Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Access Control Requirements for LDAP (RFC2820)

IP.com Disclosure Number: IPCOM000003420D
Original Publication Date: 2000-May-01
Included in the Prior Art Database: 2005-May-22
Document File: 10 page(s) / 18K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

E. Stokes: AUTHOR [+4]

Abstract

This document describes the fundamental requirements of an access control list (ACL) model for the Lightweight Directory Application Protocol (LDAP) directory service. It is intended to be a gathering place for access control requirements needed to provide authorized access to and interoperability between directories.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 15% of the total text.

Network Working Group                                      E. Stokes
Request for Comments: 2820                                  D. Byrne
Category: Informational                                          IBM
                                                          B. Blakley
                                                              Dascom
                                                           P. Behera
                                                            Netscape
                                                            May 2000


                  Access Control Requirements for LDAP

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2000).  All Rights Reserved.

Abstract

   This document describes the fundamental requirements of an access
   control list (ACL) model for the Lightweight Directory Application
   Protocol (LDAP) directory service.  It is intended to be a gathering
   place for access control requirements needed to provide authorized
   access to and interoperability between directories.

   The keywords "MUST", "SHOULD", and "MAY" used in this document are to
   be interpreted as described in [bradner97].

1.  Introduction

   The ability to securely access (replicate and distribute) directory
   information throughout the network is necessary for successful
   deployment.  LDAP's acceptance as an access protocol for directory
   information is driving the need to provide an access control model
   definition for LDAP directory content among servers within an
   enterprise and the Internet.  Currently LDAP does not define an
   access control model, but is needed to ensure consistent secure
   access across heterogeneous LDAP implementations.  The requirements
   for access control are critical to the successful deployment and
   acceptance of LDAP in the market place.

   The RFC 2119 terminology is used in this document.


Stokes, et al.               Informational                      [Page 1]
RFC 2820          Access Control Requirements for LDAP          May 2000


2.  Objectives

   The major objective is to provide a simple, but secure, highly
   efficient access control model for LDAP while also providing the
   appropriate flexibility to meet the needs of both the Internet and
   enterprise environment...