Network Working Group M. Smith
Request for Comments: 2798 Netscape Communications
Category: Informational April 2000
Network Working Group M. Smith
Request for Comments: 2798 Netscape Communications
Category: Informational April 2000
Definition of the inetOrgPerson LDAP Object Class
inetOrgPerson LDAP对象类的定义
Status of this Memo
本备忘录的状况
This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
本备忘录为互联网社区提供信息。它没有规定任何类型的互联网标准。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2000). All Rights Reserved.
版权所有(C)互联网协会(2000年)。版权所有。
Abstract
摘要
While the X.500 standards define many useful attribute types [X520] and object classes [X521], they do not define a person object class that meets the requirements found in today's Internet and Intranet directory service deployments. We define a new object class called inetOrgPerson for use in LDAP and X.500 directory services that extends the X.521 standard organizationalPerson class to meet these needs.
虽然X.500标准定义了许多有用的属性类型[X520]和对象类[X521],但它们没有定义满足当今Internet和Intranet目录服务部署要求的person对象类。我们定义了一个名为inetOrgPerson的新对象类,用于LDAP和X.500目录服务,它扩展了X.521标准organizationalPerson类以满足这些需求。
Table of Contents
目录
1. Background and Intended Usage...............................2
2. New Attribute Types Used in the inetOrgPerson Object Class..3
2.1. Vehicle license or registration plate....................3
2.2. Department number........................................3
2.3. Display Name.............................................4
2.4. Employee Number..........................................4
2.5. Employee Type............................................4
2.6. JPEG Photograph..........................................5
2.7. Preferred Language.......................................5
2.8. User S/MIME Certificate..................................5
2.9. User PKCS #12............................................6
3. Definition of the inetOrgPerson Object Class................6
4. Example of an inetOrgPerson Entry...........................7
5. Security Considerations.....................................8
6. Acknowledgments.............................................8
7. Bibliography................................................8
8. Author's Address............................................9
9. Appendix A - inetOrgPerson Schema Summary..................10
9.1. Attribute Types..........................................10
9.1.1. New attribute types that are defined in this document.10
9.1.2. Attribute types from RFC 2256.........................12
9.1.3. Attribute types from RFC 1274.........................15
9.1.4. Attribute type from RFC 2079..........................16
9.2. Syntaxes.................................................17
9.2.1. Syntaxes from RFC 2252................................17
9.2.2. Syntaxes from RFC 2256................................17
9.3. Matching Rules...........................................17
9.3.1. Matching rules from RFC 2252..........................17
9.3.2. Matching rule from RFC 2256...........................18
9.3.3. Additional matching rules from X.520..................18
9.3.4. Matching rules not defined in any referenced document.19
10. Full Copyright Statement...................................20
1. Background and Intended Usage...............................2
2. New Attribute Types Used in the inetOrgPerson Object Class..3
2.1. Vehicle license or registration plate....................3
2.2. Department number........................................3
2.3. Display Name.............................................4
2.4. Employee Number..........................................4
2.5. Employee Type............................................4
2.6. JPEG Photograph..........................................5
2.7. Preferred Language.......................................5
2.8. User S/MIME Certificate..................................5
2.9. User PKCS #12............................................6
3. Definition of the inetOrgPerson Object Class................6
4. Example of an inetOrgPerson Entry...........................7
5. Security Considerations.....................................8
6. Acknowledgments.............................................8
7. Bibliography................................................8
8. Author's Address............................................9
9. Appendix A - inetOrgPerson Schema Summary..................10
9.1. Attribute Types..........................................10
9.1.1. New attribute types that are defined in this document.10
9.1.2. Attribute types from RFC 2256.........................12
9.1.3. Attribute types from RFC 1274.........................15
9.1.4. Attribute type from RFC 2079..........................16
9.2. Syntaxes.................................................17
9.2.1. Syntaxes from RFC 2252................................17
9.2.2. Syntaxes from RFC 2256................................17
9.3. Matching Rules...........................................17
9.3.1. Matching rules from RFC 2252..........................17
9.3.2. Matching rule from RFC 2256...........................18
9.3.3. Additional matching rules from X.520..................18
9.3.4. Matching rules not defined in any referenced document.19
10. Full Copyright Statement...................................20
The inetOrgPerson object class is a general purpose object class that holds attributes about people. The attributes it holds were chosen to accommodate information requirements found in typical Internet and Intranet directory service deployments. The inetOrgPerson object class is designed to be used within directory services based on the LDAP [RFC2251] and the X.500 family of protocols, and it should be useful in other contexts as well. There is no requirement for directory services implementors to use the inetOrgPerson object class; it is simply presented as well-documented class that implementors can choose to use if they find it useful.
inetOrgPerson对象类是一个通用对象类,用于保存有关人员的属性。选择它所拥有的属性是为了适应典型的Internet和Intranet目录服务部署中的信息需求。inetOrgPerson对象类设计用于基于LDAP[RFC2251]和X.500协议系列的目录服务中,在其他上下文中也应该有用。目录服务实现者不需要使用inetOrgPerson对象类;它只是以文档化良好的类的形式呈现,如果实现者发现它有用,他们可以选择使用它。
The attribute type and object class definitions in this document are written using the BNF form of AttributeTypeDescription and ObjectClassDescription given in [RFC2252]. In some cases lines have been folded for readability.
本文档中的属性类型和对象类定义使用[RFC2252]中给出的AttributeTypeDescription和ObjectClassDescription的BNF形式编写。在某些情况下,为了便于阅读,行被折叠起来。
Attributes that are referenced but not defined in this document are included in one of the following documents:
本文档中引用但未定义的属性包含在以下文档之一中:
The COSINE and Internet X.500 Schema [RFC1274]
余弦和Internet X.500模式[RFC1274]
Definition of an X.500 Attribute Type and an Object Class to Hold Uniform Resource Identifiers (URIs) [RFC2079]
定义X.500属性类型和对象类以保存统一资源标识符(URI)[RFC2079]
A Summary of the X.500(96) User Schema for use with LDAPv3 [RFC2256]
用于LDAPv3[RFC2256]的X.500(96)用户模式摘要
See Appendix A for a summary of the attribute types, associated syntaxes, and matching rules used in this document.
