelopeExtensions | PrivateExtensions, ...}
+
+-- Probe Submission Envelope
+ProbeSubmissionEnvelope ::= SET {
+ COMPONENTS OF PerProbeSubmissionFields,
+ per-recipient-fields
+ [3] SEQUENCE SIZE (1..ub-recipients) OF PerRecipientProbeSubmissionFields
+}
+
+PerProbeSubmissionFields ::= SET {
+ originator-name OriginatorName,
+ original-encoded-information-types OriginalEncodedInformationTypes OPTIONAL,
+ content-type ContentType,
+ content-identifier ContentIdentifier OPTIONAL,
+ content-length [0] ContentLength OPTIONAL,
+ per-message-indicators PerMessageIndicators DEFAULT {},
+ extensions
+ [2] SET OF ExtensionField{{PerProbeSubmissionExtensions}} DEFAULT {}
+}
+
+PerProbeSubmissionExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ recipient-reassignment-prohibited | dl-expansion-prohibited |
+ conversion-with-loss-prohibited | originator-certificate |
+ message-security-label | content-correlator |
+ probe-origin-authentication-check | PrivateExtensions, ...}
+
+PerRecipientProbeSubmissionFields ::= SET {
+ recipient-name RecipientName,
+ originator-report-request [0] OriginatorReportRequest,
+ explicit-conversion [1] ExplicitConversion OPTIONAL,
+ extensions
+ [2] SET OF ExtensionField{{PerRecipientProbeSubmissionExtensions}}
+ DEFAULT {}
+}
+
+PerRecipientProbeSubmissionExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ originator-requested-alternate-recipient | requested-delivery-method |
+ physical-rendition-attributes | PrivateExtensions, ...}
+
+-- Message Delivery Envelope
+MessageDeliveryEnvelope ::= SEQUENCE {
+ message-delivery-identifier MessageDeliveryIdentifier,
+ message-delivery-time MessageDeliveryTime,
+ other-fields OtherMessageDeliveryFields
+}
+
+OtherMessageDeliveryFields ::= SET {
+ content-type DeliveredContentType,
+ originator-name DeliveredOriginatorName,
+ original-encoded-information-types
+ [1] OriginalEncodedInformationTypes OPTIONAL,
+ priority Priority DEFAULT normal,
+ delivery-flags [2] DeliveryFlags OPTIONAL,
+ other-recipient-names [3] OtherRecipientNames OPTIONAL,
+ this-recipient-name [4] ThisRecipientName,
+ originally-intended-recipient-name
+ [5] OriginallyIntendedRecipientName OPTIONAL,
+ converted-encoded-information-types
+ [6] ConvertedEncodedInformationTypes OPTIONAL,
+ message-submission-time [7] MessageSubmissionTime,
+ content-identifier [8] ContentIdentifier OPTIONAL,
+ extensions
+ [9] SET OF ExtensionField{{MessageDeliveryExtensions}} DEFAULT {}
+}
+
+MessageDeliveryExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ conversion-with-loss-prohibited | requested-delivery-method |
+ physical-forwarding-prohibited | physical-forwarding-address-request |
+ physical-delivery-modes | registered-mail-type | recipient-number-for-advice
+ | physical-rendition-attributes | originator-return-address |
+ physical-delivery-report-request | originator-certificate | message-token |
+ content-confidentiality-algorithm-identifier | content-integrity-check |
+ message-origin-authentication-check | message-security-label |
+ proof-of-delivery-request | dl-exempted-recipients | certificate-selectors |
+ certificate-selectors-override | multiple-originator-certificates |
+ recipient-certificate | IPMPerRecipientEnvelopeExtensions |
+ redirection-history | dl-expansion-history | trace-information |
+ internal-trace-information | PrivateExtensions, ...}
+
+-- Report Delivery Envelope
+ReportDeliveryEnvelope ::= SET {
+ COMPONENTS OF PerReportDeliveryFields,
+ per-recipient-fields
+ SEQUENCE SIZE (1..ub-recipients) OF PerRecipientReportDeliveryFields
+}
+
+PerReportDeliveryFields ::= SET {
+ subject-submission-identifier SubjectSubmissionIdentifier,
+ content-identifier ContentIdentifier OPTIONAL,
+ content-type ContentType OPTIONAL,
+ original-encoded-information-types OriginalEncodedInformationTypes OPTIONAL,
+ extensions
+ [1] SET OF ExtensionField{{ReportDeliveryExtensions}} DEFAULT {}
+}
+
+ReportDeliveryExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ message-security-label | content-correlator | redirection-history |
+ originator-and-DL-expansion-history | reporting-DL-name |
+ reporting-MTA-certificate | report-origin-authentication-check |
+ trace-information | internal-trace-information | reporting-MTA-name |
+ PrivateExtensions, ...}
+
+PerRecipientReportDeliveryFields ::= SET {
+ actual-recipient-name [0] ActualRecipientName,
+ report-type [1] ReportType,
+ converted-encoded-information-types
+ ConvertedEncodedInformationTypes OPTIONAL,
+ originally-intended-recipient-name
+ [2] OriginallyIntendedRecipientName OPTIONAL,
+ supplementary-information [3] SupplementaryInformation OPTIONAL,
+ extensions
+ [4] SET OF ExtensionField{{PerRecipientReportDeliveryExtensions}}
+ DEFAULT {}
+}
+
+PerRecipientReportDeliveryExtensions EXTENSION ::=
+ {-- May contain the following extensions, private extensions, and future standardised extensions,
+ -- at most one instance of each extension type:
+ redirection-history | physical-forwarding-address | recipient-certificate |
+ proof-of-delivery | PrivateExtensions, ...}
+
+ReportType ::= CHOICE {
+ delivery [0] DeliveryReport,
+ non-delivery [1] NonDeliveryReport
+}
+
+DeliveryReport ::= SET {
+ message-delivery-time [0] MessageDeliveryTime,
+ type-of-MTS-user [1] TypeOfMTSUser DEFAULT public
+}
+
+NonDeliveryReport ::= SET {
+ non-delivery-reason-code [0] NonDeliveryReasonCode,
+ non-delivery-diagnostic-code [1] NonDeliveryDiagnosticCode OPTIONAL
+}
+
+-- Envelope Fields
+OriginatorName ::= ORAddressAndOrDirectoryName
+
+DeliveredOriginatorName ::= ORAddressAndOptionalDirectoryName
+
+OriginalEncodedInformationTypes ::= EncodedInformationTypes
+
+ContentTypes ::= SET SIZE (1..ub-content-types) OF ContentType
+
+ContentType ::= CHOICE {
+ built-in BuiltInContentType,
+ extended ExtendedContentType
+}
+
+BuiltInContentType ::= [APPLICATION 6] INTEGER {
+ unidentified(0),
+ external(1), -- identified by the object-identifier of the EXTERNAL content
+ interpersonal-messaging-1984(2), interpersonal-messaging-1988(22),
+ edi-messaging(35), voice-messaging(40)}(0..ub-built-in-content-type)
+
+ExtendedContentTypeRelative ::= RELATIVE-OID
+ExtendedContentType ::= OBJECT IDENTIFIER
+
+DeliveredContentType ::= CHOICE {
+ built-in [0] BuiltInContentType,
+ extended ExtendedContentType
+}
+
+ContentIdentifier ::=
+ [APPLICATION 10] PrintableString(SIZE (1..ub-content-id-length))
+
+PerMessageIndicators ::= [APPLICATION 8] BIT STRING {
+ disclosure-of-other-recipients(0), -- disclosure-of-other-recipients-requested 'one',
+
+ -- disclosure-of-other-recipients-prohibited 'zero';
+ -- ignored for Probe-submission
+ implicit-conversion-prohibited(1), -- implicit-conversion-prohibited 'one',
+
+ -- implicit-conversion-allowed 'zero'
+ alternate-recipient-allowed(2), -- alternate-recipient-allowed 'one',
+
+ -- alternate-recipient-prohibited 'zero'
+ content-return-request(3), -- content-return-requested 'one',
+
+ -- content-return-not-requested 'zero';
+ -- ignored for Probe-submission
+ reserved(4), -- bit reserved by MOTIS 1986
+ bit-5(5),
+ bit-6(6), -- notification type-1 : bit 5 'zero' and bit 6 'one'
+
+ -- notification type-2 : bit 5 'one' and bit 6 'zero'
+ -- notification type-3 : bit 5 'one' and bit 6 'one'
+ -- the mapping between notification type 1, 2, 3
+ -- and the content specific notification types are defined
+ -- in relevant content specifications
+ service-message(7) -- the message content is for service purposes;
+
+
+-- it may be a notification related to a service message;
+-- used only by bilateral agreement --}(SIZE (0..ub-bit-options))
+
+RecipientName ::= ORAddressAndOrDirectoryName
+
+OriginatorReportRequest ::= BIT STRING {report(3), non-delivery-report(4)
+
+-- at most one bit shall be 'one':
+-- report bit 'one' requests a 'report';
+-- non-delivery-report bit 'one' requests a 'non-delivery-report';
+-- both bits 'zero' requests 'no-report' --}(SIZE (0..ub-bit-options))
+
+ExplicitConversion ::= INTEGER {
+ ia5-text-to-teletex(0),
+ -- values 1 to 7 are no longer defined
+ ia5-text-to-g3-facsimile(8), ia5-text-to-g4-class-1(9),
+ ia5-text-to-videotex(10), teletex-to-ia5-text(11),
+ teletex-to-g3-facsimile(12), teletex-to-g4-class-1(13),
+ teletex-to-videotex(14),
+ -- value 15 is no longer defined
+ videotex-to-ia5-text(16), videotex-to-teletex(17)}(0..ub-integer-options)
+
+DeferredDeliveryTime ::= Time
+
+Priority ::= [APPLICATION 7] ENUMERATED {normal(0), non-urgent(1), urgent(2)}
+
+ContentLength ::= INTEGER(0..ub-content-length)
+
+MessageDeliveryIdentifier ::= MTSIdentifier
+
+MessageDeliveryTime ::= Time
+
+DeliveryFlags ::= BIT STRING {
+ implicit-conversion-prohibited(1) -- implicit-conversion-prohibited 'one',
+
+ -- implicit-conversion-allowed 'zero' --}(SIZE (0..ub-bit-options))
+
+OtherRecipientNames ::= SEQUENCE SIZE (1..ub-recipients) OF OtherRecipientName
+
+OtherRecipientName ::= ORAddressAndOptionalDirectoryName
+
+ThisRecipientName ::= ORAddressAndOptionalDirectoryName
+
+OriginallyIntendedRecipientName ::= ORAddressAndOptionalDirectoryName
+
+ConvertedEncodedInformationTypes ::= EncodedInformationTypes
+
+SubjectSubmissionIdentifier ::= MTSIdentifier
+
+ActualRecipientName ::= ORAddressAndOrDirectoryName
+
+TypeOfMTSUser ::= INTEGER {
+ public(0), private(1), ms(2), dl(3), pdau(4), physical-recipient(5), other(6)
+}(0..ub-mts-user-types)
+
+NonDeliveryReasonCode ::= INTEGER {
+ transfer-failure(0), unable-to-transfer(1), conversion-not-performed(2),
+ physical-rendition-not-performed(3), physical-delivery-not-performed(4),
+ restricted-delivery(5), directory-operation-unsuccessful(6),
+ deferred-delivery-not-performed(7), transfer-failure-for-security-reason(8)
+}(0..ub-reason-codes)
+
+NonDeliveryDiagnosticCode ::= INTEGER {
+ unrecognised-OR-name(0), ambiguous-OR-name(1), mts-congestion(2),
+ loop-detected(3), recipient-unavailable(4), maximum-time-expired(5),
+ encoded-information-types-unsupported(6), content-too-long(7),
+ conversion-impractical(8), implicit-conversion-prohibited(9),
+ implicit-conversion-not-subscribed(10), invalid-arguments(11),
+ content-syntax-error(12), size-constraint-violation(13),
+ protocol-violation(14), content-type-not-supported(15),
+ too-many-recipients(16), no-bilateral-agreement(17),
+ unsupported-critical-function(18), conversion-with-loss-prohibited(19),
+ line-too-long(20), page-split(21), pictorial-symbol-loss(22),
+ punctuation-symbol-loss(23), alphabetic-character-loss(24),
+ multiple-information-loss(25), recipient-reassignment-prohibited(26),
+ redirection-loop-detected(27), dl-expansion-prohibited(28),
+ no-dl-submit-permission(29), dl-expansion-failure(30),
+ physical-rendition-attributes-not-supported(31),
+ undeliverable-mail-physical-delivery-address-incorrect(32),
+ undeliverable-mail-physical-delivery-office-incorrect-or-invalid(33),
+ undeliverable-mail-physical-delivery-address-incomplete(34),
+ undeliverable-mail-recipient-unknown(35),
+ undeliverable-mail-recipient-deceased(36),
+ undeliverable-mail-organization-expired(37),
+ undeliverable-mail-recipient-refused-to-accept(38),
+ undeliverable-mail-recipient-did-not-claim(39),
+ undeliverable-mail-recipient-changed-address-permanently(40),
+ undeliverable-mail-recipient-changed-address-temporarily(41),
+ undeliverable-mail-recipient-changed-temporary-address(42),
+ undeliverable-mail-new-address-unknown(43),
+ undeliverable-mail-recipient-did-not-want-forwarding(44),
+ undeliverable-mail-originator-prohibited-forwarding(45),
+ secure-messaging-error(46), unable-to-downgrade(47),
+ unable-to-complete-transfer(48), transfer-attempts-limit-reached(49),
+ incorrect-notification-type(50),
+ dl-expansion-prohibited-by-security-policy(51),
+ forbidden-alternate-recipient(52), security-policy-violation(53),
+ security-services-refusal(54), unauthorised-dl-member(55),
+ unauthorised-dl-name(56),
+ unauthorised-originally-intended-recipient-name(57),
+ unauthorised-originator-name(58), unauthorised-recipient-name(59),
+ unreliable-system(60), authentication-failure-on-subject-message(61),
+ decryption-failed(62), decryption-key-unobtainable(63),
+ double-envelope-creation-failure(64),
+ double-enveloping-message-restoring-failure(65),
+ failure-of-proof-of-message(66), integrity-failure-on-subject-message(67),
+ invalid-security-label(68), key-failure(69), mandatory-parameter-absence(70),
+ operation-security-failure(71), repudiation-failure-of-message(72),
+ security-context-failure(73), token-decryption-failed(74), token-error(75),
+ unknown-security-label(76), unsupported-algorithm-identifier(77),
+ unsupported-security-policy(78)}(0..ub-diagnostic-codes)
+
+SupplementaryInformation ::=
+ PrintableString(SIZE (1..ub-supplementary-info-length))
+
+-- Extension Fields
+EXTENSION ::= CLASS {
+ &id ExtensionType UNIQUE,
+ &Type OPTIONAL,
+ &absent &Type OPTIONAL,
+ &recommended Criticality DEFAULT {}
+}
+WITH SYNTAX {
+ [&Type
+ [IF ABSENT &absent],]
+ [RECOMMENDED CRITICALITY &recommended,]
+ IDENTIFIED BY &id
+}
+
+ExtensionType ::= CHOICE {
+ standard-extension [0] INTEGER(0..ub-extension-types),
+ private-extension [3] OBJECT IDENTIFIER
+}
+
+Criticality ::= BIT STRING {for-submission(0), for-transfer(1), for-delivery(2)
+}(SIZE (0..ub-bit-options)) -- critical 'one', non-critical 'zero'
+
+
+ExtensionField{EXTENSION:ChosenFrom} ::= SEQUENCE {
+ type EXTENSION.&id({ChosenFrom}),
+ criticality [1] Criticality DEFAULT {},
+ value [2] EXTENSION.&Type({ChosenFrom}{@type}) DEFAULT NULL:NULL
+}
+
+PrivateExtensions EXTENSION ::=
+ {-- Any value shall be relayed and delivered if not Critical (see Table 27)
+ -- except those values whose semantics the MTA obeys which are defined to be removed when obeyed.
+ -- Shall be IDENTIFIED BY ExtensionType.private-extension --...}
+
+recipient-reassignment-prohibited EXTENSION ::= {
+ RecipientReassignmentProhibited
+ IF ABSENT recipient-reassignment-allowed,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:1
+}
+
+RecipientReassignmentProhibited ::= ENUMERATED {
+ recipient-reassignment-allowed(0), recipient-reassignment-prohibited(1)
+}
+
+originator-requested-alternate-recipient EXTENSION ::= {
+ OriginatorRequestedAlternateRecipient,
+ RECOMMENDED CRITICALITY {for-submission},
+ IDENTIFIED BY standard-extension:2
+}
+
+OriginatorRequestedAlternateRecipient ::= ORAddressAndOrDirectoryName
+
+-- OriginatorRequestedAlternateRecipient as defined here differs from the field of the same name
+-- defined in Figure 4, since on submission the OR-address need not be present, but on
+-- transfer the OR-address must be present.
+dl-expansion-prohibited EXTENSION ::= {
+ DLExpansionProhibited
+ IF ABSENT dl-expansion-allowed,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:3
+}
+
+DLExpansionProhibited ::= ENUMERATED {
+ dl-expansion-allowed(0), dl-expansion-prohibited(1)}
+
+conversion-with-loss-prohibited EXTENSION ::= {
+ ConversionWithLossProhibited
+ IF ABSENT conversion-with-loss-allowed,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:4
+}
+
+ConversionWithLossProhibited ::= ENUMERATED {
+ conversion-with-loss-allowed(0), conversion-with-loss-prohibited(1)
+}
+
+latest-delivery-time EXTENSION ::= {
+ LatestDeliveryTime,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:5
+}
+
+LatestDeliveryTime ::= Time
+
+requested-delivery-method EXTENSION ::= {
+ RequestedDeliveryMethod
+ IF ABSENT {any-delivery-method},
+ IDENTIFIED BY standard-extension:6
+}
+
+RequestedDeliveryMethod ::=
+ SEQUENCE OF INTEGER { -- each different in order of preference,
+ -- most preferred first
+ any-delivery-method(0), mhs-delivery(1), physical-delivery(2),
+ telex-delivery(3), teletex-delivery(4), g3-facsimile-delivery(5),
+ g4-facsimile-delivery(6), ia5-terminal-delivery(7), videotex-delivery(8),
+ telephone-delivery(9)}(0..ub-integer-options)
+
+physical-forwarding-prohibited EXTENSION ::= {
+ PhysicalForwardingProhibited
+ IF ABSENT physical-forwarding-allowed,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:7
+}
+
+PhysicalForwardingProhibited ::= ENUMERATED {
+ physical-forwarding-allowed(0), physical-forwarding-prohibited(1)}
+
+physical-forwarding-address-request EXTENSION ::= {
+ PhysicalForwardingAddressRequest
+ IF ABSENT physical-forwarding-address-not-requested,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:8
+}
+
+PhysicalForwardingAddressRequest ::= ENUMERATED {
+ physical-forwarding-address-not-requested(0),
+ physical-forwarding-address-requested(1)}
+
+physical-delivery-modes EXTENSION ::= {
+ PhysicalDeliveryModes
+ IF ABSENT {ordinary-mail},
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:9
+}
+
+PhysicalDeliveryModes ::= BIT STRING {
+ ordinary-mail(0), special-delivery(1), express-mail(2),
+ counter-collection(3), counter-collection-with-telephone-advice(4),
+ counter-collection-with-telex-advice(5),
+ counter-collection-with-teletex-advice(6), bureau-fax-delivery(7)
+
+-- bits 0 to 6 are mutually exclusive
+-- bit 7 can be set independently of any of bits 0 to 6 --}
+(SIZE (0..ub-bit-options))
+
+registered-mail-type EXTENSION ::= {
+ RegisteredMailType
+ IF ABSENT non-registered-mail,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:10
+}
+
+RegisteredMailType ::= INTEGER {
+ non-registered-mail(0), registered-mail(1),
+ registered-mail-to-addressee-in-person(2)}(0..ub-integer-options)
+
+recipient-number-for-advice EXTENSION ::= {
+ RecipientNumberForAdvice,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:11
+}
+
+RecipientNumberForAdvice ::=
+ TeletexString(SIZE (1..ub-recipient-number-for-advice-length))
+
+physical-rendition-attributes EXTENSION ::= {
+ PhysicalRenditionAttributes
+ IF ABSENT id-att-physicalRendition-basic,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:12
+}
+
+PhysicalRenditionAttributes ::= OBJECT IDENTIFIER
+
+originator-return-address EXTENSION ::= {
+ OriginatorReturnAddress,
+ IDENTIFIED BY standard-extension:13
+}
+
+OriginatorReturnAddress ::= ORAddress
+
+physical-delivery-report-request EXTENSION ::= {
+ PhysicalDeliveryReportRequest
+ IF ABSENT return-of-undeliverable-mail-by-PDS,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:14
+}
+
+PhysicalDeliveryReportRequest ::= INTEGER {
+ return-of-undeliverable-mail-by-PDS(0), return-of-notification-by-PDS(1),
+ return-of-notification-by-MHS(2), return-of-notification-by-MHS-and-PDS(3)
+}(0..ub-integer-options)
+
+originator-certificate EXTENSION ::= {
+ OriginatorCertificate,
+ IDENTIFIED BY standard-extension:15
+}
+
+OriginatorCertificate ::= Certificates
+
+message-token EXTENSION ::= {
+ MessageToken,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:16
+}
+
+MessageToken ::= Token
+
+content-confidentiality-algorithm-identifier EXTENSION ::= {
+ ContentConfidentialityAlgorithmIdentifier,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:17
+}
+
+ContentConfidentialityAlgorithmIdentifier ::= AlgorithmIdentifier
+
+content-integrity-check EXTENSION ::= {
+ ContentIntegrityCheck,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:18
+}
+
+ContentIntegrityCheck ::=
+ SIGNATURE
+ {SEQUENCE {algorithm-identifier
+ ContentIntegrityAlgorithmIdentifier OPTIONAL,
+ content Content}}
+
+ContentIntegrityAlgorithmIdentifier ::= AlgorithmIdentifier
+
+message-origin-authentication-check EXTENSION ::= {
+ MessageOriginAuthenticationCheck,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:19
+}
+
+MessageOriginAuthenticationCheck ::=
+ SIGNATURE
+ {SEQUENCE {algorithm-identifier
+ MessageOriginAuthenticationAlgorithmIdentifier,
+ content Content,
+ content-identifier ContentIdentifier OPTIONAL,
+ message-security-label MessageSecurityLabel OPTIONAL}}
+
+MessageOriginAuthenticationAlgorithmIdentifier ::= AlgorithmIdentifier
+
+message-security-label EXTENSION ::= {
+ MessageSecurityLabel,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:20
+}
+
+MessageSecurityLabel ::= SecurityLabel
+
+proof-of-submission-request EXTENSION ::= {
+ ProofOfSubmissionRequest
+ IF ABSENT proof-of-submission-not-requested,
+ RECOMMENDED CRITICALITY {for-submission},
+ IDENTIFIED BY standard-extension:21
+}
+
+ProofOfSubmissionRequest ::= ENUMERATED {
+ proof-of-submission-not-requested(0), proof-of-submission-requested(1)
+}
+
+proof-of-delivery-request EXTENSION ::= {
+ ProofOfDeliveryRequest
+ IF ABSENT proof-of-delivery-not-requested,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:22
+}
+
+ProofOfDeliveryRequest ::= ENUMERATED {
+ proof-of-delivery-not-requested(0), proof-of-delivery-requested(1)}
+
+content-correlator EXTENSION ::= {
+ ContentCorrelator,
+ IDENTIFIED BY standard-extension:23
+}
+
+ContentCorrelator ::= CHOICE {ia5text IA5String,
+ octets OCTET STRING
+}
+
+probe-origin-authentication-check EXTENSION ::= {
+ ProbeOriginAuthenticationCheck,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:24
+}
+
+ProbeOriginAuthenticationCheck ::=
+ SIGNATURE
+ {SEQUENCE {algorithm-identifier
+ ProbeOriginAuthenticationAlgorithmIdentifier,
+ content-identifier ContentIdentifier OPTIONAL,
+ message-security-label MessageSecurityLabel OPTIONAL}}
+
+ProbeOriginAuthenticationAlgorithmIdentifier ::= AlgorithmIdentifier
+
+redirection-history EXTENSION ::= {
+ RedirectionHistory,
+ IDENTIFIED BY standard-extension:25
+}
+
+RedirectionHistory ::= SEQUENCE SIZE (1..ub-redirections) OF Redirection
+
+Redirection ::= SEQUENCE {
+ intended-recipient-name IntendedRecipientName,
+ redirection-reason RedirectionReason
+}
+
+IntendedRecipientName ::= SEQUENCE {
+ intended-recipient ORAddressAndOptionalDirectoryName,
+ redirection-time Time
+}
+
+RedirectionReason ::= ENUMERATED {
+ recipient-assigned-alternate-recipient(0),
+ originator-requested-alternate-recipient(1),
+ recipient-MD-assigned-alternate-recipient(2),
+ -- The following values may not be supported by implementations of earlier versions of this Service Definition
+ directory-look-up(3), alias(4), ...
+ }
+
+dl-expansion-history EXTENSION ::= {
+ DLExpansionHistory,
+ IDENTIFIED BY standard-extension:26
+}
+
+DLExpansionHistory ::= SEQUENCE SIZE (1..ub-dl-expansions) OF DLExpansion
+
+DLExpansion ::= SEQUENCE {
+ dl ORAddressAndOptionalDirectoryName,
+ dl-expansion-time Time
+}
+
+physical-forwarding-address EXTENSION ::= {
+ PhysicalForwardingAddress,
+ IDENTIFIED BY standard-extension:27
+}
+
+PhysicalForwardingAddress ::= ORAddressAndOptionalDirectoryName
+
+recipient-certificate EXTENSION ::= {
+ RecipientCertificate,
+ IDENTIFIED BY standard-extension:28
+}
+
+proof-of-delivery EXTENSION ::= {
+ ProofOfDelivery,
+ IDENTIFIED BY standard-extension:29
+}
+
+originator-and-DL-expansion-history EXTENSION ::= {
+ OriginatorAndDLExpansionHistory,
+ IDENTIFIED BY standard-extension:30
+}
+
+OriginatorAndDLExpansionHistory ::=
+ SEQUENCE SIZE (2..ub-orig-and-dl-expansions) OF OriginatorAndDLExpansion
+
+OriginatorAndDLExpansion ::= SEQUENCE {
+ originator-or-dl-name ORAddressAndOptionalDirectoryName,
+ origination-or-expansion-time Time
+}
+
+reporting-DL-name EXTENSION ::= {
+ ReportingDLName,
+ IDENTIFIED BY standard-extension:31
+}
+
+ReportingDLName ::= ORAddressAndOptionalDirectoryName
+
+reporting-MTA-certificate EXTENSION ::= {
+ ReportingMTACertificate,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:32
+}
+
+ReportingMTACertificate ::= Certificates
+
+report-origin-authentication-check EXTENSION ::= {
+ ReportOriginAuthenticationCheck,
+ RECOMMENDED CRITICALITY {for-delivery},
+ IDENTIFIED BY standard-extension:33
+}
+
+ReportOriginAuthenticationCheck ::=
+ SIGNATURE
+ {SEQUENCE {algorithm-identifier
+ ReportOriginAuthenticationAlgorithmIdentifier,
+ content-identifier ContentIdentifier OPTIONAL,
+ message-security-label MessageSecurityLabel OPTIONAL,
+ per-recipient
+ SEQUENCE SIZE (1..ub-recipients) OF PerRecipientReportFields
+ }}
+
+ReportOriginAuthenticationAlgorithmIdentifier ::= AlgorithmIdentifier
+
+PerRecipientReportFields ::= SEQUENCE {
+ actual-recipient-name ActualRecipientName,
+ originally-intended-recipient-name OriginallyIntendedRecipientName OPTIONAL,
+ report-type
+ CHOICE {delivery [0] PerRecipientDeliveryReportFields,
+ non-delivery [1] PerRecipientNonDeliveryReportFields}
+}
+
+PerRecipientDeliveryReportFields ::= SEQUENCE {
+ message-delivery-time MessageDeliveryTime,
+ type-of-MTS-user TypeOfMTSUser,
+ recipient-certificate [0] RecipientCertificate OPTIONAL,
+ proof-of-delivery [1] ProofOfDelivery OPTIONAL
+}
+
+PerRecipientNonDeliveryReportFields ::= SEQUENCE {
+ non-delivery-reason-code NonDeliveryReasonCode,
+ non-delivery-diagnostic-code NonDeliveryDiagnosticCode OPTIONAL
+}
+
+originating-MTA-certificate EXTENSION ::= {
+ OriginatingMTACertificate,
+ IDENTIFIED BY standard-extension:34
+}
+
+OriginatingMTACertificate ::= Certificates
+
+proof-of-submission EXTENSION ::= {
+ ProofOfSubmission,
+ IDENTIFIED BY standard-extension:35
+}
+
+ProofOfSubmission ::=
+ SIGNATURE
+ {SEQUENCE {algorithm-identifier
+ ProofOfSubmissionAlgorithmIdentifier,
+ message-submission-envelope MessageSubmissionEnvelope,
+ content Content,
+ message-submission-identifier MessageSubmissionIdentifier,
+ message-submission-time MessageSubmissionTime}}
+
+ProofOfSubmissionAlgorithmIdentifier ::= AlgorithmIdentifier
+
+reporting-MTA-name EXTENSION ::= {
+ ReportingMTAName,
+ IDENTIFIED BY standard-extension:39
+}
+
+ReportingMTAName ::= SEQUENCE {
+ domain GlobalDomainIdentifier,
+ mta-name MTAName,
+ mta-directory-name [0] Name OPTIONAL
+}
+
+multiple-originator-certificates EXTENSION ::= {
+ ExtendedCertificates,
+ IDENTIFIED BY standard-extension:40
+}
+
+ExtendedCertificates ::= SET SIZE (1..ub-certificates) OF ExtendedCertificate
+
+ExtendedCertificate ::= CHOICE {
+ directory-entry [0] Name, -- Name of a Directory entry where the certificate can be found
+ certificate [1] Certificates
+}
+
+dl-exempted-recipients EXTENSION ::= {
+ DLExemptedRecipients,
+ IDENTIFIED BY standard-extension:42
+}
+
+DLExemptedRecipients ::= SET OF ORAddressAndOrDirectoryName
+
+certificate-selectors EXTENSION ::= {
+ CertificateSelectors,
+ IDENTIFIED BY standard-extension:45
+}
+
+CertificateSelectors ::= SET {
+ encryption-recipient [0] CertificateAssertion OPTIONAL,
+ encryption-originator [1] CertificateAssertion OPTIONAL,
+ content-integrity-check [2] CertificateAssertion OPTIONAL,
+ token-signature [3] CertificateAssertion OPTIONAL,
+ message-origin-authentication [4] CertificateAssertion OPTIONAL
+}
+
+certificate-selectors-override EXTENSION ::= {
+ CertificateSelectors
+ (WITH COMPONENTS {
+ ...,
+ message-origin-authentication ABSENT
+ }),
+ IDENTIFIED BY standard-extension:46
+}
+
+-- Some standard-extensions are defined elsewhere:
+-- 36 (forwarding-request) in ITU-T Rec. X.413 | ISO/IEC 10021-5;
+-- 37 (trace-information), and 38 (internal-trace-information) in Figure 4;
+-- 41 (blind-copy-recipients), 43 (body-part-encryption-token), and 44 (forwarded-content-token) in
+-- ITU-T Rec. X.420 | ISO/IEC 10021-7
+-- Common Parameter Types
+Content ::=
+ OCTET
+ STRING -- when the content-type has the integer value external, the value of the
+
+-- content octet string is the ASN.1 encoding of the external-content;
+-- an external-content is a data type EXTERNAL
+MTSIdentifier ::= [APPLICATION 4] SEQUENCE {
+ global-domain-identifier GlobalDomainIdentifier,
+ local-identifier LocalIdentifier
+}
+
+LocalIdentifier ::= IA5String(SIZE (1..ub-local-id-length))
+
+GlobalDomainIdentifier ::= [APPLICATION 3] SEQUENCE {
+ country-name CountryName,
+ administration-domain-name AdministrationDomainName,
+ private-domain-identifier PrivateDomainIdentifier OPTIONAL
+}
+
+PrivateDomainIdentifier ::= CHOICE {
+ numeric NumericString(SIZE (1..ub-domain-name-length)),
+ printable PrintableString(SIZE (1..ub-domain-name-length))
+}
+
+MTAName ::= IA5String(SIZE (1..ub-mta-name-length))
+
+Time ::= UTCTime
+
+-- OR Names
+ORAddressAndOrDirectoryName ::= ORName
+
+ORAddressAndOptionalDirectoryName ::= ORName
+
+ORName ::= [APPLICATION 0] SEQUENCE {
+ -- address --COMPONENTS OF ORAddress,
+ directory-name [0] Name OPTIONAL
+}
+
+ORAddress ::= SEQUENCE {
+ built-in-standard-attributes BuiltInStandardAttributes,
+ built-in-domain-defined-attributes BuiltInDomainDefinedAttributes OPTIONAL,
+ -- see also teletex-domain-defined-attributes
+ extension-attributes ExtensionAttributes OPTIONAL
+}
+
+-- The OR-address is semantically absent from the OR-name if the built-in-standard-attribute
+-- sequence is empty and the built-in-domain-defined-attributes and extension-attributes are both omitted.
