This file is indexed.

/usr/share/perl5/Net/LDAP/RFC.pod is in libnet-ldap-perl 1:0.5800-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

   1
   2
   3
   4
   5
   6
   7
   8
   9
  10
  11
  12
  13
  14
  15
  16
  17
  18
  19
  20
  21
  22
  23
  24
  25
  26
  27
  28
  29
  30
  31
  32
  33
  34
  35
  36
  37
  38
  39
  40
  41
  42
  43
  44
  45
  46
  47
  48
  49
  50
  51
  52
  53
  54
  55
  56
  57
  58
  59
  60
  61
  62
  63
  64
  65
  66
  67
  68
  69
  70
  71
  72
  73
  74
  75
  76
  77
  78
  79
  80
  81
  82
  83
  84
  85
  86
  87
  88
  89
  90
  91
  92
  93
  94
  95
  96
  97
  98
  99
 100
 101
 102
 103
 104
 105
 106
 107
 108
 109
 110
 111
 112
 113
 114
 115
 116
 117
 118
 119
 120
 121
 122
 123
 124
 125
 126
 127
 128
 129
 130
 131
 132
 133
 134
 135
 136
 137
 138
 139
 140
 141
 142
 143
 144
 145
 146
 147
 148
 149
 150
 151
 152
 153
 154
 155
 156
 157
 158
 159
 160
 161
 162
 163
 164
 165
 166
 167
 168
 169
 170
 171
 172
 173
 174
 175
 176
 177
 178
 179
 180
 181
 182
 183
 184
 185
 186
 187
 188
 189
 190
 191
 192
 193
 194
 195
 196
 197
 198
 199
 200
 201
 202
 203
 204
 205
 206
 207
 208
 209
 210
 211
 212
 213
 214
 215
 216
 217
 218
 219
 220
 221
 222
 223
 224
 225
 226
 227
 228
 229
 230
 231
 232
 233
 234
 235
 236
 237
 238
 239
 240
 241
 242
 243
 244
 245
 246
 247
 248
 249
 250
 251
 252
 253
 254
 255
 256
 257
 258
 259
 260
 261
 262
 263
 264
 265
 266
 267
 268
 269
 270
 271
 272
 273
 274
 275
 276
 277
 278
 279
 280
 281
 282
 283
 284
 285
 286
 287
 288
 289
 290
 291
 292
 293
 294
 295
 296
 297
 298
 299
 300
 301
 302
 303
 304
 305
 306
 307
 308
 309
 310
 311
 312
 313
 314
 315
 316
 317
 318
 319
 320
 321
 322
 323
 324
 325
 326
 327
 328
 329
 330
 331
 332
 333
 334
 335
 336
 337
 338
 339
 340
 341
 342
 343
 344
 345
 346
 347
 348
 349
 350
 351
 352
 353
 354
 355
 356
 357
 358
 359
 360
 361
 362
 363
 364
 365
 366
 367
 368
 369
 370
 371
 372
 373
 374
 375
 376
 377
 378
 379
 380
 381
 382
 383
 384
 385
 386
 387
 388
 389
 390
 391
 392
 393
 394
 395
 396
 397
 398
 399
 400
 401
 402
 403
 404
 405
 406
 407
 408
 409
 410
 411
 412
 413
 414
 415
 416
 417
 418
 419
 420
 421
 422
 423
 424
 425
 426
 427
 428
 429
 430
 431
 432
 433
 434
 435
 436
 437
 438
 439
 440
 441
 442
 443
 444
 445
 446
 447
 448
 449
 450
 451
 452
 453
 454
 455
 456
 457
 458
 459
 460
 461
 462
 463
 464
 465
 466
 467
 468
 469
 470
 471
 472
 473
 474
 475
 476
 477
 478
 479
 480
 481
 482
 483
 484
 485
 486
 487
 488
 489
 490
 491
 492
 493
 494
 495
 496
 497
 498
 499
 500
 501
 502
 503
 504
 505
 506
 507
 508
 509
 510
 511
 512
 513
 514
 515
 516
 517
 518
 519
 520
 521
 522
 523
 524
 525
 526
 527
 528
 529
 530
 531
 532
 533
 534
 535
 536
 537
 538
 539
 540
 541
 542
 543
 544
 545
 546
 547
 548
 549
 550
 551
 552
 553
 554
 555
 556
 557
 558
 559
 560
 561
 562
 563
 564
 565
 566
 567
 568
 569
 570
 571
 572
 573
 574
 575
 576
 577
 578
 579
 580
 581
 582
 583
 584
 585
 586
 587
 588
 589
 590
 591
 592
 593
 594
 595
 596
 597
 598
 599
 600
 601
 602
 603
 604
 605
 606
 607
 608
 609
 610
 611
 612
 613
 614
 615
 616
 617
 618
 619
 620
 621
 622
 623
 624
 625
 626
 627
 628
 629
 630
 631
 632
 633
 634
 635
 636
 637
 638
 639
 640
 641
 642
 643
 644
 645
 646
 647
 648
 649
 650
 651
 652
 653
 654
 655
 656
 657
 658
 659
 660
 661
 662
 663
 664
 665
 666
 667
 668
 669
 670
 671
 672
 673
 674
 675
 676
 677
 678
 679
 680
 681
 682
 683
 684
 685
 686
 687
 688
 689
 690
 691
 692
 693
 694
 695
 696
 697
 698
 699
 700
 701
 702
 703
 704
 705
 706
 707
 708
 709
 710
 711
 712
 713
 714
 715
 716
 717
 718
 719
 720
 721
 722
 723
 724
 725
 726
 727
 728
 729
 730
 731
 732
 733
 734
 735
 736
 737
 738
 739
 740
 741
 742
 743
 744
 745
 746
 747
 748
 749
 750
 751
 752
 753
 754
 755
 756
 757
 758
 759
 760
 761
 762
 763
 764
 765
 766
 767
 768
 769
 770
 771
 772
 773
 774
 775
 776
 777
 778
 779
 780
 781
 782
 783
 784
 785
 786
 787
 788
 789
 790
 791
 792
 793
 794
 795
 796
 797
 798
 799
 800
 801
 802
 803
 804
 805
 806
 807
 808
 809
 810
 811
 812
 813
 814
 815
 816
 817
 818
 819
 820
 821
 822
 823
 824
 825
 826
 827
 828
 829
 830
 831
 832
 833
 834
 835
 836
 837
 838
 839
 840
 841
 842
 843
 844
 845
 846
 847
 848
 849
 850
 851
 852
 853
 854
 855
 856
 857
 858
 859
 860
 861
 862
 863
 864
 865
 866
 867
 868
 869
 870
 871
 872
 873
 874
 875
 876
 877
 878
 879
 880
 881
 882
 883
 884
 885
 886
 887
 888
 889
 890
 891
 892
 893
 894
 895
 896
 897
 898
 899
 900
 901
 902
 903
 904
 905
 906
 907
 908
 909
 910
 911
 912
 913
 914
 915
 916
 917
 918
 919
 920
 921
 922
 923
 924
 925
 926
 927
 928
 929
 930
 931
 932
 933
 934
 935
 936
 937
 938
 939
 940
 941
 942
 943
 944
 945
 946
 947
 948
 949
 950
 951
 952
 953
 954
 955
 956
 957
 958
 959
 960
 961
 962
 963
 964
 965
 966
 967
 968
 969
 970
 971
 972
 973
 974
 975
 976
 977
 978
 979
 980
 981
 982
 983
 984
 985
 986
 987
 988
 989
 990
 991
 992
 993
 994
 995
 996
 997
 998
 999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
=head1 NAME