有关本文档中使用的属性类型、关联语法和匹配规则的摘要,请参见附录A。
2.1. Vehicle license or registration plate.
2.1. 车辆牌照或车牌。
This multivalued field is used to record the values of the license or registration plate associated with an individual.
此多值字段用于记录与个人相关的牌照或车牌的值。
( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC 'vehicle license or registration plate' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
(2.16.840.1.113730.3.1.1名称“carLicense”描述“车辆牌照或车牌”相等caseIgnoreMatch SUBSTR caseIgnoreMatch SUBSTR caseIgnoreMatch语法1.3.6.1.4.1.1466.115.121.1.15)
Code for department to which a person belongs. This can also be strictly numeric (e.g., 1234) or alphanumeric (e.g., ABC/123).
人员所属部门的代码。这也可以是严格的数字(如1234)或字母数字(如ABC/123)。
( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' DESC 'identifies a department within an organization' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
(2.16.840.1.113730.3.1.2名称'departmentNumber'DESC'标识组织内的部门'EQUALITY caseIgnoreMatch SUBSTR caseIgnoreMatch SubStrings匹配语法1.3.6.1.4.1.1466.115.121.1.15)
When displaying an entry, especially within a one-line summary list, it is useful to be able to identify a name to be used. Since other attribute types such as 'cn' are multivalued, an additional attribute type is needed. Display name is defined for this purpose.
显示条目时,尤其是在单行摘要列表中,能够识别要使用的名称非常有用。由于其他属性类型(如“cn”)是多值的,因此需要额外的属性类型。为此目的定义了显示名称。
( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC 'preferred name of a person to be used when displaying entries' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
(2.16.840.1.113730.3.1.241名称'displayName'DESC'显示条目时使用的首选姓名'EQUALITY caseIgnoreMatch SubStrings br CaseIgnoreSubStrings匹配语法1.3.6.1.4.1.1466.115.121.1.15单值)
Numeric or alphanumeric identifier assigned to a person, typically based on order of hire or association with an organization. Single valued.
分配给个人的数字或字母数字标识符,通常基于雇佣顺序或与组织的关联。单值。
( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC 'numerically identifies an employee within an organization' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
(2.16.840.1.113730.3.1.3名称'employeeNumber'DESC'以数字形式标识组织内的员工'EQUALITY caseIgnoreMatch SubStrings br CaseIgnoreSSubStrings匹配语法1.3.6.1.4.1.1466.115.121.1.15单值)
Used to identify the employer to employee relationship. Typical values used will be "Contractor", "Employee", "Intern", "Temp", "External", and "Unknown" but any value may be used.
用于确定雇主与雇员之间的关系。使用的典型值为“承包商”、“员工”、“实习生”、“临时工”、“外部”和“未知”,但可以使用任何值。
( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC 'type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
(2.16.840.1.113730.3.1.4姓名“employeeType”描述“一个人的就业类型”平等caseIgnoreMatch SubStrings匹配caseIgnoreMatch语法1.3.6.1.1.1466.115.121.1.15)
Used to store one or more images of a person using the JPEG File Interchange Format [JFIF].
用于使用JPEG文件交换格式[JFIF]存储一个或多个人物图像。
( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC 'a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 )
(0.9.2342.19200300.100.1.60名称“JPEG照片”描述“JPEG图像”语法1.3.6.1.4.1.1466.115.121.1.28)
Note that the jpegPhoto attribute type was defined for use in the Internet X.500 pilots but no referencable definition for it could be located.
请注意,jpegPhoto属性类型是为在Internet X.500 pilots中使用而定义的,但找不到它的可引用定义。
Used to indicate an individual's preferred written or spoken language. This is useful for international correspondence or human-computer interaction. Values for this attribute type MUST conform to the definition of the Accept-Language header field defined in [RFC2068] with one exception: the sequence "Accept-Language" ":" should be omitted. This is a single valued attribute type.
用来表示个人喜欢的书面或口头语言。这对于国际通信或人机交互非常有用。此属性类型的值必须符合[RFC2068]中定义的Accept Language标头字段的定义,但有一个例外:应忽略序列“Accept Language”“:”。这是一种单值属性类型。
( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' DESC 'preferred written or spoken language for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) )
(2.16.840.1.113730.3.1.39姓名'preferredLanguage'DESC'个人首选书面或口语'EQUALITY caseIgnoreMatch SubStrings匹配caseIgnoreMatch语法1.3.6.1.1.1466.115.121.1.15单值))
A PKCS#7 [RFC2315] SignedData, where the content that is signed is ignored by consumers of userSMIMECertificate values. It is recommended that values have a `contentType' of data with an absent `content' field. Values of this attribute contain a person's entire certificate chain and an smimeCapabilities field [RFC2633] that at a minimum describes their SMIME algorithm capabilities. Values for this attribute are to be stored and requested in binary form, as 'userSMIMECertificate;binary'. If available, this attribute is preferred over the userCertificate attribute for S/MIME applications.