+-- Built-in Standard Attributes
+BuiltInStandardAttributes ::= SEQUENCE {
+ country-name CountryName OPTIONAL,
+ administration-domain-name AdministrationDomainName OPTIONAL,
+ network-address [0] NetworkAddress OPTIONAL,
+ -- see also extended-network-address
+ terminal-identifier [1] TerminalIdentifier OPTIONAL,
+ private-domain-name [2] PrivateDomainName OPTIONAL,
+ organization-name [3] OrganizationName OPTIONAL,
+ -- see also teletex-organization-name
+ numeric-user-identifier [4] NumericUserIdentifier OPTIONAL,
+ personal-name [5] PersonalName OPTIONAL,
+ -- see also teletex-personal-name
+ organizational-unit-names [6] OrganizationalUnitNames OPTIONAL
+ -- see also teletex-organizational-unit-names
+}
+
+CountryName ::= [APPLICATION 1] CHOICE {
+ x121-dcc-code NumericString(SIZE (ub-country-name-numeric-length)),
+ iso-3166-alpha2-code PrintableString(SIZE (ub-country-name-alpha-length))
+}
+
+AdministrationDomainName ::= [APPLICATION 2] CHOICE {
+ numeric NumericString(SIZE (0..ub-domain-name-length)),
+ printable PrintableString(SIZE (0..ub-domain-name-length))
+}
+
+NetworkAddress ::= X121Address
+
+-- see also extended-network-address
+X121Address ::= NumericString(SIZE (1..ub-x121-address-length))
+
+TerminalIdentifier ::= PrintableString(SIZE (1..ub-terminal-id-length))
+
+PrivateDomainName ::= CHOICE {
+ numeric NumericString(SIZE (1..ub-domain-name-length)),
+ printable PrintableString(SIZE (1..ub-domain-name-length))
+}
+
+OrganizationName ::= PrintableString(SIZE (1..ub-organization-name-length))
+
+-- see also teletex-organization-name
+NumericUserIdentifier ::= NumericString(SIZE (1..ub-numeric-user-id-length))
+
+PersonalName ::= SET {
+ surname [0] PrintableString(SIZE (1..ub-surname-length)),
+ given-name
+ [1] PrintableString(SIZE (1..ub-given-name-length)) OPTIONAL,
+ initials
+ [2] PrintableString(SIZE (1..ub-initials-length)) OPTIONAL,
+ generation-qualifier
+ [3] PrintableString(SIZE (1..ub-generation-qualifier-length)) OPTIONAL
+}
+
+-- see also teletex-personal-name
+OrganizationalUnitNames ::=
+ SEQUENCE SIZE (1..ub-organizational-units) OF OrganizationalUnitName
+
+-- see also teletex-organizational-unit-names
+OrganizationalUnitName ::=
+ PrintableString(SIZE (1..ub-organizational-unit-name-length))
+
+-- Built-in Domain-defined Attributes
+BuiltInDomainDefinedAttributes ::=
+ SEQUENCE SIZE (1..ub-domain-defined-attributes) OF
+ BuiltInDomainDefinedAttribute
+
+BuiltInDomainDefinedAttribute ::= SEQUENCE {
+ type PrintableString(SIZE (1..ub-domain-defined-attribute-type-length)),
+ value PrintableString(SIZE (1..ub-domain-defined-attribute-value-length))
+}
+
+-- Extension Attributes
+ExtensionAttributes ::=
+ SET SIZE (1..ub-extension-attributes) OF ExtensionAttribute
+
+ExtensionAttribute ::= SEQUENCE {
+ extension-attribute-type
+ [0] EXTENSION-ATTRIBUTE.&id({ExtensionAttributeTable}),
+ extension-attribute-value
+ [1] EXTENSION-ATTRIBUTE.&Type
+ ({ExtensionAttributeTable}{@extension-attribute-type})
+}
+
+EXTENSION-ATTRIBUTE ::= CLASS {
+ &id INTEGER(0..ub-extension-attributes) UNIQUE,
+ &Type
+}WITH SYNTAX {&Type
+ IDENTIFIED BY &id
+}
+
+ExtensionAttributeTable EXTENSION-ATTRIBUTE ::=
+ {common-name | teletex-common-name | universal-common-name |
+ teletex-organization-name | universal-organization-name |
+ teletex-personal-name | universal-personal-name |
+ teletex-organizational-unit-names | universal-organizational-unit-names |
+ teletex-domain-defined-attributes | universal-domain-defined-attributes |
+ pds-name | physical-delivery-country-name | postal-code |
+ physical-delivery-office-name | universal-physical-delivery-office-name |
+ physical-delivery-office-number | universal-physical-delivery-office-number
+ | extension-OR-address-components |
+ universal-extension-OR-address-components | physical-delivery-personal-name
+ | universal-physical-delivery-personal-name |
+ physical-delivery-organization-name |
+ universal-physical-delivery-organization-name |
+ extension-physical-delivery-address-components |
+ universal-extension-physical-delivery-address-components |
+ unformatted-postal-address | universal-unformatted-postal-address |
+ street-address | universal-street-address | post-office-box-address |
+ universal-post-office-box-address | poste-restante-address |
+ universal-poste-restante-address | unique-postal-name |
+ universal-unique-postal-name | local-postal-attributes |
+ universal-local-postal-attributes | extended-network-address | terminal-type
+ }
+
+-- Extension Standard Attributes
+common-name EXTENSION-ATTRIBUTE ::= {CommonName
+ IDENTIFIED BY 1
+}
+
+CommonName ::= PrintableString(SIZE (1..ub-common-name-length))
+
+teletex-common-name EXTENSION-ATTRIBUTE ::= {TeletexCommonName
+ IDENTIFIED BY 2
+}
+
+TeletexCommonName ::= TeletexString(SIZE (1..ub-common-name-length))
+
+universal-common-name EXTENSION-ATTRIBUTE ::= {
+ UniversalCommonName
+ IDENTIFIED BY 24
+}
+
+UniversalCommonName ::= UniversalOrBMPString{ub-common-name-length}
+
+teletex-organization-name EXTENSION-ATTRIBUTE ::= {
+ TeletexOrganizationName
+ IDENTIFIED BY 3
+}
+
+TeletexOrganizationName ::=
+ TeletexString(SIZE (1..ub-organization-name-length))
+
+universal-organization-name EXTENSION-ATTRIBUTE ::= {
+ UniversalOrganizationName
+ IDENTIFIED BY 25
+}
+
+UniversalOrganizationName ::= UniversalOrBMPString{ub-organization-name-length}
+
+teletex-personal-name EXTENSION-ATTRIBUTE ::= {
+ TeletexPersonalName
+ IDENTIFIED BY 4
+}
+
+TeletexPersonalName ::= SET {
+ surname [0] TeletexString(SIZE (1..ub-surname-length)),
+ given-name
+ [1] TeletexString(SIZE (1..ub-given-name-length)) OPTIONAL,
+ initials
+ [2] TeletexString(SIZE (1..ub-initials-length)) OPTIONAL,
+ generation-qualifier
+ [3] TeletexString(SIZE (1..ub-generation-qualifier-length)) OPTIONAL
+}
+
+universal-personal-name EXTENSION-ATTRIBUTE ::= {
+ UniversalPersonalName
+ IDENTIFIED BY 26
+}
+
+UniversalPersonalName ::= SET {
+ surname [0] UniversalOrBMPString{ub-universal-surname-length},
+ -- If a language is specified within surname, then that language applies to each of the following
+ -- optional components unless the component specifies another language.
+ given-name
+ [1] UniversalOrBMPString{ub-universal-given-name-length} OPTIONAL,
+ initials
+ [2] UniversalOrBMPString{ub-universal-initials-length} OPTIONAL,
+ generation-qualifier
+ [3] UniversalOrBMPString{ub-universal-generation-qualifier-length}
+ OPTIONAL
+}
+
+teletex-organizational-unit-names EXTENSION-ATTRIBUTE ::= {
+ TeletexOrganizationalUnitNames
+ IDENTIFIED BY 5
+}
+
+TeletexOrganizationalUnitNames ::=
+ SEQUENCE SIZE (1..ub-organizational-units) OF TeletexOrganizationalUnitName
+
+TeletexOrganizationalUnitName ::=
+ TeletexString(SIZE (1..ub-organizational-unit-name-length))
+
+universal-organizational-unit-names EXTENSION-ATTRIBUTE ::= {
+ UniversalOrganizationalUnitNames
+ IDENTIFIED BY 27
+}
+
+UniversalOrganizationalUnitNames ::=
+ SEQUENCE SIZE (1..ub-organizational-units) OF UniversalOrganizationalUnitName
+
+-- If a unit name specifies a language, then that language applies to subordinate unit names unless
+-- the subordinate specifies another language.
+UniversalOrganizationalUnitName ::=
+ UniversalOrBMPString{ub-organizational-unit-name-length}
+
+UniversalOrBMPString{INTEGER:ub-string-length} ::= SET {
+ character-encoding
+ CHOICE {two-octets BMPString(SIZE (1..ub-string-length)),
+ four-octets UniversalString(SIZE (1..ub-string-length))},
+ iso-639-language-code PrintableString(SIZE (2 | 5)) OPTIONAL
+}
+
+pds-name EXTENSION-ATTRIBUTE ::= {PDSName
+ IDENTIFIED BY 7
+}
+
+PDSName ::= PrintableString(SIZE (1..ub-pds-name-length))
+
+physical-delivery-country-name EXTENSION-ATTRIBUTE ::= {
+ PhysicalDeliveryCountryName
+ IDENTIFIED BY 8
+}
+
+PhysicalDeliveryCountryName ::= CHOICE {
+ x121-dcc-code NumericString(SIZE (ub-country-name-numeric-length)),
+ iso-3166-alpha2-code PrintableString(SIZE (ub-country-name-alpha-length))
+}
+
+postal-code EXTENSION-ATTRIBUTE ::= {PostalCode
+ IDENTIFIED BY 9
+}
+
+PostalCode ::= CHOICE {
+ numeric-code NumericString(SIZE (1..ub-postal-code-length)),
+ printable-code PrintableString(SIZE (1..ub-postal-code-length))
+}
+
+physical-delivery-office-name EXTENSION-ATTRIBUTE ::= {
+ PhysicalDeliveryOfficeName
+ IDENTIFIED BY 10
+}
+
+PhysicalDeliveryOfficeName ::= PDSParameter
+
+universal-physical-delivery-office-name EXTENSION-ATTRIBUTE ::= {
+ UniversalPhysicalDeliveryOfficeName
+ IDENTIFIED BY 29
+}
+
+UniversalPhysicalDeliveryOfficeName ::= UniversalPDSParameter
+
+physical-delivery-office-number EXTENSION-ATTRIBUTE ::= {
+ PhysicalDeliveryOfficeNumber
+ IDENTIFIED BY 11
+}
+
+PhysicalDeliveryOfficeNumber ::= PDSParameter
+
+universal-physical-delivery-office-number EXTENSION-ATTRIBUTE ::= {
+ UniversalPhysicalDeliveryOfficeNumber
+ IDENTIFIED BY 30
+}
+
+UniversalPhysicalDeliveryOfficeNumber ::= UniversalPDSParameter
+
+extension-OR-address-components EXTENSION-ATTRIBUTE ::= {
+ ExtensionORAddressComponents
+ IDENTIFIED BY 12
+}
+
+ExtensionORAddressComponents ::= PDSParameter
+
+universal-extension-OR-address-components EXTENSION-ATTRIBUTE ::= {
+ UniversalExtensionORAddressComponents
+ IDENTIFIED BY 31
+}
+
+UniversalExtensionORAddressComponents ::= UniversalPDSParameter
+
+physical-delivery-personal-name EXTENSION-ATTRIBUTE ::= {
+ PhysicalDeliveryPersonalName
+ IDENTIFIED BY 13
+}
+
+PhysicalDeliveryPersonalName ::= PDSParameter
+
+universal-physical-delivery-personal-name EXTENSION-ATTRIBUTE ::= {
+ UniversalPhysicalDeliveryPersonalName
+ IDENTIFIED BY 32
+}
+
+UniversalPhysicalDeliveryPersonalName ::= UniversalPDSParameter
+
+physical-delivery-organization-name EXTENSION-ATTRIBUTE ::= {
+ PhysicalDeliveryOrganizationName
+ IDENTIFIED BY 14
+}
+
+PhysicalDeliveryOrganizationName ::= PDSParameter
+
+universal-physical-delivery-organization-name EXTENSION-ATTRIBUTE ::=
+{UniversalPhysicalDeliveryOrganizationName
+ IDENTIFIED BY 33
+}
+
+UniversalPhysicalDeliveryOrganizationName ::= UniversalPDSParameter
+
+extension-physical-delivery-address-components EXTENSION-ATTRIBUTE ::=
+{ExtensionPhysicalDeliveryAddressComponents
+ IDENTIFIED BY 15
+}
+
+ExtensionPhysicalDeliveryAddressComponents ::= PDSParameter
+
+universal-extension-physical-delivery-address-components EXTENSION-ATTRIBUTE
+ ::= {UniversalExtensionPhysicalDeliveryAddressComponents
+ IDENTIFIED BY 34
+}
+
+UniversalExtensionPhysicalDeliveryAddressComponents ::= UniversalPDSParameter
+
+unformatted-postal-address EXTENSION-ATTRIBUTE ::= {
+ UnformattedPostalAddress
+ IDENTIFIED BY 16
+}
+
+UnformattedPostalAddress ::= SET {
+ printable-address
+ SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
+ PrintableString(SIZE (1..ub-pds-parameter-length)) OPTIONAL,
+ teletex-string
+ TeletexString(SIZE (1..ub-unformatted-address-length)) OPTIONAL
+}
+
+universal-unformatted-postal-address EXTENSION-ATTRIBUTE ::= {
+ UniversalUnformattedPostalAddress
+ IDENTIFIED BY 35
+}
+
+UniversalUnformattedPostalAddress ::=
+ UniversalOrBMPString{ub-unformatted-address-length}
+
+street-address EXTENSION-ATTRIBUTE ::= {StreetAddress
+ IDENTIFIED BY 17
+}
+
+StreetAddress ::= PDSParameter
+
+universal-street-address EXTENSION-ATTRIBUTE ::= {
+ UniversalStreetAddress
+ IDENTIFIED BY 36
+}
+
+UniversalStreetAddress ::= UniversalPDSParameter
+
+post-office-box-address EXTENSION-ATTRIBUTE ::= {
+ PostOfficeBoxAddress
+ IDENTIFIED BY 18
+}
+
+PostOfficeBoxAddress ::= PDSParameter
+
+universal-post-office-box-address EXTENSION-ATTRIBUTE ::= {
+ UniversalPostOfficeBoxAddress
+ IDENTIFIED BY 37
+}
+
+UniversalPostOfficeBoxAddress ::= UniversalPDSParameter
+
+poste-restante-address EXTENSION-ATTRIBUTE ::= {
+ PosteRestanteAddress
+ IDENTIFIED BY 19
+}
+
+PosteRestanteAddress ::= PDSParameter
+
+universal-poste-restante-address EXTENSION-ATTRIBUTE ::= {
+ UniversalPosteRestanteAddress
+ IDENTIFIED BY 38
+}
+
+UniversalPosteRestanteAddress ::= UniversalPDSParameter
+
+unique-postal-name EXTENSION-ATTRIBUTE ::= {UniquePostalName
+ IDENTIFIED BY 20
+}
+
+UniquePostalName ::= PDSParameter
+
+universal-unique-postal-name EXTENSION-ATTRIBUTE ::= {
+ UniversalUniquePostalName
+ IDENTIFIED BY 39
+}
+
+UniversalUniquePostalName ::= UniversalPDSParameter
+
+local-postal-attributes EXTENSION-ATTRIBUTE ::= {
+ LocalPostalAttributes
+ IDENTIFIED BY 21
+}
+
+LocalPostalAttributes ::= PDSParameter
+
+universal-local-postal-attributes EXTENSION-ATTRIBUTE ::= {
+ UniversalLocalPostalAttributes
+ IDENTIFIED BY 40
+}
+
+UniversalLocalPostalAttributes ::= UniversalPDSParameter
+
+PDSParameter ::= SET {
+ printable-string PrintableString(SIZE (1..ub-pds-parameter-length)) OPTIONAL,
+ teletex-string TeletexString(SIZE (1..ub-pds-parameter-length)) OPTIONAL
+}
+
+UniversalPDSParameter ::= UniversalOrBMPString{ub-pds-parameter-length}
+
+extended-network-address EXTENSION-ATTRIBUTE ::= {
+ ExtendedNetworkAddress
+ IDENTIFIED BY 22
+}
+
+ExtendedNetworkAddress ::= CHOICE {
+ e163-4-address
+ SEQUENCE {number
+ [0] NumericString(SIZE (1..ub-e163-4-number-length)),
+ sub-address
+ [1] NumericString(SIZE (1..ub-e163-4-sub-address-length))
+ OPTIONAL},
+ psap-address [0] PresentationAddress
+}
+
+terminal-type EXTENSION-ATTRIBUTE ::= {TerminalType
+ IDENTIFIED BY 23
+}
+
+TerminalType ::= INTEGER {
+ telex(3), teletex(4), g3-facsimile(5), g4-facsimile(6), ia5-terminal(7),
+ videotex(8)}(0..ub-integer-options)
+
+-- Extension Domain-defined Attributes
+teletex-domain-defined-attributes EXTENSION-ATTRIBUTE ::= {
+ TeletexDomainDefinedAttributes
+ IDENTIFIED BY 6
+}
+
+TeletexDomainDefinedAttributes ::=
+ SEQUENCE SIZE (1..ub-domain-defined-attributes) OF
+ TeletexDomainDefinedAttribute
+
+TeletexDomainDefinedAttribute ::= SEQUENCE {
+ type TeletexString(SIZE (1..ub-domain-defined-attribute-type-length)),
+ value TeletexString(SIZE (1..ub-domain-defined-attribute-value-length))
+}
+
+universal-domain-defined-attributes EXTENSION-ATTRIBUTE ::= {
+ UniversalDomainDefinedAttributes
+ IDENTIFIED BY 28
+}
+
+UniversalDomainDefinedAttributes ::=
+ SEQUENCE SIZE (1..ub-domain-defined-attributes) OF
+ UniversalDomainDefinedAttribute
+
+UniversalDomainDefinedAttribute ::= SEQUENCE {
+ type UniversalOrBMPString{ub-domain-defined-attribute-type-length},
+ value UniversalOrBMPString{ub-domain-defined-attribute-value-length}
+}
+
+-- Encoded Information Types
+EncodedInformationTypes ::= [APPLICATION 5] SET {
+ built-in-encoded-information-types [0] BuiltInEncodedInformationTypes,
+ -- non-basic-parameters --COMPONENTS OF NonBasicParameters,
+ extended-encoded-information-types
+ [4] ExtendedEncodedInformationTypes OPTIONAL
+}
+
+-- Built-in Encoded Information Types
+BuiltInEncodedInformationTypes ::= BIT STRING {
+ unknown(0), ia5-text(2), g3-facsimile(3), g4-class-1(4), teletex(5),
+ videotex(6), voice(7), sfd(8), mixed-mode(9)
+}(SIZE (0..ub-built-in-encoded-information-types))
+
+-- Extended Encoded Information Types
+ExtendedEncodedInformationTypes ::=
+ SET SIZE (1..ub-encoded-information-types) OF ExtendedEncodedInformationType
+
+ExtendedEncodedInformationType ::= OBJECT IDENTIFIER
+
+-- Non-basic Parameters
+NonBasicParameters ::= SET {
+ g3-facsimile [1] G3FacsimileNonBasicParameters DEFAULT {},
+ teletex [2] TeletexNonBasicParameters DEFAULT {}
+}
+
+G3FacsimileNonBasicParameters ::= BIT STRING {
+ two-dimensional(8), -- As defined in ITU-T Recommendation T.30
+ fine-resolution(9), --
+ unlimited-length(20), -- These bit values are chosen such that when
+ b4-length(21), -- encoded using ASN.1 Basic Encoding Rules
+ a3-width(22), -- the resulting octets have the same values
+ b4-width(23), -- as for T.30 encoding
+ t6-coding(25), --
+ uncompressed(30), -- Trailing zero bits are not significant.
+ width-middle-864-of-1728(37), -- It is recommended that implementations
+ width-middle-1216-of-1728(38), -- should not encode more than 32 bits unless
+ resolution-type(44), -- higher numbered bits are non-zero.
+ resolution-400x400(45), resolution-300x300(46), resolution-8x15(47),
+ edi(49), dtm(50), bft(51), mixed-mode(58), character-mode(60),
+ twelve-bits(65), preferred-huffmann(66), full-colour(67), jpeg(68),
+ processable-mode-26(71)}
+
+TeletexNonBasicParameters ::= SET {
+ graphic-character-sets [0] TeletexString OPTIONAL,
+ control-character-sets [1] TeletexString OPTIONAL,
+ page-formats [2] OCTET STRING OPTIONAL,
+ miscellaneous-terminal-capabilities [3] TeletexString OPTIONAL,
+ private-use
+ [4] OCTET STRING
+ OPTIONAL -- maximum ub-teletex-private-use-length octets --
+}
+
+-- as defined in CCITT Recommendation T.62
+-- Token
+Token ::= SEQUENCE {
+ token-type-identifier [0] TOKEN.&id({TokensTable}),
+ token
+ [1] TOKEN.&Type({TokensTable}{@token-type-identifier})
+}
+
+TOKEN ::= TYPE-IDENTIFIER
+
+TokensTable TOKEN ::= {asymmetric-token, ...}
+
+asymmetric-token TOKEN ::= {
+ AsymmetricToken
+ IDENTIFIED BY id-tok-asymmetricToken
+}
+
+AsymmetricToken ::=
+ SIGNED
+ {SEQUENCE {signature-algorithm-identifier AlgorithmIdentifier,
+ name
+ CHOICE {recipient-name RecipientName,
+ mta
+ [3] SEQUENCE {global-domain-identifier
+ GlobalDomainIdentifier OPTIONAL,
+ mta-name MTAName
+ }},
+ time Time,
+ signed-data [0] TokenData OPTIONAL,
+ encryption-algorithm-identifier
+ [1] AlgorithmIdentifier OPTIONAL,
+ encrypted-data
+ [2] ENCRYPTED{TokenData} OPTIONAL}}
+
+TokenData ::= SEQUENCE {
+ type [0] TOKEN-DATA.&id({TokenDataTable}),
+ value [1] TOKEN-DATA.&Type({TokenDataTable}{@type})
+}
+
+TOKEN-DATA ::= CLASS {&id INTEGER UNIQUE,
+ &Type
+}WITH SYNTAX {&Type
+ IDENTIFIED BY &id
+}
+
+TokenDataTable TOKEN-DATA ::=
+ {bind-token-signed-data | message-token-signed-data |
+ message-token-encrypted-data | bind-token-encrypted-data, ...}
+
+bind-token-signed-data TOKEN-DATA ::= {BindTokenSignedData
+ IDENTIFIED BY 1
+}
+
+BindTokenSignedData ::= RandomNumber
+
+RandomNumber ::= BIT STRING
+
+message-token-signed-data TOKEN-DATA ::= {
+ MessageTokenSignedData
+ IDENTIFIED BY 2
+}
+
+MessageTokenSignedData ::= SEQUENCE {
+ content-confidentiality-algorithm-identifier
+ [0] ContentConfidentialityAlgorithmIdentifier OPTIONAL,
+ content-integrity-check
+ [1] ContentIntegrityCheck OPTIONAL,
+ message-security-label
+ [2] MessageSecurityLabel OPTIONAL,
+ proof-of-delivery-request
+ [3] ProofOfDeliveryRequest OPTIONAL,
+ message-sequence-number [4] INTEGER OPTIONAL
+}
+
+message-token-encrypted-data TOKEN-DATA ::= {
+ MessageTokenEncryptedData
+ IDENTIFIED BY 3
+}
+
+MessageTokenEncryptedData ::= SEQUENCE {
+ content-confidentiality-key [0] EncryptionKey OPTIONAL,
+ content-integrity-check [1] ContentIntegrityCheck OPTIONAL,
+ message-security-label [2] MessageSecurityLabel OPTIONAL,
+ content-integrity-key [3] EncryptionKey OPTIONAL,
+ message-sequence-number [4] INTEGER OPTIONAL
+}
+
+EncryptionKey ::= BIT STRING
+
+bind-token-encrypted-data TOKEN-DATA ::= {
+ BindTokenEncryptedData
+ IDENTIFIED BY 4
+}
+
+BindTokenEncryptedData ::= EXTERNAL
+
+-- Security Label
+SecurityLabel ::= SET {
+ security-policy-identifier SecurityPolicyIdentifier OPTIONAL,
+ security-classification SecurityClassification OPTIONAL,
+ privacy-mark PrivacyMark OPTIONAL,
+ security-categories SecurityCategories OPTIONAL
+}
+
+SecurityPolicyIdentifier ::= OBJECT IDENTIFIER
+
+SecurityClassification ::= INTEGER {
+ unmarked(0), unclassified(1), restricted(2), confidential(3), secret(4),
+ top-secret(5)}(0..ub-integer-options)
+
+PrivacyMark ::= PrintableString(SIZE (1..ub-privacy-mark-length))
+
+SecurityCategories ::= SET SIZE (1..ub-security-categories) OF SecurityCategory
+
+SecurityCategory ::= SEQUENCE {
+ type [0] SECURITY-CATEGORY.&id({SecurityCategoriesTable}),
+ value [1] SECURITY-CATEGORY.&Type({SecurityCategoriesTable}{@type})
+}
+
+SECURITY-CATEGORY ::= TYPE-IDENTIFIER
+
+SecurityCategoriesTable SECURITY-CATEGORY ::=
+ {...}
+
+END -- of MTSAbstractService
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MTSAbstractService88.asn1 b/asn1/MTSAbstractService88.asn1
new file mode 100644
index 0000000..f66d117
--- /dev/null
+++ b/asn1/MTSAbstractService88.asn1
@@ -0,0 +1,150 @@
+-- Module MTSAbstractService88 (X.411:06/1999)
+MTSAbstractService88 {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1988(1988)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything
+IMPORTS
+ -- Remote Operations
+ CONTRACT
+ --==
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ -- MTS Abstract Service Parameters
+ operationObject1, ABSTRACT-OPERATION, change-credentials, ContentLength,
+ ContentTypes, Controls, control-violates-registration,
+ DefaultDeliveryControls, EncodedInformationTypes, message-delivery,
+ MHS-OBJECT, mts-connect, PORT, RecipientAssignedAlternateRecipient,
+ register-rejected, report-delivery, SecurityLabel, security-error,
+ submission, UserAddress, UserName, Waiting
+ --==
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)}
+ -- Object Identifiers
+ id-ct-mts-access, id-ct-mts-forced-access, id-ot-mts, id-ot-mts-user,
+ id-pt-administration, id-pt-delivery
+ --==
+ FROM MTSObjectIdentifiers {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ object-identifiers(0) version-1999(1)}
+ -- Operation Codes
+ op-delivery-control, op-register
+ --==
+ FROM MTSAccessProtocol {joint-iso-itu-t mhs(6) protocols(0) modules(0)
+ mts-access-protocol(1) version-1999(1)}
+ -- Upper Bounds
+ ub-content-types, ub-labels-and-redirections
+ --==
+ FROM MTSUpperBounds {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ upper-bounds(3) version-1999(1)};
+
+-- Objects
+mts-88 MHS-OBJECT ::= {
+ INITIATES {mts-forced-access-contract-88}
+ RESPONDS {mts-access-contract-88}
+ ID {id-ot-mts 88}
+}
+
+mts-user-88 MHS-OBJECT ::= {
+ INITIATES {mts-access-contract-88}
+ RESPONDS {mts-forced-access-contract-88}
+ ID {id-ot-mts-user 88}
+}
+
+-- Contracts
+mts-access-contract-88 CONTRACT ::= {
+ CONNECTION mts-connect
+ INITIATOR CONSUMER OF {submission | delivery-88 | administration-88}
+ ID {id-ct-mts-access 88}
+}
+
+mts-forced-access-contract-88 CONTRACT ::= {
+ CONNECTION mts-connect
+ RESPONDER CONSUMER OF {submission | delivery-88 | administration-88}
+ ID {id-ct-mts-forced-access 88}
+}
+
+-- Ports
+delivery-88 PORT ::= {
+ OPERATIONS
+ {operationObject1,
+ ...} -- This IOS needs to be extensible for Forward{} of X.880
+ CONSUMER INVOKES
+ {delivery-control-88,
+ ...} -- This IOS needs to be extensible for Forward{} of X.880
+ SUPPLIER INVOKES
+ {message-delivery | report-delivery,
+ ...} -- This IOS needs to be extensible for Forward{} of X.880
+ ID {id-pt-delivery 88}
+}
+
+administration-88 PORT ::= {
+ OPERATIONS
+ {change-credentials,
+ ...} -- This IOS needs to be extensible for Forward{} of X.880
+ CONSUMER INVOKES
+ {register-88,
+ ...} -- This IOS needs to be extensible for Forward{} of X.880
+ SUPPLIER INVOKES
+ {operationObject1,
+ ...} -- This IOS needs to be extensible for Forward{} of X.880
+ ID {id-pt-administration 88}
+}
+
+-- Delivery Port
+delivery-control-88 ABSTRACT-OPERATION ::= {
+ ARGUMENT DeliveryControls88
+ RESULT Waiting
+ ERRORS {control-violates-registration | security-error}
+ LINKED
+ {operationObject1,
+ ...} -- This IOS needs to be extensible for Forward{} of X.880
+ INVOKE PRIORITY {3}
+ CODE op-delivery-control
+}
+
+DeliveryControls88 ::= SET {
+ COMPONENTS OF
+ Controls
+ (WITH COMPONENTS {
+ ...,
+ permissible-encoded-information-types ABSENT
+ }),
+ permissible-encoded-information-types-88 EncodedInformationTypes OPTIONAL
+}
+
+-- Administration Port
+register-88 ABSTRACT-OPERATION ::= {
+ ARGUMENT Register88
+ RESULT NULL
+ ERRORS {register-rejected}
+ LINKED {operationObject1, ...}
+ INVOKE PRIORITY {5}
+ CODE op-register
+}
+
+Register88 ::= SET {
+ user-name UserName OPTIONAL,
+ user-address [0] UserAddress OPTIONAL,
+ deliverable-encoded-information-types EncodedInformationTypes OPTIONAL,
+ deliverable-maximum-content-length [1] EXPLICIT ContentLength OPTIONAL,
+ default-delivery-controls
+ [2] EXPLICIT DefaultDeliveryControls OPTIONAL,
+ deliverable-content-types [3] ContentTypes OPTIONAL,
+ labels-and-redirections
+ [4] SET SIZE (1..ub-labels-and-redirections) OF LabelAndRedirection
+ OPTIONAL
+}
+
+LabelAndRedirection ::= SET {
+ user-security-label [0] UserSecurityLabel OPTIONAL,
+ recipient-assigned-alternate-recipient
+ [1] RecipientAssignedAlternateRecipient OPTIONAL
+}
+
+UserSecurityLabel ::= SecurityLabel
+
+END -- of MTSAbstractService88
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MTSAccessProtocol.asn1 b/asn1/MTSAccessProtocol.asn1
new file mode 100644
index 0000000..5a4a812
--- /dev/null
+++ b/asn1/MTSAccessProtocol.asn1
@@ -0,0 +1,320 @@
+-- Module MTSAccessProtocol (X.419:06/1999)
+MTSAccessProtocol {joint-iso-itu-t mhs(6) protocols(0) modules(0)
+ mts-access-protocol(1) version-1999(1)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+IMPORTS
+ -- MTS Abstract Service
+ administration, delivery, mts-access-contract, mts-connect,
+ mts-forced-access-contract, submission
+ --==
+ FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1999(1)}
+ -- MTS Abstract Service (1988)