Net::LDAP::RFC - List of related RFCs

=head1 SYNOPSIS

  none

=head1 DESCRIPTION

The LDAP protocol is defined in the following RFCs

=head1 Core LDAP Specification

=head2 RFC-4510 Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map

http://www.ietf.org/rfc/rfc4510.txt

The Lightweight Directory Access Protocol (LDAP) is an Internet
protocol for accessing distributed directory services that act in
accordance with X.500 data and service models.  This document
provides a road map of the LDAP Technical Specification.


=head2 RFC-4511 Lightweight Directory Access Protocol (LDAP): The Protocol

http://www.ietf.org/rfc/rfc4511.txt

This document describes the protocol elements, along with their
semantics and encodings, of the Lightweight Directory Access Protocol
(LDAP).  LDAP provides access to distributed directory services that
act in accordance with X.500 data and service models.  These protocol
elements are based on those described in the X.500 Directory Access
Protocol (DAP).


=head2 RFC-4512 Lightweight Directory Access Protocol (LDAP): Directory Information Models

http://www.ietf.org/rfc/rfc4512.txt

The Lightweight Directory Access Protocol (LDAP) is an Internet
protocol for accessing distributed directory services that act in
accordance with X.500 data and service models.  This document
describes the X.500 Directory Information Models, as used in LDAP.


=head2 RFC-4513 Lightweight Directory Access Protocol (LDAP): Authentication Methods and Security Mechanisms

http://www.ietf.org/rfc/rfc4513.txt

This document describes authentication methods and security
mechanisms of the Lightweight Directory Access Protocol (LDAP).  This
document details establishment of Transport Layer Security (TLS)
using the StartTLS operation.

This document details the simple Bind authentication method including
anonymous, unauthenticated, and name/password mechanisms and the
Simple Authentication and Security Layer (SASL) Bind authentication
method including the EXTERNAL mechanism.

This document discusses various authentication and authorization
states through which a session to an LDAP server may pass and the
actions that trigger these state changes.


=head2 RFC-4514 Lightweight Directory Access Protocol (LDAP): String Representation of Distinguished Names

http://www.ietf.org/rfc/rfc4514.txt

The X.500 Directory uses distinguished names (DNs) as primary keys to
entries in the directory.  This document defines the string
representation used in the Lightweight Directory Access Protocol
(LDAP) to transfer distinguished names.  The string representation is
designed to give a clean representation of commonly used
distinguished names, while being able to represent any distinguished
name.


=head2 RFC-4515 Lightweight Directory Access Protocol (LDAP): String Representation of Search Filters

http://www.ietf.org/rfc/rfc4515.txt

Lightweight Directory Access Protocol (LDAP) search filters are
transmitted in the LDAP protocol using a binary representation that
is appropriate for use on the network.  This document defines a
human-readable string representation of LDAP search filters that is
appropriate for use in LDAP URLs (RFC 4516) and in other
applications.


=head2 RFC-4516 Lightweight Directory Access Protocol (LDAP): Uniform Resource Locator

http://www.ietf.org/rfc/rfc4516.txt

This document describes a format for a Lightweight Directory Access
Protocol (LDAP) Uniform Resource Locator (URL).  An LDAP URL
describes an LDAP search operation that is used to retrieve
information from an LDAP directory, or, in the context of an LDAP
referral or reference, an LDAP URL describes a service where an LDAP
operation may be progressed.


=head2 RFC-4517 Lightweight Directory Access Protocol (LDAP): Syntaxes and Matching Rules

http://www.ietf.org/rfc/rfc4517.txt

Each attribute stored in a Lightweight Directory Access Protocol
(LDAP) directory, whose values may be transferred in the LDAP
protocol, has a defined syntax that constrains the structure and
format of its values.  The comparison semantics for values of a
syntax are not part of the syntax definition but are instead provided
through separately defined matching rules.  Matching rules specify an
argument, an assertion value, which also has a defined syntax.  This
document defines a base set of syntaxes and matching rules for use in
defining attributes for LDAP directories.


=head2 RFC-4518 Lightweight Directory Access Protocol (LDAP): Internationalized String Preparation

http://www.ietf.org/rfc/rfc4518.txt

The previous Lightweight Directory Access Protocol (LDAP) technical
specifications did not precisely define how character string matching
is to be performed.  This led to a number of usability and
interoperability problems.  This document defines string preparation
algorithms for character-based matching rules defined for use in
LDAP.


=head2 RFC-4519 Lightweight Directory Access Protocol (LDAP): Schema for User Applications

http://www.ietf.org/rfc/rfc4519.txt

This document is an integral part of the Lightweight Directory Access
Protocol (LDAP) technical specification.  It provides a technical
specification of attribute types and object classes intended for use
by LDAP directory clients for many directory services, such as White
Pages.  These objects are widely used as a basis for the schema in
many LDAP directories.  This document does not cover attributes used
for the administration of directory servers, nor does it include
directory objects defined for specific uses in other documents.




=head1 Other LDAP Related RFCs - Proposed Standards


=head2 RFC-6171 The Lightweight Directory Access Protocol (LDAP) Don't Use Copy Control

http://www.ietf.org/rfc/rfc6171.txt

This document defines the Lightweight Directory Access Protocol (LDAP)
Don't Use Copy control extension which allows a client to specify that
copied information should not be used in providing service.  This
control is based upon the X.511 dontUseCopy service control option.