PKCS#7[RFC2315]签名数据,其中已签名的内容被userSMIMECertificate值的使用者忽略。建议值的数据类型为“contentType”,但缺少“content”字段。此属性的值包含一个人的整个证书链和至少描述其SMIME算法功能的smimeCapabilities字段[RFC2633]。此属性的值将以二进制形式存储和请求,如“userSMIMECertificate”;二进制'。如果可用,此属性优先于S/MIME应用程序的userCertificate属性。
( 2.16.840.1.113730.3.1.40 NAME 'userSMIMECertificate' DESC 'PKCS#7 SignedData used to support S/MIME' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
(2.16.840.1.113730.3.1.40 NAME'userSMIMECertificate'DESC'PKCS#7用于支持S/MIME'语法的签名数据1.3.6.1.4.1.1466.115.121.1.5)
PKCS #12 [PKCS12] provides a format for exchange of personal identity information. When such information is stored in a directory service, the userPKCS12 attribute should be used. This attribute is to be stored and requested in binary form, as 'userPKCS12;binary'. The attribute values are PFX PDUs stored as binary data.
PKCS#12[PKCS12]提供了个人身份信息交换的格式。当这些信息存储在目录服务中时,应该使用userPKCS12属性。该属性以二进制形式存储和请求,如“userPKCS12;二进制'。属性值是作为二进制数据存储的PFX PDU。
( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC 'PKCS #12 PFX PDU for exchange of personal identity information' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
(2.16.840.1.113730.3.1.216 NAME'userPKCS12'DESC'PKCS#12用于交换个人身份信息的PFX PDU'语法1.3.6.1.4.1.1466.115.121.1.5)
The inetOrgPerson represents people who are associated with an organization in some way. It is a structural class and is derived from the organizationalPerson class which is defined in X.521 [X521].
inetOrgPerson表示以某种方式与组织关联的人员。它是一个结构类,派生自X.521[X521]中定义的organizationalPerson类。
( 2.16.840.1.113730.3.2.2 NAME 'inetOrgPerson' SUP organizationalPerson STRUCTURAL MAY ( audio $ businessCategory $ carLicense $ departmentNumber $ displayName $ employeeNumber $ employeeType $ givenName $ homePhone $ homePostalAddress $ initials $ jpegPhoto $ labeledURI $ mail $ manager $ mobile $ o $ pager $ photo $ roomNumber $ secretary $ uid $ userCertificate $ x500uniqueIdentifier $ preferredLanguage $ userSMIMECertificate $ userPKCS12 ) )
(2.16.840.1.113730.3.2.2名称“inetOrgPerson”辅助组织人员(音频$businessCategory$carLicense$departmentNumber$displayName$employeeNumber$employeeType$givenName$homePhone$homePostalAddress$缩写$jpegPhoto$labeledURI$mail$manager$mobile$o$pager$photo$roomNumber$secretary$uid$userCertificate$X500唯一标识符$preferredLanguage$userSMIMECertificate$u)serPKCS12)
For reference, we list the following additional attribute types that are part of the inetOrgPerson object class. These attribute types are inherited from organizationalPerson (which in turn is derived from the person object class):
为了便于参考,我们列出了以下作为inetOrgPerson对象类一部分的附加属性类型。这些属性类型继承自organizationalPerson(organizationalPerson又派生自person对象类):
MUST ( cn $ objectClass $ sn ) MAY ( description $ destinationIndicator $ facsimileTelephoneNumber $ internationaliSDNNumber $ l $ ou $ physicalDeliveryOfficeName $ postalAddress $ postalCode $ postOfficeBox $ preferredDeliveryMethod $ registeredAddress $ seeAlso $ st $ street $ telephoneNumber $ teletexTerminalIdentifier $ telexNumber $ title $ userPassword $ x121Address )
必须(cn$objectClass$sn)可以(说明$destinationIndicator$facsimileTelephoneNumber$internationaliSDNNumber$l$ou$physicalDeliveryOfficeName$Postladdress$postalCode$postOfficeBox$PreferredDelivery方法$registeredAddress$另请参见$st$street$电话号码$Teletexterminalidentier$电传号码$title$用户密码$X121地址)
The following example is expressed using the LDIF notation defined in [LDIF].
以下示例使用[LDIF]中定义的LDIF符号表示。
version: 1
dn: cn=Barbara Jensen,ou=Product Development,dc=siroe,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: Barbara Jensen
cn: Babs Jensen
displayName: Babs Jensen
sn: Jensen
givenName: Barbara
initials: BJJ
title: manager, product development
uid: bjensen
mail: bjensen@siroe.com
telephoneNumber: +1 408 555 1862
facsimileTelephoneNumber: +1 408 555 1992
mobile: +1 408 555 1941
roomNumber: 0209
carLicense: 6ABC246
o: Siroe
ou: Product Development
departmentNumber: 2604
employeeNumber: 42
employeeType: full time
preferredLanguage: fr, en-gb;q=0.8, en;q=0.7
labeledURI: http://www.siroe.com/users/bjensen My Home Page
version: 1
dn: cn=Barbara Jensen,ou=Product Development,dc=siroe,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
cn: Barbara Jensen
cn: Babs Jensen
displayName: Babs Jensen
sn: Jensen
givenName: Barbara
initials: BJJ
title: manager, product development
uid: bjensen
mail: bjensen@siroe.com
telephoneNumber: +1 408 555 1862
facsimileTelephoneNumber: +1 408 555 1992
mobile: +1 408 555 1941
roomNumber: 0209
carLicense: 6ABC246
o: Siroe
ou: Product Development
departmentNumber: 2604
employeeNumber: 42
employeeType: full time
preferredLanguage: fr, en-gb;q=0.8, en;q=0.7
labeledURI: http://www.siroe.com/users/bjensen My Home Page
Attributes of directory entries are used to provide descriptive information about the real-world objects they represent, which can be people, organizations or devices. Most countries have privacy laws regarding the publication of information about people.
目录项的属性用于提供有关它们所表示的真实对象的描述性信息,这些对象可以是人、组织或设备。大多数国家都有关于发布个人信息的隐私法。
Transfer of cleartext passwords are strongly discouraged where the underlying transport service cannot guarantee confidentiality and may result in disclosure of the password to unauthorized parties.