+ administration-88, delivery-88, mts-access-contract-88,
+ mts-forced-access-contract-88
+ --==
+ FROM MTSAbstractService88 {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ mts-abstract-service(1) version-1988(1988)}
+ -- Remote Operations
+ APPLICATION-CONTEXT
+ --==
+ FROM Remote-Operations-Information-Objects-extensions {joint-iso-itu-t
+ remote-operations(4) informationObjects-extensions(8) version1(0)}
+ Code
+ --==
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ Bind{}, InvokeId, Unbind{}
+ --==
+ FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t
+ remote-operations(4) generic-ROS-PDUs(6) version1(0)}
+ ROS-SingleAS{}
+ --==
+ FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t
+ remote-operations(4) useful-definitions(7) version1(0)}
+ acse, association-by-RTSE, pData, transfer-by-RTSE
+ --==
+ FROM Remote-Operations-Realizations {joint-iso-itu-t remote-operations(4)
+ realizations(9) version1(0)}
+ acse-abstract-syntax
+ --==
+ FROM Remote-Operations-Abstract-Syntaxes {joint-iso-itu-t
+ remote-operations(4) remote-operations-abstract-syntaxes(12) version1(0)}
+ -- Reliable Transfer
+ RTORQapdu, RTOACapdu, RTORJapdu
+ FROM Reliable-Transfer-APDU {joint-iso-itu-t reliable-transfer(3) apdus(0)}
+ -- Object Identifiers
+ id-ac-mts-access-88, id-ac-mts-access-94, id-ac-mts-forced-access-88,
+ id-ac-mts-forced-access-94, id-ac-mts-forced-reliable-access-88,
+ id-ac-mts-forced-reliable-access-94, id-ac-mts-reliable-access-88,
+ id-ac-mts-reliable-access-94, id-as-mase-88, id-as-mase-94, id-as-mdse-88,
+ id-as-mdse-94, id-as-msse, id-as-mts, id-as-mts-rtse
+ --==
+ FROM MHSProtocolObjectIdentifiers {joint-iso-itu-t mhs(6) protocols(0)
+ modules(0) object-identifiers(0) version-1994(0)};
+
+RTSE-apdus ::= CHOICE {
+ rtorq-apdu [16] IMPLICIT RTORQapdu,
+ rtoac-apdu [17] IMPLICIT RTOACapdu,
+ rtorj-apdu [18] IMPLICIT RTORJapdu,
+ rttp-apdu RTTPapdu,
+ rttr-apdu RTTRapdu,
+ rtab-apdu [22] IMPLICIT RTABapdu
+}
+
+RTTPapdu ::= -- priority-- INTEGER
+
+RTTRapdu ::= OCTET STRING
+
+RTABapdu ::= SET {
+ abortReason [0] IMPLICIT AbortReason OPTIONAL,
+ reflectedParameter [1] IMPLICIT BIT STRING OPTIONAL,
+ -- 8 bits maximum, only if abortReason is invalidParameter
+ userdataAB
+ [2] TYPE-IDENTIFIER.&Type
+ OPTIONAL -- only in normal mode and if abortReason--
+ -- is userError
+}
+
+AbortReason ::= INTEGER {
+ localSystemProblem(0),
+ invalidParameter(1), -- reflectedParameter supplied
+ unrecognizedActivity(2),
+ temporaryProblem(3),
+ -- the RTSE cannot accept a session for a period of time
+ protocolError(4), -- RTSE level protocol error
+ permanentProblem(5), --provider-abort solely in normal mode
+ userError(6), -- user-abort solely in normal mode
+ transferCompleted(7) -- activity can't be discarded--}
+
+-- APPLICATION CONTEXTS
+-- 1994 Application Contexts omitting RTSE
+-- MTS-user initiated
+mts-access-94 APPLICATION-CONTEXT ::= {
+ CONTRACT mts-access-contract
+ ESTABLISHED BY acse
+ INFORMATION TRANSFER BY pData
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | message-submission-abstract-syntax |
+ message-delivery-abstract-syntax |
+ message-administration-abstract-syntax-94 |
+ mts-bind-unbind-abstract-syntax}
+ APPLICATION CONTEXT NAME id-ac-mts-access-94
+}
+
+-- MTS initiated
+mts-forced-access-94 APPLICATION-CONTEXT ::= {
+ CONTRACT mts-forced-access-contract
+ ESTABLISHED BY acse
+ INFORMATION TRANSFER BY pData
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | message-submission-abstract-syntax |
+ message-delivery-abstract-syntax |
+ message-administration-abstract-syntax-94 |
+ mts-bind-unbind-abstract-syntax}
+ APPLICATION CONTEXT NAME id-ac-mts-forced-access-94
+}
+
+-- 1994 Application Contexts including RTSE in normal mode
+-- MTS-user initiated
+mts-reliable-access-94 APPLICATION-CONTEXT ::= {
+ CONTRACT mts-access-contract
+ ESTABLISHED BY association-by-RTSE
+ INFORMATION TRANSFER BY transfer-by-RTSE
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | message-submission-abstract-syntax |
+ message-delivery-abstract-syntax |
+ message-administration-abstract-syntax-94 |
+ mts-bind-unbind-rtse-abstract-syntax}
+ APPLICATION CONTEXT NAME id-ac-mts-reliable-access-94
+}
+
+-- MTS initiated
+mts-forced-reliable-access-94 APPLICATION-CONTEXT ::= {
+ CONTRACT mts-forced-access-contract
+ ESTABLISHED BY association-by-RTSE
+ INFORMATION TRANSFER BY transfer-by-RTSE
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | message-submission-abstract-syntax |
+ message-delivery-abstract-syntax |
+ message-administration-abstract-syntax-94 |
+ mts-bind-unbind-rtse-abstract-syntax}
+ APPLICATION CONTEXT NAME id-ac-mts-forced-reliable-access-94
+}
+
+-- 1988 Application Contexts omitting RTSE
+-- MTS-user initiated
+mts-access-88 APPLICATION-CONTEXT ::= {
+ CONTRACT mts-access-contract-88
+ ESTABLISHED BY acse
+ INFORMATION TRANSFER BY pData
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | message-submission-abstract-syntax |
+ message-delivery-abstract-syntax-88 |
+ message-administration-abstract-syntax-88 |
+ mts-bind-unbind-abstract-syntax}
+ APPLICATION CONTEXT NAME id-ac-mts-access-88
+}
+
+-- MTS initiated
+mts-forced-access-88 APPLICATION-CONTEXT ::= {
+ CONTRACT mts-forced-access-contract-88
+ ESTABLISHED BY acse
+ INFORMATION TRANSFER BY pData
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | message-submission-abstract-syntax |
+ message-delivery-abstract-syntax-88 |
+ message-administration-abstract-syntax-88 |
+ mts-bind-unbind-abstract-syntax}
+ APPLICATION CONTEXT NAME id-ac-mts-forced-access-88
+}
+
+-- 1988 Application Contexts including RTSE in normal mode
+-- MTS-user initiated
+mts-reliable-access-88 APPLICATION-CONTEXT ::= {
+ CONTRACT mts-access-contract-88
+ ESTABLISHED BY association-by-RTSE
+ INFORMATION TRANSFER BY transfer-by-RTSE
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | message-submission-abstract-syntax |
+ message-delivery-abstract-syntax-88 |
+ message-administration-abstract-syntax-88 |
+ mts-bind-unbind-rtse-abstract-syntax}
+ APPLICATION CONTEXT NAME id-ac-mts-reliable-access-88
+}
+
+-- MTS initiated
+mts-forced-reliable-access-88 APPLICATION-CONTEXT ::= {
+ CONTRACT mts-forced-access-contract-88
+ ESTABLISHED BY association-by-RTSE
+ INFORMATION TRANSFER BY transfer-by-RTSE
+ ABSTRACT SYNTAXES
+ {acse-abstract-syntax | message-submission-abstract-syntax |
+ message-delivery-abstract-syntax-88 |
+ message-administration-abstract-syntax-88 |
+ mts-bind-unbind-rtse-abstract-syntax}
+ APPLICATION CONTEXT NAME id-ac-mts-forced-reliable-access-88
+}
+
+-- ABSTRACT-SYNTAXES
+-- Abstract Syntax for MTS-Bind and MTS-Unbind
+mts-bind-unbind-abstract-syntax ABSTRACT-SYNTAX ::= {
+ MTSBindUnbindPDUs
+ IDENTIFIED BY id-as-mts
+}
+
+MTSBindUnbindPDUs ::= CHOICE {
+ bind Bind{mts-connect.&bind},
+ unbind Unbind{mts-connect.&unbind}
+}
+
+-- Abstract Syntax for MTS-Bind and MTS-Unbind with RTSE
+mts-bind-unbind-rtse-abstract-syntax ABSTRACT-SYNTAX ::= {
+ RTSE-apdus -- With MTS Bind and MTS Unbind --
+ IDENTIFIED BY id-as-mts-rtse
+}
+
+-- Abstract Syntax for Message Submission Service Element
+message-submission-abstract-syntax ABSTRACT-SYNTAX ::= {
+ MessageSubmissionPDUs
+ IDENTIFIED BY id-as-msse
+}
+
+MessageSubmissionPDUs ::= ROS-SingleAS{{MTSInvokeIds}, submission}
+
+MTSInvokeIds ::= InvokeId(ALL EXCEPT absent:NULL)
+
+-- Remote Operations
+op-message-submission Code ::= local:3
+
+op-probe-submission Code ::= local:4
+
+op-cancel-deferred-delivery Code ::= local:7
+
+op-submission-control Code ::= local:2
+
+-- Remote Errors
+err-submission-control-violated Code ::= local:1
+
+err-element-of-service-not-subscribed Code ::= local:4
+
+err-deferred-delivery-cancellation-rejected Code ::= local:8
+
+err-originator-invalid Code ::= local:2
+
+err-recipient-improperly-specified Code ::= local:3
+
+err-message-submission-identifier-invalid Code ::= local:7
+
+err-inconsistent-request Code ::= local:11
+
+err-security-error Code ::= local:12
+
+err-unsupported-critical-function Code ::= local:13
+
+err-remote-bind-error Code ::= local:15
+
+-- Abstract Syntax for Message Delivery Service Element 1994
+message-delivery-abstract-syntax ABSTRACT-SYNTAX ::= {
+ MessageDeliveryPDUs
+ IDENTIFIED BY id-as-mdse-94
+}
+
+MessageDeliveryPDUs ::= ROS-SingleAS{{MTSInvokeIds}, delivery}
+
+-- Abstract Syntax for Message Delivery Service Element 1988
+message-delivery-abstract-syntax-88 ABSTRACT-SYNTAX ::= {
+ MessageDeliveryPDUs88
+ IDENTIFIED BY id-as-mdse-88
+}
+
+MessageDeliveryPDUs88 ::= ROS-SingleAS{{MTSInvokeIds}, delivery-88}
+
+-- Remote Operations
+op-message-delivery Code ::= local:5
+
+op-report-delivery Code ::= local:6
+
+op-delivery-control Code ::= local:2
+
+-- Remote Errors
+err-delivery-control-violated Code ::= local:1
+
+err-control-violates-registration Code ::= local:14
+
+err-operation-refused Code ::= local:16
+
+-- Abstract Syntax for Message Administration Service Element 1994
+message-administration-abstract-syntax-94 ABSTRACT-SYNTAX ::= {
+ MessageAdministrationPDUs
+ IDENTIFIED BY id-as-mase-94
+}
+
+MessageAdministrationPDUs ::= ROS-SingleAS{{MTSInvokeIds}, administration}
+
+-- Abstract Syntax for Message Administration Service Element 1988
+message-administration-abstract-syntax-88 ABSTRACT-SYNTAX ::= {
+ MessageAdministrationPDUs88
+ IDENTIFIED BY id-as-mase-88
+}
+
+MessageAdministrationPDUs88 ::= ROS-SingleAS{{MTSInvokeIds}, administration-88}
+
+-- Remote Operations
+op-register Code ::= local:1
+
+op-change-credentials Code ::= local:8
+
+-- Remote Errors
+err-register-rejected Code ::= local:10
+
+err-new-credentials-unacceptable Code ::= local:6
+
+err-old-credentials-incorrectly-specified Code ::= local:5
+
+END -- of MTSAccessProtocol
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MTSObjectIdentifiers.asn1 b/asn1/MTSObjectIdentifiers.asn1
new file mode 100644
index 0000000..1615b24
--- /dev/null
+++ b/asn1/MTSObjectIdentifiers.asn1
@@ -0,0 +1,116 @@
+-- Module MTSObjectIdentifiers (X.411:06/1999)
+MTSObjectIdentifiers {joint-iso-itu-t mhs(6) mts(3) modules(0)
+ object-identifiers(0) version-1999(1)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything
+IMPORTS -- nothing -- ;
+
+ID ::= OBJECT IDENTIFIER
+
+-- Message Transfer System
+id-mts ID ::=
+ {joint-iso-itu-t mhs(6) mts(3)} -- not definitive
+
+-- Categories of Object Identifiers
+id-mod ID ::= {id-mts 0} -- modules
+
+id-ot ID ::= {id-mts 1} -- object types
+
+id-pt ID ::= {id-mts 2} -- port types
+
+id-cont ID ::= {id-mts 3} -- content types
+
+id-eit ID ::= {id-mts 4} -- encoded information types
+
+id-att ID ::= {id-mts 5} -- attributes
+
+id-tok ID ::= {id-mts 6} -- token types
+
+id-sa ID ::= {id-mts 7} -- secure agent types
+
+id-ct ID ::= {id-mts 8} -- contracts
+
+id-cp ID ::= {id-mts 9} -- connection packages
+
+-- Modules
+id-mod-object-identifiers ID ::= {id-mod 0} -- not definitive
+
+id-mod-mts-abstract-service ID ::= {id-mod 1} -- not definitive
+
+id-mod-mta-abstract-service ID ::= {id-mod 2} -- not definitive
+
+id-mod-upper-bounds ID ::= {id-mod 3} -- not definitive
+
+-- Object Types
+id-ot-mts ID ::= {id-ot 0}
+
+id-ot-mts-user ID ::= {id-ot 1}
+
+id-ot-mta ID ::= {id-ot 2}
+
+-- Port Types
+id-pt-submission ID ::= {id-pt 0}
+
+id-pt-delivery ID ::= {id-pt 1}
+
+id-pt-administration ID ::= {id-pt 2}
+
+id-pt-transfer ID ::= {id-pt 3}
+
+-- Content Types
+id-cont-unidentified ID ::=
+ {id-cont 0} -- For use by MS and Directory
+
+id-cont-inner-envelope ID ::= {id-cont 1}
+
+-- Encoded Information Types
+id-eit-unknown ID ::= {id-eit 0}
+
+-- Value { id-eit 1 } is no longer defined
+id-eit-ia5-text ID ::= {id-eit 2}
+
+id-eit-g3-facsimile ID ::= {id-eit 3}
+
+id-eit-g4-class-1 ID ::= {id-eit 4}
+
+id-eit-teletex ID ::= {id-eit 5}
+
+id-eit-videotex ID ::= {id-eit 6}
+
+id-eit-voice ID ::= {id-eit 7}
+
+id-eit-sfd ID ::= {id-eit 8}
+
+id-eit-mixed-mode ID ::= {id-eit 9}
+
+-- Attributes
+id-att-physicalRendition-basic ID ::= {id-att 0}
+
+id-att-physicalRendition-no-cover-page ID ::= {id-att 1}
+
+-- Token Types
+id-tok-asymmetricToken ID ::= {id-tok 0}
+
+-- Secure Agent Types
+id-sa-ua ID ::= {id-sa 0}
+
+id-sa-ms ID ::= {id-sa 1}
+
+-- Contracts
+id-ct-mts-access ID ::= {id-ct 0}
+
+id-ct-mts-forced-access ID ::= {id-ct 1}
+
+id-ct-mta-transfer ID ::= {id-ct 2}
+
+-- Connection Packages
+id-cp-mts-connect ID ::= {id-cp 0}
+
+id-cp-mta-connect ID ::= {id-cp 1}
+
+END -- of MTSObjectIdentifiers
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/MTSUpperBounds.asn1 b/asn1/MTSUpperBounds.asn1
new file mode 100644
index 0000000..10eac96
--- /dev/null
+++ b/asn1/MTSUpperBounds.asn1
@@ -0,0 +1,146 @@
+-- Module MTSUpperBounds (X.411:06/1999)
+MTSUpperBounds {joint-iso-itu-t mhs(6) mts(3) modules(0) upper-bounds(3)
+ version-1999(1)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- Prologue
+-- Exports everything
+IMPORTS -- nothing -- ;
+
+-- Upper Bounds
+ub-additional-info INTEGER ::= 1024
+
+ub-bilateral-info INTEGER ::= 1024
+
+ub-bit-options INTEGER ::= 16
+
+ub-built-in-content-type INTEGER ::= 32767
+
+ub-built-in-encoded-information-types INTEGER ::= 32
+
+ub-certificates INTEGER ::= 64
+
+ub-common-name-length INTEGER ::= 64
+
+ub-content-correlator-length INTEGER ::= 512
+
+ub-content-id-length INTEGER ::= 16
+
+ub-content-length INTEGER ::= 2147483647 -- the largest integer in 32 bits
+
+ub-content-types INTEGER ::= 1024
+
+ub-country-name-alpha-length INTEGER ::= 2
+
+ub-country-name-numeric-length INTEGER ::= 3
+
+ub-diagnostic-codes INTEGER ::= 32767
+
+ub-deliverable-class INTEGER ::= 256
+
+ub-dl-expansions INTEGER ::= 512
+
+ub-domain-defined-attributes INTEGER ::= 4
+
+ub-domain-defined-attribute-type-length INTEGER ::= 8
+
+ub-domain-defined-attribute-value-length INTEGER ::= 128
+
+ub-domain-name-length INTEGER ::= 16
+
+ub-encoded-information-types INTEGER ::= 1024
+
+ub-extension-attributes INTEGER ::= 256
+
+ub-extension-types INTEGER ::= 256
+
+ub-e163-4-number-length INTEGER ::= 15
+
+ub-e163-4-sub-address-length INTEGER ::= 40
+
+ub-generation-qualifier-length INTEGER ::= 3
+
+ub-given-name-length INTEGER ::= 16
+
+ub-initials-length INTEGER ::= 5
+
+ub-integer-options INTEGER ::= 256
+
+ub-labels-and-redirections INTEGER ::= 256
+
+ub-local-id-length INTEGER ::= 32
+
+ub-mta-name-length INTEGER ::= 32
+
+ub-mts-user-types INTEGER ::= 256
+
+ub-numeric-user-id-length INTEGER ::= 32
+
+ub-organization-name-length INTEGER ::= 64
+
+ub-organizational-unit-name-length INTEGER ::= 32
+
+ub-organizational-units INTEGER ::= 4
+
+ub-orig-and-dl-expansions INTEGER ::= 513 -- ub-dl-expansions plus one
+
+ub-password-length INTEGER ::= 62
+
+ub-pds-name-length INTEGER ::= 16
+
+ub-pds-parameter-length INTEGER ::= 30
+
+ub-pds-physical-address-lines INTEGER ::= 6
+
+ub-postal-code-length INTEGER ::= 16
+
+ub-privacy-mark-length INTEGER ::= 128
+
+ub-queue-size INTEGER ::= 2147483647 -- the largest integer in 32 bits
+
+ub-reason-codes INTEGER ::= 32767
+
+ub-recipient-number-for-advice-length INTEGER ::= 32
+
+ub-recipients INTEGER ::= 32767
+
+ub-redirection-classes INTEGER ::= 256
+
+ub-redirections INTEGER ::= 512
+
+ub-restrictions INTEGER ::= 1024
+
+ub-security-categories INTEGER ::= 64
+
+ub-security-labels INTEGER ::= 256
+
+ub-security-problems INTEGER ::= 256
+
+ub-supplementary-info-length INTEGER ::= 256
+
+ub-surname-length INTEGER ::= 40
+
+ub-teletex-private-use-length INTEGER ::= 128
+
+ub-terminal-id-length INTEGER ::= 24
+
+ub-transfers INTEGER ::= 512
+
+ub-tsap-id-length INTEGER ::= 16
+
+ub-unformatted-address-length INTEGER ::= 180
+
+ub-universal-generation-qualifier-length INTEGER ::= 16
+
+ub-universal-given-name-length INTEGER ::= 40
+
+ub-universal-initials-length INTEGER ::= 16
+
+ub-universal-surname-length INTEGER ::= 64
+
+ub-x121-address-length INTEGER ::= 16
+
+END -- of MTSUpperBounds
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/OperationalBindingManagement.asn1 b/asn1/OperationalBindingManagement.asn1
new file mode 100644
index 0000000..957e084
--- /dev/null
+++ b/asn1/OperationalBindingManagement.asn1
@@ -0,0 +1,275 @@
+-- Module OperationalBindingManagement (X.501:02/2001)
+OperationalBindingManagement {joint-iso-itu-t ds(5) module(1)
+ opBindingManagement(18) 4} DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ directoryAbstractService, directoryShadowAbstractService,
+ distributedOperations, dop, enhancedSecurity,
+ hierarchicalOperationalBindings
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ OPTIONALLY-PROTECTED-SEQ{}
+ FROM EnhancedSecurity {joint-iso-itu-t ds(5) module(1) enhancedSecurity(28)
+ 4}
+ hierarchicalOperationalBinding, nonSpecificHierarchicalOperationalBinding
+ FROM HierarchicalOperationalBindings {joint-iso-itu-t ds(5) module(1)
+ hierarchicalOperationalBindings(20) 4}
+ -- from ITU-T Rec. X.511 | ISO/IEC 9594-3
+ CommonResultsSeq, directoryBind, directoryUnbind, securityError,
+ SecurityParameters
+ FROM DirectoryAbstractService {joint-iso-itu-t ds(5) module(1)
+ directoryAbstractService(2) 4}
+ -- from ITU-T Rec. X.518 | ISO/IEC 9594-4
+ AccessPoint
+ FROM DistributedOperations {joint-iso-itu-t ds(5) module(1)
+ distributedOperations(3) 4}
+ -- from ITU-T Rec. X.519 | ISO/IEC 9594-5
+ id-err-operationalBindingError, id-op-establishOperationalBinding,
+ id-op-modifyOperationalBinding, id-op-terminateOperationalBinding
+ FROM DirectoryOperationalBindingManagementProtocol {joint-iso-itu-t
+ ds(5) module(1) dop(17) 4}
+ -- from ITU-T Rec. X.525 | ISO/IEC 9594-9
+ shadowOperationalBinding
+ FROM DirectoryShadowAbstractService {joint-iso-itu-t ds(5) module(1)
+ directoryShadowAbstractService(15) 4}
+ -- from ITU-T Rec. X.880 | ISO/IEC 13712-1
+ OPERATION, ERROR
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ -- from ITU-T Rec. X.881 | ISO/IEC 13712-2
+ APPLICATION-CONTEXT
+ FROM Remote-Operations-Information-Objects-extensions {joint-iso-itu-t
+ remote-operations(4) informationObjects-extensions(8) version1(0)};
+
+-- bind and unbind
+dSAOperationalBindingManagementBind OPERATION ::=
+ directoryBind
+
+dSAOperationalBindingManagementUnbind OPERATION ::= directoryUnbind
+
+-- operations, arguments and results
+establishOperationalBinding OPERATION ::= {
+ ARGUMENT EstablishOperationalBindingArgument
+ RESULT EstablishOperationalBindingResult
+ ERRORS {operationalBindingError | securityError}
+ CODE id-op-establishOperationalBinding
+}
+
+EstablishOperationalBindingArgument ::=
+ OPTIONALLY-PROTECTED-SEQ
+ {SEQUENCE {bindingType [0] OPERATIONAL-BINDING.&id({OpBindingSet}),
+ bindingID [1] OperationalBindingID OPTIONAL,
+ accessPoint [2] AccessPoint,
+ -- symmetric, Role A initiates, or Role B initiates -
+ initiator
+ CHOICE {symmetric
+ [3] OPERATIONAL-BINDING.&both.&EstablishParam
+ ({OpBindingSet}{@bindingType}),
+ roleA-initiates
+ [4] OPERATIONAL-BINDING.&roleA.&EstablishParam
+ ({OpBindingSet}{@bindingType}),
+ roleB-initiates
+ [5] OPERATIONAL-BINDING.&roleB.&EstablishParam
+ ({OpBindingSet}{@bindingType})} OPTIONAL,
+ agreement
+ [6] OPERATIONAL-BINDING.&Agreement
+ ({OpBindingSet}{@bindingType}),
+ valid [7] Validity DEFAULT {},
+ securityParameters [8] SecurityParameters OPTIONAL}}
+
+OperationalBindingID ::= SEQUENCE {identifier INTEGER,
+ version INTEGER
+}
+
+Validity ::= SEQUENCE {
+ validFrom [0] CHOICE {now [0] NULL,
+ time [1] Time} DEFAULT now:NULL,
+ validUntil
+ [1] CHOICE {explicitTermination [0] NULL,
+ time [1] Time
+ } DEFAULT explicitTermination:NULL
+}
+
+Time ::= CHOICE {utcTime UTCTime,
+ generalizedTime GeneralizedTime
+}
+
+EstablishOperationalBindingResult ::=
+ OPTIONALLY-PROTECTED-SEQ
+ {SEQUENCE {bindingType [0] OPERATIONAL-BINDING.&id({OpBindingSet}),
+ bindingID [1] OperationalBindingID OPTIONAL,
+ accessPoint [2] AccessPoint,
+ -- symmetric, Role A replies , or Role B replies
+ initiator
+ CHOICE {symmetric
+ [3] OPERATIONAL-BINDING.&both.&EstablishParam
+ ({OpBindingSet}{@bindingType}),
+ roleA-replies
+ [4] OPERATIONAL-BINDING.&roleA.&EstablishParam
+ ({OpBindingSet}{@bindingType}),
+ roleB-replies
+ [5] OPERATIONAL-BINDING.&roleB.&EstablishParam
+ ({OpBindingSet}{@bindingType})} OPTIONAL,
+ COMPONENTS OF CommonResultsSeq}}
+
+modifyOperationalBinding OPERATION ::= {
+ ARGUMENT ModifyOperationalBindingArgument
+ RESULT ModifyOperationalBindingResult
+ ERRORS {operationalBindingError | securityError}
+ CODE id-op-modifyOperationalBinding
+}
+
+ModifyOperationalBindingArgument ::=
+ OPTIONALLY-PROTECTED-SEQ
+ {SEQUENCE {bindingType [0] OPERATIONAL-BINDING.&id({OpBindingSet}),
+ bindingID [1] OperationalBindingID,
+ accessPoint [2] AccessPoint OPTIONAL,
+ -- symmetric, Role A initiates, or Role B initiates
+ initiator
+ CHOICE {symmetric
+ [3] OPERATIONAL-BINDING.&both.&ModifyParam
+ ({OpBindingSet}{@bindingType}),
+ roleA-initiates
+ [4] OPERATIONAL-BINDING.&roleA.&ModifyParam
+ ({OpBindingSet}{@bindingType}),
+ roleB-initiates
+ [5] OPERATIONAL-BINDING.&roleB.&ModifyParam
+ ({OpBindingSet}{@bindingType})} OPTIONAL,
+ newBindingID [6] OperationalBindingID,
+ newAgreement
+ [7] OPERATIONAL-BINDING.&Agreement
+ ({OpBindingSet}{@bindingType}) OPTIONAL,
+ valid [8] Validity OPTIONAL,
+ securityParameters [9] SecurityParameters OPTIONAL}}
+
+ModifyOperationalBindingResult ::= CHOICE {
+ null [0] NULL,
+ protected
+ [1] OPTIONALLY-PROTECTED-SEQ{SEQUENCE {newBindingID OperationalBindingID,
+ bindingType
+ OPERATIONAL-BINDING.&id
+ ({OpBindingSet}),
+ newAgreement
+ OPERATIONAL-BINDING.&Agreement
+ ({OpBindingSet}{@.bindingType}),
+ valid Validity OPTIONAL,
+ COMPONENTS OF CommonResultsSeq
+ }}
+}
+
+terminateOperationalBinding OPERATION ::= {
+ ARGUMENT TerminateOperationalBindingArgument
+ RESULT TerminateOperationalBindingResult
+ ERRORS {operationalBindingError | securityError}
+ CODE id-op-terminateOperationalBinding
+}
+
+TerminateOperationalBindingArgument ::=
+ OPTIONALLY-PROTECTED-SEQ
+ {SEQUENCE {bindingType [0] OPERATIONAL-BINDING.&id({OpBindingSet}),
+ bindingID [1] OperationalBindingID,
+ -- symmetric, Role A initiates, or Role B initiates
+ initiator
+ CHOICE {symmetric
+ [2] OPERATIONAL-BINDING.&both.&TerminateParam
+ ({OpBindingSet}{@bindingType}),
+ roleA-initiates
+ [3] OPERATIONAL-BINDING.&roleA.&TerminateParam
+ ({OpBindingSet}{@bindingType}),
+ roleB-initiates
+ [4] OPERATIONAL-BINDING.&roleB.&TerminateParam
+ ({OpBindingSet}{@bindingType})} OPTIONAL,
+ terminateAt [5] Time OPTIONAL,
+ securityParameters [6] SecurityParameters OPTIONAL}}
+
+TerminateOperationalBindingResult ::= CHOICE {
+ null [0] NULL,
+ protected
+ [1] OPTIONALLY-PROTECTED-SEQ{SEQUENCE {bindingID OperationalBindingID,
+ bindingType
+ OPERATIONAL-BINDING.&id
+ ({OpBindingSet}),
+ terminateAt
+ GeneralizedTime OPTIONAL,
+ COMPONENTS OF CommonResultsSeq
+ }}
+}
+
+-- errors and parameters
+operationalBindingError ERROR ::= {
+ PARAMETER OPTIONALLY-PROTECTED-SEQ {OpBindingErrorParam}
+ CODE id-err-operationalBindingError
+}
+
+OpBindingErrorParam ::= SEQUENCE {
+ problem
+ [0] ENUMERATED {invalidID(0), duplicateID(1), unsupportedBindingType(2),
+ notAllowedForRole(3), parametersMissing(4),
+ roleAssignment(5), invalidStartTime(6), invalidEndTime(7),
+ invalidAgreement(8), currentlyNotDecidable(9),
+ modificationNotAllowed(10)},
+ bindingType [1] OPERATIONAL-BINDING.&id({OpBindingSet}) OPTIONAL,
+ agreementProposal
+ [2] OPERATIONAL-BINDING.&Agreement({OpBindingSet}{@bindingType}) OPTIONAL,
+ retryAt [3] Time OPTIONAL,
+ COMPONENTS OF CommonResultsSeq
+}
+
+-- information object classes
+OPERATIONAL-BINDING ::= CLASS {
+ &Agreement ,
+ &Cooperation OP-BINDING-COOP,
+ &both OP-BIND-ROLE OPTIONAL,
+ &roleA OP-BIND-ROLE OPTIONAL,
+ &roleB OP-BIND-ROLE OPTIONAL,
+ &id OBJECT IDENTIFIER UNIQUE
+}
+WITH SYNTAX {
+ AGREEMENT &Agreement
+ APPLICATION CONTEXTS &Cooperation
+ [SYMMETRIC &both]
+ [ASYMMETRIC
+ [ROLE-A &roleA]
+ [ROLE-B &roleB]]
+ ID &id
+}
+
+OP-BINDING-COOP ::= CLASS {
+ &applContext APPLICATION-CONTEXT,
+ &Operations OPERATION OPTIONAL
+}WITH SYNTAX {&applContext
+ [APPLIES TO &Operations]
+}
+
+OP-BIND-ROLE ::= CLASS {
+ &establish BOOLEAN DEFAULT FALSE,
+ &EstablishParam OPTIONAL,
+ &modify BOOLEAN DEFAULT FALSE,
+ &ModifyParam OPTIONAL,
+ &terminate BOOLEAN DEFAULT FALSE,
+ &TerminateParam OPTIONAL
+}
+WITH SYNTAX {
+ [ESTABLISHMENT-INITIATOR &establish]
+ [ESTABLISHMENT-PARAMETER &EstablishParam]
+ [MODIFICATION-INITIATOR &modify]
+ [MODIFICATION-PARAMETER &ModifyParam]
+ [TERMINATION-INITIATOR &terminate]
+ [TERMINATION-PARAMETER &TerminateParam]
+}
+
+OpBindingSet OPERATIONAL-BINDING ::=
+ {shadowOperationalBinding | hierarchicalOperationalBinding |
+ nonSpecificHierarchicalOperationalBinding}
+
+END -- OperationalBindingManagement
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/PKCS7.asn1 b/asn1/PKCS7.asn1
new file mode 100644
index 0000000..ac449b5
--- /dev/null
+++ b/asn1/PKCS7.asn1
@@ -0,0 +1,342 @@
+-- Module PKCS7 (X.420:06/1999)
+-- The ASN.1 in version 1.5 of the PKCS#7 document is not defined in an ASN.1 module. This prevents an IMPORT of it into other ASN.1 modules.