=head2 RFC-5020 The Lightweight Directory Access Protocol (LDAP) entryDN Operational Attribute

http://www.ietf.org/rfc/rfc5020.txt

This document describes the LDAP/X.500 'entryDN' operational
attribute.  The attribute provides a copy of the entry's distinguished
name for use in attribute value assertions.


=head2 RFC-4792 Encoding Instructions for the Generic String Encoding Rules (GSER)

http://www.ietf.org/rfc/rfc4792.txt

Abstract Syntax Notation One (ASN.1) defines a general framework for
annotating types in an ASN.1 specification with encoding instructions
that alter how values of those types are encoded according to ASN.1
encoding rules.  This document defines the supporting notation for
encoding instructions that apply to the Generic String Encoding Rules
(GSER), and in particular defines an encoding instruction to provide
a machine-processable representation for the declaration of a GSER
ChoiceOfStrings type.


=head2 RFC-4532 Lightweight Directory Access Protocol (LDAP) Who am I? Operation

http://www.ietf.org/rfc/rfc4532.txt

This specification provides a mechanism for Lightweight Directory
Access Protocol (LDAP) clients to obtain the authorization identity
the server has associated with the user or application entity.  This
mechanism is specified as an LDAP extended operation called the LDAP
"Who am I?" operation.


=head2 RFC-4530 Lightweight Directory Access Protocol (LDAP) entryUUID Operational Attribute

http://www.ietf.org/rfc/rfc4530.txt

This document describes the LDAP/X.500 'entryUUID' operational
attribute and associated matching rules and syntax.  The attribute
holds a server-assigned Universally Unique Identifier (UUID) for the
object.  Directory clients may use this attribute to distinguish
objects identified by a distinguished name or to locate an object
after renaming.


=head2 RFC-4528 Lightweight Directory Access Protocol (LDAP) Assertion Control

http://www.ietf.org/rfc/rfc4528.txt

This document defines the Lightweight Directory Access Protocol
(LDAP) Assertion Control, which allows a client to specify that a
directory operation should only be processed if an assertion applied
to the target entry of the operation is true.  It can be used to
construct "test and set", "test and clear", and other conditional
operations.


=head2 RFC-4527 Lightweight Directory Access Protocol (LDAP) Read Entry Controls

http://www.ietf.org/rfc/rfc4527.txt

This document specifies an extension to the Lightweight Directory
Access Protocol (LDAP) to allow the client to read the target entry
of an update operation.  The client may request to read the entry
before and/or after the modifications are applied.  These reads are
done as an atomic part of the update operation.


=head2 RFC-4526 Lightweight Directory Access Protocol (LDAP) Absolute True and False Filters

http://www.ietf.org/rfc/rfc4526.txt

This document extends the Lightweight Directory Access Protocol
(LDAP) to support absolute True and False filters based upon similar
capabilities found in X.500 directory systems.  The document also
extends the String Representation of LDAP Search Filters to support
these filters.


=head2 RFC-4524 COSINE LDAP/X.500 Schema

http://www.ietf.org/rfc/rfc4524.txt

This document provides a collection of schema elements for use with
the Lightweight Directory Access Protocol (LDAP) from the COSINE and
Internet X.500 pilot projects.


=head2 RFC-4523 Lightweight Directory Access Protocol (LDAP) Schema Definitions for X.509 Certificates

http://www.ietf.org/rfc/rfc4523.txt

This document describes schema for representing X.509 certificates,
X.521 security information, and related elements in directories
accessible using the Lightweight Directory Access Protocol (LDAP).
The LDAP definitions for these X.509 and X.521 schema elements
replace those provided in RFCs 2252 and 2256.


=head2 RFC-4522 Lightweight Directory Access Protocol (LDAP): The Binary Encoding Option

http://www.ietf.org/rfc/rfc4522.txt

Each attribute stored in a Lightweight Directory Access Protocol
(LDAP) directory has a defined syntax (i.e., data type).  A syntax
definition specifies how attribute values conforming to the syntax
are normally represented when transferred in LDAP operations.  This
representation is referred to as the LDAP-specific encoding to
distinguish it from other methods of encoding attribute values.  This
document defines an attribute option, the binary option, that can be
used to specify that the associated attribute values are instead
encoded according to the Basic Encoding Rules (BER) used by X.500
directories.


=head2 RFC-4370 Lightweight Directory Access Protocol (LDAP) Proxied Authorization Control

http://www.ietf.org/rfc/rfc4370.txt

This document defines the Lightweight Directory Access Protocol
(LDAP) Proxy Authorization Control.  The Proxy Authorization Control
allows a client to request that an operation be processed under a
provided authorization identity instead of under the current
authorization identity associated with the connection.


=head2 RFC-4104 Policy Core Extension Lightweight Directory Access Protocol Schema (PCELS)

http://www.ietf.org/rfc/rfc4104.txt

This document defines a number of changes and extensions to the
Policy Core Lightweight Directory Access Protocol (LDAP) Schema (RFC
3703) based on the model extensions defined by the Policy Core
Information Model (PCIM) Extensions (RFC 3460).  These changes and
extensions consist of new LDAP object classes and attribute types.
Some of the schema items defined in this document re-implement
existing concepts in accordance with their new semantics introduced
by RFC 3460.  The other schema items implement new concepts, not
covered by RFC 3703.  This document updates RFC 3703.


=head2 RFC-3928 Lightweight Directory Access Protocol (LDAP) Client Update Protocol (LCUP)

http://www.ietf.org/rfc/rfc3928.txt

This document defines the Lightweight Directory Access Protocol
(LDAP) Client Update Protocol (LCUP).  The protocol is intended to
allow an LDAP client to synchronize with the content of a directory
information tree (DIT) stored by an LDAP server and to be notified
about the changes to that content.


=head2 RFC-3909 Lightweight Directory Access Protocol (LDAP) Cancel Operation

http://www.ietf.org/rfc/rfc3909.txt

This specification describes a Lightweight Directory Access Protocol
(LDAP) extended operation to cancel (or abandon) an outstanding
operation.  Unlike the LDAP Abandon operation, but like the X.511
Directory Access Protocol (DAP) Abandon operation, this operation has
a response which provides an indication of its outcome.


=head2 RFC-3876 Returning Matched Values with the Lightweight Directory Access Protocol version 3 (LDAPv3)

http://www.ietf.org/rfc/rfc3876.txt

This document describes a control for the Lightweight Directory
Access Protocol version 3 that is used to return a subset of
attribute values from an entry.  Specifically, only those values that
match a "values return" filter.  Without support for this control, a
client must retrieve all of an attribute's values and search for
specific values locally.