如果基础传输服务不能保证机密性,并且可能导致密码泄露给未经授权的方,则强烈反对传输明文密码。
The Netscape Directory Server team created the inetOrgPerson object class based on experience and customer requirements. Anil Bhavnani and John Kristian in particular deserve credit for all of the early design work.
Netscape目录服务器团队根据经验和客户要求创建了inetOrgPerson对象类。Anil Bhavnani和John Kristian尤其值得赞扬所有早期设计工作。
Many members of the Internet community, in particular those in the IETF ASID and LDAPEXT groups, also contributed to the design of this object class.
互联网社区的许多成员,特别是IETF ASID和LDAPEXT小组的成员,也对该对象类的设计做出了贡献。
[JFIF] E. Hamilton, "JPEG File Interchange Format (Version 1.02)", C-Cube Microsystems, Milpitas, CA, September 1, 1992.
[JFIF]E.Hamilton,“JPEG文件交换格式(1.02版)”,C-Cube Microsystems,加利福尼亚州米尔皮塔斯,1992年9月1日。
[LDIF] G. Good, "The LDAP Data Interchange Format (LDIF) - Technical Specification", Work in Progress.
[LDIF]G.Good,“LDAP数据交换格式(LDIF)-技术规范”,正在进行中。
[PKCS12] "PKCS #12: Personal Information Exchange Standard", Version 1.0 Draft, 30 April 1997.
[PKCS12]“PKCS#12:个人信息交换标准”,第1.0版草案,1997年4月30日。
[RFC1274] Barker, P. and S. Kille, "The COSINE and Internet X.500 Schema", RFC 1274, November 1991.
[RFC1274]巴克,P.和S.基尔,“余弦和互联网X.500模式”,RFC1274,1991年11月。
[RFC1847] Galvin, J., Murphy, S., Crocker, S. and N. Freed, "Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted", RFC 1847, October 1995.
[RFC1847]Galvin,J.,Murphy,S.,Crocker,S.和N.Freed,“MIME的安全多部分:多部分/签名和多部分/加密”,RFC 1847,1995年10月。
[RFC2068] Fielding, R., Gettys, J., Mogul, J., Frystyk, H. and T. Berners-Lee, "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2068, January 1997.
[RFC2068]菲尔丁,R.,盖蒂斯,J.,莫卧儿,J.,弗莱斯蒂克,H.和T.伯纳斯李,“超文本传输协议——HTTP/1.1”,RFC 2068,1997年1月。
[RFC2079] Smith, M., "Definition of an X.500 Attribute Type and an Object Class to Hold Uniform Resource Identifiers (URIs)", RFC 2079, January 1997.
[RFC2079]Smith,M.“X.500属性类型和用于保存统一资源标识符(URI)的对象类的定义”,RFC 2079,1997年1月。
[RFC2251] Wahl, M., Howes, T. and S. Kille, "Lightweight Directory Access Protocol (v3)", RFC 2251, December 1997.
[RFC2251]Wahl,M.,Howes,T.和S.Kille,“轻量级目录访问协议(v3)”,RFC 2251,1997年12月。
[RFC2252] Wahl, M., Coulbeck, A., Howes, T., Kille, S., Yeong, W. and C. Robbins, "Lightweight Directory Access Protocol (v3): Attribute Syntax Definitions", RFC 2252, December 1997.
[RFC2252]Wahl,M.,Coulbeck,A.,Howes,T.,Kille,S.,Yeong,W.和C.Robbins,“轻量级目录访问协议(v3):属性语法定义”,RFC 2252,1997年12月。
[RFC2256] Wahl, M., "A Summary of the X.500(96) User Schema for use with LDAPv3", RFC 2256, December 1997.
[RFC2256]Wahl,M.,“用于LDAPv3的X.500(96)用户模式摘要”,RFC 2256,1997年12月。
[RFC2315] Kaliski, B., "PKCS #7: Cryptographic Message Syntax Version 1.5", RFC 2315, March 1998.
[RFC2315]Kaliski,B.,“PKCS#7:加密消息语法版本1.5”,RFC 2315,1998年3月。
[RFC2633] Ramsdell, B., "S/MIME Version 3 Message Specification", RFC 2633, June 1999.
[RFC2633]Ramsdell,B.,“S/MIME版本3消息规范”,RFC 2633,1999年6月。
[X520] ITU-T Rec. X.520, "The Directory: Selected Attribute Types", 1996.
[X520]ITU-T Rec.X.520,“目录:选定的属性类型”,1996年。
[X521] ITU-T Rec. X.521, "The Directory: Selected Object Classes", 1996.
[X521]ITU-T Rec.X.521,“目录:选定对象类”,1996年。
Mark Smith Netscape Communications Corp. 501 E. Middlefield Rd., Mailstop MV068 Mountain View, CA 94043, USA
马克·史密斯网景通信公司,地址:美国加利福尼亚州山景城MV068邮箱米德尔菲尔德东路501号,邮编:94043
Phone: +1 650 937-3477
EMail: mcs@netscape.com
Phone: +1 650 937-3477
EMail: mcs@netscape.com
This appendix provides definitions of all the attribute types included in the inetOrgPerson object class along with their associated syntaxes and matching rules.
