Network Working Group M. Stroeder Internet-Draft Independent consultant Intended status: Informational February 03, 2014 Expires: August 07, 2014 Lightweight Directory Access Protocol (LDAP): Auxiliary Object Class 'mailboxRelatedObject' draft-stroeder-mailboxrelatedobject-05 Abstract This document defines the auxiliary object class 'mailboxRelatedObject' that can be used to associate an arbitrary object with an Internet mail address. Furthermore an attribute 'intlMailAdr' is defined for storing fully internationalized Internet mail addresses. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on August 07, 2014. Copyright Notice Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved. Stroeder Expires August 07, 2014 [Page 1] Internet-Draft LDAP Mailbox Related Objects February 2014 This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Attribute Type Definition . . . . . . . . . . . . . . . . . . 3 3. Object Class Definition . . . . . . . . . . . . . . . . . . . 4 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 5. Security Considerations . . . . . . . . . . . . . . . . . . . 4 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 4 6.1. Normative References . . . . . . . . . . . . . . . . . . 4 6.2. Informative References . . . . . . . . . . . . . . . . . 5 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 5 1. Introduction The attribute 'mail' [RFC4524] can be used to store Internet mail addresses with internationalized by using the ToASCII method [RFC3490]. But it cannot be used to store addresses with containing non-ASCII characters. Therefore this documents defines a new attribute type 'intlMailAdr' for fully internationalized Internet mail addresses as defined in [RFC6530]. Often there is a need to associate a, most times non-personal, Internet mail address with an arbitrary object (a service or system user) so applications can lookup where to send mail for this object. Many times the commonly available object class 'inetOrgPerson' [RFC2798] is wrongly used for storing such non-personal Internet mail addresses in attribute 'mail' [RFC4524]. Therefore this document defines the auxiliary object class 'mailboxRelatedObject' that can be used to associate an arbitrary object with an Internet mail address. It allows to add an Internet mail address attribute to any entry and allows to use either one or both of attributes 'mail' and 'intlMailAdr'. Stroeder Expires August 07, 2014 [Page 2] Internet-Draft LDAP Mailbox Related Objects February 2014 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. This document is being discussed on the ldapext@ietf.org mailing list. 2. Attribute Type Definition The attribute type 'intlMailAdr' is defined for storing SMTPUTF8 compliant addresses [RFC6530]. ( 1.3.6.1.4.1.5427.1.389.4.18 NAME 'intlMailAdr' DESC 'Internationalized Email Address' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) The DirectoryString (1.3.6.1.4.1.1466.115.121.1.15) syntax and the 'caseIgnoreMatch' and 'caseIgnoreSubstringsMatch' rules are described in [RFC4517]. Note that an application might have used the ToASCII method [RFC3490] to produce components of the production. This leads to different possible string representations of the same internationalized Internet mail address which could be listed as different values entry's 'intlMailAdr' attribute, operational issues may arise. The following issues like described for attribute type 'mail' in [RFC4524] have to be considered also for 'intlMailAdr' defined above: Note that the directory will not ensure that values of this attribute conform to the production [RFC5321]. It is the application's responsibility to ensure that domains it stores in this attribute are appropriately represented. Additionally, the directory will compare values per the matching rules named in the above attribute type description. As these rules differ from rules that normally apply to comparisons, operational issues may arise. For example, the assertion (mail=joe@example.com) will match "JOE@example.com" even though the differ. Also, where a user has two es whose addresses differ only by case of the , both cannot be listed as values of the entry's 'intlMailAdr' attribute in the same entry (as they are considered equal by the 'caseIgnoreMatch' rule). Stroeder Expires August 07, 2014 [Page 3] Internet-Draft LDAP Mailbox Related Objects February 2014 3. Object Class Definition Entries of auxiliary object class 'mailboxRelatedObject' MAY contain the following optional attributes: 'mail' [RFC4524] 'displayName' [RFC2798] 'intlMailAdr' ( 1.3.6.1.4.1.5427.1.389.6.9 NAME 'mailboxRelatedObject' DESC 'Associated RFC 5321 mailbox for any entry' AUXILIARY MAY ( displayName $ mail $ intlMailAdr ) ) 'mail' and 'intlMailAdr' are listed as optional attributes to allow to use only one of both. If 'mail' and 'intlMailAdr' are both set an application MAY choose one or the other to send mail to the entity represented by the directory entry. Therefore Internet mail addresses in attributes 'mail' and 'intlMailAdr' SHOULD represent the same mailbox if both are set or at least the entity MUST be able to retrieve the mail sent to either one of the addresses. 4. IANA Considerations The OID arc used for the attribute type and object class definition is: iso(1) org(3) dod(6) internet(1) private(4) enter-prise(1) stroeder.com(5427) public(1) ldap(389) 5. Security Considerations The introduction of these object classes does not impact the security of the Internet or a particular LDAP directory service. Security considerations for LDAP in general are discussed in documents comprising the technical specification [RFC4510]. 6. References 6.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2798] Smith, M., "Definition of the inetOrgPerson LDAP Object Class", RFC 2798, April 2000. Stroeder Expires August 07, 2014 [Page 4] Internet-Draft LDAP Mailbox Related Objects February 2014 [RFC4510] Zeilenga, K., "Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map", RFC 4510, June 2006. [RFC4517] Legg, S., "Lightweight Directory Access Protocol (LDAP): Syntaxes and Matching Rules", RFC 4517, June 2006. [RFC4524] Zeilenga, K., "COSINE LDAP/X.500 Schema", RFC 4524, June 2006. 6.2. Informative References [RFC3490] Faltstrom, P., Hoffman, P., and A. Costello, "Internationalizing Domain Names in Applications (IDNA)", RFC 3490, March 2003. [RFC5321] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, October 2008. [RFC6530] Klensin, J. and Y. Ko, "Overview and Framework for Internationalized Email", RFC 6530, February 2012. Author's Address Michael Stroeder Independent consultant Klauprechtstr. 11 Karlsruhe 76137 DE Email: michael@stroeder.com URI: http://www.stroeder.com Stroeder Expires August 07, 2014 [Page 5]