=head2 RFC-3866 Language Tags and Ranges in the Lightweight Directory Access Protocol (LDAP)

http://www.ietf.org/rfc/rfc3866.txt

It is often desirable to be able to indicate the natural language
associated with values held in a directory and to be able to query
the directory for values which fulfill the user's language needs.
This document details the use of Language Tags and Ranges in the
Lightweight Directory Access Protocol (LDAP).


=head2 RFC-3727 ASN.1 Module Definition for the LDAP and X.500 Component Matching Rules

http://www.ietf.org/rfc/rfc3727.txt

This document updates the specification of the component matching
rules for Lightweight Directory Access Protocol (LDAP) and X.500
directories (RFC3687) by collecting the Abstract Syntax Notation One
(ASN.1) definitions of the component matching rules into an
appropriately identified ASN.1 module so that other specifications
may reference the component matching rule definitions from within
their own ASN.1 modules.


=head2 RFC-3703 Policy Core Lightweight Directory Access Protocol (LDAP) Schema

http://www.ietf.org/rfc/rfc3703.txt

This document defines a mapping of the Policy Core Information Model
to a form that can be implemented in a directory that uses
Lightweight Directory Access Protocol (LDAP) as its access protocol.
This model defines two hierarchies of object classes: structural
classes representing information for representing and controlling
policy data as specified in RFC 3060, and relationship classes that
indicate how instances of the structural classes are related to each
other.  Classes are also added to the LDAP schema to improve the
performance of a client's interactions with an LDAP server when the
client is retrieving large amounts of policy-related information.
These classes exist only to optimize LDAP retrievals: there are no
classes in the information model that correspond to them.


=head2 RFC-3698 Lightweight Directory Access Protocol (LDAP): Additional Matching Rules

http://www.ietf.org/rfc/rfc3698.txt

This document provides a collection of matching rules for use with
the Lightweight Directory Access Protocol (LDAP).  As these matching
rules are simple adaptations of matching rules specified for use with
the X.500 Directory, most are already in wide use.


=head2 RFC-3687 Lightweight Directory Access Protocol (LDAP) and X.500 Component Matching Rules

http://www.ietf.org/rfc/rfc3687.txt

The syntaxes of attributes in a Lightweight Directory Access Protocol
(LDAP) or X.500 directory range from simple data types, such as text
string, integer, or Boolean, to complex structured data types, such
as the syntaxes of the directory schema operational attributes.
Matching rules defined for the complex syntaxes usually only provide
the most immediately useful matching capability.  This document
defines generic matching rules that can match any user selected
component parts in an attribute value of any arbitrarily complex
attribute syntax.


=head2 RFC-3672 Subentries in the Lightweight Directory Access Protocol (LDAP)

http://www.ietf.org/rfc/rfc3672.txt

In X.500 directories, subentries are special entries used to hold
information associated with a subtree or subtree refinement.  This
document adapts X.500 subentries mechanisms for use with the
Lightweight Directory Access Protocol (LDAP).


=head2 RFC-3671 Collective Attributes in the Lightweight Directory Access Protocol (LDAP)

http://www.ietf.org/rfc/rfc3671.txt

X.500 collective attributes allow common characteristics to be shared
between collections of entries.  This document summarizes the X.500
information model for collective attributes and describes use of
collective attributes in LDAP (Lightweight Directory Access
Protocol).  This document provides schema definitions for collective
attributes for use in LDAP.


=head2 RFC-3296 Named Subordinate References in Lightweight Directory Access Protocol (LDAP) Directories

http://www.ietf.org/rfc/rfc3296.txt

This document details schema and protocol elements for representing
and managing named subordinate references in Lightweight Directory
Access Protocol (LDAP) Directories.


=head2 RFC-3062 LDAP Password Modify Extended Operation

http://www.ietf.org/rfc/rfc3062.txt

The integration of the Lightweight Directory Access Protocol (LDAP)
and external authentication services has introduced non-DN
authentication identities and allowed for non-directory storage of
passwords.  As such, mechanisms which update the directory (e.g.,
Modify) cannot be used to change a user's password.  This document
describes an LDAP extended operation to allow modification of user
passwords which is not dependent upon the form of the authentication
identity nor the password storage mechanism used.


=head2 RFC-2891 LDAP Control Extension for Server Side Sorting of Search Results

http://www.ietf.org/rfc/rfc2891.txt

This document describes two LDAPv3 control extensions for
server side sorting of search results. These controls allows a
client to specify the attribute types and matching rules a
server should use when returning the results to an LDAP search
request. The controls may be useful when the LDAP client has
limited functionality or for some other reason cannot sort the
results but still needs them sorted. Other permissible controls
on search operations are not defined in this extension.


=head2 RFC-2849 The LDAP Data Interchange Format (LDIF) - Technical Specification

http://www.ietf.org/rfc/rfc2849.txt

This document describes a file format suitable for describing
directory information or modifications made to directory
information. The file format, known as LDIF, for LDAP Data
Interchange Format, is typically used to import and export
directory information between LDAP-based directory servers, or
to describe a set of changes which are to be applied to a
directory.


=head2 RFC-2831 Using Digest Authentication as a SASL Mechanism

http://www.ietf.org/rfc/rfc2831.txt

This specification defines how HTTP Digest Authentication can
be used as a SASL [RFC 2222] mechanism for any protocol that
has a SASL profile. It is intended both as an improvement over
CRAM-MD5 [RFC 2195] and as a convenient way to support a single
authentication mechanism for web, mail, LDAP, and other
protocols.


=head2 RFC-2739 Calendar Attributes for vCard and LDAP

http://www.ietf.org/rfc/rfc2739.txt

When scheduling a calendar entity, such as an event, it is a
prerequisite that an organizer has the calendar address of each
attendee that will be invited to the event. Additionally,
access to an attendee's current "busy time" provides an a
priori indication of whether the attendee will be free to
participate in the event. In order to meet these challenges, a
calendar user agent (CUA) needs a mechanism to locate
individual user's calendar and free/busy time. This memo
defines three mechanisms for obtaining a URI to a user's
calendar and free/busy time. These include:


=head2 RFC-2589 Extensions for Dynamic Directory Services

http://www.ietf.org/rfc/rfc2589.txt

LDAP supports lightweight access to static directory services,
allowing relatively fast search and update access. Static
directory services store information about people that persists
in its accuracy and value over a long period of time. Dynamic
directory services are different in that they store information
about people that only persists in its accuracy and value while
people are online. Though the protocol operations and
attributes used by dynamic directory services are similar to
the ones used for static directory services, clients that are
bound to a dynamic directory service need to periodically
refresh their presence at the server to keep directory entries
from getting stale in the presence of client application
crashes. A flow control mechanism from the server is also
described that allows a server to inform clients how often they
should refresh their presence.