+-- This Annex contains a module of PKCS#7 ASN.1 definitions conforming to current ASN.1 standards rather than the obsolescent (and now deprecated) 1988/90 version of ASN.1 used in version 1.5 of PKCS#7.
+-- Extensions to PKCS#7 defined in RFC 2630 are included.
+-- If differences are found between the ASN.1 in the following module and that in PKCS#7, the latter is definitive.
+PKCS7 {iso member-body usa(840) rsadsi(113549) pkcs(1) 7
+ module(0) -- module not currently defined in PKCS#7 --} DEFINITIONS IMPLICIT
+TAGS ::=
+BEGIN
+
+IMPORTS
+ -- Directory Information Framework
+ Attribute, Name
+ --==
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 3}
+ -- Directory Authentication Framework
+ AlgorithmIdentifier, AttributeCertificate, Certificate, CertificateList,
+ CertificateSerialNumber, HASH{}, SIGNED{}
+ --==
+ FROM AuthenticationFramework {joint-iso-itu-t ds(5) module(1)
+ authenticationFramework(7) 3};
+
+-- In PKCS#7 the HASHED parameterised type applies the hash function to the
+-- contents octets component of a DER encoding of a value of the parameter.
+-- The ENCRYPTED parameterised type is redefined here because PKCS#7 encrypted values are
+-- defined as OCTET STRING, instead of BIT STRING as in the Directory Authentication Framework
+ENCRYPTED{ToBeEnciphered} ::=
+ OCTET STRING
+ (CONSTRAINED BY {
+ -- must be the result of applying an encipherment procedure to the contents octets component
+ -- of a definite-length BER-encoding of a value of --ToBeEnciphered})
+
+ContentInfo ::= SEQUENCE {
+ content-type PKCS7-CONTENT-TYPE.&id({PKCS7ContentTable}),
+ pkcs7-content [0] PKCS7-CONTENT-TYPE.&Type({PKCS7ContentTable})
+}
+
+PKCS7-CONTENT-TYPE ::= TYPE-IDENTIFIER
+
+PKCS7ContentTable PKCS7-CONTENT-TYPE ::=
+ {data | signed-data | enveloped-data | signed-and-enveloped-data |
+ digested-data | encrypted-data | authenticated-data, ...}
+
+-- Data
+data PKCS7-CONTENT-TYPE ::= {Data
+ IDENTIFIED BY id-data
+}
+
+Data ::= OCTET STRING
+
+-- Signed Data
+signed-data PKCS7-CONTENT-TYPE ::= {SignedData
+ IDENTIFIED BY id-signed-data
+}
+
+SignedData ::= SEQUENCE {
+ version Version,
+ digestAlgorithms DigestAlgorithmIdentifiers,
+ contentInfo ContentInfo,
+ certificates [0] CertificateSet OPTIONAL,
+ crls [1] CertificateRevocationLists OPTIONAL,
+ signerInfos SignerInfos
+}
+
+Version ::= INTEGER
+
+DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier
+
+DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+
+CertificateSet ::= SET OF CertificateChoice
+
+CertificateChoice ::= CHOICE {
+ certificate Certificate,
+ extendedCertificate [0] ExtendedCertificate, -- Obsolete
+ attributeCertificate [1] AttributeCertificate
+}
+
+CertificateRevocationLists ::= SET OF CertificateList
+
+SignerInfos ::= SET OF SignerInfo
+
+SignerInfo ::= SEQUENCE {
+ version Version,
+ signerIdentifier SignerIdentifier,
+ digestAlgorithm DigestAlgorithmIdentifier,
+ authenticatedAttributes [0] Attributes OPTIONAL,
+ digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
+ encryptedDigest EncryptedDigest,
+ unauthenticatedAttributes [1] Attributes OPTIONAL
+}
+
+SignerIdentifier ::= CHOICE {
+ issuerAndSerialNumber IssuerAndSerialNumber,
+ subjectKeyIdentifier [2] SubjectKeyIdentifier
+}
+
+IssuerAndSerialNumber ::= SEQUENCE {
+ issuer Name,
+ serialNumber CertificateSerialNumber
+}
+
+SubjectKeyIdentifier ::= OCTET STRING
+
+DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+
+EncryptedDigest ::= ENCRYPTED{DigestInfo}
+
+DigestInfo ::= SEQUENCE {
+ digestAlgorithm DigestAlgorithmIdentifier,
+ digest Digest
+}
+
+Digest ::=
+ HASH
+ {CHOICE {content
+ [1] PKCS7-CONTENT-TYPE.&Type({PKCS7ContentTable}),
+ authenticated-attributes [0] EXPLICIT Attributes}}
+
+-- Enveloped Data
+enveloped-data PKCS7-CONTENT-TYPE ::= {
+ EnvelopedData
+ IDENTIFIED BY id-enveloped-data
+}
+
+EnvelopedData ::= SEQUENCE {
+ version Version,
+ originatorInfo [0] OriginatorInfo OPTIONAL,
+ recipientInfos RecipientInfos,
+ encryptedContentInfo EncryptedContentInfo,
+ unprotectedAttributes [1] Attributes OPTIONAL
+}
+
+OriginatorInfo ::= SEQUENCE {
+ certificates [0] CertificateSet OPTIONAL,
+ crls [1] CertificateRevocationLists OPTIONAL
+}
+
+RecipientInfos ::= SET SIZE (1..MAX) OF RecipientInfo
+
+RecipientInfo ::= CHOICE {
+ keyTransportRecipientInfo KeyTransportRecipientInfo,
+ keyAgreementRecipientInfo [1] KeyAgreementRecipientInfo,
+ keyEncryptionKeyRecipientInfo [2] KeyEncryptionKeyRecipientInfo
+}
+
+KeyTransportRecipientInfo ::= SEQUENCE {
+ version Version,
+ recipientIdentifier RecipientIdentifier,
+ keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
+ encryptedKey EncryptedKey
+}
+
+RecipientIdentifier ::= CHOICE {
+ issuerAndSerialNumber IssuerAndSerialNumber,
+ subjectKeyIdentifier [0] SubjectKeyIdentifier
+}
+
+KeyEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+
+EncryptedKey ::= OCTET STRING
+
+KeyAgreementRecipientInfo ::= SEQUENCE {
+ version Version,
+ originator [0] OriginatorIdentifierOrKey,
+ userKeyingMaterial [1] EXPLICIT OCTET STRING OPTIONAL,
+ keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
+ recipientEncryptedKeys RecipientEncryptedKeys
+}
+
+OriginatorIdentifierOrKey ::= CHOICE {
+ issuerAndSerialNumber IssuerAndSerialNumber,
+ subjectKeyIdentifier [0] SubjectKeyIdentifier,
+ originatorPublicKey [1] OriginatorPublicKey
+}
+
+OriginatorPublicKey ::= SEQUENCE {
+ algorithm AlgorithmIdentifier,
+ publicKey BIT STRING
+}
+
+RecipientEncryptedKeys ::= SEQUENCE OF RecipientEncryptedKey
+
+RecipientEncryptedKey ::= SEQUENCE {
+ recipientIdentifier KeyAgreementRecipientIdentifier,
+ encryptedKey EncryptedKey
+}
+
+KeyAgreementRecipientIdentifier ::= CHOICE {
+ issuerAndSerialNumber IssuerAndSerialNumber,
+ recipientKeyIdentifier [0] RecipientKeyIdentifier
+}
+
+RecipientKeyIdentifier ::= SEQUENCE {
+ subjectKeyIdentifier SubjectKeyIdentifier,
+ date GeneralizedTime OPTIONAL,
+ otherKeyAttribute OtherKeyAttribute OPTIONAL
+}
+
+OtherKeyAttribute ::= SEQUENCE {
+ keyAttributeIdentifier OTHER-KEY-ATTRIBUTE.&id({OtherKeyAttributeTable}),
+ keyAttribute
+ OTHER-KEY-ATTRIBUTE.&Type
+ ({OtherKeyAttributeTable}{@keyAttributeIdentifier}) OPTIONAL
+}
+
+OTHER-KEY-ATTRIBUTE ::= TYPE-IDENTIFIER
+
+OtherKeyAttributeTable OTHER-KEY-ATTRIBUTE ::=
+ {...}
+
+KeyEncryptionKeyRecipientInfo ::= SEQUENCE {
+ version Version,
+ keyEncryptionKeyIdentifier KeyEncryptionKeyIdentifier,
+ keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
+ encryptedKey EncryptedKey
+}
+
+KeyEncryptionKeyIdentifier ::= SEQUENCE {
+ keyIdentifier OCTET STRING,
+ date GeneralizedTime OPTIONAL,
+ otherKeyAttribute OtherKeyAttribute OPTIONAL
+}
+
+EncryptedContentInfo ::= SEQUENCE {
+ contentType PKCS7-CONTENT-TYPE.&id({PKCS7ContentTable}),
+ contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
+ encryptedContent
+ [0] ENCRYPTED{PKCS7-CONTENT-TYPE.&Type({PKCS7ContentTable}{@.contentType})}
+ OPTIONAL
+}
+
+ContentEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+
+-- Signed and Enveloped Data
+signed-and-enveloped-data PKCS7-CONTENT-TYPE ::= {
+ SignedAndEnvelopedData
+ IDENTIFIED BY id-signed-and-enveloped-data
+}
+
+SignedAndEnvelopedData ::= SEQUENCE {
+ version Version,
+ recipientInfos SET SIZE (1..MAX) OF KeyTransportRecipientInfo,
+ digestAlgorithms DigestAlgorithmIdentifiers,
+ encryptedContentInfo EncryptedContentInfo,
+ certificates [0] CertificateSet OPTIONAL,
+ crls [1] CertificateRevocationLists OPTIONAL,
+ signerInfos
+ SET SIZE (1..MAX) OF
+ SignerInfo
+ (WITH COMPONENTS {
+ ...,
+ signerIdentifier (WITH COMPONENTS {
+ issuerAndSerialNumber PRESENT
+ }),
+ authenticatedAttributes ABSENT,
+ unauthenticatedAttributes ABSENT
+ })
+}
+
+-- Digested Data
+digested-data PKCS7-CONTENT-TYPE ::= {
+ DigestedData
+ IDENTIFIED BY id-digested-data
+}
+
+DigestedData ::= SEQUENCE {
+ version Version,
+ digestAlgorithm DigestAlgorithmIdentifier,
+ contentInfo ContentInfo,
+ digest HASH{PKCS7-CONTENT-TYPE.&Type({PKCS7ContentTable})}
+}
+
+-- Encrypted Data
+encrypted-data PKCS7-CONTENT-TYPE ::= {
+ EncryptedData
+ IDENTIFIED BY id-encrypted-data
+}
+
+EncryptedData ::= SEQUENCE {
+ version Version,
+ encryptedContentInfo EncryptedContentInfo,
+ unprotectedAttributes [1] Attributes OPTIONAL
+}
+
+-- Authenticated Data
+authenticated-data PKCS7-CONTENT-TYPE ::= {
+ AuthenticatedData
+ IDENTIFIED BY id-authenticated-data
+}
+
+AuthenticatedData ::= SEQUENCE {
+ version Version,
+ originatorInfo [0] OriginatorInfo OPTIONAL,
+ recipientInfos RecipientInfos,
+ macAlgorithm MessageAuthenticationCodeAlgorithmIdentifier,
+ digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL,
+ contentInfo ContentInfo,
+ authenticatedAttributes [2] Attributes OPTIONAL,
+ messageAuthenticationCode MessageAuthenticationCode,
+ unauthenticatedAttributes [3] Attributes OPTIONAL
+}
+
+MessageAuthenticationCodeAlgorithmIdentifier ::= AlgorithmIdentifier
+
+MessageAuthenticationCode ::= OCTET STRING
+
+-- Object Identifiers
+id-pkcs OBJECT IDENTIFIER ::=
+ {iso member-body usa(840) rsadsi(113549) pkcs(1)}
+
+id-data OBJECT IDENTIFIER ::= {id-pkcs 7 1}
+
+id-signed-data OBJECT IDENTIFIER ::= {id-pkcs 7 2}
+
+id-enveloped-data OBJECT IDENTIFIER ::= {id-pkcs 7 3}
+
+id-signed-and-enveloped-data OBJECT IDENTIFIER ::= {id-pkcs 7 4}
+
+id-digested-data OBJECT IDENTIFIER ::= {id-pkcs 7 5}
+
+id-encrypted-data OBJECT IDENTIFIER ::= {id-pkcs 7 6}
+
+id-authenticated-data OBJECT IDENTIFIER ::= {id-pkcs 9 16 1 2}
+
+-- Definitions from PKCS#6
+ExtendedCertificate ::=
+ SIGNED{ExtendedCertificateInfo}
+
+ExtendedCertificateInfo ::= SEQUENCE {
+ version Version,
+ certificate Certificate,
+ attributes Attributes
+}
+
+Attributes ::= SET OF Attribute
+
+END -- of PKCS#7
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/PKCS7BodyPartType.asn1 b/asn1/PKCS7BodyPartType.asn1
new file mode 100644
index 0000000..525ee3c
--- /dev/null
+++ b/asn1/PKCS7BodyPartType.asn1
@@ -0,0 +1,31 @@
+-- Module PKCS7BodyPartType (X.420:06/1999)
+PKCS7BodyPartType {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ pkcs7-body-part-type(16)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+IMPORTS
+ -- PKCS#7
+ ContentInfo
+ FROM PKCS7 {iso(1) member-body(2) usa(840) rsadsi(113549) pkcs(1)
+ 7 module(0)}
+ -- module not formally defined in the PKCS#7document, therefore defined in Annex O
+ -- IPMS Information Objects
+ EXTENDED-BODY-PART-TYPE
+ FROM IPMSInformationObjects {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ information-objects(2) version-1999(1)}
+ -- IPMS Object Identifiers
+ id-et-pkcs7
+ --==
+ FROM IPMSObjectIdentifiers {joint-iso-itu-t mhs(6) ipms(1) modules(0)
+ object-identifiers(0) version-1999(1)};
+
+-- PKCS7 body part
+pkcs7-body-part EXTENDED-BODY-PART-TYPE ::= {
+ DATA {ContentInfo
+ IDENTIFIED BY id-et-pkcs7}
+}
+
+END -- of PKCS7BodyPartType
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/PKIX1Implicit93.asn1 b/asn1/PKIX1Implicit93.asn1
new file mode 100644
index 0000000..8062cda
--- /dev/null
+++ b/asn1/PKIX1Implicit93.asn1
@@ -0,0 +1,415 @@
+-- Module PKIX1Implicit93 (RFC 2459:01/1999)
+PKIX1Implicit93 {iso(1) identified-organization(3) dod(6) internet(1)
+ security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit-93(4)}
+--
+-- Copyright (C) The Internet Society (1999). This version of
+-- this ASN.1 module is part of RFC 2459;
+-- see the RFC itself for full legal notices.
+--
+DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+--EXPORTS All;
+IMPORTS
+ id-pe, id-qt, id-kp, id-ad, id-qt-unotice, ORAddress, Name,
+ RelativeDistinguishedName, CertificateSerialNumber, CertificateList,
+ AlgorithmIdentifier, ub-name, DirectoryString, Attribute, EXTENSION
+ FROM PKIX1Explicit93 {iso(1) identified-organization(3) dod(6) internet(1)
+ security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-93(3)};
+
+-- Key and policy information extensions
+authorityKeyIdentifier EXTENSION ::= {
+ SYNTAX AuthorityKeyIdentifier
+ IDENTIFIED BY id-ce-authorityKeyIdentifier
+}
+
+AuthorityKeyIdentifier ::= SEQUENCE {
+ keyIdentifier [0] KeyIdentifier OPTIONAL,
+ authorityCertIssuer [1] GeneralNames OPTIONAL,
+ authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL
+}
+(WITH COMPONENTS {
+ ...,
+ authorityCertIssuer PRESENT,
+ authorityCertSerialNumber PRESENT
+ } |
+ WITH COMPONENTS {
+ ...,
+ authorityCertIssuer ABSENT,
+ authorityCertSerialNumber ABSENT
+ })
+
+KeyIdentifier ::= OCTET STRING
+
+subjectKeyIdentifier EXTENSION ::= {
+ SYNTAX SubjectKeyIdentifier
+ IDENTIFIED BY id-ce-subjectKeyIdentifier
+}
+
+SubjectKeyIdentifier ::= KeyIdentifier
+
+keyUsage EXTENSION ::= {SYNTAX KeyUsage
+ IDENTIFIED BY id-ce-keyUsage
+}
+
+KeyUsage ::= BIT STRING {
+ digitalSignature(0), nonRepudiation(1), keyEncipherment(2),
+ dataEncipherment(3), keyAgreement(4), keyCertSign(5), cRLSign(6),
+ encipherOnly(7), decipherOnly(8)}
+
+extendedKeyUsage EXTENSION ::= {
+ SYNTAX SEQUENCE SIZE (1..MAX) OF KeyPurposeId
+ IDENTIFIED BY id-ce-extKeyUsage
+}
+
+KeyPurposeId ::= OBJECT IDENTIFIER
+
+-- PKIX-defined extended key purpose OIDs
+id-kp-serverAuth OBJECT IDENTIFIER ::=
+ {id-kp 1}
+
+id-kp-clientAuth OBJECT IDENTIFIER ::= {id-kp 2}
+
+id-kp-codeSigning OBJECT IDENTIFIER ::= {id-kp 3}
+
+id-kp-emailProtection OBJECT IDENTIFIER ::= {id-kp 4}
+
+id-kp-ipsecEndSystem OBJECT IDENTIFIER ::= {id-kp 5}
+
+id-kp-ipsecTunnel OBJECT IDENTIFIER ::= {id-kp 6}
+
+id-kp-ipsecUser OBJECT IDENTIFIER ::= {id-kp 7}
+
+id-kp-timeStamping OBJECT IDENTIFIER ::= {id-kp 8}
+
+privateKeyUsagePeriod EXTENSION ::= {
+ SYNTAX PrivateKeyUsagePeriod
+ IDENTIFIED BY {id-ce-privateKeyUsagePeriod}
+}
+
+PrivateKeyUsagePeriod ::= SEQUENCE {
+ notBefore [0] GeneralizedTime OPTIONAL,
+ notAfter [1] GeneralizedTime OPTIONAL
+}
+(WITH COMPONENTS {
+ ...,
+ notBefore PRESENT
+ } | WITH COMPONENTS {
+ ...,
+ notAfter PRESENT
+ })
+
+certificatePolicies EXTENSION ::= {
+ SYNTAX CertificatePoliciesSyntax
+ IDENTIFIED BY id-ce-certificatePolicies
+}
+
+CertificatePoliciesSyntax ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
+
+PolicyInformation ::= SEQUENCE {
+ policyIdentifier CertPolicyId,
+ policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL
+}
+
+CertPolicyId ::= OBJECT IDENTIFIER
+
+PolicyQualifierInfo ::= SEQUENCE {
+ policyQualifierId CERT-POLICY-QUALIFIER.&id({SupportedPolicyQualifiers}),
+ qualifier
+ CERT-POLICY-QUALIFIER.&Qualifier
+ ({SupportedPolicyQualifiers}{@policyQualifierId}) OPTIONAL
+}
+
+SupportedPolicyQualifiers CERT-POLICY-QUALIFIER ::=
+ {noticeToUser | pointerToCPS}
+
+CERT-POLICY-QUALIFIER ::= CLASS {
+ &id OBJECT IDENTIFIER UNIQUE,
+ &Qualifier OPTIONAL
+}WITH SYNTAX {POLICY-QUALIFIER-ID &id
+ [QUALIFIER-TYPE &Qualifier]
+}
+
+policyMappings EXTENSION ::= {
+ SYNTAX PolicyMappingsSyntax
+ IDENTIFIED BY id-ce-policyMappings
+}
+
+PolicyMappingsSyntax ::=
+ SEQUENCE SIZE (1..MAX) OF
+ SEQUENCE {issuerDomainPolicy CertPolicyId,
+ subjectDomainPolicy CertPolicyId}
+
+-- Certificate subject and certificate issuer attributes extensions
+subjectAltName EXTENSION ::= {
+ SYNTAX GeneralNames
+ IDENTIFIED BY id-ce-subjectAltName
+}
+
+GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
+
+GeneralName ::= CHOICE {
+ otherName [0] INSTANCE OF OTHER-NAME,
+ rfc822Name [1] IA5String,
+ dNSName [2] IA5String,
+ x400Address [3] ORAddress,
+ directoryName [4] Name,
+ ediPartyName [5] EDIPartyName,
+ uniformResourceIdentifier [6] IA5String,
+ iPAddress [7] OCTET STRING,
+ registeredID [8] OBJECT IDENTIFIER
+}
+
+OTHER-NAME ::= TYPE-IDENTIFIER
+
+EDIPartyName ::= SEQUENCE {
+ nameAssigner [0] DirectoryString{ub-name} OPTIONAL,
+ partyName [1] DirectoryString{ub-name}
+}
+
+issuerAltName EXTENSION ::= {
+ SYNTAX GeneralNames
+ IDENTIFIED BY id-ce-issuerAltName
+}
+
+subjectDirectoryAttributes EXTENSION ::= {
+ SYNTAX AttributesSyntax
+ IDENTIFIED BY id-ce-subjectDirectoryAttributes
+}
+
+AttributesSyntax ::= SEQUENCE SIZE (1..MAX) OF Attribute
+
+-- Certification path constraints extensions
+basicConstraints EXTENSION ::= {
+ SYNTAX BasicConstraintsSyntax
+ IDENTIFIED BY id-ce-basicConstraints
+}
+
+BasicConstraintsSyntax ::= SEQUENCE {
+ cA BOOLEAN DEFAULT FALSE,
+ pathLenConstraint INTEGER(0..MAX) OPTIONAL
+}
+
+nameConstraints EXTENSION ::= {
+ SYNTAX NameConstraintsSyntax
+ IDENTIFIED BY id-ce-nameConstraints
+}
+
+NameConstraintsSyntax ::= SEQUENCE {
+ permittedSubtrees [0] GeneralSubtrees OPTIONAL,
+ excludedSubtrees [1] GeneralSubtrees OPTIONAL
+}
+
+GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
+
+GeneralSubtree ::= SEQUENCE {
+ base GeneralName,
+ minimum [0] BaseDistance DEFAULT 0,
+ maximum [1] BaseDistance OPTIONAL
+}
+
+BaseDistance ::= INTEGER(0..MAX)
+
+policyConstraints EXTENSION ::= {
+ SYNTAX PolicyConstraintsSyntax
+ IDENTIFIED BY id-ce-policyConstraints
+}
+
+PolicyConstraintsSyntax ::= SEQUENCE {
+ requireExplicitPolicy [0] SkipCerts OPTIONAL,
+ inhibitPolicyMapping [1] SkipCerts OPTIONAL
+}
+
+SkipCerts ::= INTEGER(0..MAX)
+
+-- Basic CRL extensions
+cRLNumber EXTENSION ::= {
+ SYNTAX CRLNumber
+ IDENTIFIED BY id-ce-cRLNumber
+}
+
+CRLNumber ::= INTEGER(0..MAX)
+
+reasonCode EXTENSION ::= {
+ SYNTAX CRLReason
+ IDENTIFIED BY id-ce-reasonCode
+}
+
+CRLReason ::= ENUMERATED {
+ unspecified(0), keyCompromise(1), cACompromise(2), affiliationChanged(3),
+ superseded(4), cessationOfOperation(5), certificateHold(6), removeFromCRL(8)
+}
+
+instructionCode EXTENSION ::= {
+ SYNTAX HoldInstruction
+ IDENTIFIED BY id-ce-instructionCode
+}
+
+HoldInstruction ::= OBJECT IDENTIFIER
+
+-- holdinstructions described in this specification, from ANSI x9
+-- ANSI x9 arc holdinstruction arc
+holdInstruction OBJECT IDENTIFIER ::=
+ {joint-iso-ccitt(2) member-body(2) us(840) x9cm(10040) 2}
+
+-- ANSI X9 holdinstructions referenced by this standard
+id-holdinstruction-none OBJECT IDENTIFIER ::=
+ {holdInstruction 1}
+
+id-holdinstruction-callissuer OBJECT IDENTIFIER ::= {holdInstruction 2}
+
+id-holdinstruction-reject OBJECT IDENTIFIER ::= {holdInstruction 3}
+
+invalidityDate EXTENSION ::= {
+ SYNTAX GeneralizedTime
+ IDENTIFIED BY id-ce-invalidityDate
+}
+
+-- CRL distribution points and delta-CRL extensions
+cRLDistributionPoints EXTENSION ::= {
+ SYNTAX CRLDistPointsSyntax
+ IDENTIFIED BY id-ce-cRLDistributionPoints
+}
+
+CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
+
+DistributionPoint ::= SEQUENCE {
+ distributionPoint [0] DistributionPointName OPTIONAL,
+ reasons [1] ReasonFlags OPTIONAL,
+ cRLIssuer [2] GeneralNames OPTIONAL
+}
+
+DistributionPointName ::= CHOICE {
+ fullName [0] GeneralNames,
+ nameRelativeToCRLIssuer [1] RelativeDistinguishedName
+}
+
+ReasonFlags ::= BIT STRING {
+ unused(0), keyCompromise(1), caCompromise(2), affiliationChanged(3),
+ superseded(4), cessationOfOperation(5), certificateHold(6)}
+
+issuingDistributionPoint EXTENSION ::= {
+ SYNTAX IssuingDistPointSyntax
+ IDENTIFIED BY id-ce-issuingDistributionPoint
+}
+
+IssuingDistPointSyntax ::= SEQUENCE {
+ distributionPoint [0] DistributionPointName OPTIONAL,
+ onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
+ onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
+ onlySomeReasons [3] ReasonFlags OPTIONAL,
+ indirectCRL [4] BOOLEAN DEFAULT FALSE
+}
+
+certificateIssuer EXTENSION ::= {
+ SYNTAX GeneralNames
+ IDENTIFIED BY id-ce-certificateIssuer
+}
+
+deltaCRLIndicator EXTENSION ::= {
+ SYNTAX BaseCRLNumber
+ IDENTIFIED BY id-ce-deltaCRLIndicator
+}
+
+BaseCRLNumber ::= CRLNumber
+
+-- Object identifier assignments for ISO certificate extensions
+id-ce OBJECT IDENTIFIER ::=
+ {joint-iso-ccitt(2) ds(5) 29}
+
+id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= {id-ce 9}
+
+id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 14}
+
+id-ce-keyUsage OBJECT IDENTIFIER ::= {id-ce 15}
+
+id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= {id-ce 16}
+
+id-ce-subjectAltName OBJECT IDENTIFIER ::= {id-ce 17}
+
+id-ce-issuerAltName OBJECT IDENTIFIER ::= {id-ce 18}
+
+id-ce-basicConstraints OBJECT IDENTIFIER ::= {id-ce 19}
+
+id-ce-cRLNumber OBJECT IDENTIFIER ::= {id-ce 20}
+
+id-ce-reasonCode OBJECT IDENTIFIER ::= {id-ce 21}
+
+id-ce-instructionCode OBJECT IDENTIFIER ::= {id-ce 23}
+
+id-ce-invalidityDate OBJECT IDENTIFIER ::= {id-ce 24}
+
+id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= {id-ce 27}
+
+id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= {id-ce 28}
+
+id-ce-certificateIssuer OBJECT IDENTIFIER ::= {id-ce 29}
+
+id-ce-nameConstraints OBJECT IDENTIFIER ::= {id-ce 30}
+
+id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31}
+
+id-ce-certificatePolicies OBJECT IDENTIFIER ::= {id-ce 32}
+
+id-ce-policyMappings OBJECT IDENTIFIER ::= {id-ce 33}
+
+id-ce-policyConstraints OBJECT IDENTIFIER ::= {id-ce 36}
+
+id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 35}
+
+id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37}
+
+-- PKIX 1 extensions
+authorityInfoAccess EXTENSION ::= {
+ SYNTAX AuthorityInfoAccessSyntax
+ IDENTIFIED BY id-pe-authorityInfoAccess
+}
+
+AuthorityInfoAccessSyntax ::= SEQUENCE SIZE (1..MAX) OF AccessDescription
+
+AccessDescription ::= SEQUENCE {
+ accessMethod OBJECT IDENTIFIER,
+ accessLocation GeneralName
+}
+
+id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= {id-pe 1}
+
+id-ad-ocsp OBJECT IDENTIFIER ::= {id-ad 1}
+
+id-ad-caIssuers OBJECT IDENTIFIER ::= {id-ad 2}
+
+-- PKIX policy qualifier definitions
+noticeToUser CERT-POLICY-QUALIFIER ::= {
+ POLICY-QUALIFIER-ID id-qt-cps
+ QUALIFIER-TYPE CPSuri
+}
+
+pointerToCPS CERT-POLICY-QUALIFIER ::= {
+ POLICY-QUALIFIER-ID id-qt-unotice
+ QUALIFIER-TYPE UserNotice
+}
+
+id-qt-cps OBJECT IDENTIFIER ::= {id-qt 1}
+
+CPSuri ::= IA5String
+
+UserNotice ::= SEQUENCE {
+ noticeRef NoticeReference OPTIONAL,
+ explicitText DisplayText OPTIONAL
+}
+
+NoticeReference ::= SEQUENCE {
+ organization DisplayText,
+ noticeNumbers SEQUENCE OF INTEGER
+}
+
+DisplayText ::= CHOICE {
+ visibleString VisibleString(SIZE (1..200)),
+ bmpString BMPString(SIZE (1..200)),
+ utf8String UTF8String(SIZE (1..200))
+}
+
+END -- PKIX1Implicit93 (RFC 2459:1999)
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/ProtocolObjectIdentifiers.asn1 b/asn1/ProtocolObjectIdentifiers.asn1
new file mode 100644
index 0000000..9b5cc13
--- /dev/null
+++ b/asn1/ProtocolObjectIdentifiers.asn1
@@ -0,0 +1,130 @@
+-- Module ProtocolObjectIdentifiers (X.519:02/2001)
+ProtocolObjectIdentifiers {joint-iso-itu-t ds(5) module(1)
+ protocolObjectIdentifiers(4) 4} DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ id-ac, id-as, id-contract, id-package, id-rosObject
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4};
+
+-- ROS Objects
+id-rosObject-dua OBJECT IDENTIFIER ::= {id-rosObject 1}
+
+id-rosObject-directory OBJECT IDENTIFIER ::= {id-rosObject 2}
+
+id-rosObject-dapDSA OBJECT IDENTIFIER ::= {id-rosObject 3}
+
+id-rosObject-dspDSA OBJECT IDENTIFIER ::= {id-rosObject 4}
+
+id-rosObject-dopDSA OBJECT IDENTIFIER ::= {id-rosObject 7}
+
+id-rosObject-initiatingConsumerDSA OBJECT IDENTIFIER ::= {id-rosObject 8}
+
+id-rosObject-respondingSupplierDSA OBJECT IDENTIFIER ::= {id-rosObject 9}
+
+id-rosObject-initiatingSupplierDSA OBJECT IDENTIFIER ::= {id-rosObject 10}
+
+id-rosObject-respondingConsumerDSA OBJECT IDENTIFIER ::= {id-rosObject 11}
+
+-- contracts
+id-contract-dap OBJECT IDENTIFIER ::= {id-contract 1}
+
+id-contract-dsp OBJECT IDENTIFIER ::= {id-contract 2}
+
+id-contract-shadowConsumer OBJECT IDENTIFIER ::= {id-contract 3}
+
+id-contract-shadowSupplier OBJECT IDENTIFIER ::= {id-contract 4}
+
+id-contract-dop OBJECT IDENTIFIER ::= {id-contract 5}
+
+-- packages
+id-package-read OBJECT IDENTIFIER ::= {id-package 1}
+
+id-package-search OBJECT IDENTIFIER ::= {id-package 2}
+
+id-package-modify OBJECT IDENTIFIER ::= {id-package 3}
+
+id-package-chainedRead OBJECT IDENTIFIER ::= {id-package 4}
+
+id-package-chainedSearch OBJECT IDENTIFIER ::= {id-package 5}
+
+id-package-chainedModify OBJECT IDENTIFIER ::= {id-package 6}
+
+id-package-shadowConsumer OBJECT IDENTIFIER ::= {id-package 7}
+
+id-package-shadowSupplier OBJECT IDENTIFIER ::= {id-package 8}
+
+id-package-operationalBindingManagement OBJECT IDENTIFIER ::= {id-package 9}
+
+id-package-dapConnection OBJECT IDENTIFIER ::= {id-package 10}
+
+id-package-dspConnection OBJECT IDENTIFIER ::= {id-package 11}
+
+id-package-dispConnection OBJECT IDENTIFIER ::= {id-package 12}
+
+id-package-dopConnection OBJECT IDENTIFIER ::= {id-package 13}
+
+-- application contexts
+id-ac-directoryAccessAC OBJECT IDENTIFIER ::=
+ {id-ac 1}
+
+id-ac-directorySystemAC OBJECT IDENTIFIER ::= {id-ac 2}
+
+id-ac-directoryOperationalBindingManagementAC OBJECT IDENTIFIER ::= {id-ac 3}
+
+id-ac-shadowConsumerInitiatedAC OBJECT IDENTIFIER ::= {id-ac 4}
+
+id-ac-shadowSupplierInitiatedAC OBJECT IDENTIFIER ::= {id-ac 5}
+
+id-ac-reliableShadowSupplierInitiatedAC OBJECT IDENTIFIER ::= {id-ac 6}
+
+id-ac-reliableShadowConsumerInitiatedAC OBJECT IDENTIFIER ::= {id-ac 7}
+
+id-ac-shadowSupplierInitiatedAsynchronousAC OBJECT IDENTIFIER ::= {id-ac 8}
+
+id-ac-shadowConsumerInitiatedAsynchronousAC OBJECT IDENTIFIER ::= {id-ac 9}
+
+-- id-ac-directoryAccessWith2or3seAC OBJECT IDENTIFIER ::= {id-ac 10}
+-- id-ac-directorySystemWith2or3seAC OBJECT IDENTIFIER ::= {id-ac 11}
+-- id-ac-shadowSupplierInitiatedWith2or3seAC OBJECT IDENTIFIER ::= {id-ac 12}
+-- id-ac-shadowConsumerInitiatedWith2or3seAC OBJECT IDENTIFIER ::= {id-ac 13}
+-- id-ac-reliableShadowSupplierInitiatedWith2or3seAC OBJECT IDENTIFIER ::= {id-ac 14}
+-- id-ac-reliableShadowConsumerInitiatedWith2or3seAC OBJECT IDENTIFIER ::= {id-ac 15}
+-- id-ac-directoryOperationalBindingManagementWith2or3seAC OBJECT IDENTIFIER ::= {id-ac 16}
+-- ASEs (obsolete)
+-- id-ase-readASE OBJECT IDENTIFIER ::= {id-ase 1}
+-- id-ase-searchASE OBJECT IDENTIFIER ::= {id-ase 2}
+-- id-ase-modifyASE OBJECT IDENTIFIER ::= {id-ase 3}
+-- id-ase-chainedReadASE OBJECT IDENTIFIER ::= {id-ase 4}
+-- id-ase-chainedSearchASE OBJECT IDENTIFIER ::= {id-ase 5}
+-- id-ase-chainedModifyASE OBJECT IDENTIFIER ::= {id-ase 6}
+-- id-ase-operationalBindingManagementASE OBJECT IDENTIFIER ::= {id-ase 7}
+-- id-ase-shadowConsumerASE OBJECT IDENTIFIER ::= {id-ase 8}
+-- id-ase-shadowSupplierASE OBJECT IDENTIFIER ::= {id-ase 9}
+-- abstract syntaxes
+id-as-directoryAccessAS OBJECT IDENTIFIER ::=
+ {id-as 1}
+
+id-as-directorySystemAS OBJECT IDENTIFIER ::= {id-as 2}
+
+id-as-directoryShadowAS OBJECT IDENTIFIER ::= {id-as 3}
+
+id-as-directoryOperationalBindingManagementAS OBJECT IDENTIFIER ::= {id-as 4}
+
+id-as-directoryReliableShadowAS OBJECT IDENTIFIER ::= {id-as 5}
+
+id-as-reliableShadowBindingAS OBJECT IDENTIFIER ::= {id-as 6}
+
+id-as-2or3se OBJECT IDENTIFIER ::= {id-as 7}
+
+END -- ProtocolObjectIdentifiers
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/Reliable-Transfer-APDU.asn1 b/asn1/Reliable-Transfer-APDU.asn1
new file mode 100644
index 0000000..20669de
--- /dev/null
+++ b/asn1/Reliable-Transfer-APDU.asn1
@@ -0,0 +1,132 @@
+-- Module Reliable-Transfer-APDU (X.228:11/1988)
+
+Reliable-Transfer-APDU {joint-iso-itu-t reliable-transfer(3) apdus(0)}
+DEFINITIONS ::=
+BEGIN
+
+EXPORTS
+ RTSE-apdus, rTSE, rTSE-abstract-syntax, RTORQapdu, RTOACapdu, RTORJapdu, RTABapdu; -- for use by Presentation Layer only
+
+IMPORTS
+ CONTRACT
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)};
+
+OPEN ::= CLASS {&Type
+}WITH SYNTAX {TYPE &Type
+}
+
+rTSE-abstract-syntax OBJECT IDENTIFIER ::=
+ {joint-iso-itu-t reliable-transfer(3) abstract-syntax(2)}
+
+rTSE CONTRACT ::= {ID {joint-iso-itu-t reliable-transfer(3) aseID(1)}
+}
+
+RTSE-apdus ::= CHOICE {
+ rtorq-apdu [16] IMPLICIT RTORQapdu,
+ rtoac-apdu [17] IMPLICIT RTOACapdu,
+ rtorj-apdu [18] IMPLICIT RTORJapdu,
+ rttp-apdu RTTPapdu,
+ rttr-apdu RTTRapdu,
+ rtab-apdu [22] IMPLICIT RTABapdu
+}
+
+-- Tags [19], [20], [21] are used by the values of the UNBIND macro of the RO-notation of
+-- Recommendation X.219. Tags [0] to [15] inclusive are reserved for the
+-- use by the APDUs of ROSE (Recommendation X229). Any occurrence of
+-- ANY in this module shall be replaced by a single ASN. 1 type (if any) in an RTSE-user
+-- protocol specification. In addition any RTSE-user protocol sharing a single named
+-- abstract syntax with the RTSE protocol shall use distinct tags for the single
+-- presentation data values in the user data parameters of the RT-CLOSE (if any) and
+-- RT- TRANSFER services. These tags shall be distinct from the tag values [16], [17],
+-- [18] and [22] and from the ASN. 1 types INTEGER and OCTET STRING.