本附录提供了inetOrgPerson对象类中包含的所有属性类型的定义及其关联的语法和匹配规则。
( 2.16.840.1.113730.3.1.1 NAME 'carLicense' DESC 'vehicle license or registration plate' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
(2.16.840.1.113730.3.1.1名称“carLicense”描述“车辆牌照或车牌”相等caseIgnoreMatch SUBSTR caseIgnoreMatch SUBSTR caseIgnoreMatch语法1.3.6.1.4.1.1466.115.121.1.15)
( 2.16.840.1.113730.3.1.2 NAME 'departmentNumber' DESC 'identifies a department within an organization' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
(2.16.840.1.113730.3.1.2名称'departmentNumber'DESC'标识组织内的部门'EQUALITY caseIgnoreMatch SUBSTR caseIgnoreMatch SubStrings匹配语法1.3.6.1.4.1.1466.115.121.1.15)
( 2.16.840.1.113730.3.1.241 NAME 'displayName' DESC 'preferred name of a person to be used when displaying entries' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
(2.16.840.1.113730.3.1.241名称'displayName'DESC'显示条目时使用的首选姓名'EQUALITY caseIgnoreMatch SubStrings br CaseIgnoreSubStrings匹配语法1.3.6.1.4.1.1466.115.121.1.15单值)
( 2.16.840.1.113730.3.1.3 NAME 'employeeNumber' DESC 'numerically identifies an employee within an organization' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
(2.16.840.1.113730.3.1.3名称'employeeNumber'DESC'以数字形式标识组织内的员工'EQUALITY caseIgnoreMatch SubStrings br CaseIgnoreSSubStrings匹配语法1.3.6.1.4.1.1466.115.121.1.15单值)
( 2.16.840.1.113730.3.1.4 NAME 'employeeType' DESC 'type of employment for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
(2.16.840.1.113730.3.1.4姓名“employeeType”描述“一个人的就业类型”平等caseIgnoreMatch SubStrings匹配caseIgnoreMatch语法1.3.6.1.1.1466.115.121.1.15)
( 0.9.2342.19200300.100.1.60 NAME 'jpegPhoto' DESC 'a JPEG image' SYNTAX 1.3.6.1.4.1.1466.115.121.1.28 ) Note: The jpegPhoto attribute type was defined for use in the Internet X.500 pilots but no referencable definition for it could be located.
(0.9.2342.19200300.100.1.60名称“jpegPhoto”描述“a JPEG图像”语法1.3.6.1.4.1.1466.115.121.1.28)注意:jpegPhoto属性类型是为在Internet X.500 pilots中使用而定义的,但找不到可引用的定义。
( 2.16.840.1.113730.3.1.39 NAME 'preferredLanguage' DESC 'preferred written or spoken language for a person' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
(2.16.840.1.113730.3.1.39姓名'preferredLanguage'DESC'个人的首选书面或口头语言'EQUALITY caseIgnoreMatch subsr caseIgnoreMatch substrings匹配语法1.3.6.1.4.1.1466.115.121.1.15单值)
( 2.16.840.1.113730.3.1.40 NAME 'userSMIMECertificate' DESC 'signed message used to support S/MIME' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
(2.16.840.1.113730.3.1.40用于支持S/MIME语法1.3.6.1.4.1.1466.115.121.1.5的NAME'userSMIMECertificate'DESC'签名消息)
( 2.16.840.1.113730.3.1.216 NAME 'userPKCS12' DESC 'PKCS #12 PFX PDU for exchange of personal identity information' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 )
(2.16.840.1.113730.3.1.216 NAME'userPKCS12'DESC'PKCS#12用于交换个人身份信息的PFX PDU'语法1.3.6.1.4.1.1466.115.121.1.5)
Note that the original definitions of these types can be found in X.520.
请注意,这些类型的原始定义可以在X.520中找到。
( 2.5.4.15 NAME 'businessCategory' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
(2.5.4.15名称'businessCategory'相等caseIgnoreMatch SUBSTR caseIgnoreMatch语法1.3.6.1.4.1.1466.115.121.1.15{128})
( 2.5.4.3 NAME 'cn' SUP name )
(2.5.4.3名称“cn”SUP名称)
( 2.5.4.13 NAME 'description' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
(2.5.4.13名称'description'相等caseIgnoreMatch SUBSTR caseIgnoreMatch语法1.3.6.1.4.1.1466.115.121.1.15{1024})
( 2.5.4.27 NAME 'destinationIndicator' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
(2.5.4.27名称'destinationIndicator'相等caseIgnoreMatch SUBSTR caseIgnoreMatch语法1.3.6.1.4.1.1466.115.121.1.44{128})
( 2.5.4.23 NAME 'facsimileTelephoneNumber' SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
(2.5.4.23名称“facsimileTelephoneNumber”语法1.3.6.1.4.1.1466.115.121.1.22)
( 2.5.4.42 NAME 'givenName' SUP name )
(2.5.4.42名称“givenName”辅助名称)
( 2.5.4.43 NAME 'initials' SUP name )
(2.5.4.43名称“缩写”SUP名称)
( 2.5.4.25 NAME 'internationaliSDNNumber' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
(2.5.4.25名称'internationaliSDNNumber'相等数值字符串匹配SUBSTR numericStringSubstringsMatch语法1.3.6.1.4.1.1466.115.121.1.36{16})
( 2.5.4.7 NAME 'l' SUP name )
(2.5.4.7名称“l”辅助名称)
( 2.5.4.0 NAME 'objectClass' EQUALITY objectIdentifierMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
(2.5.4.0名称'objectClass'相等objectIdentifierMatch语法1.3.6.1.4.1.1466.115.121.1.38)
( 2.5.4.10 NAME 'o' SUP name )
(2.5.4.10名称“o”SUP名称)
( 2.5.4.11 NAME 'ou' SUP name )
(2.5.4.11名称“ou”SUP名称)
( 2.5.4.19 NAME 'physicalDeliveryOfficeName' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