=head2 RFC-2559 Internet X.509 Public Key Infrastructure Operational Protocols - LDAPv2

http://www.ietf.org/rfc/rfc2559.txt

The protocol described in this document is designed to satisfy
some of the operational requirements within the Internet X.509
PKI. Specifically, this document addresses requirements to
provide access to PKI repositories for the purposes of
retrieving PKI information and managing that same information.
The mechanism described in this document is based on the
LDAPv2, defined in RFC 1777, defining a profile of that
protocol for use within the PKIX and updates encodings for
certificates and revocation lists from RFC 1778. Additional
mechanisms addressing PKIX operational requirements are
specified in separate documents.


=head2 RFC-2247 Using Domains in LDAP/X.500 Distinguished Names

http://www.ietf.org/rfc/rfc2247.txt

LDAP uses X.500-compatible distinguished names for providing
unique identification of entries. This document defines an
algorithm by which a name registered with the Internet Domain
Name Service can be represented as an LDAP distinguished name.


=head2 RFC-2222 Simple Authentication and Security Layer (SASL)

http://www.ietf.org/rfc/rfc2222.txt

This document describes a method for adding authentication
support to connection-based protocols. To use this
specification, a protocol includes a command for identifying
and authenticating a user to a server and for optionally
negotiating protection of subsequent protocol interactions. If
its use is negotiated, a security layer is inserted between the
protocol and the connection. This document describes how a
protocol specifies such a command, defines several mechanisms
for use by the command, and defines the protocol used for
carrying a negotiated security layer over the connection.


=head2 RFC-2218 A Common Schema for the Internet White Pages Service

http://www.ietf.org/rfc/rfc2218.txt

This IETF Integrated Directory Services(IDS) Working Group
proposes a standard specification for a simple Internet White
Pages service by defining a common schema for use by the
various White Pages servers. This schema is independent of
specific implementations of the White Pages service. This
document specifies the minimum set of core attributes of a
White Pages entry for an individual and describes how new
objects with those attributes can be defined and published. It
does not describe how to represent other objects in the White
Pages service. Further, it does not address the search sort
expectations within a particular service.


=head2 RFC-2164 Use of an X.500/LDAP directory to support MIXER address mapping

http://www.ietf.org/rfc/rfc2164.txt

MIXER (RFC 2156) defines an algorithm for use of a set of
global mapping between X.400 and RFC 822 addresses. This
specification defines how to represent and maintain these
mappings (MIXER Conformant Global Address Mappings of MCGAMs)
in an X.500 or LDAP directory. Mechanisms for representing OR
Address and Domain hierarchies within the DIT. These techniques
are used to define two independent subtrees in the DIT, which
contain the mapping information.


=head2 RFC-2079 Definition of an X.500 Attribute Type and an Object Class to Hold Uniform Resource Identifiers

http://www.ietf.org/rfc/rfc2079.txt

URLs are being widely used to specify the location of Internet
resources. There is an urgent need to be able to include URLs
in directories that conform to the LDAP and X.500 information
models, and a desire to include other types of URIs as they are
defined. A number of independent groups are already
experimenting with the inclusion of URLs in LDAP and X.500
directories. This document builds on the experimentation to
date and defines a new attribute type and an auxiliary object
class to allow URIs, including URLs, to be stored in directory
entries in a standard way.




=head1 Other LDAP Related RFCs - Best Current Practice


=head2 RFC-4521 Considerations for Lightweight Directory Access Protocol (LDAP) Extensions

http://www.ietf.org/rfc/rfc4521.txt

The Lightweight Directory Access Protocol (LDAP) is extensible.  It
provides mechanisms for adding new operations, extending existing
operations, and expanding user and system schemas.  This document
discusses considerations for designers of LDAP extensions.


=head2 RFC-4520 Internet Assigned Numbers Authority (IANA) Considerations for the Lightweight Directory Access Protocol (LDAP)

http://www.ietf.org/rfc/rfc4520.txt

This document provides procedures for registering extensible elements
of the Lightweight Directory Access Protocol (LDAP).  The document
also provides guidelines to the Internet Assigned Numbers Authority
(IANA) describing conditions under which new values can be assigned.


=head2 RFC-2148 Deployment of the Internet White Pages Service

http://www.ietf.org/rfc/rfc2148.txt

The Internet is used for information exchange and communication
between its users. It can only be effective as such if users are able
to find each other's addresses. Therefore the Internet benefits from
an adequate White Pages Service, i.e., a directory service offering
(Internet) address information related to people and organizations.

This document describes the way in which the Internet White Pages
Service (from now on abbreviated as IWPS) is best exploited using
today's experience, today's protocols, today's products and today's
procedures.




=head1 Other LDAP Related RFCs - Informational


=head2 RFC-5803 Lightweight Directory Access Protocol (LDAP) Schema for Storing Salted Challenge Response Authentication Mechanism (SCRAM) Secrets

http://www.ietf.org/rfc/rfc5803.txt

This memo describes how the "authPassword" Lightweight Directory
Access Protocol (LDAP) attribute can be used for storing secrets used
by the Salted Challenge Response Authentication Mechanism (SCRAM)
mechanism in the Simple Authentication and Security Layer (SASL)
framework.


=head2 RFC-4876 A Configuration Profile Schema for Lightweight Directory Access Protocol (LDAP)-Based Agents

http://www.ietf.org/rfc/rfc4828.txt

This document consists of two primary components, a schema for agents
that make use of the Lightweight Directory Access protocol (LDAP) and
a proposed use case of that schema, for distributed configuration of
similar directory user agents.  A set of attribute types and an
object class are proposed.  In the proposed use case, directory user
agents (DUAs) can use this schema to determine directory data
location and access parameters for specific services they support.
In addition, in the proposed use case, attribute and object class
mapping allows DUAs to reconfigure their expected (default) schema to
match that of the end user's environment.  This document is intended
to be a skeleton for future documents that describe configuration of
specific DUA services.


=head2 RFC-4529 Requesting Attributes by Object Class in the Lightweight Directory Access Protocol (LDAP)

http://www.ietf.org/rfc/rfc4829.txt

The Lightweight Directory Access Protocol (LDAP) search operation
provides mechanisms for clients to request all user application
attributes, all operational attributes, and/or attributes selected by
their description.  This document extends LDAP to support a mechanism
that LDAP clients may use to request the return of all attributes of
an object class.