+-- Note - The above conditions are ensured, if the RTSE-user protocol specification uses the
+-- RO-notation of Recommendation X229.
+-- In X.410-1984 mode only the components of RTORQapdu, RTOACapdu, RTORJapdu
+-- and RTABapdu are used by the presentation layer. This has the effect that the following
+-- APDU types appear in the protocol in X.410-1984 mode instead of the alternative types
+-- of the RTSE-apdus type:
+-- RTORQapdu
+-- RTOACapdu
+-- RTORJapdu
+-- RTTPapdu
+-- RTTRapdu
+-- RTABapdu
+RTORQapdu ::= SET {
+ checkpointSize [0] IMPLICIT INTEGER DEFAULT 0,
+ windowSize [1] IMPLICIT INTEGER DEFAULT 3,
+ dialogueMode
+ [2] IMPLICIT INTEGER {monologue(0), twa(1)} DEFAULT monologue,
+ connectionDataRQ [3] ConnectionData,
+ applicationProtocol
+ [4] IMPLICIT INTEGER OPTIONAL --solely in X.410-1984 mode--
+}
+
+RTOACapdu ::= SET {
+ checkpointSize [0] IMPLICIT INTEGER DEFAULT 0,
+ windowSize [1] IMPLICIT INTEGER DEFAULT 3,
+ connectionDataAC [2] ConnectionData
+}
+
+RTORJapdu ::= SET {
+ refuseReason [0] IMPLICIT RefuseReason OPTIONAL, -- only in X.410-1984 mode
+ userDataRJ
+ [1] OPEN.&Type OPTIONAL -- RTSE user data, only in normal mode--
+}
+
+RTTPapdu ::= -- priority-- INTEGER
+
+RTTRapdu ::= OCTET STRING
+
+RTABapdu ::= SET {
+ abortReason [0] IMPLICIT AbortReason OPTIONAL,
+ reflectedParameter [1] IMPLICIT BIT STRING OPTIONAL,
+ -- 8 bits maximum, only if abortReason is invalidParameter
+ userdataAB
+ [2] OPEN.&Type OPTIONAL -- only in normal mode and if abortReason--
+ -- is userError
+}
+
+ConnectionData ::= CHOICE {
+ open [0] OPEN.&Type, -- RTSE user data
+
+ -- this alternative is encoded as [0] IMPLICIT NULL
+ -- in the case of absence of RTSE user data,
+ recover [1] IMPLICIT SessionConnectionIdentifier
+}
+
+SessionConnectionIdentifier ::= SEQUENCE {
+ callingSSuserReference CallingSSuserReference,
+ commonReference CommonReference,
+ additionalReferenceInformation
+ [0] IMPLICIT AdditionalReferenceInformation OPTIONAL
+}
+
+RefuseReason ::= INTEGER {
+ rtsBusy(0), cannotRecover(1), validationFailure(2),
+ unacceptableDialogueMode(3)}
+
+CallingSSuserReference ::= CHOICE {
+ t61String T61String -- solely in X.410-1984 --,
+ octetString OCTET STRING -- solely in normal mode --
+}
+
+CommonReference ::= UTCTime
+
+AdditionalReferenceInformation ::= T61String
+
+AbortReason ::= INTEGER {
+ localSystemProblem(0),
+ invalidParameter(1), -- reflectedParameter supplied
+ unrecognizedActivity(2),
+ temporaryProblem(3),
+ -- the RTSE cannot accept a session for a period of time
+ protocolError(4), -- RTSE level protocol error
+ permanentProblem(5), --provider-abort solely in normal mode
+ userError(6), -- user-abort solely in normal mode
+ transferCompleted(7) -- activity can't be discarded--}
+
+END
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/Remote-Operations-Abstract-Syntaxes.asn1 b/asn1/Remote-Operations-Abstract-Syntaxes.asn1
new file mode 100644
index 0000000..8ad20d8
--- /dev/null
+++ b/asn1/Remote-Operations-Abstract-Syntaxes.asn1
@@ -0,0 +1,103 @@
+-- Module Remote-Operations-Abstract-Syntaxes (X.882:07/1994)
+Remote-Operations-Abstract-Syntaxes {joint-iso-itu-t remote-operations(4)
+ remote-operations-abstract-syntaxes(12) version1(0)} DEFINITIONS ::=
+BEGIN
+
+-- exports everything
+IMPORTS
+ OPERATION-PACKAGE
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ InvokeId, noInvokeId, ROS{}, Bind{}, Unbind{}
+ FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t
+ remote-operations(4) generic-ROS-PDUs(6) version1(0)}
+ ACSE-apdu
+ FROM ACSE-1 {joint-iso-itu-t association-control(2) modules(0) apdus(0)
+ version1(1)}
+ RTORQapdu, RTOACapdu, RTORJapdu
+ FROM Reliable-Transfer-APDU {joint-iso-itu-t reliable-transfer(3) apdus(0)}
+ combine{}, AllOperations{}, ConsumerPerforms{}, SupplierPerforms{}
+ FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t
+ remote-operations(4) useful-definitions(7) version1(0)}
+ APPLICATION-CONTEXT
+ FROM Remote-Operations-Information-Objects-extensions {joint-iso-itu-t
+ remote-operations(4) informationObjects-extensions(8) version1(0)};
+
+RTSE-apdus ::= CHOICE {
+ rtorq-apdu [16] IMPLICIT RTORQapdu,
+ rtoac-apdu [17] IMPLICIT RTOACapdu,
+ rtorj-apdu [18] IMPLICIT RTORJapdu,
+ rttp-apdu RTTPapdu,
+ rttr-apdu RTTRapdu,
+ rtab-apdu [22] IMPLICIT RTABapdu
+}
+
+RTTPapdu ::= -- priority-- INTEGER
+
+RTTRapdu ::= OCTET STRING
+
+RTABapdu ::= SET {
+ abortReason [0] IMPLICIT AbortReason OPTIONAL,
+ reflectedParameter [1] IMPLICIT BIT STRING OPTIONAL,
+ -- 8 bits maximum, only if abortReason is invalidParameter
+ userdataAB
+ [2] TYPE-IDENTIFIER.&Type
+ OPTIONAL -- only in normal mode and if abortReason--
+ -- is userError
+}
+
+AbortReason ::= INTEGER {
+ localSystemProblem(0),
+ invalidParameter(1), -- reflectedParameter supplied
+ unrecognizedActivity(2),
+ temporaryProblem(3),
+ -- the RTSE cannot accept a session for a period of time
+ protocolError(4), -- RTSE level protocol error
+ permanentProblem(5), --provider-abort solely in normal mode
+ userError(6), -- user-abort solely in normal mode
+ transferCompleted(7) -- activity can't be discarded--}
+
+acse-abstract-syntax ABSTRACT-SYNTAX ::= {
+ ACSE-apdu
+ IDENTIFIED BY
+ {joint-iso-itu-t association-control(2) abstract-syntax(1) apdus(0)
+ version1(1)}
+}
+
+rtse-abstract-syntax ABSTRACT-SYNTAX ::= {
+ RTSE-apdus
+ IDENTIFIED BY {joint-iso-itu-t reliable-transfer(3) apdus(0)}
+}
+
+AllValues{APPLICATION-CONTEXT:ac} ::= CHOICE {
+ bind Bind{ac.&associationContract.&connection.&bind},
+ unbind Unbind{ac.&associationContract.&connection.&unbind},
+ ros-singleAS
+ ROS-SingleAS{{ROSEInvokeIds},
+ combine{{ac.&associationContract.&OperationsOf |
+ ac.&associationContract.&InitiatorConsumerOf |
+ ac.&associationContract.&ResponderConsumerOf}, {
+ ...},
+ {ID
+ {1 2--OID to be provided -- }-- Information Object of class OPERATION-PACKAGE to be defined -- }}}
+}
+
+ROS-SingleAS{InvokeId:ROSEInvokeIds, OPERATION-PACKAGE:package} ::=
+ ROS{{ROSEInvokeIds}, {AllOperations {package}}, {AllOperations {package}}}
+
+ROS-ConsumerAS{InvokeId:ROSEInvokeIds, OPERATION-PACKAGE:package} ::=
+ ROS
+ {{ROSEInvokeIds}, {ConsumerPerforms {package}},
+ {SupplierPerforms {package}}}
+
+ROS-SupplierAS{InvokeId:ROSEInvokeIds, OPERATION-PACKAGE:package} ::=
+ ROS
+ {{ROSEInvokeIds}, {SupplierPerforms {package}},
+ {ConsumerPerforms {package}}}
+
+ROSEInvokeIds InvokeId ::= {ALL EXCEPT noInvokeId}
+
+END -- end of the remote-operations-abstract-syntaxes module
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/Remote-Operations-Generic-ROS-PDUs.asn1 b/asn1/Remote-Operations-Generic-ROS-PDUs.asn1
index f854b0a..8f12af1 100644
--- a/asn1/Remote-Operations-Generic-ROS-PDUs.asn1
+++ b/asn1/Remote-Operations-Generic-ROS-PDUs.asn1
@@ -1,134 +1,162 @@
-Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t remote-operations(4) generic-ROS-PDUs(6) version1(0)}
-DEFINITIONS IMPLICIT TAGS ::=
-BEGIN
--- exports everything
-IMPORTS OPERATION, ERROR FROM Remote-Operations-Information-Objects{joint-iso-itu-t remote-operations(4) informationObjects(5) version1(0)};
-ROS ::= CHOICE
-{
- invoke [1] Invoke,
- returnResult [2] ReturnResult,
- returnError [3] ReturnError,
- reject [4] Reject
-}
-Invoke ::= SEQUENCE
-{
- invokeId InvokeId,
- linkedId CHOICE {
- present [0] IMPLICIT present < InvokeId,
- absent [1] IMPLICIT NULL
- } OPTIONAL,
- opcode OPERATION.&operationCode,
- argument OPERATION.&ArgumentType OPTIONAL
-}
-(
- WITH COMPONENTS
- {...,
- linkedId ABSENT
- }
-| WITH COMPONENTS
- {...,
- linkedId PRESENT,
- opcode
- }
-)
-
-ReturnResult ::= SEQUENCE
-{
- invokeId InvokeId,
- result SEQUENCE
- {
- opcode OPERATION.&operationCode,
- result OPERATION.&ResultType
- } OPTIONAL
-}
-ReturnError ::= SEQUENCE
-{
- invokeId InvokeId,
- errcode ERROR.&errorCode,
- parameter ERROR.&ParameterType OPTIONAL
-}
-Reject ::= SEQUENCE
-{
- invokeId InvokeId,
- problem CHOICE
- {
- general [0] GeneralProblem,
- invoke [1] InvokeProblem,
- returnResult [2] ReturnResultProblem,
- returnError [3] ReturnErrorProblem
- }
-}
-GeneralProblem ::= INTEGER
-{
- unrecognisedPDU (0),
- mistypedPDU (1),
- badlyStructuredPDU (2)
-}
-InvokeProblem ::= INTEGER
-{
- duplicateInvocation (0),
- unrecognisedOperation (1),
- mistypedArgument (2),
- resourceLimitation (3),
- releaseInProgress (4),
- unrecognisedLinkedId (5),
- linkedResponseUnexpected (6),
- unexpectedLinkedOperation (7)
-}
-ReturnResultProblem ::= INTEGER
-{
- unrecognisedInvocation (0),
- resultResponseUnexpected (1),
- mistypedResult (2)
-}
-ReturnErrorProblem ::= INTEGER
-{
- unrecognisedInvocation (0),
- errorResponseUnexpected (1),
- unrecognisedError (2),
- unexpectedError (3),
- mistypedParameter (4)
-}
-RejectProblem ::= INTEGER
-{
- general-unrecognisedPDU (0),
- general-mistypedPDU (1),
- general-badlyStructuredPDU (2),
- invoke-duplicateInvocation (10),
- invoke-unrecognisedOperation (11),
- invoke-mistypedArgument (12),
- invoke-resourceLimitation (13),
- invoke-releaseInProgress (14),
- invoke-unrecognisedLinkedId (15),
- invoke-linkedResponseUnexpected (16),
- invoke-unexpectedLinkedOperation (17),
- returnResult-unrecognisedInvocation (20),
- returnResult-resultResponseUnexpected (21),
- returnResult-mistypedResult (22),
- returnError-unrecognisedInvocation (30),
- returnError-errorResponseUnexpected (31),
- returnError-unrecognisedError (32),
- returnError-unexpectedError (33),
- returnError-mistypedParameter (34)
-}
-InvokeId ::= CHOICE
-{
- present INTEGER,
- absent NULL
-}
-noInvokeId InvokeId ::= absent:NULL
-NoInvokeId InvokeId ::= {noInvokeId}
-Errors {OPERATION:Operations} ERROR ::= {Operations.&Errors}
-Bind {OPERATION:operation} ::= CHOICE
-{
- bind-invoke [16] OPERATION.&ArgumentType({operation}),
- bind-result [17] OPERATION.&ResultType ({operation}),
- bind-error [18] OPERATION.&Errors.&ParameterType ({operation})
-}
-Unbind {OPERATION:operation} ::= CHOICE
-{
- unbind-invoke [19] OPERATION.&ArgumentType({operation}),
- unbind-result [20] OPERATION.&ResultType ({operation}),
- unbind-error [21] OPERATION.&Errors.&ParameterType ({operation})
-}
-END -- end of generic ROS PDU definitions
+-- Module Remote-Operations-Generic-ROS-PDUs (X.880:07/1994)
+Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t remote-operations(4)
+ generic-ROS-PDUs(6) version1(0)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- exports everything
+IMPORTS
+ OPERATION, ERROR
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version2(1)};
+
+ROS{InvokeId:InvokeIdSet, OPERATION:Invokable, OPERATION:Returnable} ::=
+ CHOICE {
+ invoke [1] Invoke{{InvokeIdSet}, {Invokable}},
+ returnResult [2] ReturnResult{{Returnable}},
+ returnError [3] ReturnError{{Errors {{Returnable}}}},
+ reject [4] Reject
+}
+(CONSTRAINED BY { -- must conform to the above definition --} !
+ RejectProblem:general-unrecognizedPDU)
+
+Invoke{InvokeId:InvokeIdSet, OPERATION:Operations} ::= SEQUENCE {
+ invokeId
+ InvokeId(InvokeIdSet)
+ (CONSTRAINED BY {-- must be unambiguous -- } !
+ RejectProblem:invoke-duplicateInvocation),
+ linkedId
+ CHOICE {present [0] IMPLICIT present < InvokeId,
+ absent [1] IMPLICIT NULL
+ }
+ (CONSTRAINED BY { -- must identify an outstanding operation --} !
+ RejectProblem:invoke-unrecognizedLinkedId)
+ (CONSTRAINED BY { -- which has one or more linked operations--} !
+ RejectProblem:invoke-linkedResponseUnexpected) OPTIONAL,
+ opcode
+ OPERATION.&operationCode
+ ({Operations} !RejectProblem:invoke-unrecognizedOperation),
+ argument
+ OPERATION.&ArgumentType
+ ({Operations}{@opcode} !RejectProblem:invoke-mistypedArgument) OPTIONAL
+}
+(CONSTRAINED BY { -- must conform to the above definition --} !
+ RejectProblem:general-mistypedPDU)
+(WITH COMPONENTS {
+ ...,
+ linkedId ABSENT
+ } |
+ WITH COMPONENTS {
+ ...,
+ linkedId PRESENT,
+ opcode (CONSTRAINED BY { -- must be in the &Linked field of the associated operation --
+ } !RejectProblem:invoke-unexpectedLinkedOperation)
+ })
+
+-- continued on the next page
+ReturnResult{OPERATION:Operations} ::= SEQUENCE {
+ invokeId
+ InvokeId
+ (CONSTRAINED BY {-- must be that for an outstanding operation -- } !
+ RejectProblem:returnResult-unrecognizedInvocation)
+ (CONSTRAINED BY {-- which returns a result -- } !
+ RejectProblem:returnResult-resultResponseUnexpected),
+ result
+ SEQUENCE {opcode
+ OPERATION.&operationCode({Operations})
+ (CONSTRAINED BY {-- identified by invokeId -- } !
+ RejectProblem:returnResult-unrecognizedInvocation),
+ result
+ OPERATION.&ResultType
+ ({Operations}{@.opcode} !
+ RejectProblem:returnResult-mistypedResult)} OPTIONAL
+}
+(CONSTRAINED BY { -- must conform to the above definition --} !
+ RejectProblem:general-mistypedPDU)
+
+ReturnError{ERROR:Errors} ::= SEQUENCE {
+ invokeId
+ InvokeId
+ (CONSTRAINED BY {-- must be that for an outstanding operation -- } !
+ RejectProblem:returnError-unrecognizedInvocation)
+ (CONSTRAINED BY {-- which returns an error -- } !
+ RejectProblem:returnError-errorResponseUnexpected),
+ errcode
+ ERROR.&errorCode({Errors} !RejectProblem:returnError-unrecognizedError)
+ (CONSTRAINED BY {-- must be in the &Errors field of the associated operation --
+ } !RejectProblem:returnError-unexpectedError),
+ parameter
+ ERROR.&ParameterType
+ ({Errors}{@errcode} !RejectProblem:returnError-mistypedParameter)
+ OPTIONAL
+}
+(CONSTRAINED BY { -- must conform to the above definition --} !
+ RejectProblem:general-mistypedPDU)
+
+Reject ::= SEQUENCE {
+ invokeId InvokeId,
+ problem
+ CHOICE {general [0] GeneralProblem,
+ invoke [1] InvokeProblem,
+ returnResult [2] ReturnResultProblem,
+ returnError [3] ReturnErrorProblem}
+}
+(CONSTRAINED BY { -- must conform to the above definition --} !