(2.5.4.19名称'physicalDeliveryOfficeName'相等caseIgnoreMatch SUBSTR caseIgnoreMatch语法1.3.6.1.4.1.1466.115.121.1.15{128})
( 2.5.4.18 NAME 'postOfficeBox' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
(2.5.4.18名称'postOfficeBox'相等caseIgnoreMatch SUBSTR caseIgnoreMatch语法1.3.6.1.4.1.1466.115.121.1.15{40})
( 2.5.4.16 NAME 'postalAddress' EQUALITY caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
(2.5.4.16名称“PostLaddress”相等caseIgnoreListMatch子字符串caseIgnoreListSubstringsMatch语法1.3.6.1.4.1.1466.115.121.1.41)
( 2.5.4.17 NAME 'postalCode' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
(2.5.4.17名称'postalCode'相等caseIgnoreMatch SUBSTR caseIgnoreMatch语法1.3.6.1.4.1.1466.115.121.1.15{40})
( 2.5.4.28 NAME 'preferredDeliveryMethod' SYNTAX 1.3.6.1.4.1.1466.115.121.1.14 SINGLE-VALUE )
(2.5.4.28名称“preferredDeliveryMethod”语法1.3.6.1.4.1.1466.115.121.1.14单值)
( 2.5.4.26 NAME 'registeredAddress' SUP postalAddress SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
(2.5.4.26名称“registeredAddress”辅助邮资语法1.3.6.1.4.1.1466.115.121.1.41)
( 2.5.4.34 NAME 'seeAlso' SUP distinguishedName )
(2.5.4.34名称“另见”辅助区分名称)
( 2.5.4.4 NAME 'sn' SUP name )
(2.5.4.4名称“序列号”辅助名称)
( 2.5.4.8 NAME 'st' SUP name )
(2.5.4.8名称“st”SUP名称)
( 2.5.4.9 NAME 'street' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
(2.5.4.9名称'street'相等caseIgnoreMatch SUBSTR caseignoresubstrings匹配语法1.3.6.1.4.1.1466.115.121.1.15{128})
( 2.5.4.20 NAME 'telephoneNumber' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
(2.5.4.20名称'telephoneNumber'相等telephoneNumberMatch SUBSTR电话号码SubStringsMatch语法1.3.6.1.4.1.1466.115.121.1.50{32})
( 2.5.4.22 NAME 'teletexTerminalIdentifier' SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
(2.5.4.22名称“Teletexterminalidentier”语法1.3.6.1.4.1.1466.115.121.1.51)
( 2.5.4.21 NAME 'telexNumber' SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
(2.5.4.21名称“电传号码”语法1.3.6.1.4.1.1466.115.121.1.52)
( 2.5.4.12 NAME 'title' SUP name )
(2.5.4.12名称“标题”辅助名称)
( 2.5.4.36 NAME 'userCertificate' SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
(2.5.4.36名称“用户证书”语法1.3.6.1.4.1.1466.115.121.1.8)
( 2.5.4.35 NAME 'userPassword' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
(2.5.4.35名称'userPassword'相等八位字符串匹配语法1.3.6.1.4.1.1466.115.121.1.40{128})
( 2.5.4.24 NAME 'x121Address' EQUALITY numericStringMatch SUBSTR numericStringSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
(2.5.4.24名称'X121地址'EQUALITY numericStringMatch SubTR numericStringSubstringsMatch语法1.3.6.1.4.1.1466.115.121.1.36{15})
( 2.5.4.45 NAME 'x500UniqueIdentifier' EQUALITY bitStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
(2.5.4.45名称'x500UniqueIdentifier'相等位字符串匹配语法1.3.6.1.4.1.1466.115.121.1.6)
Some attribute types included in inetOrgPerson are derived from the 'name' and 'distinguishedName' attribute supertypes:
inetOrgPerson中包含的某些属性类型是从“name”和“DiscrimitedName”属性超类型派生的:
( 2.5.4.41 NAME 'name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
(2.5.4.41名称'NAME'相等caseIgnoreMatch SUBSTR caseignoresubstrings匹配语法1.3.6.1.4.1.1466.115.121.1.15{32768})
( 2.5.4.49 NAME 'distinguishedName' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
(2.5.4.49名称“DifferentiedName”相等DifferentiedNameMatch语法1.3.6.1.4.1.1466.115.121.1.12)
( 0.9.2342.19200300.100.1.55 NAME 'audio' EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{250000} ) Note: The syntax used here for the audio attribute type is Octet String. RFC 1274 uses a syntax called audio which is not defined in RFC 1274.
(0.9.2342.19200300.100.1.55名称“audio”相等八位字符串匹配语法1.3.6.1.4.1.1466.115.121.1.40{250000})注意:此处用于音频属性类型的语法为八位字符串。RFC 1274使用一种称为audio的语法,该语法在RFC 1274中未定义。
( 0.9.2342.19200300.100.1.20 NAME 'homePhone' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) Note: RFC 1274 uses the longer name 'homeTelephoneNumber'.
(0.9.2342.19200300.100.1.20名称“homePhone”相等电话号码Match SUBSTR电话号码SubStringsMatch语法1.3.6.1.4.1.1466.115.121.1.50)注:RFC 1274使用更长的名称“HomePhoneNumber”。
( 0.9.2342.19200300.100.1.39 NAME 'homePostalAddress' EQUALITY caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
(0.9.2342.19200300.100.1.39名称“HomePostLaddress”相等caseIgnoreListMatch SUBSTR caseIgnoreListSubstringsMatch语法1.3.6.1.4.1.1466.115.121.1.41)
( 0.9.2342.19200300.100.1.3 NAME 'mail' EQUALITY caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} ) Note: RFC 1274 uses the longer name 'rfc822Mailbox' and syntax OID of 0.9.2342.19200300.100.3.5. All recent LDAP documents and most deployed LDAP implementations refer to this attribute as 'mail' and define the IA5 String syntax using using the OID 1.3.6.1.4.1.1466.115.121.1.26, as is done here.