=head2 RFC-4525 Lightweight Directory Access Protocol (LDAP) Modify-Increment Extension

http://www.ietf.org/rfc/rfc4525.txt

This document describes an extension to the Lightweight Directory
Access Protocol (LDAP) Modify operation to support an increment
capability.  This extension is useful in provisioning applications,
especially when combined with the assertion control and/or the pre-
read or post-read control extension.


=head2 RFC-4403 Lightweight Directory Access Protocol (LDAP) Schema for Universal Description, Discovery, and Integration version 3 (UDDIv3)

http://www.ietf.org/rfc/rfc4403.txt

This document defines the Lightweight Directory Access Protocol
(LDAPv3) schema for representing Universal Description, Discovery,
and Integration (UDDI) data types in an LDAP directory.  It defines
the LDAP object class and attribute definitions and containment rules
to model UDDI entities, defined in the UDDI version 3 information
model, in an LDAPv3-compliant directory.


=head2 RFC-4373 Lightweight Directory Access Protocol (LDAP) Bulk Update/Replication Protocol (LBURP)

http://www.ietf.org/rfc/rfc4373.txt

The Lightweight Directory Access Protocol (LDAP) Bulk
Update/Replication Protocol (LBURP) allows an LDAP client to perform
a bulk update to an LDAP server.  The protocol frames a sequenced set
of update operations within a pair of LDAP extended operations to
notify the server that the update operations in the framed set are
related in such a way that the ordering of all operations can be
preserved during processing even when they are sent asynchronously by
the client.  Update operations can be grouped within a single
protocol message to maximize the efficiency of client-server
communication.

The protocol is suitable for efficiently making a substantial set of
updates to the entries in an LDAP server.


=head2 RFC-3944 H.350 Directory Services

http://www.ietf.org/rfc/rfc3944.txt

The International Telecommunications Union Standardization Sector
(ITU-T) has created the H.350 series of Recommendations that specify
directory services architectures in support of multimedia
conferencing protocols.  The goal of the architecture is to
'directory enable' multimedia conferencing so that these services can
leverage existing identity management and enterprise directories.  A
particular goal is to enable an enterprise or service provider to
maintain a canonical source of users and their multimedia
conferencing systems, so that multiple call servers from multiple
vendors, supporting multiple protocols, can all access the same data
store.

Because SIP is an IETF standard, the contents of H.350 and H.350.4
are made available via this document to the IETF community.  This
document contains the entire normative text of ITU-T Recommendations
H.350 and H.350.4 in sections 4 and 5, respectively.  The remaining
sections are included only in this document, not in the ITU-T
version.


=head2 RFC-3829 Lightweight Directory Access Protocol (LDAP) Authorization Identity Request and Response Controls

http://www.ietf.org/rfc/rfc3829.txt

This document extends the Lightweight Directory Access Protocol
(LDAP) bind operation with a mechanism for requesting and returning
the authorization identity it establishes.  Specifically, this
document defines the Authorization Identity Request and Response
controls for use with the Bind operation.


=head2 RFC-3712 Lightweight Directory Access Protocol (LDAP): Schema for Printer Services

http://www.ietf.org/rfc/rfc3712.txt

This document defines a schema, object classes and attributes, for
printers and printer services, for use with directories that support
Lightweight Directory Access Protocol v3 (LDAP-TS).  This document is
based on the printer attributes listed in Appendix E of Internet
Printing Protocol/1.1 (IPP) (RFC 2911).  A few additional printer
attributes are based on definitions in the Printer MIB (RFC 1759).


=head2 RFC-3494 Lightweight Directory Access Protocol version 2 (LDAPv2) to Historic Status

http://www.ietf.org/rfc/rfc3494.txt

This document recommends the retirement of version 2 of the
Lightweight Directory Access Protocol (LDAPv2) and other dependent
specifications, and discusses the reasons for doing so.  This
document recommends RFC 1777, 1778, 1779, 1781, and 2559 (as well as
documents they superseded) be moved to Historic status.


=head2 RFC-3384 Lightweight Directory Access Protocol (version 3) Replication Requirements

http://www.ietf.org/rfc/rfc3384.txt

This document discusses the fundamental requirements for replication
of data accessible via the Lightweight Directory Access Protocol
(version 3) (LDAPv3).  It is intended to be a gathering place for
general replication requirements needed to provide interoperability
between informational directories.


=head2 RFC-3112 LDAP Authentication Password Schema

http://www.ietf.org/rfc/rfc3112.txt

This document describes schema in support of user/password
authentication in a LDAP (Lightweight Directory Access Protocol)
directory including the authPassword attribute type.  This attribute
type holds values derived from the user's password(s) (commonly using
cryptographic strength one-way hash).  authPassword is intended to
used instead of userPassword.


=head2 RFC-3045 Storing Vendor Information in the LDAP root DSE

http://www.ietf.org/rfc/rfc3045.txt

This document specifies two Lightweight Directory Access Protocol
(LDAP) attributes, vendorName and vendorVersion that MAY be included
in the root DSA-specific Entry (DSE) to advertise vendor-specific
information.  These two attributes supplement the attributes defined
in section 3.4 of RFC 2251.


=head2 RFC-2985 PKCS #9: Selected Object Classes and Attribute Types Version 2.0

http://www.ietf.org/rfc/rfc2985.txt

This memo provides a selection of object classes and attribute types
for use in conjunction with public-key cryptography and Lightweight
Directory Access Protocol (LDAP) accessible directories.  It also
includes ASN.1 syntax for all constructs.


=head2 RFC-2967 TISDAG - Technical Infrastructure for Swedish Directory Access Gateways

http://www.ietf.org/rfc/rfc2967.txt

The strength of the TISDAG (Technical Infrastructure for Swedish
Directory Access Gateways) project's DAG proposal is that it defines
the necessary technical infrastructure to provide a single-access-
point service for information on Swedish Internet users.  The
resulting service will provide uniform access for all information --
the same level of access to information (7x24 service), and the same
information made available, irrespective of the service provider
responsible for maintaining that information, their directory service
protocols, or the end-user's client access protocol.


=head2 RFC-2927 MIME Directory Profile for LDAP Schema

http://www.ietf.org/rfc/rfc2927.txt

This document defines a multipurpose internet mail extensions (MIME)
directory profile for holding a lightweight directory access protocol
(LDAP) schema.  It is intended for communication with the Internet
schema listing service.