+ RejectProblem:general-mistypedPDU)
+
+GeneralProblem ::= INTEGER {
+ unrecognizedPDU(0), mistypedPDU(1), badlyStructuredPDU(2)}
+
+-- continued on the next page
+InvokeProblem ::= INTEGER {
+ duplicateInvocation(0), unrecognizedOperation(1), mistypedArgument(2),
+ resourceLimitation(3), releaseInProgress(4), unrecognizedLinkedId(5),
+ linkedResponseUnexpected(6), unexpectedLinkedOperation(7)}
+
+ReturnResultProblem ::= INTEGER {
+ unrecognizedInvocation(0), resultResponseUnexpected(1), mistypedResult(2)
+}
+
+ReturnErrorProblem ::= INTEGER {
+ unrecognizedInvocation(0), errorResponseUnexpected(1), unrecognizedError(2),
+ unexpectedError(3), mistypedParameter(4)}
+
+RejectProblem ::= INTEGER {
+ general-unrecognizedPDU(0), general-mistypedPDU(1),
+ general-badlyStructuredPDU(2), invoke-duplicateInvocation(10),
+ invoke-unrecognizedOperation(11), invoke-mistypedArgument(12),
+ invoke-resourceLimitation(13), invoke-releaseInProgress(14),
+ invoke-unrecognizedLinkedId(15), invoke-linkedResponseUnexpected(16),
+ invoke-unexpectedLinkedOperation(17),
+ returnResult-unrecognizedInvocation(20),
+ returnResult-resultResponseUnexpected(21), returnResult-mistypedResult(22),
+ returnError-unrecognizedInvocation(30),
+ returnError-errorResponseUnexpected(31), returnError-unrecognizedError(32),
+ returnError-unexpectedError(33), returnError-mistypedParameter(34)}
+
+InvokeId ::= CHOICE {present INTEGER,
+ absent NULL
+}
+
+noInvokeId InvokeId ::= absent:NULL
+
+NoInvokeId InvokeId ::= {noInvokeId}
+
+Errors{OPERATION:Operations} ERROR ::= {Operations.&Errors}
+
+-- continued on the next page
+Bind{OPERATION:operation} ::= CHOICE {
+ bind-invoke [16] OPERATION.&ArgumentType({operation}),
+ bind-result [17] OPERATION.&ResultType({operation}),
+ bind-error [18] OPERATION.&Errors.&ParameterType({operation})
+}
+
+Unbind{OPERATION:operation} ::= CHOICE {
+ unbind-invoke [19] OPERATION.&ArgumentType({operation}),
+ unbind-result [20] OPERATION.&ResultType({operation}),
+ unbind-error [21] OPERATION.&Errors.&ParameterType({operation})
+}
+
+END -- end of generic ROS PDU definitions
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/Remote-Operations-Information-Objects-extensions.asn1 b/asn1/Remote-Operations-Information-Objects-extensions.asn1
new file mode 100644
index 0000000..671cf0e
--- /dev/null
+++ b/asn1/Remote-Operations-Information-Objects-extensions.asn1
@@ -0,0 +1,36 @@
+-- Module Remote-Operations-Information-Objects-extensions (X.881:07/1994)
+
+Remote-Operations-Information-Objects-extensions {joint-iso-itu-t
+ remote-operations(4) informationObjects-extensions(8) version1(0)}
+DEFINITIONS ::=
+BEGIN
+
+-- exports everything
+IMPORTS
+ CONTRACT
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)};
+
+APPLICATION-CONTEXT ::= CLASS {
+ &associationContract CONTRACT,
+ &associationRealization REALIZATION OPTIONAL,
+ &transferRealization REALIZATION,
+ &AbstractSyntaxes ABSTRACT-SYNTAX,
+ &applicationContextName OBJECT IDENTIFIER UNIQUE
+}
+WITH SYNTAX {
+ CONTRACT &associationContract
+ [ESTABLISHED BY &associationRealization]
+ INFORMATION TRANSFER BY &transferRealization
+ ABSTRACT SYNTAXES &AbstractSyntaxes
+ APPLICATION CONTEXT NAME &applicationContextName
+}
+
+REALIZATION ::= TYPE-IDENTIFIER
+
+-- information objects ABSTRACT-SYNTAX and TYPE-IDENTIFIER are defined in ITU-T Rec. X.681 |
+-- ISO/IEC 8824-2
+END -- end of the information-objects-extensions module
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/Remote-Operations-Information-Objects.asn1 b/asn1/Remote-Operations-Information-Objects.asn1
index 5414b32..b497e41 100644
--- a/asn1/Remote-Operations-Information-Objects.asn1
+++ b/asn1/Remote-Operations-Information-Objects.asn1
@@ -1,117 +1,123 @@
-Remote-Operations-Information-Objects {joint-iso-itu-t remote-operations(4) informationObjects(5) version1(0)}
-DEFINITIONS ::=
-BEGIN
--- exports everything
-IMPORTS emptyBind, emptyUnbind FROM Remote-Operations-Useful-Definitions{joint-iso-itu-t remote-operations(4) useful-definitions(7) version1(0)};
-OPERATION ::= CLASS
-{
- &ArgumentType OPTIONAL,
- &argumentTypeOptional BOOLEAN OPTIONAL,
- &returnResult BOOLEAN DEFAULT TRUE,
- &ResultType OPTIONAL,
- &resultTypeOptional BOOLEAN OPTIONAL,
- &Errors ERROR OPTIONAL,
- &Linked OPERATION OPTIONAL,
- &synchronous BOOLEAN DEFAULT FALSE,
- &alwaysReturns BOOLEAN DEFAULT TRUE,
- &InvokePriority Priority OPTIONAL,
- &ResultPriority Priority OPTIONAL,
- &operationCode Code UNIQUE OPTIONAL
-}
-WITH SYNTAX
-{
- [ARGUMENT &ArgumentType [OPTIONAL &argumentTypeOptional]]
- [RESULT &ResultType [OPTIONAL &resultTypeOptional]]
- [RETURN RESULT &returnResult]
- [ERRORS &Errors]
- [LINKED &Linked]
- [SYNCHRONOUS &synchronous]
- [ALWAYS RESPONDS &alwaysReturns]
- [INVOKE PRIORITY &InvokePriority]
- [RESULT-PRIORITY &ResultPriority]
- [CODE &operationCode]
-}
-ERROR ::= CLASS
-{
- &ParameterType OPTIONAL,
- &parameterTypeOptional BOOLEAN OPTIONAL,
- &ErrorPriority Priority OPTIONAL,
- &errorCode Code UNIQUE OPTIONAL
-}
-WITH SYNTAX
-{
- [PARAMETER &ParameterType [OPTIONAL &parameterTypeOptional]]
- [PRIORITY &ErrorPriority]
- [CODE &errorCode]
-}
-
-OPERATION-PACKAGE ::= CLASS
-{
- &Both OPERATION OPTIONAL,
- &Consumer OPERATION OPTIONAL,
- &Supplier OPERATION OPTIONAL,
- &id OBJECT IDENTIFIER UNIQUE OPTIONAL
-}
-WITH SYNTAX
-{
- [OPERATIONS &Both]
- [CONSUMER INVOKES &Supplier]
- [SUPPLIER INVOKES &Consumer]
- [ID &id]
-}
-CONNECTION-PACKAGE ::= CLASS
-{
- &bind OPERATION DEFAULT emptyBind,
- &unbind OPERATION DEFAULT emptyUnbind,
- &responderCanUnbind BOOLEAN DEFAULT FALSE,
- &unbindCanFail BOOLEAN DEFAULT FALSE,
- &id OBJECT IDENTIFIER UNIQUE OPTIONAL
-}
-WITH SYNTAX
-{
- [BIND &bind]
- [UNBIND &unbind]
- [RESPONDER UNBIND &responderCanUnbind]
- [FAILURE TO UNBIND &unbindCanFail]
- [ID &id]
-}
-CONTRACT ::= CLASS
-{
- &connection CONNECTION-PACKAGE OPTIONAL,
- &OperationsOf OPERATION-PACKAGE OPTIONAL,
- &InitiatorConsumerOf OPERATION-PACKAGE OPTIONAL,
- &InitiatorSupplierOf OPERATION-PACKAGE OPTIONAL,
- &id OBJECT IDENTIFIER UNIQUE OPTIONAL
-}
-WITH SYNTAX
-{
- [CONNECTION &connection]
- [OPERATIONS OF &OperationsOf]
- [INITIATOR CONSUMER OF &InitiatorConsumerOf]
- [RESPONDER CONSUMER OF &InitiatorSupplierOf]
- [ID &id]
-}
-
-ROS-OBJECT-CLASS ::= CLASS
-{
- &Is ROS-OBJECT-CLASS OPTIONAL,
- &Initiates CONTRACT OPTIONAL,
- &Responds CONTRACT OPTIONAL,
- &InitiatesAndResponds CONTRACT OPTIONAL,
- &id OBJECT IDENTIFIER UNIQUE
-}
-WITH SYNTAX
-{
- [IS &Is]
- [BOTH &InitiatesAndResponds]
- [INITIATES &Initiates]
- [RESPONDS &Responds]
- ID &id
-}
-Code ::= CHOICE
-{
- local INTEGER,
- global OBJECT IDENTIFIER
-}
-Priority ::= INTEGER (0..MAX)
-END -- end of Information Object specifications
+-- Module Remote-Operations-Information-Objects (X.880:07/1994)
+
+Remote-Operations-Information-Objects {joint-iso-itu-t remote-operations(4)
+ informationObjects(5) version1(0)} DEFINITIONS ::=
+BEGIN
+
+-- exports everything
+IMPORTS
+ emptyBind, emptyUnbind
+ FROM Remote-Operations-Useful-Definitions {joint-iso-itu-t
+ remote-operations(4) useful-definitions(7) version1(0)};
+
+OPERATION ::= CLASS {
+ &ArgumentType OPTIONAL,
+ &argumentTypeOptional BOOLEAN OPTIONAL,
+ &returnResult BOOLEAN DEFAULT TRUE,
+ &ResultType OPTIONAL,
+ &resultTypeOptional BOOLEAN OPTIONAL,
+ &Errors ERROR OPTIONAL,
+ &Linked OPERATION OPTIONAL,
+ &synchronous BOOLEAN DEFAULT FALSE,
+ &alwaysReturns BOOLEAN DEFAULT TRUE,
+ &InvokePriority Priority OPTIONAL,
+ &ResultPriority Priority OPTIONAL,
+ &operationCode Code UNIQUE OPTIONAL
+}
+WITH SYNTAX {
+ [ARGUMENT &ArgumentType
+ [OPTIONAL &argumentTypeOptional]]
+ [RESULT &ResultType
+ [OPTIONAL &resultTypeOptional]]
+ [RETURN RESULT &returnResult]
+ [ERRORS &Errors]
+ [LINKED &Linked]
+ [SYNCHRONOUS &synchronous]
+ [ALWAYS RESPONDS &alwaysReturns]
+ [INVOKE PRIORITY &InvokePriority]
+ [RESULT-PRIORITY &ResultPriority]
+ [CODE &operationCode]
+}
+
+ERROR ::= CLASS {
+ &ParameterType OPTIONAL,
+ &parameterTypeOptional BOOLEAN OPTIONAL,
+ &ErrorPriority Priority OPTIONAL,
+ &errorCode Code UNIQUE OPTIONAL
+}
+WITH SYNTAX {
+ [PARAMETER &ParameterType
+ [OPTIONAL &parameterTypeOptional]]
+ [PRIORITY &ErrorPriority]
+ [CODE &errorCode]
+}
+
+OPERATION-PACKAGE ::= CLASS {
+ &Both OPERATION OPTIONAL,
+ &Consumer OPERATION OPTIONAL,
+ &Supplier OPERATION OPTIONAL,
+ &id OBJECT IDENTIFIER UNIQUE OPTIONAL
+}
+-- continued on the next page
+WITH SYNTAX {
+ [OPERATIONS &Both]
+ [CONSUMER INVOKES &Supplier]
+ [SUPPLIER INVOKES &Consumer]
+ [ID &id]
+}
+
+CONNECTION-PACKAGE ::= CLASS {
+ &bind OPERATION DEFAULT emptyBind,
+ &unbind OPERATION DEFAULT emptyUnbind,
+ &responderCanUnbind BOOLEAN DEFAULT FALSE,
+ &unbindCanFail BOOLEAN DEFAULT FALSE,
+ &id OBJECT IDENTIFIER UNIQUE OPTIONAL
+}
+WITH SYNTAX {
+ [BIND &bind]
+ [UNBIND &unbind]
+ [RESPONDER UNBIND &responderCanUnbind]
+ [FAILURE TO UNBIND &unbindCanFail]
+ [ID &id]
+}
+
+CONTRACT ::= CLASS {
+ &connection CONNECTION-PACKAGE OPTIONAL,
+ &OperationsOf OPERATION-PACKAGE OPTIONAL,
+ &InitiatorConsumerOf OPERATION-PACKAGE OPTIONAL,
+ &InitiatorSupplierOf OPERATION-PACKAGE OPTIONAL,
+ &id OBJECT IDENTIFIER UNIQUE OPTIONAL
+}
+WITH SYNTAX {
+ [CONNECTION &connection]
+ [OPERATIONS OF &OperationsOf]
+ [INITIATOR CONSUMER OF &InitiatorConsumerOf]
+ [RESPONDER CONSUMER OF &InitiatorSupplierOf]
+ [ID &id]
+}
+
+ROS-OBJECT-CLASS ::= CLASS {
+ &Is ROS-OBJECT-CLASS OPTIONAL,
+ &Initiates CONTRACT OPTIONAL,
+ &Responds CONTRACT OPTIONAL,
+ &InitiatesAndResponds CONTRACT OPTIONAL,
+ &id OBJECT IDENTIFIER UNIQUE
+}
+WITH SYNTAX {
+ [IS &Is]
+ [BOTH &InitiatesAndResponds]
+ [INITIATES &Initiates]
+ [RESPONDS &Responds]
+ ID &id
+}
+
+Code ::= CHOICE {local INTEGER,
+ global OBJECT IDENTIFIER
+}
+
+Priority ::= INTEGER(0..MAX)
+
+END -- end of Information Object specifications
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/Remote-Operations-Realizations.asn1 b/asn1/Remote-Operations-Realizations.asn1
new file mode 100644
index 0000000..66bca14
--- /dev/null
+++ b/asn1/Remote-Operations-Realizations.asn1
@@ -0,0 +1,89 @@
+-- Module Remote-Operations-Realizations (X.882:07/1994)
+Remote-Operations-Realizations {joint-iso-itu-t remote-operations(4)
+ realizations(9) version1(0)} DEFINITIONS ::=
+BEGIN
+
+-- exports everything
+IMPORTS
+ REALIZATION
+ FROM Remote-Operations-Information-Objects-extensions {joint-iso-itu-t
+ remote-operations(4) informationObjects-extensions(8) version1(0)};
+
+RealizationParameter ::= SEQUENCE {
+ realization-type ENUMERATED {association-service(0), transfer-service(1)},
+ concatenation BOOLEAN DEFAULT FALSE
+}
+
+aUnitData REALIZATION ::= {
+ RealizationParameter(WITH COMPONENTS {
+ realization-type (transfer-service)
+ })
+ IDENTIFIED BY
+ {joint-iso-itu-t association-control(2) abstract-syntax(1) apdus(1)
+ version(1)}
+}
+
+acse REALIZATION ::= {
+ RealizationParameter
+ (WITH COMPONENTS {
+ realization-type (association-service)
+ })
+ IDENTIFIED BY
+ {joint-iso-itu-t remote-operations(4) association-realizations(10)
+ acse-without-concatenation(0)}
+}
+
+acse-with-concatenation REALIZATION ::= {
+ RealizationParameter
+ (WITH COMPONENTS {
+ realization-type (association-service),
+ concatenation (TRUE)
+ })
+ IDENTIFIED BY
+ {joint-iso-itu-t remote-operations(4) association-realizations(10)
+ acse-with-concatenation(1)}
+}
+
+association-by-RTSE REALIZATION ::= {
+ RealizationParameter
+ (WITH COMPONENTS {
+ realization-type (association-service)
+ })
+ IDENTIFIED BY
+ {joint-iso-itu-t remote-operations(4) association-realizations(10)
+ association-by-rtse(2)}
+}
+
+pData REALIZATION ::= {
+ RealizationParameter(WITH COMPONENTS {
+ realization-type (transfer-service)
+ })
+ IDENTIFIED BY
+ {joint-iso-itu-t remote-operations(4) transfer-realizations(11)
+ pData-without-concatenation(0)}
+}
+
+pData-with-concatenation REALIZATION ::= {
+ RealizationParameter
+ (WITH COMPONENTS {
+ realization-type (transfer-service),
+ concatenation (TRUE)
+ })
+ IDENTIFIED BY
+ {joint-iso-itu-t remote-operations(4) transfer-realizations(11)
+ pData-with-concatenation(1)}
+}
+
+transfer-by-RTSE REALIZATION ::= {
+ RealizationParameter(WITH COMPONENTS {
+ realization-type (transfer-service)
+ })
+ IDENTIFIED BY
+ {joint-iso-itu-t remote-operations(4) transfer-realizations(11)
+ rTSE-transfer(2)}
+}
+
+END -- end of the OSI realizations module
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/Remote-Operations-Useful-Definitions.asn1 b/asn1/Remote-Operations-Useful-Definitions.asn1
index fe1160a..e526ff4 100644
--- a/asn1/Remote-Operations-Useful-Definitions.asn1
+++ b/asn1/Remote-Operations-Useful-Definitions.asn1
@@ -1,77 +1,95 @@
-Remote-Operations-Useful-Definitions {joint-iso-itu-t remote-operations(4) useful-definitions(7) version1(0)}
-DEFINITIONS IMPLICIT TAGS ::=
-BEGIN
--- exports everything
-IMPORTS OPERATION, ERROR, OPERATION-PACKAGE, Code FROM Remote-Operations-Information-Objects{joint-iso-itu-t remote-operations(4) informationObjects(5) version1(0)}
-InvokeId, ROS{} FROM Remote-Operations-Generic-ROS-PDUs{joint-iso-itu-t remote-operations(4) generic-ROS-PDUs(6) version1(0)};
-emptyBind OPERATION ::= {ERRORS {refuse} SYNCHRONOUS TRUE}
-emptyUnbind OPERATION ::= { SYNCHRONOUS TRUE }
-refuse ERROR ::= {CODE local:-1}
-no-op OPERATION ::=
-{
- ALWAYS RESPONDS FALSE
- CODE local:-1
-}
-Forward {OPERATION:OperationSet} OPERATION ::=
-{
- OperationSet |
- OperationSet.&Linked.&Linked |
- OperationSet.&Linked.&Linked.&Linked.&Linked
-}
-Reverse {OPERATION:OperationSet} OPERATION ::=
- {Forward{ {OperationSet.&Linked} }}
-ConsumerPerforms {OPERATION-PACKAGE:package} OPERATION ::=
-{
- Forward{{package.&Consumer}} |
- Forward{{package.&Both}} |
- Reverse{{package.&Supplier}} |
- Reverse{{package.&Both}}
-}
-SupplierPerforms {OPERATION-PACKAGE:package} OPERATION ::=
-{
- Forward{{package.&Supplier}} |
- Forward{{package.&Both}} |
- Reverse{{package.&Consumer}} |
- Reverse{{package.&Both}}
-}
-AllOperations {OPERATION-PACKAGE:package} OPERATION ::=
-{
- ConsumerPerforms {package} |
- SupplierPerforms {package}
-}
-recode {OPERATION:operation, Code:code} OPERATION ::=
-{
- ARGUMENT operation.&ArgumentType
- OPTIONAL operation.&argumentTypeOptional
- RESULT operation.&ResultType
- OPTIONAL operation.&resultTypeOptional
- RETURN RESULT operation.&returnResult
- ERRORS {operation.&Errors}
- LINKED {operation.&Linked}
- SYNCHRONOUS operation.&synchronous
- ALWAYS RESPONDS operation.&alwaysReturns
- INVOKE PRIORITY {operation.&InvokePriority}
- RESULT-PRIORITY {operation.&ResultPriority}
- CODE code
-}
-switch {OPERATION-PACKAGE:package, OBJECT IDENTIFIER:id} OPERATION-PACKAGE ::=
-{
- OPERATIONS {package.&Both}
- CONSUMER INVOKES {package.&Supplier}
- SUPPLIER INVOKES {package.&Consumer}
- ID id
-}
-combine {OPERATION-PACKAGE:ConsumerConsumes, OPERATION-PACKAGE:ConsumerSupplies, OPERATION-PACKAGE:base} OPERATION-PACKAGE ::=
-{
- OPERATIONS {ConsumerConsumes.&Both | ConsumerSupplies.&Both}
- CONSUMER INVOKES {ConsumerConsumes.&Supplier | ConsumerSupplies.&Consumer}
- SUPPLIER INVOKES {ConsumerConsumes.&Consumer | ConsumerSupplies.&Supplier}
- ID base.&id
-}
-ROS-SingleAS {InvokeId:InvokeIdSet, OPERATION-PACKAGE:package} ::=
- ROS {{InvokeIdSet}, {AllOperations{package}}, {AllOperations{package}}}
-ROS-ConsumerAS {InvokeId:InvokeIdSet, OPERATION-PACKAGE:package} ::=
- ROS {{InvokeIdSet}, {ConsumerPerforms{package}}, {SupplierPerforms{package}}}
-ROS-SupplierAS {InvokeId:InvokeIdSet, OPERATION-PACKAGE:package} ::=
- ROS {{InvokeIdSet}, {SupplierPerforms{package}}, {ConsumerPerforms{package}}}
-END -- end of useful definitions.
+-- Module Remote-Operations-Useful-Definitions (X.880:07/1994)
+
+Remote-Operations-Useful-Definitions {joint-iso-itu-t remote-operations(4)
+ useful-definitions(7) version1(0)} DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- exports everything
+IMPORTS
+ OPERATION, ERROR, OPERATION-PACKAGE, Code
+ FROM Remote-Operations-Information-Objects {joint-iso-itu-t
+ remote-operations(4) informationObjects(5) version1(0)}
+ InvokeId, ROS{}
+ FROM Remote-Operations-Generic-ROS-PDUs {joint-iso-itu-t
+ remote-operations(4) generic-ROS-PDUs(6) version1(0)};
+
+emptyBind OPERATION ::= {ERRORS {refuse}
+ SYNCHRONOUS TRUE
+}
+
+emptyUnbind OPERATION ::= {SYNCHRONOUS TRUE
+}
+
+refuse ERROR ::= {CODE local:-1
+}
+
+no-op OPERATION ::= {ALWAYS RESPONDS FALSE
+ CODE local:-1
+}
+
+Forward{OPERATION:OperationSet} OPERATION ::=
+ {OperationSet | OperationSet.&Linked.&Linked |
+ OperationSet.&Linked.&Linked.&Linked.&Linked}
+
+Reverse{OPERATION:OperationSet} OPERATION ::= {Forward{{OperationSet.&Linked}}}
+
+ConsumerPerforms{OPERATION-PACKAGE:package} OPERATION ::=
+ {Forward{{package.&Consumer}} | Forward{{package.&Both}} |
+ Reverse{{package.&Supplier}} | Reverse{{package.&Both}}}
+
+SupplierPerforms{OPERATION-PACKAGE:package} OPERATION ::=
+ {Forward{{package.&Supplier}} | Forward{{package.&Both}} |
+ Reverse{{package.&Consumer}} | Reverse{{package.&Both}}}
+
+AllOperations{OPERATION-PACKAGE:package} OPERATION ::=
+ {ConsumerPerforms{package} | SupplierPerforms{package}}
+
+-- continued on the next page
+recode{OPERATION:operation, Code:code} OPERATION ::= {
+ ARGUMENT operation.&ArgumentType
+ OPTIONAL operation.&argumentTypeOptional
+ RESULT operation.&ResultType
+ OPTIONAL operation.&resultTypeOptional
+ RETURN RESULT operation.&returnResult
+ ERRORS {operation.&Errors}
+ LINKED {operation.&Linked}
+ SYNCHRONOUS operation.&synchronous
+ ALWAYS RESPONDS operation.&alwaysReturns
+ INVOKE PRIORITY {operation.&InvokePriority}
+ RESULT-PRIORITY {operation.&ResultPriority}
+ CODE code
+}
+
+switch{OPERATION-PACKAGE:package, OBJECT IDENTIFIER:id} OPERATION-PACKAGE ::=
+{
+ OPERATIONS {package.&Both}
+ CONSUMER INVOKES {package.&Consumer}
+ SUPPLIER INVOKES {package.&Supplier}
+ ID id
+}
+
+combine{OPERATION-PACKAGE:ConsumerConsumes, OPERATION-PACKAGE:ConsumerSupplies,
+ OPERATION-PACKAGE:base} OPERATION-PACKAGE ::= {
+ OPERATIONS {ConsumerConsumes.&Both | ConsumerSupplies.&Both}
+ CONSUMER INVOKES {ConsumerConsumes.&Consumer | ConsumerSupplies.&Supplier}
+ SUPPLIER INVOKES {ConsumerConsumes.&Supplier | ConsumerSupplies.&Consumer}
+ ID base.&id
+}
+
+ROS-SingleAS{InvokeId:InvokeIdSet, OPERATION-PACKAGE:package} ::=
+ ROS{{InvokeIdSet}, {AllOperations {package}}, {AllOperations {package}}}
+
+ROS-ConsumerAS{InvokeId:InvokeIdSet, OPERATION-PACKAGE:package} ::=
+ ROS
+ {{InvokeIdSet}, {ConsumerPerforms {package}},
+ {SupplierPerforms {package}}}
+
+ROS-SupplierAS{InvokeId:InvokeIdSet, OPERATION-PACKAGE:package} ::=
+ ROS
+ {{InvokeIdSet}, {SupplierPerforms {package}},
+ {ConsumerPerforms {package}}}
+
+END -- end of useful definitions.
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/SchemaAdministration.asn1 b/asn1/SchemaAdministration.asn1
new file mode 100644
index 0000000..65210f2
--- /dev/null
+++ b/asn1/SchemaAdministration.asn1
@@ -0,0 +1,260 @@
+-- Module SchemaAdministration (X.501:02/2001)
+SchemaAdministration {joint-iso-itu-t ds(5) module(1) schemaAdministration(23)
+ 4} DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ id-soa, id-soc, informationFramework, selectedAttributeTypes, upperBounds
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ ATTRIBUTE, AttributeUsage, CONTEXT, DITContentRule, DITStructureRule,
+ MATCHING-RULE, NAME-FORM, OBJECT-CLASS, ObjectClassKind,
+ objectIdentifierMatch
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 4}
+ -- from ITU-T Rec. X.520 | ISO/IEC 9594-6
+ DirectoryString{}, integerFirstComponentMatch, integerMatch,
+ objectIdentifierFirstComponentMatch
+ FROM SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
+ selectedAttributeTypes(5) 4}
+ ub-schema
+ FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4};
+
+-- types
+DITStructureRuleDescription ::= SEQUENCE {
+ COMPONENTS OF DITStructureRule,
+ name [1] SET SIZE (1..MAX) OF DirectoryString{ub-schema} OPTIONAL,
+ description DirectoryString{ub-schema} OPTIONAL,
+ obsolete BOOLEAN DEFAULT FALSE
+}
+
+DITContentRuleDescription ::= SEQUENCE {
+ COMPONENTS OF DITContentRule,
+ name [4] SET SIZE (1..MAX) OF DirectoryString{ub-schema} OPTIONAL,
+ description DirectoryString{ub-schema} OPTIONAL,
+ obsolete BOOLEAN DEFAULT FALSE
+}
+
+MatchingRuleDescription ::= SEQUENCE {
+ identifier MATCHING-RULE.&id,
+ name SET SIZE (1..MAX) OF DirectoryString{ub-schema} OPTIONAL,
+ description DirectoryString{ub-schema} OPTIONAL,
+ obsolete BOOLEAN DEFAULT FALSE,
+ information [0] DirectoryString{ub-schema} OPTIONAL
+}
+
+-- describes the ASN.1 syntax
+AttributeTypeDescription ::= SEQUENCE {
+ identifier ATTRIBUTE.&id,
+ name SET SIZE (1..MAX) OF DirectoryString{ub-schema} OPTIONAL,
+ description DirectoryString{ub-schema} OPTIONAL,
+ obsolete BOOLEAN DEFAULT FALSE,
+ information [0] AttributeTypeInformation
+}
+
+AttributeTypeInformation ::= SEQUENCE {
+ derivation [0] ATTRIBUTE.&id OPTIONAL,
+ equalityMatch [1] MATCHING-RULE.&id OPTIONAL,
+ orderingMatch [2] MATCHING-RULE.&id OPTIONAL,
+ substringsMatch [3] MATCHING-RULE.&id OPTIONAL,
+ attributeSyntax [4] DirectoryString{ub-schema} OPTIONAL,
+ multi-valued [5] BOOLEAN DEFAULT TRUE,
+ collective [6] BOOLEAN DEFAULT FALSE,
+ userModifiable [7] BOOLEAN DEFAULT TRUE,
+ application AttributeUsage DEFAULT userApplications
+}
+
+ObjectClassDescription ::= SEQUENCE {
+ identifier OBJECT-CLASS.&id,
+ name SET SIZE (1..MAX) OF DirectoryString{ub-schema} OPTIONAL,
+ description DirectoryString{ub-schema} OPTIONAL,
+ obsolete BOOLEAN DEFAULT FALSE,
+ information [0] ObjectClassInformation
+}
+
+ObjectClassInformation ::= SEQUENCE {
+ subclassOf SET SIZE (1..MAX) OF OBJECT-CLASS.&id OPTIONAL,
+ kind ObjectClassKind DEFAULT structural,
+ mandatories [3] SET SIZE (1..MAX) OF ATTRIBUTE.&id OPTIONAL,
+ optionals [4] SET SIZE (1..MAX) OF ATTRIBUTE.&id OPTIONAL
+}
+
+NameFormDescription ::= SEQUENCE {
+ identifier NAME-FORM.&id,
+ name SET SIZE (1..MAX) OF DirectoryString{ub-schema} OPTIONAL,
+ description DirectoryString{ub-schema} OPTIONAL,
+ obsolete BOOLEAN DEFAULT FALSE,
+ information [0] NameFormInformation
+}
+
+NameFormInformation ::= SEQUENCE {
+ subordinate OBJECT-CLASS.&id,
+ namingMandatories SET OF ATTRIBUTE.&id,
+ namingOptionals SET SIZE (1..MAX) OF ATTRIBUTE.&id OPTIONAL
+}
+
+MatchingRuleUseDescription ::= SEQUENCE {
+ identifier MATCHING-RULE.&id,
+ name SET SIZE (1..MAX) OF DirectoryString{ub-schema} OPTIONAL,
+ description DirectoryString{ub-schema} OPTIONAL,
+ obsolete BOOLEAN DEFAULT FALSE,
+ information [0] SET OF ATTRIBUTE.&id
+}
+
+ContextDescription ::= SEQUENCE {
+ identifier CONTEXT.&id,
+ name SET SIZE (1..MAX) OF DirectoryString{ub-schema} OPTIONAL,
+ description DirectoryString{ub-schema} OPTIONAL,
+ obsolete BOOLEAN DEFAULT FALSE,
+ information [0] ContextInformation
+}
+
+ContextInformation ::= SEQUENCE {
+ syntax DirectoryString{ub-schema},
+ assertionSyntax DirectoryString{ub-schema} OPTIONAL
+}
+
+DITContextUseDescription ::= SEQUENCE {
+ identifier ATTRIBUTE.&id,
+ name SET SIZE (1..MAX) OF DirectoryString{ub-schema} OPTIONAL,
+ description DirectoryString{ub-schema} OPTIONAL,
+ obsolete BOOLEAN DEFAULT FALSE,
+ information [0] DITContextUseInformation
+}
+
+DITContextUseInformation ::= SEQUENCE {
+ mandatoryContexts [1] SET SIZE (1..MAX) OF CONTEXT.&id OPTIONAL,
+ optionalContexts [2] SET SIZE (1..MAX) OF CONTEXT.&id OPTIONAL
+}
+
+-- object classes
+subschema OBJECT-CLASS ::= {
+ KIND auxiliary
+ MAY CONTAIN
+ {dITStructureRules | nameForms | dITContentRules | objectClasses |
+ attributeTypes | contextTypes | dITContextUse | matchingRules |
+ matchingRuleUse}
+ ID id-soc-subschema
+}
+
+-- attributes
+dITStructureRules ATTRIBUTE ::= {
+ WITH SYNTAX DITStructureRuleDescription
+ EQUALITY MATCHING RULE integerFirstComponentMatch
+ USAGE directoryOperation
+ ID id-soa-dITStructureRule
+}
+
+dITContentRules ATTRIBUTE ::= {
+ WITH SYNTAX DITContentRuleDescription
+ EQUALITY MATCHING RULE objectIdentifierFirstComponentMatch
+ USAGE directoryOperation
+ ID id-soa-dITContentRules
+}
+
+matchingRules ATTRIBUTE ::= {
+ WITH SYNTAX MatchingRuleDescription
+ EQUALITY MATCHING RULE objectIdentifierFirstComponentMatch
+ USAGE directoryOperation
+ ID id-soa-matchingRules
+}
+
+attributeTypes ATTRIBUTE ::= {
+ WITH SYNTAX AttributeTypeDescription
+ EQUALITY MATCHING RULE objectIdentifierFirstComponentMatch
+ USAGE directoryOperation
+ ID id-soa-attributeTypes
+}
+
+objectClasses ATTRIBUTE ::= {
+ WITH SYNTAX ObjectClassDescription
+ EQUALITY MATCHING RULE objectIdentifierFirstComponentMatch
+ USAGE directoryOperation
+ ID id-soa-objectClasses
+}
+
+nameForms ATTRIBUTE ::= {
+ WITH SYNTAX NameFormDescription
+ EQUALITY MATCHING RULE objectIdentifierFirstComponentMatch
+ USAGE directoryOperation
+ ID id-soa-nameForms
+}
+
+matchingRuleUse ATTRIBUTE ::= {
+ WITH SYNTAX MatchingRuleUseDescription
+ EQUALITY MATCHING RULE objectIdentifierFirstComponentMatch
+ USAGE directoryOperation
+ ID id-soa-matchingRuleUse
+}
+
+structuralObjectClass ATTRIBUTE ::= {
+ WITH SYNTAX OBJECT IDENTIFIER
+ EQUALITY MATCHING RULE objectIdentifierMatch
+ SINGLE VALUE TRUE
+ NO USER MODIFICATION TRUE
+ USAGE directoryOperation
+ ID id-soa-structuralObjectClass
+}
+
+governingStructureRule ATTRIBUTE ::= {
+ WITH SYNTAX INTEGER
+ EQUALITY MATCHING RULE integerMatch
+ SINGLE VALUE TRUE
+ NO USER MODIFICATION TRUE
+ USAGE directoryOperation
+ ID id-soa-governingStructureRule
+}
+
+contextTypes ATTRIBUTE ::= {
+ WITH SYNTAX ContextDescription
+ EQUALITY MATCHING RULE objectIdentifierFirstComponentMatch
+ USAGE directoryOperation
+ ID id-soa-contextTypes
+}
+
+dITContextUse ATTRIBUTE ::= {
+ WITH SYNTAX DITContextUseDescription
+ EQUALITY MATCHING RULE objectIdentifierFirstComponentMatch
+ USAGE directoryOperation
+ ID id-soa-dITContextUse
+}
+
+-- object identifier assignments
+-- schema object classes
+id-soc-subschema OBJECT IDENTIFIER ::=
+ {id-soc 1}
+
+-- schema operational attributes
+id-soa-dITStructureRule OBJECT IDENTIFIER ::=
+ {id-soa 1}
+
+id-soa-dITContentRules OBJECT IDENTIFIER ::= {id-soa 2}
+
+id-soa-matchingRules OBJECT IDENTIFIER ::= {id-soa 4}
+
+id-soa-attributeTypes OBJECT IDENTIFIER ::= {id-soa 5}
+
+id-soa-objectClasses OBJECT IDENTIFIER ::= {id-soa 6}
+
+id-soa-nameForms OBJECT IDENTIFIER ::= {id-soa 7}
+
+id-soa-matchingRuleUse OBJECT IDENTIFIER ::= {id-soa 8}
+
+id-soa-structuralObjectClass OBJECT IDENTIFIER ::= {id-soa 9}
+
+id-soa-governingStructureRule OBJECT IDENTIFIER ::= {id-soa 10}
+
+id-soa-contextTypes OBJECT IDENTIFIER ::= {id-soa 11}
+
+id-soa-dITContextUse OBJECT IDENTIFIER ::= {id-soa 12}
+
+END -- SchemaAdministration
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/SelectedAttributeTypes.asn1 b/asn1/SelectedAttributeTypes.asn1
index 0ac391f..0e74a23 100644
--- a/asn1/SelectedAttributeTypes.asn1
+++ b/asn1/SelectedAttributeTypes.asn1
@@ -1,9 +1,6 @@
--- Module SelectedAttributeTypes (X.520:08/1997)
--- See also ITU-T X.520 (08/1997)
--- See also the index of all ASN.1 assignments needed in this document
-
+-- Module SelectedAttributeTypes (X.520:02/2001)
SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1)
- selectedAttributeTypes(5) 3} DEFINITIONS ::=
+ selectedAttributeTypes(5) 4} DEFINITIONS ::=
BEGIN
-- EXPORTS All
@@ -12,38 +9,46 @@ BEGIN
-- Directory services. Other applications may use them for their own purposes, but this will not constrain
-- extensions and modifications needed to maintain or improve the Directory service.
