RFC 2253 (rfc2253) - Page 2 of 10


Lightweight Directory Access Protocol (v3): UTF-8 String Representation of Distinguished Names



Alternative Format: Original Text Document



RFC 2253               LADPv3 Distinguished Names          December 1997


   Readers are hereby warned that until mandatory authentication
   mechanisms are standardized, clients and servers written according to
   this specification which make use of update functionality are
   UNLIKELY TO INTEROPERATE, or MAY INTEROPERATE ONLY IF AUTHENTICATION
   IS REDUCED TO AN UNACCEPTABLY WEAK LEVEL.

   Implementors are hereby discouraged from deploying LDAPv3 clients or
   servers which implement the update functionality, until a Proposed
   Standard for mandatory authentication in LDAPv3 has been approved and
   published as an RFC.

Abstract

   The X.500 Directory uses distinguished names as the primary keys to
   entries in the directory.  Distinguished Names are encoded in ASN.1
   in the X.500 Directory protocols.  In the Lightweight Directory
   Access Protocol, a string representation of distinguished names is
   transferred.  This specification defines the string format for
   representing names, which is designed to give a clean representation
   of commonly used distinguished names, while being able to represent
   any distinguished name.

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED",  "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [6].

1.  Background

   This specification assumes familiarity with X.500 [1], and the
   concept of Distinguished Name.  It is important to have a common
   format to be able to unambiguously represent a distinguished name.
   The primary goal of this specification is ease of encoding and
   decoding.  A secondary goal is to have names that are human readable.
   It is not expected that LDAP clients with a human user interface
   would display these strings directly to the user, but would most
   likely be performing translations (such as expressing attribute type
   names in one of the local national languages).

2.  Converting DistinguishedName from ASN.1 to a String

   In X.501 [2] the ASN.1 structure of distinguished name is defined as:

       DistinguishedName ::= RDNSequence

       RDNSequence ::= SEQUENCE OF RelativeDistinguishedName






Wahl, et. al.              Proposed Standard