=head2 RFC-2926 Conversion of LDAP Schemas to and from SLP Templates

http://www.ietf.org/rfc/rfc2926.txt

This document describes a procedure for mapping between Service
Location Protocol (SLP) service advertisements and lightweight
directory access protocol (LDAP) descriptions of services.  The
document covers two aspects of the mapping.  One aspect is mapping
between SLP service type templates and LDAP directory schema.
Because the SLP service type template grammar is relatively simple,
mapping from service type templates to LDAP types is straightforward.
Mapping in the other direction is straightforward if the attributes
are restricted to use just a few of the syntaxes defined in RFC 2252.
If arbitrary ASN.1 types occur in the schema, then the mapping is
more complex and may even be impossible.  The second aspect is
representation of service information in an LDAP directory.  The
recommended representation simplifies interoperability with SLP by
allowing SLP directory agents to backend into LDAP directory servers.
The resulting system allows service advertisements to propagate
easily between SLP and LDAP.


=head2 RFC-2820 Access Control Requirements for LDAP

http://www.ietf.org/rfc/rfc2820.txt

This document describes the fundamental requirements of an
access control list (ACL) model for the LDAP directory service.
It is intended to be a gathering place for access control
requirements needed to provide authorized access to and
interoperability between directories.


=head2 RFC-2798 Definition of the inetOrgPerson Object Class

http://www.ietf.org/rfc/rfc2798.txt

While the X.500 standards define many useful attribute types
[X520] and object classes [X521], they do not define a person
object class that meets the requirements found in today's
Internet and Intranet directory service deployments. We define
a new object class called inetOrgPerson for use in LDAP and
X.500 directory services that extends the X.521 standard
organizationalPerson class to meet these needs.


=head2 RFC-2714 Schema for Representing CORBA Objects in an LDAP Directory

http://www.ietf.org/rfc/rfc2714.txt

CORBA is the Common Object Request Broker Architecture defined
by the Object Management Group. This document defines the
schema for representing CORBA object references in an LDAP
directory.


=head2 RFC-2713 Schema for Representing Java Objects in an LDAP Directory

http://www.ietf.org/rfc/rfc2713.txt

This document defines the schema for representing Java objects
in an LDAP directory. It defines schema elements to represent a
Java serialized object, a Java marshalled object, a Java remote
object, and a JNDI reference.


=head2 RFC-2696 LDAP Control Extension for Simple Paged Results Manipulation

http://www.ietf.org/rfc/rfc2696.txt

This document describes an LDAPv3 control extension for simple
paging of search results. This control extension allows a
client to control the rate at which an LDAP server returns the
results of an LDAP search operation. This control may be useful
when the LDAP client has limited resources and may not be able
to process the entire result set from a given LDAP query, or
when the LDAP client is connected over a low-bandwidth
connection. Other operations on the result set are not defined
in this extension. This extension is not designed to provide
more sophisticated result set management.


=head2 RFC-1823 The LDAP Application Program Interface

http://www.ietf.org/rfc/rfc1823.txt

This document defines a C language application program
interface to LDAP, which is designed to be powerful, yet simple
to use. It defines compatible synchronous and asynchronous
interfaces to LDAP to suit a wide variety of applications. This
document gives a brief overview of the LDAP model, then an
overview of how the API is used by an application program to
obtain LDAP information. The API calls are described in detail,
followed by an appendix that provides some example code
demonstrating the use of the API.




=head1 Other LDAP Related RFCs - Experimental


=head2 RFC-5805 Lightweight Directory Access Protocol (LDAP) Transactions

http://www.ietf.org/rfc/rfc5805.txt

Lightweight Directory Access Protocol (LDAP) update operations, such
as Add, Delete, and Modify operations, have atomic, consistency,
isolation, durability (ACID) properties.  Each of these update
operations act upon an entry.  It is often desirable to update two or
more entries in a single unit of interaction, a transaction.
Transactions are necessary to support a number of applications
including resource provisioning.  This document extends LDAP to
support transactions.


=head2 RFC-4533 The Lightweight Directory Access Protocol (LDAP) Content Synchronization Operation

http://www.ietf.org/rfc/rfc4533.txt

This specification describes the Lightweight Directory Access
Protocol (LDAP) Content Synchronization Operation.  The operation
allows a client to maintain a copy of a fragment of the Directory
Information Tree (DIT).  It supports both polling for changes and
listening for changes.  The operation is defined as an extension of
the LDAP Search Operation.


=head2 RFC-4531 Lightweight Directory Access Protocol (LDAP) Turn Operation

http://www.ietf.org/rfc/rfc4531.txt

This specification describes a Lightweight Directory Access Protocol
(LDAP) extended operation to reverse (or "turn") the roles of client
and server for subsequent protocol exchanges in the session, or to
enable each peer to act as both client and server with respect to the
other.


=head2 RFC-3663 Domain Administrative Data in Lightweight Directory Access Protocol (LDAP)

http://www.ietf.org/rfc/rfc3663.txt

Domain registration data has typically been exposed to the general
public via Nicname/Whois for administrative purposes.  This document
describes the Referral Lightweight Directory Access Protocol (LDAP)
Service, an experimental service using LDAP and well-known LDAP types
to make domain administrative data available.


=head2 RFC-3088 OpenLDAP Root Service - An experimental LDAP referral service

http://www.ietf.org/rfc/rfc3088.txt

The OpenLDAP Project is operating an experimental LDAP (Lightweight
Directory Access Protocol) referral service known as the "OpenLDAP
Root Service".  The automated system generates referrals based upon
service location information published in DNS SRV RRs (Domain Name
System location of services resource records).  This document
describes this service.


=head2 RFC-2657 LDAPv2 Client vs. the Index Mesh

http://www.ietf.org/rfc/rfc2657.txt

LDAPv2 clients as implemented according to RFC 1777 have no
notion of referral. The integration between such a client and
an Index Mesh, as defined by the Common Indexing Protocol,
heavily depends on referrals and therefore needs to be handled
in a special way. This document defines one possible way of
doing this.


=head2 RFC-2649 Signed Directory Operations Using S/MIME

http://www.ietf.org/rfc/rfc2649.txt

This document defines an LDAPv3 based mechanism for signing
directory operations in order to create a secure journal of
changes that have been made to each directory entry. Both
client and server based signatures are supported. An object
class for subsequent retrieval are 'journal entries' is also
defined. This document specifies LDAPv3 controls that enable
this functionality. It also defines an LDAPv3 schema that
allows for subsequent browsing of the journal information.