(0.9.2342.19200300.100.1.3名称'mail'相等caseIgnoreIA5Match SUBSTR caseIgnoreIA5SubstringsMatch语法1.3.6.1.4.1.1466.115.121.1.26{256})注:RFC 1274使用较长的名称'rfc822Mailbox',语法OID为0.9.2342.19200300.100.3.5。所有最近的LDAP文档和大多数部署的LDAP实现都将此属性称为“邮件”,并使用OID 1.3.6.1.4.1.1466.115.121.1.26定义IA5字符串语法,如下所示。
( 0.9.2342.19200300.100.1.10 NAME 'manager' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
(0.9.2342.19200300.100.1.10名称“经理”相等区分名称匹配语法1.3.6.1.4.1.1466.115.121.1.12)
( 0.9.2342.19200300.100.1.41 NAME 'mobile' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) Note: RFC 1274 uses the longer name 'mobileTelephoneNumber'.
(0.9.2342.19200300.100.1.41名称“mobile”相等电话号码Match SUBSTR电话号码SubStringsMatch语法1.3.6.1.4.1.1466.115.121.1.50)注:RFC 1274使用较长的名称“mobileTelephoneNumber”。
( 0.9.2342.19200300.100.1.42 NAME 'pager' EQUALITY telephoneNumberMatch SUBSTR telephoneNumberSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 ) Note: RFC 1274 uses the longer name 'pagerTelephoneNumber'.
(0.9.2342.19200300.100.1.42名称'pager'相等电话号码Match SUBSTR电话号码SubStringsMatch语法1.3.6.1.4.1.1466.115.121.1.50)注:RFC 1274使用较长的名称'pagerTelephoneNumber'。
( 0.9.2342.19200300.100.1.7 NAME 'photo' ) Note: Photo attribute values are encoded in G3 fax format with an ASN.1 wrapper. Please refer to RFC 1274 section 9.3.7 for detailed syntax information for this attribute.
(0.9.2342.19200300.100.1.7名称“照片”)注:照片属性值以G3传真格式编码,带有ASN.1包装。有关此属性的详细语法信息,请参阅RFC 1274第9.3.7节。
( 0.9.2342.19200300.100.1.6 NAME 'roomNumber' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
(0.9.2342.19200300.100.1.6名称“roomNumber”相等caseIgnoreMatch SUBSTR caseIgnoreMatch语法1.3.6.1.4.1.1466.115.121.1.15{256})
( 0.9.2342.19200300.100.1.21 NAME 'secretary' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
(0.9.2342.19200300.100.1.21名称“秘书”相等区分名称匹配语法1.3.6.1.4.1.1466.115.121.1.12)
( 0.9.2342.19200300.100.1.1 NAME 'uid' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} ) Note: RFC 1274 uses the longer name 'userid'.
(0.9.2342.19200300.100.1.1名称'uid'相等caseIgnoreMatch SUBSTR caseignoresubstrings匹配语法1.3.6.1.4.1.1466.115.121.1.15{256})注:RFC 1274使用更长的名称'userid'。
( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI' EQUALITY caseExactMatch SUBSTR caseExactSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
(1.3.6.1.4.1.250.1.57名称'labeledURI'相等caseExactMatch SUBSTR caseExactSubstrings匹配语法1.3.6.1.4.1.1466.115.121.1.15)
( 1.3.6.1.4.1.1466.115.121.1.5 DESC 'Binary' )
(1.3.6.1.4.1.1466.115.121.1.5描述“二进制”)
( 1.3.6.1.4.1.1466.115.121.1.6 DESC 'Bit String' )
(1.3.6.1.4.1.1466.115.121.1.6描述“位字符串”)
( 1.3.6.1.4.1.1466.115.121.1.8 DESC 'Certificate' )
(1.3.6.1.4.1.1466.115.121.1.8说明“证书”)
( 1.3.6.1.4.1.1466.115.121.1.12 DESC 'DN' )
(1.3.6.1.4.1.1466.115.121.1.12描述“DN”)
( 1.3.6.1.4.1.1466.115.121.1.15 DESC 'Directory String' )
(1.3.6.1.4.1.1466.115.121.1.15描述“目录字符串”)
( 1.3.6.1.4.1.1466.115.121.1.22 DESC 'Facsimile Telephone Number' )
(1.3.6.1.4.1.1466.115.121.1.22描述“传真电话号码”)
( 1.3.6.1.4.1.1466.115.121.1.26 DESC 'IA5 String' )
(1.3.6.1.4.1.1466.115.121.1.26描述“IA5串”)
( 1.3.6.1.4.1.1466.115.121.1.28 DESC 'JPEG' )
(1.3.6.1.4.1.1466.115.121.1.28描述“JPEG”)
( 1.3.6.1.4.1.1466.115.121.1.36 DESC 'Numeric String' )
(1.3.6.1.4.1.1466.115.121.1.36描述“数字字符串”)
( 1.3.6.1.4.1.1466.115.121.1.38 DESC 'OID' )
(1.3.6.1.4.1.1466.115.121.1.38说明“OID”)
( 1.3.6.1.4.1.1466.115.121.1.41 DESC 'Postal Address' )
(1.3.6.1.4.1.1466.115.121.1.41描述“邮政地址”)
( 1.3.6.1.4.1.1466.115.121.1.44 DESC 'Printable String' )
(1.3.6.1.4.1.1466.115.121.1.44描述“可打印字符串”)
( 1.3.6.1.4.1.1466.115.121.1.50 DESC 'Telephone Number' )
(1.3.6.1.4.1.1466.115.121.1.50描述“电话号码”)
( 1.3.6.1.4.1.1466.115.121.1.14 DESC 'Delivery Method' )
(1.3.6.1.4.1.1466.115.121.1.14描述“交付方法”)
( 1.3.6.1.4.1.1466.115.121.1.40 DESC 'Octet String' )
(1.3.6.1.4.1.1466.115.121.1.40描述“八进制字符串”)
( 1.3.6.1.4.1.1466.115.121.1.51 DESC 'Teletex Terminal Identifier' )
(1.3.6.1.4.1.1466.115.121.1.51描述“电传终端标识符”)
( 1.3.6.1.4.1.1466.115.121.1.52 DESC 'Telex Number' )
(1.3.6.1.4.1.1466.115.121.1.52描述“电传号码”)
Note that the original definition of many of these matching rules can be found in X.520.