IMPORTS
- informationFramework, upperBounds, id-at, id-mr, id-avc,
- directoryAbstractService, id-pr, id-not, id-cat
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ directoryAbstractService, id-at, id-avc, id-cat, id-mr, id-not, id-pr,
+ informationFramework, serviceAdministration, upperBounds
FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
- usefulDefinitions(0) 3}
- Attribute, ATTRIBUTE, MATCHING-RULE, AttributeType, OBJECT-CLASS,
- DistinguishedName, objectIdentifierMatch, distinguishedNameMatch,
- CONTEXT, ContextAssertion, AttributeCombination, ContextCombination,
- MAPPING-BASED-MATCHING, MRMapping, AttributeValueAssertion
- FROM InformationFramework informationFramework
+ usefulDefinitions(0) 4}
+ Attribute, ATTRIBUTE, AttributeType, AttributeValueAssertion, CONTEXT,
+ ContextAssertion, DistinguishedName, distinguishedNameMatch,
+ MAPPING-BASED-MATCHING{}, MATCHING-RULE, OBJECT-CLASS,
+ objectIdentifierMatch
+ FROM InformationFramework {joint-iso-itu-t ds(5) module(1)
+ informationFramework(1) 4}
+ AttributeCombination, ContextCombination, MRMapping
+ FROM ServiceAdministration {joint-iso-itu-t ds(5) module(1)
+ serviceAdministration(33) 4}
+ -- from ITU-T Rec. X.511 | ISO/IEC 9594-3
+ FilterItem, HierarchySelections, SearchControlOptions, ServiceControlOptions
+ FROM DirectoryAbstractService {joint-iso-itu-t ds(5) module(1)
+ directoryAbstractService(2) 4}
+ -- from ITU-T Rec. X.520 | ISO/IEC 9594-6
+ ub-answerback, ub-business-category, ub-common-name, ub-country-code,
+ ub-description, ub-destination-indicator,
+ ub-directory-string-first-component-match, ub-international-isdn-number,
+ ub-knowledge-information, ub-localeContextSyntax, ub-locality-name,
+ ub-match, ub-name, ub-organization-name, ub-organizational-unit-name,
+ ub-physical-office-name, ub-postal-code, ub-postal-line, ub-postal-string,
+ ub-post-office-box, ub-pseudonym, ub-serial-number, ub-state-name,
+ ub-street-address, ub-surname, ub-telephone-number, ub-telex-number,
+ ub-teletex-terminal-id, ub-title, ub-user-password, ub-x121-address
+ FROM UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4}
+ -- from ITU-T Rec. X.411 | ISO/IEC 10021-4
G3FacsimileNonBasicParameters
FROM MTSAbstractService {joint-iso-itu-t mhs(6) mts(3) modules(0)
- mts-abstract-service(1) version-1999(1)}
- ub-answerback, ub-name, ub-common-name, ub-surname, ub-serial-number,
- ub-locality-name, ub-state-name, ub-street-address, ub-organization-name,
- ub-organizational-unit-name, ub-title, ub-description,
- ub-business-category, ub-postal-line, ub-postal-string, ub-postal-code,
- ub-post-office-box, ub-physical-office-name, ub-telex-number,
- ub-country-code, ub-teletex-terminal-id, ub-telephone-number,
- ub-x121-address, ub-international-isdn-number, ub-destination-indicator,
- ub-user-password, ub-match, ub-knowledge-information,
- ub-directory-string-first-component-match, ub-localeContextSyntax,
- ub-pseudonym
- FROM UpperBounds upperBounds
- FilterItem, HierarchySelections, SearchControlOptions, ServiceControlOptions
- FROM DirectoryAbstractService directoryAbstractService;
+ mts-abstract-service(1) version-1999(1)};
-- Directory string type
DirectoryString{INTEGER:maxSize} ::= CHOICE {
teletexString TeletexString(SIZE (1..maxSize)),
printableString PrintableString(SIZE (1..maxSize)),
- universalString UniversalString(SIZE (1..maxSize)),
bmpString BMPString(SIZE (1..maxSize)),
+ universalString UniversalString(SIZE (1..maxSize)),
uTF8String UTF8String(SIZE (1..maxSize))
}
@@ -318,7 +323,7 @@ telephoneNumber ATTRIBUTE ::= {
TelephoneNumber ::= PrintableString(SIZE (1..ub-telephone-number))
--- String complying with CCITT Rec. E.123 only
+-- String complying with ITU-T Rec. E.123 only
collectiveTelephoneNumber ATTRIBUTE ::= {
SUBTYPE OF telephoneNumber
COLLECTIVE TRUE
@@ -412,6 +417,7 @@ destinationIndicator ATTRIBUTE ::= {
DestinationIndicator ::= PrintableString(SIZE (1..ub-destination-indicator))
+-- alphabetical characters only
communicationsService ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
@@ -425,7 +431,6 @@ communicationsNetwork ATTRIBUTE ::= {
ID id-at-communicationsNetwork
}
--- alphabetical characters only
preferredDeliveryMethod ATTRIBUTE ::= {
WITH SYNTAX PreferredDeliveryMethod
SINGLE VALUE TRUE
@@ -510,6 +515,7 @@ dmdName ATTRIBUTE ::= {
ID id-at-dmdName
}
+-- Notification attributes
dSAProblem ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
@@ -536,6 +542,12 @@ attributeTypeList ATTRIBUTE ::= {
ID id-not-attributeTypeList
}
+matchingRuleList ATTRIBUTE ::= {
+ WITH SYNTAX OBJECT IDENTIFIER
+ EQUALITY MATCHING RULE objectIdentifierMatch
+ ID id-not-matchingRuleList
+}
+
filterItem ATTRIBUTE ::= {
WITH SYNTAX FilterItem
ID id-not-filterItem
@@ -557,16 +569,21 @@ contextList ATTRIBUTE ::= {
ID id-not-contextList
}
+contextCombinations ATTRIBUTE ::= {
+ WITH SYNTAX ContextCombination
+ ID id-not-contextCombinations
+}
+
hierarchySelectList ATTRIBUTE ::= {
WITH SYNTAX HierarchySelections
SINGLE VALUE TRUE
ID id-not-hierarchySelectList
}
-searchOptionsList ATTRIBUTE ::= {
+searchControlOptionsList ATTRIBUTE ::= {
WITH SYNTAX SearchControlOptions
SINGLE VALUE TRUE
- ID id-not-searchOptionsList
+ ID id-not-searchControlOptionsList
}
serviceControlOptionsList ATTRIBUTE ::= {
@@ -618,7 +635,7 @@ SubstringAssertion ::=
any [1] DirectoryString{ub-match},
final [2] DirectoryString{ub-match},
control Attribute
- } -- Used to specify interpretation of the following items
+ } -- Used to specify interpretation of the following items
-- at most one initial and one final component
caseExactMatch MATCHING-RULE ::= {
@@ -652,11 +669,11 @@ numericStringSubstringsMatch MATCHING-RULE ::= {
}
caseIgnoreListMatch MATCHING-RULE ::= {
- SYNTAX CaseIgnoreListMatch
+ SYNTAX CaseIgnoreList
ID id-mr-caseIgnoreListMatch
}
-CaseIgnoreListMatch ::= SEQUENCE OF DirectoryString{ub-match}
+CaseIgnoreList ::= SEQUENCE OF DirectoryString{ub-match}
caseIgnoreListSubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
@@ -754,6 +771,9 @@ generalizedTimeOrderingMatch MATCHING-RULE ::= {
ID id-mr-generalizedTimeOrderingMatch
}
+systemProposedMatch MATCHING-RULE ::= {ID id-mr-systemProposedMatch
+}
+
integerFirstComponentMatch MATCHING-RULE ::= {
SYNTAX INTEGER
ID id-mr-integerFirstComponentMatch
@@ -779,38 +799,41 @@ keywordMatch MATCHING-RULE ::= {
ID id-mr-keywordMatch
}
-systemProposedMatch MATCHING-RULE ::= {ID id-mr-systemProposedMatch
-}
-
generalWordMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
ID id-mr-generalWordMatch
}
sequenceMatchType ATTRIBUTE ::= {
- WITH SYNTAX
- ENUMERATED {sequenceExact(0), sequenceDeletion(1),
- sequenceRestrictedDeletion(2), sequencePermutation(3),
- sequencePermutationAndDeletion(4), sequenceProviderDefined(5)}
+ WITH SYNTAX SequenceMatchType
SINGLE VALUE TRUE
ID id-cat-sequenceMatchType
-} -- defaulting to sequenceExact,
+} -- defaulting to sequenceExact
+
+SequenceMatchType ::= ENUMERATED {
+ sequenceExact(0), sequenceDeletion(1), sequenceRestrictedDeletion(2),
+ sequencePermutation(3), sequencePermutationAndDeletion(4),
+ sequenceProviderDefined(5)}
wordMatchTypes ATTRIBUTE ::= {
- WITH SYNTAX
- ENUMERATED {wordExact(0), wordTruncated(1), wordPhonetic(2),
- wordProviderDefined(3)}
+ WITH SYNTAX WordMatchTypes
SINGLE VALUE TRUE
ID id-cat-wordMatchType
} -- defaulting to wordExact
+WordMatchTypes ::= ENUMERATED {
+ wordExact(0), wordTruncated(1), wordPhonetic(2), wordProviderDefined(3)
+}
+
characterMatchTypes ATTRIBUTE ::= {
- WITH SYNTAX
- ENUMERATED {characterExact(0), characterCaseIgnore(1), characterMapped(2)}
+ WITH SYNTAX CharacterMatchTypes
SINGLE VALUE TRUE
ID id-cat-characterMatchTypes
}
+CharacterMatchTypes ::= ENUMERATED {
+ characterExact(0), characterCaseIgnore(1), characterMapped(2)}
+
selectedContexts ATTRIBUTE ::= {
WITH SYNTAX ContextAssertion
ID id-cat-selectedContexts
@@ -834,7 +857,7 @@ ZonalResult ::= ENUMERATED {
cannot-select-mapping(0), zero-mappings(2), multiple-mappings(3)}
zonalMatch MATCHING-RULE ::= {
- UNIQUE-MATCH-INDICATOR multipleMatchingLocalities.&id
+ UNIQUE-MATCH-INDICATOR multipleMatchingLocalities
ID id-mr-zonalMatch
}
@@ -1200,11 +1223,11 @@ id-at-houseIdentifier OBJECT IDENTIFIER ::= {id-at 51}
id-at-encryptedHouseIdentifier OBJECT IDENTIFIER ::= {id-at 51 2}
---id-at-supportedAlgorithms OBJECT IDENTIFIER ::= {id-at 52}
+-- id-at-supportedAlgorithms OBJECT IDENTIFIER ::= {id-at 52}
id-at-encryptedSupportedAlgorithms OBJECT IDENTIFIER ::=
{id-at 52 2}
---id-at-deltaRevocationList OBJECT IDENTIFIER ::= {id-at 53}
+-- id-at-deltaRevocationList OBJECT IDENTIFIER ::= {id-at 53}
id-at-encryptedDeltaRevocationList OBJECT IDENTIFIER ::=
{id-at 53 2}
@@ -1217,14 +1240,12 @@ id-at-encryptedClearance OBJECT IDENTIFIER ::=
{id-at 55 2}
-- id-at-defaultDirQop OBJECT IDENTIFIER ::= {id-at 56}
-id-at-encryptedDefaultDirQop OBJECT IDENTIFIER ::=
- {id-at 56 2}
-
+-- id-at-encryptedDefaultDirQop OBJECT IDENTIFIER ::= {id-at 56 2}
-- id-at-attributeIntegrityInfo OBJECT IDENTIFIER ::= {id-at 57}
id-at-encryptedAttributeIntegrityInfo OBJECT IDENTIFIER ::=
{id-at 57 2}
---id-at-attributeCertificate OBJECT IDENTIFIER ::= {id-at 58}
+-- id-at-attributeCertificate OBJECT IDENTIFIER ::= {id-at 58}
id-at-encryptedAttributeCertificate OBJECT IDENTIFIER ::=
{id-at 58 2}
@@ -1236,7 +1257,10 @@ id-at-encryptedAttributeCertificateRevocationList OBJECT IDENTIFIER ::=
id-at-encryptedConfKeyInfo OBJECT IDENTIFIER ::=
{id-at 60 2}
--- id-at-family-information OBJECT IDENTIFIER {id-at 64}
+-- id-at-aACertificate OBJECT IDENTIFIER ::= {id-at 61}
+-- id-at-attributeDescriptorCertificate OBJECT IDENTIFIER ::= {id-at 62}
+-- id-at-attributeAuthorityRevocationList OBJECT IDENTIFIER ::= {id-at 63}
+-- id-at-family-information OBJECT IDENTIFIER {id-at 64}
id-at-pseudonym OBJECT IDENTIFIER ::=
{id-at 65}
@@ -1244,6 +1268,129 @@ id-at-communicationsService OBJECT IDENTIFIER ::= {id-at 66}
id-at-communicationsNetwork OBJECT IDENTIFIER ::= {id-at 67}
+-- id-at-certificationPracticeStmt OBJECT IDENTIFIER ::= {id-at 68}
+-- id-at-certificatePolicy OBJECT IDENTIFIER ::= {id-at 69}
+-- id-at-pkiPath OBJECT IDENTIFIER ::= {id-at 70}
+-- id-at-privPolicy OBJECT IDENTIFIER ::= {id-at 71}
+-- id-at-role OBJECT IDENTIFIER ::= {id-at 72}
+-- id-at-delegationPath OBJECT IDENTIFIER ::= {id-at 73}
+-- Control attributes
+id-cat-sequenceMatchType OBJECT IDENTIFIER ::=
+ {id-cat 1}
+
+id-cat-wordMatchType OBJECT IDENTIFIER ::= {id-cat 2}
+
+id-cat-characterMatchTypes OBJECT IDENTIFIER ::= {id-cat 3}
+
+id-cat-selectedContexts OBJECT IDENTIFIER ::= {id-cat 4}
+
+-- Notification attributes
+id-not-dSAProblem OBJECT IDENTIFIER ::= {id-not 0}
+
+id-not-searchServiceProblem OBJECT IDENTIFIER ::= {id-not 1}
+
+id-not-serviceType OBJECT IDENTIFIER ::= {id-not 2}
+
+id-not-attributeTypeList OBJECT IDENTIFIER ::= {id-not 3}
+
+id-not-matchingRuleList OBJECT IDENTIFIER ::= {id-not 4}
+
+id-not-filterItem OBJECT IDENTIFIER ::= {id-not 5}
+
+id-not-attributeCombinations OBJECT IDENTIFIER ::= {id-not 6}
+
+id-not-contextTypeList OBJECT IDENTIFIER ::= {id-not 7}
+
+id-not-contextList OBJECT IDENTIFIER ::= {id-not 8}
+
+id-not-contextCombinations OBJECT IDENTIFIER ::= {id-not 9}
+
+id-not-hierarchySelectList OBJECT IDENTIFIER ::= {id-not 10}
+
+id-not-searchControlOptionsList OBJECT IDENTIFIER ::= {id-not 11}
+
+id-not-serviceControlOptionsList OBJECT IDENTIFIER ::= {id-not 12}
+
+id-not-multipleMatchingLocalities OBJECT IDENTIFIER ::= {id-not 13}
+
+id-not-proposedRelaxation OBJECT IDENTIFIER ::= {id-not 14}
+
+id-not-appliedRelaxation OBJECT IDENTIFIER ::= {id-not 15}
+
+-- Problem definitions
+id-pr-targetDsaUnavailable OBJECT IDENTIFIER ::=
+ {id-pr 1}
+
+id-pr-dataSourceUnavailable OBJECT IDENTIFIER ::= {id-pr 2}
+
+id-pr-unidentifiedOperation OBJECT IDENTIFIER ::= {id-pr 3}
+
+id-pr-unavailableOperation OBJECT IDENTIFIER ::= {id-pr 4}
+
+id-pr-searchAttributeViolation OBJECT IDENTIFIER ::= {id-pr 5}
+
+id-pr-searchAttributeCombinationViolation OBJECT IDENTIFIER ::= {id-pr 6}
+
+id-pr-searchValueNotAllowed OBJECT IDENTIFIER ::= {id-pr 7}
+
+id-pr-missingSearchAttribute OBJECT IDENTIFIER ::= {id-pr 8}
+
+id-pr-searchValueViolation OBJECT IDENTIFIER ::= {id-pr 9}
+
+id-pr-attributeNegationViolation OBJECT IDENTIFIER ::= {id-pr 10}
+
+id-pr-searchValueRequired OBJECT IDENTIFIER ::= {id-pr 11}
+
+id-pr-invalidSearchValue OBJECT IDENTIFIER ::= {id-pr 12}
+
+id-pr-searchContextViolation OBJECT IDENTIFIER ::= {id-pr 13}
+
+id-pr-searchContextCombinationViolation OBJECT IDENTIFIER ::= {id-pr 14}
+
+id-pr-missingSearchContext OBJECT IDENTIFIER ::= {id-pr 15}
+
+id-pr-searchContextValueViolation OBJECT IDENTIFIER ::= {id-pr 16}
+
+id-pr-searchContextValueRequired OBJECT IDENTIFIER ::= {id-pr 17}
+
+id-pr-invalidContextSearchValue OBJECT IDENTIFIER ::= {id-pr 18}
+
+id-pr-unsupportedMatchingRule OBJECT IDENTIFIER ::= {id-pr 19}
+
+id-pr-attributeMatchingViolation OBJECT IDENTIFIER ::= {id-pr 20}
+
+id-pr-unsupportedMatchingUse OBJECT IDENTIFIER ::= {id-pr 21}
+
+id-pr-matchingUseViolation OBJECT IDENTIFIER ::= {id-pr 22}
+
+id-pr-hierarchySelectForbidden OBJECT IDENTIFIER ::= {id-pr 23}
+
+id-pr-invalidHierarchySelect OBJECT IDENTIFIER ::= {id-pr 24}
+
+id-pr-unavailableHierarchySelect OBJECT IDENTIFIER ::= {id-pr 25}
+
+id-pr-invalidSearchControlOptions OBJECT IDENTIFIER ::= {id-pr 26}
+
+id-pr-invalidServiceControlOptions OBJECT IDENTIFIER ::= {id-pr 27}
+
+id-pr-searchSubsetViolation OBJECT IDENTIFIER ::= {id-pr 28}
+
+id-pr-unmatchedKeyAttributes OBJECT IDENTIFIER ::= {id-pr 29}
+
+id-pr-ambiguousKeyAttributes OBJECT IDENTIFIER ::= {id-pr 30}
+
+id-pr-unavailableRelaxationLevel OBJECT IDENTIFIER ::= {id-pr 31}
+
+id-pr-emptyHierarchySelection OBJECT IDENTIFIER ::= {id-pr 32}
+
+id-pr-administratorImposedLimit OBJECT IDENTIFIER ::= {id-pr 33}
+
+id-pr-permanentRestriction OBJECT IDENTIFIER ::= {id-pr 34}
+
+id-pr-temporaryRestriction OBJECT IDENTIFIER ::= {id-pr 35}
+
+id-pr-relaxationNotSupported OBJECT IDENTIFIER ::= {id-pr 36}
+
-- Matching rules
-- id-mr-objectIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 0}
-- id-mr-distinguishedNameMatch OBJECT IDENTIFIER ::= {id-mr 1}
@@ -1324,7 +1471,9 @@ id-mr-storedPrefixMatch OBJECT IDENTIFIER ::=
-- id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::= {id-mr 42}
-- id-mr-readerAndKeyIDMatch OBJECT IDENTIFIER ::= {id-mr 43}
---id-mr-attributeIntegrityMatch OBJECT IDENTIFIER ::= {id-mr 44}
+-- id-mr-attributeIntegrityMatch OBJECT IDENTIFIER ::= {id-mr 44} obsolete
+-- id-mr-attributeCertificateExactMatch OBJECT IDENTIFIER ::= {id-mr 45}
+-- id-mr-holderIssuerMatch OBJECT IDENTIFIER ::= {id-mr 46}
id-mr-systemProposedMatch OBJECT IDENTIFIER ::=
{id-mr 47}
@@ -1338,7 +1487,18 @@ id-mr-nullMatch OBJECT IDENTIFIER ::= {id-mr 51}
id-mr-zonalMatch OBJECT IDENTIFIER ::= {id-mr 52}
-id-mr-facsimileNumberMatch OBJECT IDENTIFIER ::= {id-mr 63}
+-- id-mr-authAttIdMatch OBJECT IDENTIFIER ::= {id-mr 53}
+-- id-mr-roleSpecCertIdMatch OBJECT IDENTIFIER ::= {id-mr 54}
+-- id-mr-basicAttConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 55}
+-- id-mr-delegatedNameConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 56}
+-- id-mr-timeSpecMatch OBJECT IDENTIFIER ::= {id-mr 57}
+-- id-mr-attDescriptorMatch OBJECT IDENTIFIER ::= {id-mr 58}
+-- id-mr-acceptableCertPoliciesMatch OBJECT IDENTIFIER ::= {id-mr 59}
+-- id-mr-policyMatch OBJECT IDENTIFIER ::= {id-mr 60}
+-- id-mr-delegationPathMatch OBJECT IDENTIFIER ::= {id-mr 61}
+-- id-mr-pkiPathMatch OBJECT IDENTIFIER ::= {id-mr 62}
+id-mr-facsimileNumberMatch OBJECT IDENTIFIER ::=
+ {id-mr 63}
id-mr-facsimileNumberSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 64}
@@ -1349,119 +1509,9 @@ id-avc-temporal OBJECT IDENTIFIER ::= {id-avc 1}
id-avc-locale OBJECT IDENTIFIER ::= {id-avc 2}
---id-avc-attributeValueSecurityLabelContext OBJECT IDENTIFIER ::= {id-avc 3}
---id-avc-attributeValueIntegrityInfoContext OBJECT IDENTIFIER ::= {id-avc 4}
--- Problem definitions
-id-pr-targetDsaUnavailable OBJECT IDENTIFIER ::=
- {id-pr 1}
-
-id-pr-dataSourceUnavailable OBJECT IDENTIFIER ::= {id-pr 2}
-
-id-pr-unidentifiedOperation OBJECT IDENTIFIER ::= {id-pr 3}
-
-id-pr-unavailableOperation OBJECT IDENTIFIER ::= {id-pr 4}
-
-id-pr-searchAttributeViolation OBJECT IDENTIFIER ::= {id-pr 5}
-
-id-pr-searchAttributeCombinationViolation OBJECT IDENTIFIER ::= {id-pr 6}
-
-id-pr-searchValueNotAllowed OBJECT IDENTIFIER ::= {id-pr 7}
-
-id-pr-missingSearchAttribute OBJECT IDENTIFIER ::= {id-pr 8}
-
-id-pr-searchValueViolation OBJECT IDENTIFIER ::= {id-pr 9}
-
-id-pr-attributeNegationViolation OBJECT IDENTIFIER ::= {id-pr 10}
-
-id-pr-searchValueRequired OBJECT IDENTIFIER ::= {id-pr 11}
-
-id-pr-invalidSearchValue OBJECT IDENTIFIER ::= {id-pr 12}
-
-id-pr-searchContextViolation OBJECT IDENTIFIER ::= {id-pr 13}
-
-id-pr-searchContextCombinationViolation OBJECT IDENTIFIER ::= {id-pr 14}
-
-id-pr-missingSearchContext OBJECT IDENTIFIER ::= {id-pr 15}
-
-id-pr-searchContextValueViolation OBJECT IDENTIFIER ::= {id-pr 16}
-
-id-pr-searchContextValueRequired OBJECT IDENTIFIER ::= {id-pr 17}
-
-id-pr-invalidContextSearchValue OBJECT IDENTIFIER ::= {id-pr 18}
-
-id-pr-unsupportedMatchingRule OBJECT IDENTIFIER ::= {id-pr 19}
-
-id-pr-attributeMatchingViolation OBJECT IDENTIFIER ::= {id-pr 20}
-
-id-pr-unsupportedMatchingUse OBJECT IDENTIFIER ::= {id-pr 21}
-
-id-pr-matchingUseViolation OBJECT IDENTIFIER ::= {id-pr 22}
-
-id-pr-hierarchySelectForbidden OBJECT IDENTIFIER ::= {id-pr 23}
-
-id-pr-invalidHierarchySelect OBJECT IDENTIFIER ::= {id-pr 24}
-
-id-pr-unavailableHierarchySelect OBJECT IDENTIFIER ::= {id-pr 25}
-
-id-pr-invalidSearchOptions OBJECT IDENTIFIER ::= {id-pr 26}
-
-id-pr-missingSearchOptions OBJECT IDENTIFIER ::= {id-pr 27}
-
-id-pr-invalidServiceControlOptions OBJECT IDENTIFIER ::= {id-pr 28}
-
-id-pr-missingServiceControlOptions OBJECT IDENTIFIER ::= {id-pr 29}
-
-id-pr-searchSubsetViolation OBJECT IDENTIFIER ::= {id-pr 30}
-
-id-pr-unmatchedKeyAttributes OBJECT IDENTIFIER ::= {id-pr 31}
-
-id-pr-ambiguousKeyAttributes OBJECT IDENTIFIER ::= {id-pr 32}
-
--- Notification attributes
-id-not-dSAProblem OBJECT IDENTIFIER ::= {id-not 0}
-
-id-not-searchServiceProblem OBJECT IDENTIFIER ::= {id-not 1}
-
-id-not-serviceType OBJECT IDENTIFIER ::= {id-not 2}
-
-id-not-attributeTypeList OBJECT IDENTIFIER ::= {id-not 3}
-
-id-not-matchingRuleList OBJECT IDENTIFIER ::= {id-not 4}
-
-id-not-filterItem OBJECT IDENTIFIER ::= {id-not 5}
-
-id-not-attributeCombinations OBJECT IDENTIFIER ::= {id-not 6}
-
-id-not-contextTypeList OBJECT IDENTIFIER ::= {id-not 7}
-
-id-not-contextList OBJECT IDENTIFIER ::= {id-not 8}
-
-id-not-contextCombinations OBJECT IDENTIFIER ::= {id-not 9}
-
-id-not-hierarchySelectList OBJECT IDENTIFIER ::= {id-not 10}
-
-id-not-searchOptionsList OBJECT IDENTIFIER ::= {id-not 11}
-
-id-not-serviceControlOptionsList OBJECT IDENTIFIER ::= {id-not 12}
-
-id-not-multipleMatchingLocalities OBJECT IDENTIFIER ::= {id-not 13}
-
-id-not-proposedRelaxation OBJECT IDENTIFIER ::= {id-not 14}
-
-id-not-appliedRelaxation OBJECT IDENTIFIER ::= {id-not 15}
-
-id-not-substringRequirements OBJECT IDENTIFIER ::= {id-not 16}
-
--- Control attributes
-id-cat-sequenceMatchType OBJECT IDENTIFIER ::=
- {id-cat 1}
-
-id-cat-wordMatchType OBJECT IDENTIFIER ::= {id-cat 2}
-
-id-cat-characterMatchTypes OBJECT IDENTIFIER ::= {id-cat 3}
-
-id-cat-selectedContexts OBJECT IDENTIFIER ::= {id-cat 4}
-
+-- id-avc-attributeValueSecurityLabelContext OBJECT IDENTIFIER ::= {id-avc 3}
+-- id-avc-attributeValueIntegrityInfoContext OBJECT IDENTIFIER ::= {id-avc 4}
END -- SelectedAttributeTypes
--- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/ServiceAdministration.asn1 b/asn1/ServiceAdministration.asn1
new file mode 100644
index 0000000..27b976d
--- /dev/null
+++ b/asn1/ServiceAdministration.asn1
@@ -0,0 +1,239 @@
+-- Module ServiceAdministration (X.501:02/2001)
+ServiceAdministration {joint-iso-itu-t ds(5) module(1)
+ serviceAdministration(33) 4} DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+IMPORTS
+ -- from ITU-T Rec. X.501 | ISO/IEC 9594-2
+ directoryAbstractService, informationFramework
+ FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1)
+ usefulDefinitions(0) 4}
+ ATTRIBUTE, AttributeType, CONTEXT, MATCHING-RULE, OBJECT-CLASS,
+ SupportedAttributes, SupportedContexts
+ FROM InformationFramework informationFramework
+ -- from ITU-T Rec. X.511 | ISO/IEC 9594-3
+ FamilyGrouping, FamilyReturn, HierarchySelections, SearchControlOptions,
+ ServiceControlOptions
+ FROM DirectoryAbstractService directoryAbstractService;
+
+-- types
+SearchRule ::= SEQUENCE {
+ COMPONENTS OF SearchRuleId,
+ serviceType [1] OBJECT IDENTIFIER OPTIONAL,
+ userClass [2] INTEGER OPTIONAL,
+ inputAttributeTypes
+ [3] SEQUENCE SIZE (0..MAX) OF RequestAttribute OPTIONAL,
+ attributeCombination [4] AttributeCombination DEFAULT and:{},
+ outputAttributeTypes [5] SEQUENCE SIZE (1..MAX) OF ResultAttribute OPTIONAL,
+ defaultControls [6] ControlOptions OPTIONAL,
+ mandatoryControls [7] ControlOptions OPTIONAL,
+ searchRuleControls [8] ControlOptions OPTIONAL,
+ familyGrouping [9] FamilyGrouping OPTIONAL,
+ familyReturn [10] FamilyReturn OPTIONAL,
+ relaxation [11] RelaxationPolicy OPTIONAL,
+ additionalControl [12] SEQUENCE SIZE (1..MAX) OF AttributeType OPTIONAL,
+ allowedSubset [13] AllowedSubset DEFAULT '111'B,
+ imposedSubset [14] ImposedSubset OPTIONAL,
+ entryLimit [15] EntryLimit OPTIONAL
+}
+
+SearchRuleId ::= SEQUENCE {id INTEGER,
+ dmdId [0] OBJECT IDENTIFIER
+}
+
+AllowedSubset ::= BIT STRING {baseObject(0), oneLevel(1), wholeSubtree(2)}
+
+ImposedSubset ::= ENUMERATED {baseObject(0), oneLevel(1), wholeSubtree(2)}
+
+RequestAttribute ::= SEQUENCE {
+ attributeType ATTRIBUTE.&id({SupportedAttributes}),
+ includeSubtypes [0] BOOLEAN DEFAULT FALSE,
+ selectedValues
+ [1] SEQUENCE SIZE (0..MAX) OF
+ ATTRIBUTE.&Type({SupportedAttributes}{@attributeType}) OPTIONAL,
+ defaultValues
+ [2] SEQUENCE SIZE (0..MAX) OF
+ SEQUENCE {entryType OBJECT-CLASS.&id OPTIONAL,
+ values
+ SEQUENCE OF
+ ATTRIBUTE.&Type({SupportedAttributes}{@attributeType})
+ } OPTIONAL,
+ contexts [3] SEQUENCE SIZE (0..MAX) OF ContextProfile OPTIONAL,
+ contextCombination [4] ContextCombination DEFAULT and:{},
+ matchingUse [5] SEQUENCE SIZE (1..MAX) OF MatchingUse OPTIONAL
+}
+
+ContextProfile ::= SEQUENCE {
+ contextType CONTEXT.&id({SupportedContexts}),
+ contextValue
+ SEQUENCE SIZE (1..MAX) OF
+ CONTEXT.&Assertion({SupportedContexts}{@contextType}) OPTIONAL
+}
+
+ContextCombination ::= CHOICE {
+ context [0] CONTEXT.&id({SupportedContexts}),
+ and [1] SEQUENCE OF ContextCombination,
+ or [2] SEQUENCE OF ContextCombination,
+ not [3] ContextCombination
+}
+
+MatchingUse ::= SEQUENCE {
+ restrictionType MATCHING-RESTRICTION.&id({SupportedMatchingRestrictions}),
+ restrictionValue
+ MATCHING-RESTRICTION.&Restriction
+ ({SupportedMatchingRestrictions}{@restrictionType})
+}
+
+-- Definition of the following information object set is deferred, perhaps to standardized
+-- profiles or to protocol implementation conformance statements. The set is required to
+-- specify a table constraint on the components of SupportedMatchingRestrictions
+SupportedMatchingRestrictions MATCHING-RESTRICTION ::=
+ {...}
+
+AttributeCombination ::= CHOICE {
+ attribute [0] AttributeType,
+ and [1] SEQUENCE OF AttributeCombination,
+ or [2] SEQUENCE OF AttributeCombination,
+ not [3] AttributeCombination
+}
+
+ResultAttribute ::= SEQUENCE {
+ attributeType ATTRIBUTE.&id({SupportedAttributes}),
+ outputValues
+ CHOICE {selectedValues
+ SEQUENCE OF
+ ATTRIBUTE.&Type({SupportedAttributes}{@attributeType}),
+ matchedValuesOnly NULL} OPTIONAL,
+ contexts [0] SEQUENCE SIZE (1..MAX) OF ContextProfile OPTIONAL
+}
+
+ControlOptions ::= SEQUENCE {
+ serviceControls [0] ServiceControlOptions DEFAULT {},
+ searchOptions [1] SearchControlOptions DEFAULT {searchAliases},
+ hierarchyOptions [2] HierarchySelections OPTIONAL
+}
+
+EntryLimit ::= SEQUENCE {default INTEGER,
+ max INTEGER
+}
+
+RelaxationPolicy ::= SEQUENCE {
+ basic [0] MRMapping DEFAULT {},
+ tightenings [1] SEQUENCE SIZE (1..MAX) OF MRMapping OPTIONAL,
+ relaxations [2] SEQUENCE SIZE (1..MAX) OF MRMapping OPTIONAL,
+ maximum [3] INTEGER OPTIONAL, -- mandatory if tightenings is present
+ minimum [4] INTEGER DEFAULT 1
+}
+
+MRMapping ::= SEQUENCE {
+ mapping [0] SEQUENCE SIZE (1..MAX) OF Mapping OPTIONAL,
+ substitution [1] SEQUENCE SIZE (1..MAX) OF MRSubstitution OPTIONAL
+}
+
+Mapping ::= SEQUENCE {
+ mappingFunction
+ OBJECT IDENTIFIER
+ (CONSTRAINED BY {-- shall be an--
+
+ -- object identifier of a mapping-based matching algorithm -- }),
+ level INTEGER DEFAULT 0
+}
+
+MRSubstitution ::= SEQUENCE {
+ attribute AttributeType,
+ oldMatchingRule [0] MATCHING-RULE.&id OPTIONAL,
+ newMatchingRule [1] MATCHING-RULE.&id OPTIONAL
+}
+
+-- ASN.1 information object classes
+SEARCH-RULE ::= CLASS {
+ &dmdId OBJECT IDENTIFIER,
+ &serviceType OBJECT IDENTIFIER OPTIONAL,
+ &userClass INTEGER OPTIONAL,
+ &InputAttributeTypes REQUEST-ATTRIBUTE OPTIONAL,
+ &combination AttributeCombination OPTIONAL,
+ &OutputAttributeTypes RESULT-ATTRIBUTE OPTIONAL,
+ &defaultControls ControlOptions OPTIONAL,
+ &mandatoryControls ControlOptions OPTIONAL,
+ &searchRuleControls ControlOptions OPTIONAL,
+ &familyGrouping FamilyGrouping OPTIONAL,
+ &familyReturn FamilyReturn OPTIONAL,
+ &additionalControl AttributeType OPTIONAL,
+ &relaxation RelaxationPolicy OPTIONAL,
+ &allowedSubset AllowedSubset DEFAULT '111'B,
+ &imposedSubset ImposedSubset OPTIONAL,
+ &entryLimit EntryLimit OPTIONAL,
+ &id INTEGER UNIQUE
+}
+WITH SYNTAX {
+ DMD ID &dmdId
+ [SERVICE-TYPE &serviceType]
+ [USER-CLASS &userClass]
+ [INPUT ATTRIBUTES &InputAttributeTypes]
+ [COMBINATION &combination]
+ [OUTPUT ATTRIBUTES &OutputAttributeTypes]
+ [DEFAULT CONTROL &defaultControls]
+ [MANDATORY CONTROL &mandatoryControls]
+ [SEARCH-RULE CONTROL &searchRuleControls]
+ [FAMILY-GROUPING &familyGrouping]
+ [FAMILY-RETURN &familyReturn]
+ [ADDITIONAL CONTROL &additionalControl]
+ [RELAXATION &relaxation]
+ [ALLOWED SUBSET &allowedSubset]
+ [IMPOSED SUBSET &imposedSubset]
+ [ENTRY LIMIT &entryLimit]
+ ID &id
+}
+
+REQUEST-ATTRIBUTE ::= CLASS {
+ &attributeType ATTRIBUTE.&id,
+ &SelectedValues ATTRIBUTE.&Type OPTIONAL,
+ &DefaultValues SEQUENCE {entryType OBJECT-CLASS.&id OPTIONAL,
+ values SEQUENCE OF ATTRIBUTE.&Type
+ } OPTIONAL,
+ &contexts SEQUENCE OF ContextProfile OPTIONAL,
+ &contextCombination ContextCombination OPTIONAL,
+ &MatchingUse MatchingUse OPTIONAL,
+ &includeSubtypes BOOLEAN DEFAULT FALSE
+}
+WITH SYNTAX {
+ ATTRIBUTE TYPE &attributeType
+ [SELECTED VALUES &SelectedValues]
+ [DEFAULT VALUES &DefaultValues]
+ [CONTEXTS &contexts]
+ [CONTEXT COMBINATION &contextCombination]
+ [MATCHING USE &MatchingUse]
+ [INCLUDE SUBTYPES &includeSubtypes]
+}
+
+RESULT-ATTRIBUTE ::= CLASS {
+ &attributeType ATTRIBUTE.&id,
+ &outputValues CHOICE {selectedValues SEQUENCE OF ATTRIBUTE.&Type,
+ matchedValuesOnly NULL
+ } OPTIONAL,
+ &contexts ContextProfile OPTIONAL
+}
+WITH SYNTAX {
+ ATTRIBUTE TYPE &attributeType
+ [OUTPUT VALUES &outputValues]
+ [CONTEXTS &contexts]
+}
+
+MATCHING-RESTRICTION ::= CLASS {
+ &Restriction ,
+ &Rules MATCHING-RULE.&id,
+ &id OBJECT IDENTIFIER UNIQUE
+}WITH SYNTAX {RESTRICTION &Restriction
+ RULES &Rules
+ ID &id
+}
+
+END -- ServiceAdministration
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/SpkmGssTokens.asn1 b/asn1/SpkmGssTokens.asn1
new file mode 100644
index 0000000..02205bd
--- /dev/null
+++ b/asn1/SpkmGssTokens.asn1
@@ -0,0 +1,257 @@
+-- Module SpkmGssTokens (RFC 2025:10/1996)
+SpkmGssTokens {iso(1) identified-organization(3) dod(6) internet(1) security(5)
+ mechanisms(5) spkm(1) spkmGssTokens(10)}
+--
+-- Copyright (C) The Internet Society (1996). This version of
+-- this ASN.1 module is part of RFC 2025;
+-- see the RFC itself for full legal notices.