=head2 RFC-2307 An Approach for Using LDAP as a Network Information Service

http://www.ietf.org/rfc/rfc2307.txt

This document describes an experimental mechanism for mapping
entities related to TCP/IP and the UNIX system into X.500
entries so that they may be resolved with the LDAP. A set of
attribute types and object classes are proposed, along with
specific guidelines for interpreting them. The intention is to
assist the deployment of LDAP as an organizational nameservice.
No proposed solutions are intended as standards for the
Internet. Rather, it is hoped that a general consensus will
emerge as to the appropriate solution to such problems, leading
eventually to the adoption of standards. The proposed mechanism
has already been implemented with some success.




=head1 Expired but still interesting Internet Drafts


=head2 draft-wahl-ldap-adminaddr -- Administrator Address Attribute

Organizations running multiple directory servers need an
ability for administrators to determine who is responsible for
a particular server. This is conceptually similar to the
'sysContact' object of SNMP. The administratorsAddress
attribute allows a server administrator to provide the contact
information of the responsible party for an LDAP server. This
can be used by management clients which are, for example,
checking the state of a replication or referral topology, to
provide a way for the user of the management client to send
email to manager of a particular server.


=head2 draft-zeilenga-ldap-noop -- The LDAP No-Op Control

This document defines the Lightweight Directory Access Protocol (LDAP)
No-Op control which can be used to disable the normal effect of an
operation.  The control can be used to discover how a server might
react to a particular update request without updating the directory.


=head2 draft-legg-ldap-transfer -- Lightweight Directory Access Protocol (LDAP): Transfer Encoding Options

Each attribute stored in a Lightweight Directory Access Protocol
(LDAP) directory has a defined syntax (i.e., data type).  A syntax
definition specifies how attribute values conforming to the syntax
are normally represented when transferred in LDAP operations.  This
representation is referred to as the LDAP-specific encoding to
distinguish it from other methods of encoding attribute values.  This
document introduces a new category of attribute options, called
transfer encoding options, that can be used to specify that the
associated attribute values are encoded according to one of these
other methods.


=head2 draft-furuseth-ldap-untypedobject -- Structural object class 'namedObject' for LDAP/X.500

This document defines an 'namedObject' structural object class for
the Lightweight Directory Access Protocol (LDAP) and X.500.  This is
useful for entries with no natural choice of structural object class,
e.g. if an entry must exist even though its contents are
uninteresting.


=head2 draft-wahl-ldap-p3p -- P3P Policy Attributes for LDAP

This document defines attributes that can be retrieved via
Lightweight Directory Access Protocol version 3 (LDAP) requests,
which contain URIs pointing to the privacy policy documents.  These
documents describe the privacy policy concerning access to a
directory server, and the privacy policies that apply to the contents
of the directory (a subtree of entries).


=head2 draft-chu-ldap-xordered -- Ordered Entries and Values in LDAP

As LDAP is used more extensively for managing various kinds of data,
one often encounters a need to preserve both the ordering and the
content of data, despite the inherently unordered structure of
entries and attribute values in the directory.  This document
describes a scheme to attach ordering information to attributes in a
directory so that the ordering may be preserved and propagated to
other LDAP applications.


=head2 draft-chu-ldap-logschema -- A Schema for Logging the LDAP Protocol

In order to facilitate remote administration and auditing of LDAP
server operation, it is desirable to provide the server's operational
logs themselves as a searchable LDAP directory.  These logs may also
be used as a persistent change log to support various replication
mechanisms.  This document defines a schema that may be used to
represent all of the requests that have been processed by an LDAP
server.  It may be used by various applications for auditing, flight
recorder, replication, and other purposes.


=head2 draft-zeilenga-ldap-relax -- The LDAP Relax Rules Control

This document defines the Lightweight Directory Access Protocol (LDAP)
Relax Rules Control which allows a directory user agent (a client) to
request the directory service temporarily relax enforcement of various
data and service model rules.


=head2 draft-gpaterno-dhcp-ldap -- DHCP Option for LDAP Directory Services discovery

This document defines a new DHCP option for delivering configuration
information for LDAP services. Through this option, the client
receives an LDAP URL [8] of the closest available LDAP server/replica
that can be used to authenticate users or look up any useful data.


=head2 draft-schleiff-ldap-xri -- LDAP Schema for eXtensible Resource Identifier (XRI)

This document describes Attribute Types and an Object Class for use
in representing XRI (eXtensible Resource Identifier) values in LDAP
(Lightweight Directory Access Protocol) and X.500 directory services.


=head2 draft-wahl-ldap-session -- LDAP Session Tracking Control

Many network devices, application servers, and middleware components
of a enterprise software infrastructure generate some form of session
tracking identifiers, which are useful when analyzing activity and
accounting logs to group activity relating to a particular session.
This document discusses how Lightweight Directory Access Protocol
version 3 (LDAP) clients can include session tracking identifiers
with their LDAP requests.  This information is provided through
controls in the requests the clients send to LDAP servers.  The LDAP
server receiving these controls can include the session tracking
identifiers the log messages it writes, enabling LDAP requests in
the LDAP server's logs to be correlated with activity in logs of
other components in the infrastructure.  The control also enables
session tracking information to be generated by LDAP servers and
returned to clients and other servers.  Three formats of session
tracking identifiers are defined in this document.


=head2 draft-wahl-ldap-subtree-source -- LDAP Subtree Data Source URI Attribute

This document defines an attribute that enables administrative
clients using the Lightweight Directory Access Protocol (LDAP) to
determine the source of directory entries.


=head2 draft-ietf-ldapext-psearch -- Persistent Search: A Simple LDAP Change Notification Mechanism

This document defines two controls that extend the LDAPv3
search operation to provide a simple mechanism by which an LDAP
client can receive notification of changes that occur in an
LDAP server. The mechanism is designed to be very flexible yet
easy for clients and servers to implement.


=head2 draft-ietf-ldapext-ldapv3-vlv -- LDAP Extensions for Scrolling View Browsing of Search Results

This document describes a Virtual List View control  extension  for  the
LDAP  Search  operation.  This control is designed to allow the "virtual
list box" feature, common in existing  commercial  e-mail  address  book
applications, to be supported efficiently by LDAP servers. LDAP servers'
inability to support this client feature is a significant impediment  to
LDAP replacing proprietary protocols in commercial e-mail systems.

The control allows a client to specify that the  server  return,  for  a
given  LDAP search with associated sort keys, a contiguous subset of the
search result set. This subset is specified in terms of offsets into the
ordered list, or in terms of a greater than or equal comparison value.




=head1 Where to find the latest information

Latest information on the RFCs and drafts around LDAP can be found at
L<IETF's datatracker|https://datatracker.ietf.org>.


=cut