请注意,许多匹配规则的原始定义可以在X.520中找到。
( 2.5.13.16 NAME 'bitStringMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
(2.5.13.16名称“bitStringMatch”语法1.3.6.1.4.1.1466.115.121.1.6)
( 1.3.6.1.4.1.1466.109.114.2 NAME 'caseIgnoreIA5Match' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
(1.3.6.1.4.1.1466.109.114.2名称“caseIgnoreIA5Match”语法1.3.6.1.4.1.1466.115.121.1.26)
( 2.5.13.11 NAME 'caseIgnoreListMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
(2.5.13.11名称“caseIgnoreListMatch”语法1.3.6.1.4.1.1466.115.121.1.41)
( 2.5.13.2 NAME 'caseIgnoreMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
(2.5.13.2名称“caseIgnoreMatch”语法1.3.6.1.4.1.1466.115.121.1.15)
( 2.5.13.1 NAME 'distinguishedNameMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
(2.5.13.1名称“DifferentiedNameMatch”语法1.3.6.1.4.1.1466.115.121.1.12)
( 2.5.13.8 NAME 'numericStringMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.36 )
(2.5.13.8名称“numericStringMatch”语法1.3.6.1.4.1.1466.115.121.1.36)
( 2.5.13.0 NAME 'objectIdentifierMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
(2.5.13.0名称“objectIdentifierMatch”语法1.3.6.1.4.1.1466.115.121.1.38)
( 2.5.13.20 NAME 'telephoneNumberMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )
(2.5.13.20名称“电话号码格式”语法1.3.6.1.4.1.1466.115.121.1.50)
Note that the original definition of this matching rule can be found in X.520.
请注意,此匹配规则的原始定义可以在X.520中找到。
( 2.5.13.17 NAME 'octetStringMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
(2.5.13.17名称“octetStringMatch”语法1.3.6.1.4.1.1466.115.121.1.40)
caseExactMatch
caseExactMatch
( 2.5.13.5 NAME 'caseExactMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
(2.5.13.5名称“caseExactMatch”语法1.3.6.1.4.1.1466.115.121.1.15)
This rule determines whether a presented string exactly matches an attribute value of syntax DirectoryString. It is identical to caseIgnoreMatch except that case is not ignored. Multiple adjoining whitespace characters are treated the same as an individual space, and leading and trailing whitespace is ignored.
此规则确定显示的字符串是否与语法DirectoryString的属性值完全匹配。它与caseIgnoreMatch相同,只是不忽略case。多个相邻的空白字符被视为单个空格,前导和尾随空白被忽略。
caseExactSubstringsMatch
case-stringsmatch
( 2.5.13.7 NAME 'caseExactSubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )
(2.5.13.7名称“caseExactSubstringsMatch”语法1.3.6.1.4.1.1466.115.121.1.58)
This rules determines whether the initial, any and final substring elements in a presented value are present in an attribute value of syntax DirectoryString. It is identical to caseIgnoreSubstringsMatch except that case is not ignored.
此规则确定呈现值中的初始、任意和最终子字符串元素是否存在于syntax DirectoryString的属性值中。它与caseIgnoreSubstringsMatch相同,只是不忽略case。
caseIgnoreListSubstringsMatch
caseIgnoreListSubstringsMatch
( 2.5.13.12 NAME 'caseIgnoreListSubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )
(2.5.13.12名称“caseIgnoreListSubstringsMatch”语法1.3.6.1.4.1.1466.115.121.1.58)
This rule compares a presented substring with an attribute value which is a sequence of DirectoryStrings, but where the case of letters is not significant for comparison purposes. A presented value matches a stored value if and only if the presented value matches the string formed by concatenating the strings of the stored value. Matching is done according to the caseIgnoreSubstringsMatch rule except that none of the initial, final, or any values of the presented value match a substring of the concatenated string which spans more than one of the strings of the stored value.
此规则将显示的子字符串与一个属性值进行比较,该属性值是一系列DirectoryStrings,但字母大小写对于比较而言并不重要。当且仅当呈现值与通过连接存储值的字符串而形成的字符串匹配时,呈现值才与存储值匹配。根据caseIgnoreSubstringsMatch规则进行匹配,除非呈现值的初始值、最终值或任何值都不匹配跨越存储值的多个字符串的串联字符串的子字符串。
caseIgnoreIA5SubstringsMatch
CaseIgnoreA5子串匹配
( 1.3.6.1.4.1.1466.109.114.3 NAME 'caseIgnoreIA5SubstringsMatch' SYNTAX 1.3.6.1.4.1.1466.115.121.1.58 )
(1.3.6.1.4.1.1466.109.114.3名称“caseIgnoreIA5SubstringsMatch”语法1.3.6.1.4.1.1466.115.121.1.58)
This rules determines whether the initial, any and final substring elements in a presented value are present in an attribute value of syntax IA5 String without regard to the case of the letters in the strings. It is expected that this matching rule will be added to an update of RFC 2252.
此规则确定呈现值中的初始、任意和最终子字符串元素是否存在于语法为IA5 String的属性值中,而不考虑字符串中字母的大小写。预计此匹配规则将添加到RFC 2252的更新中。
Copyright (C) The Internet Society (2000). All Rights Reserved.
版权所有(C)互联网协会(2000年)。版权所有。
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。