+--
+DEFINITIONS IMPLICIT TAGS ::=
+BEGIN
+
+-- EXPORTS ALL
+IMPORTS
+ Name
+ FROM InformationFramework {joint-iso-itu-t(2) ds(5) module(1)
+ informationFramework(1) 3}
+ Certificate, CertificateList, CertificatePair, AlgorithmIdentifier, Validity
+ FROM AuthenticationFramework {joint-iso-itu-t(2) ds(5) module(1)
+ authenticationFramework(7) 3};
+
+-- types
+SPKM-REQ ::= SEQUENCE {
+ requestToken REQ-TOKEN,
+ certif-data [0] CertificationData OPTIONAL,
+ auth-data [1] AuthorizationData OPTIONAL
+}
+
+CertificationData ::= SEQUENCE {
+ certificationPath [0] CertificationPath OPTIONAL,
+ certificateRevocationList [1] CertificateList OPTIONAL
+} -- at least one of the above shall be present
+
+CertificationPath ::= SEQUENCE {
+ userKeyId [0] OCTET STRING OPTIONAL,
+ userCertif [1] Certificate OPTIONAL,
+ verifKeyId [2] OCTET STRING OPTIONAL,
+ userVerifCertif [3] Certificate OPTIONAL,
+ theCACertificates [4] SEQUENCE OF CertificatePair OPTIONAL
+} -- Presence of [2] or [3] implies that [0] or [1] must also be
+
+-- present. Presence of [4] implies that at least one of [0], [1],
+-- [2], and [3] must also be present.
+REQ-TOKEN ::= SEQUENCE {
+ req-contents Req-contents,
+ algId AlgorithmIdentifier,
+ req-integrity Integrity -- "token" is Req-contents
+}
+
+Integrity ::= BIT STRING
+
+-- If corresponding algId specifies a signing algorithm,
+-- "Integrity" holds the result of applying the signing procedure
+-- specified in algId to the BER-encoded octet string which results
+-- from applying the hashing procedure (also specified in algId) to
+-- the DER-encoded octets of "token".
+-- Alternatively, if corresponding algId specifies a MACing
+-- algorithm, "Integrity" holds the result of applying the MACing
+-- procedure specified in algId to the DER-encoded octets of
+-- "token"
+Req-contents ::= SEQUENCE {
+ tok-id INTEGER(256), -- shall contain 0100 (hex)
+ context-id Random-Integer,
+ pvno BIT STRING,
+ timestamp UTCTime OPTIONAL, -- mandatory for SPKM-2
+ randSrc Random-Integer,
+ targ-name Name,
+ src-name [0] Name OPTIONAL,
+ req-data Context-Data,
+ validity [1] Validity OPTIONAL,
+ key-estb-set Key-Estb-Algs,
+ key-estb-req BIT STRING OPTIONAL,
+ key-src-bind OCTET STRING OPTIONAL
+ -- This field must be present for the case of SPKM-2
+ -- unilateral authen. if the K-ALG in use does not provide
+ -- such a binding (but is optional for all other cases).
+ -- The octet string holds the result of applying the
+ -- mandatory hashing procedure (in MANDATORY I-ALG;
+ -- see Section 2.1) as follows: MD5(src || context_key),
+ -- where "src" is the DER-encoded octets of src-name,
+ -- "context-key" is the symmetric key (i.e., the
+ -- unprotected version of what is transmitted in
+ -- key-estb-req), and "||" is the concatenation operation.
+}
+
+Random-Integer ::= BIT STRING
+
+Context-Data ::= SEQUENCE {
+ channelId ChannelId OPTIONAL,
+ seq-number INTEGER OPTIONAL,
+ options Options,
+ conf-alg Conf-Algs,
+ intg-alg Intg-Algs,
+ owf-alg OWF-Algs
+}
+
+ChannelId ::= OCTET STRING
+
+Options ::= BIT STRING {
+ delegation-state(0), mutual-state(1), replay-det-state(2), sequence-state(3),
+ conf-avail(4), integ-avail(5), target-certif-data-required(6)}
+
+Conf-Algs ::= CHOICE {
+ algs [0] SEQUENCE OF AlgorithmIdentifier,
+ null [1] NULL
+}
+
+Intg-Algs ::= SEQUENCE OF AlgorithmIdentifier
+
+OWF-Algs ::= SEQUENCE OF AlgorithmIdentifier
+
+Key-Estb-Algs ::= SEQUENCE OF AlgorithmIdentifier
+
+SPKM-REP-TI ::= SEQUENCE {
+ responseToken REP-TI-TOKEN,
+ certif-data CertificationData OPTIONAL
+ -- present if target-certif-data-required option was
+} -- set to TRUE in SPKM-REQ
+
+REP-TI-TOKEN ::= SEQUENCE {
+ rep-ti-contents Rep-ti-contents,
+ algId AlgorithmIdentifier,
+ rep-ti-integ Integrity -- "token" is Rep-ti-contents
+}
+
+Rep-ti-contents ::= SEQUENCE {
+ tok-id INTEGER(512), -- shall contain 0200 (hex)
+ context-id Random-Integer,
+ pvno [0] BIT STRING OPTIONAL,
+ timestamp UTCTime OPTIONAL, -- mandatory for SPKM-2
+ randTarg Random-Integer,
+ src-name [1] Name OPTIONAL,
+ targ-name Name,
+ randSrc Random-Integer,
+ rep-data Context-Data,
+ validity [2] Validity OPTIONAL,
+ key-estb-id AlgorithmIdentifier OPTIONAL,
+ key-estb-str BIT STRING OPTIONAL
+}
+
+SPKM-REP-IT ::= SEQUENCE {
+ responseToken REP-IT-TOKEN,
+ algId AlgorithmIdentifier,
+ rep-it-integ Integrity -- "token" is REP-IT-TOKEN
+}
+
+REP-IT-TOKEN ::= SEQUENCE {
+ tok-id INTEGER(768), -- shall contain 0300 (hex)
+ context-id Random-Integer,
+ randSrc Random-Integer,
+ randTarg Random-Integer,
+ targ-name Name,
+ src-name Name OPTIONAL,
+ key-estb-rep BIT STRING OPTIONAL
+}
+
+SPKM-ERROR ::= SEQUENCE {
+ errorToken ERROR-TOKEN,
+ algId AlgorithmIdentifier,
+ integrity Integrity -- "token" is ERROR-TOKEN
+}
+
+ERROR-TOKEN ::= SEQUENCE {
+ tok-id INTEGER(1024), -- shall contain 0400 (hex)
+ context-id Random-Integer
+}
+
+SPKM-MIC ::= SEQUENCE {mic-header Mic-Header,
+ int-cksum BIT STRING
+}
+
+Mic-Header ::= SEQUENCE {
+ tok-id INTEGER(257), -- shall contain 0101 (hex)
+ context-id Random-Integer,
+ int-alg [0] AlgorithmIdentifier OPTIONAL,
+ snd-seq [1] SeqNum OPTIONAL
+}
+
+SeqNum ::= SEQUENCE {num INTEGER,
+ dir-ind BOOLEAN
+}
+
+SPKM-WRAP ::= SEQUENCE {wrap-header Wrap-Header,
+ wrap-body Wrap-Body
+}
+
+Wrap-Header ::= SEQUENCE {
+ tok-id INTEGER(513), -- shall contain 0201 (hex)
+ context-id Random-Integer,
+ int-alg [0] AlgorithmIdentifier OPTIONAL,
+ conf-alg [1] Conf-Alg OPTIONAL,
+ snd-seq [2] SeqNum OPTIONAL
+}
+
+Wrap-Body ::= SEQUENCE {int-cksum BIT STRING,
+ data BIT STRING
+}
+
+Conf-Alg ::= CHOICE {algId [0] AlgorithmIdentifier,
+ null [1] NULL
+}
+
+SPKM-DEL ::= SEQUENCE {del-header Del-Header,
+ int-cksum BIT STRING
+}
+
+Del-Header ::= SEQUENCE {
+ tok-id INTEGER(769), -- shall contain 0301 (hex)
+ context-id Random-Integer,
+ int-alg [0] AlgorithmIdentifier OPTIONAL,
+ snd-seq [1] SeqNum OPTIONAL
+}
+
+-- other types
+-- from [RFC-1508]
+MechType ::= OBJECT IDENTIFIER
+
+InitialContextToken ::= [APPLICATION 0] IMPLICIT SEQUENCE {
+ thisMech MechType,
+ innerContextToken SPKMInnerContextToken
+} -- when thisMech is SPKM-1 or SPKM-2
+
+SPKMInnerContextToken ::= CHOICE {
+ req [0] SPKM-REQ,
+ rep-ti [1] SPKM-REP-TI,
+ rep-it [2] SPKM-REP-IT,
+ error [3] SPKM-ERROR,
+ mic [4] SPKM-MIC,
+ wrap [5] SPKM-WRAP,
+ del [6] SPKM-DEL
+}
+
+-- from [RFC-1510]
+AuthorizationData ::=
+ SEQUENCE OF SEQUENCE {ad-type INTEGER,
+ ad-data OCTET STRING}
+
+-- object identifier assignments
+md5-DES-CBC OBJECT IDENTIFIER ::=
+ {iso(1) identified-organization(3) dod(6) internet(1) security(5)
+ integrity(3) md5-DES-CBC(1)}
+
+sum64-DES-CBC OBJECT IDENTIFIER ::=
+ {iso(1) identified-organization(3) dod(6) internet(1) security(5)
+ integrity(3) sum64-DES-CBC(2)}
+
+spkm-1 OBJECT IDENTIFIER ::=
+ {iso(1) identified-organization(3) dod(6) internet(1) security(5)
+ mechanisms(5) spkm(1) spkm-1(1)}
+
+spkm-2 OBJECT IDENTIFIER ::=
+ {iso(1) identified-organization(3) dod(6) internet(1) security(5)
+ mechanisms(5) spkm(1) spkm-2(2)}
+
+END
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/UpperBounds.asn1 b/asn1/UpperBounds.asn1
index 3ebc334..b2e8fb3 100644
--- a/asn1/UpperBounds.asn1
+++ b/asn1/UpperBounds.asn1
@@ -1,90 +1,88 @@
--- Module UpperBounds (X.520:08/1997)
--- See also ITU-T X.520 (08/1997)
--- See also the index of all ASN.1 assignments needed in this document
-
-UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 3} DEFINITIONS ::=
-BEGIN
-
--- EXPORTS All
--- The types and values defined in this module are exported for use in the other ASN.1 modules contained
--- within the Directory Specifications, and for the use of other applications which will use them to access
--- Directory services. Other applications may use them for their own purposes, but this will not constrain
--- extensions and modifications needed to maintain or improve the Directory service.
-ub-answerback INTEGER ::=
- 8
-
-ub-business-category INTEGER ::= 128
-
-ub-common-name INTEGER ::= 64
-
-ub-country-code INTEGER ::= 4
-
-ub-description INTEGER ::= 1024
-
-ub-destination-indicator INTEGER ::= 128
-
-ub-directory-string-first-component-match INTEGER ::= 32768
-
-ub-international-isdn-number INTEGER ::= 16
-
-ub-knowledge-information INTEGER ::= 32768
-
-ub-locality-name INTEGER ::= 128
-
-ub-match INTEGER ::= 128
-
-ub-name INTEGER ::= 64
-
-ub-organization-name INTEGER ::= 64
-
-ub-organizational-unit-name INTEGER ::= 64
-
-ub-physical-office-name INTEGER ::= 128
-
-ub-post-office-box INTEGER ::= 40
-
-ub-postal-code INTEGER ::= 40
-
-ub-postal-line INTEGER ::= 6
-
-ub-postal-string INTEGER ::= 30
-
-ub-privacy-mark-length INTEGER ::= 128
-
-ub-schema INTEGER ::= 1024
-
-ub-search INTEGER ::= 32768
-
-ub-serial-number INTEGER ::= 64
-
-ub-state-name INTEGER ::= 128
-
-ub-street-address INTEGER ::= 128
-
-ub-surname INTEGER ::= 64
-
-ub-tag INTEGER ::= 64
-
-ub-telephone-number INTEGER ::= 32
-
-ub-teletex-terminal-id INTEGER ::= 1024
-
-ub-telex-number INTEGER ::= 14
-
-ub-title INTEGER ::= 64
-
-ub-user-password INTEGER ::= 128
-
-ub-x121-address INTEGER ::= 15
-
-ub-localeContextSyntax INTEGER ::= 128
-
-ub-locale-context-syntax INTEGER ::= 64
-
-ub-pseudonym INTEGER ::= 128
-
-ub-content INTEGER ::= 32768
-
-END -- UpperBounds
-
--- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+-- Module UpperBounds (X.520:02/2001)
+UpperBounds {joint-iso-itu-t ds(5) module(1) upperBounds(10) 4} DEFINITIONS ::=
+BEGIN
+
+-- EXPORTS All
+-- The types and values defined in this module are exported for use in the other ASN.1 modules contained
+-- within the Directory Specifications, and for the use of other applications which will use them to access
+-- Directory services. Other applications may use them for their own purposes, but this will not constrain
+-- extensions and modifications needed to maintain or improve the Directory service.
+ub-answerback INTEGER ::=
+ 8
+
+ub-business-category INTEGER ::= 128
+
+ub-common-name INTEGER ::= 64
+
+ub-content INTEGER ::= 32768
+
+ub-country-code INTEGER ::= 4
+
+ub-description INTEGER ::= 1024
+
+ub-destination-indicator INTEGER ::= 128
+
+ub-directory-string-first-component-match INTEGER ::= 32768
+
+ub-domainLocalID INTEGER ::= 64
+
+ub-international-isdn-number INTEGER ::= 16
+
+ub-knowledge-information INTEGER ::= 32768
+
+ub-localeContextSyntax INTEGER ::= 128
+
+ub-locality-name INTEGER ::= 128
+
+ub-match INTEGER ::= 128
+
+ub-name INTEGER ::= 128
+
+ub-organization-name INTEGER ::= 64
+
+ub-organizational-unit-name INTEGER ::= 64
+
+ub-physical-office-name INTEGER ::= 128
+
+ub-post-office-box INTEGER ::= 40
+
+ub-postal-code INTEGER ::= 40
+
+ub-postal-line INTEGER ::= 6
+
+ub-postal-string INTEGER ::= 30
+
+ub-privacy-mark-length INTEGER ::= 128
+
+ub-pseudonym INTEGER ::= 128
+
+ub-schema INTEGER ::= 1024
+
+ub-search INTEGER ::= 32768
+
+ub-serial-number INTEGER ::= 64
+
+ub-state-name INTEGER ::= 128
+
+ub-street-address INTEGER ::= 128
+
+ub-surname INTEGER ::= 64
+
+ub-tag INTEGER ::= 64
+
+ub-telephone-number INTEGER ::= 32
+
+ub-teletex-terminal-id INTEGER ::= 1024
+
+ub-telex-number INTEGER ::= 14
+
+ub-title INTEGER ::= 64
+
+ub-user-password INTEGER ::= 128
+
+ub-x121-address INTEGER ::= 15
+
+END -- UpperBounds
+
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/UsefulDefinitions.asn1 b/asn1/UsefulDefinitions.asn1
index b755285..78c50fa 100644
--- a/asn1/UsefulDefinitions.asn1
+++ b/asn1/UsefulDefinitions.asn1
@@ -1,8 +1,5 @@
--- Module UsefulDefinitions (X.501 TC2:08/1997)
--- See also ITU-T X.501 (1997) Technical Cor. 2 (02/2001)
--- See also the index of all ASN.1 assignments needed in this document
-
-UsefulDefinitions {joint-iso-itu-t ds(5) module(1) usefulDefinitions(0) 3}
+-- Module UsefulDefinitions (X.501:02/2001)
+UsefulDefinitions {joint-iso-itu-t ds(5) module(1) usefulDefinitions(0) 4}
DEFINITIONS ::=
BEGIN
@@ -28,13 +25,13 @@ attributeSyntax ID ::= {ds 5}
objectClass ID ::= {ds 6}
--- attributeSet ID ::= {ds 7}
+-- attributeSet ID ::= {ds 7}
algorithm ID ::= {ds 8}
abstractSyntax ID ::= {ds 9}
--- object ID ::= {ds 10}
--- port ID ::= {ds 11}
+-- object ID ::= {ds 10}
+-- port ID ::= {ds 11}
dsaOperationalAttribute ID ::=
{ds 12}
@@ -74,7 +71,7 @@ managementObject ID ::= {ds 30}
attributeValueContext ID ::= {ds 31}
--- securityExchange ID ::= {ds 32}
+-- securityExchange ID ::= {ds 32}
idmProtocol ID ::= {ds 33}
problem ID ::= {ds 34}
@@ -87,73 +84,83 @@ matchingRestriction ID ::=
controlAttributeType ID ::= {ds 37}
-- modules
-usefulDefinitions ID ::= {module usefulDefinitions(0) 3}
+usefulDefinitions ID ::= {module usefulDefinitions(0) 4}
-informationFramework ID ::= {module informationFramework(1) 3}
+informationFramework ID ::= {module informationFramework(1) 4}
-directoryAbstractService ID ::= {module directoryAbstractService(2) 3}
+directoryAbstractService ID ::= {module directoryAbstractService(2) 4}
-distributedOperations ID ::= {module distributedOperations(3) 3}
+distributedOperations ID ::= {module distributedOperations(3) 4}
-protocolObjectIdentifiers ID ::= {module protocolObjectIdentifiers(4) 3}
+protocolObjectIdentifiers ID ::= {module protocolObjectIdentifiers(4) 4}
-selectedAttributeTypes ID ::= {module selectedAttributeTypes(5) 3}
+selectedAttributeTypes ID ::= {module selectedAttributeTypes(5) 4}
-selectedObjectClasses ID ::= {module selectedObjectClasses(6) 3}
+selectedObjectClasses ID ::= {module selectedObjectClasses(6) 4}
-authenticationFramework ID ::= {module authenticationFramework(7) 3}
+authenticationFramework ID ::= {module authenticationFramework(7) 4}
-algorithmObjectIdentifiers ID ::= {module algorithmObjectIdentifiers(8) 3}
+algorithmObjectIdentifiers ID ::= {module algorithmObjectIdentifiers(8) 4}
-directoryObjectIdentifiers ID ::= {module directoryObjectIdentifiers(9) 3}
+directoryObjectIdentifiers ID ::= {module directoryObjectIdentifiers(9) 4}
-upperBounds ID ::= {module upperBounds(10) 3}
+upperBounds ID ::= {module upperBounds(10) 4}
-dap ID ::= {module dap(11) 3}
+dap ID ::= {module dap(11) 4}
-dsp ID ::= {module dsp(12) 3}
+dsp ID ::= {module dsp(12) 4}
-distributedDirectoryOIDs ID ::= {module distributedDirectoryOIDs(13) 3}
+distributedDirectoryOIDs ID ::= {module distributedDirectoryOIDs(13) 4}
-directoryShadowOIDs ID ::= {module directoryShadowOIDs(14) 3}
+directoryShadowOIDs ID ::= {module directoryShadowOIDs(14) 4}
directoryShadowAbstractService ID ::=
- {module directoryShadowAbstractService(15) 3}
+ {module directoryShadowAbstractService(15) 4}
-disp ID ::= {module disp(16) 3}
+disp ID ::= {module disp(16) 4}
-dop ID ::= {module dop(17) 3}
+dop ID ::= {module dop(17) 4}
-opBindingManagement ID ::= {module opBindingManagement(18) 3}
+opBindingManagement ID ::= {module opBindingManagement(18) 4}
-opBindingOIDs ID ::= {module opBindingOIDs(19) 3}
+opBindingOIDs ID ::= {module opBindingOIDs(19) 4}
hierarchicalOperationalBindings ID ::=
- {module hierarchicalOperationalBindings(20) 3}
+ {module hierarchicalOperationalBindings(20) 4}
-dsaOperationalAttributeTypes ID ::= {module dsaOperationalAttributeTypes(22) 3}
+dsaOperationalAttributeTypes ID ::= {module dsaOperationalAttributeTypes(22) 4}
-schemaAdministration ID ::= {module schemaAdministration(23) 3}
+schemaAdministration ID ::= {module schemaAdministration(23) 4}
-basicAccessControl ID ::= {module basicAccessControl(24) 3}
+basicAccessControl ID ::= {module basicAccessControl(24) 4}
directoryOperationalBindingTypes ID ::=
- {module directoryOperationalBindingTypes(25) 3}
+ {module directoryOperationalBindingTypes(25) 4}
-certificateExtensions ID ::= {module certificateExtensions(26) 0}
+certificateExtensions ID ::= {module certificateExtensions(26) 4}
-directoryManagement ID ::= {module directoryManagement(27) 1}
+directoryManagement ID ::= {module directoryManagement(27) 4}
-enhancedSecurity ID ::= {module enhancedSecurity(28) 1}
+enhancedSecurity ID ::= {module enhancedSecurity(28) 4}
-iDMProtocolSpecification ID ::= {module iDMProtocolSpecification(30) 4}
+-- directorySecurityExchanges ID ::= {module directorySecurityExchanges (29) 4}
+iDMProtocolSpecification ID ::=
+ {module iDMProtocolSpecification(30) 4}
directoryIDMProtocols ID ::= {module directoryIDMProtocols(31) 4}
--- directorySecurityExchanges ID ::= {module directorySecurityExchanges (29) 1}
+attributeCertificateDefinitions ID ::=
+ {module attributeCertificateDefinitions(32) 4}
+
+serviceAdministration ID ::= {module serviceAdministration(33) 4}
+
+-- the following defintion is for a module that holds externally defined schema elements not defined
+-- using formal ASN.1 notation (see latest version of Implementor's Guide)
+externalDefinitions ID ::=
+ {module externalDefinitions(34) 4}
+
-- synonyms
-id-oc ID ::=
- objectClass
+id-oc ID ::= objectClass
id-at ID ::= attributeType
@@ -195,11 +202,11 @@ id-ce ID ::= certificateExtension
id-mgt ID ::= managementObject
-id-idm ID ::= idmProtocol
-
id-avc ID ::= attributeValueContext
--- id-se ID ::= securityExchange
+-- id-se ID ::= securityExchange
+id-idm ID ::= idmProtocol
+
id-pr ID ::= problem
id-not ID ::= notification
@@ -209,32 +216,33 @@ id-mre ID ::= matchingRestriction
id-cat ID ::= controlAttributeType
-- obsolete module identifiers
--- usefulDefinition ID ::= {module 0}
+-- usefulDefinition ID ::= {module 0}
-- informationFramework ID ::= {module 1}
-- directoryAbstractService ID ::= {module 2}
-- distributedOperations ID ::= {module 3}
--- protocolObjectIdentifiers ID ::= {module 4}
+-- protocolObjectIdentifiers ID ::= {module 4}
-- selectedAttributeTypes ID ::= {module 5}
-- selectedObjectClasses ID ::= {module 6}
--- authenticationFramework ID ::= {module 7}
--- algorithmObjectIdentifiers ID ::= {module 8}
--- directoryObjectIdentifiers ID ::= {module 9}
+-- authenticationFramework ID ::= {module 7}
+-- algorithmObjectIdentifiers ID ::= {module 8}
+-- directoryObjectIdentifiers ID ::= {module 9}
-- upperBounds ID ::= {module 10}
-- dap ID ::= {module 11}
-- dsp ID ::= {module 12}
--- distributedDirectoryObjectIdentifiers ID ::= {module 13}
+-- distributedDirectoryObjectIdentifiers ID ::= {module 13}
-- unused module identifiers
-- directoryShadowOIDs ID ::= {module 14}
-- directoryShadowAbstractService ID ::= {module 15}
-- disp ID ::= {module 16}
-- dop ID ::= {module 17}
--- opBindingManagement ID ::= {module 18}
+-- opBindingManagement ID ::= {module 18}
-- opBindingOIDs ID ::= {module 19}
--- hierarchicalOperationalBindings ID ::= {module 20}
--- dsaOperationalAttributeTypes ID ::= {module 22}
+-- hierarchicalOperationalBindings ID ::= {module 20}
+-- dsaOperationalAttributeTypes ID ::= {module 22}
-- schemaAdministration ID ::= {module 23}
-- basicAccessControl ID ::= {module 24}
--- operationalBindingOIDs ID ::= {module 25}
+-- operationalBindingOIDs ID ::= {module 25}
END -- UsefulDefinitions
--- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+-- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
+
diff --git a/asn1/x.501-2001-02.form_desc.full.zip b/asn1/x.501-2001-02.form_desc.full.zip
new file mode 100644
index 0000000..c1ba90b
--- /dev/null
+++ b/asn1/x.501-2001-02.form_desc.full.zip
Binary files differ