-- ASN module extracted from ITU-T X.520 (10/2019)
SelectedAttributeTypes {joint-iso-itu-t ds(5) module(1) selectedAttributeTypes(5) 9}
DEFINITIONS ::=
BEGIN
-- EXPORTS All
/*
The types and values defined in this module are exported for use in the other ASN.1
modules contained within the Directory Specifications, and for the use of other
applications which will use them to access Directory services. Other applications
may use them for their own purposes, but this will not constrain extensions and
modifications needed to maintain or improve the Directory service.
*/
IMPORTS
-- from Rec. ITU-T X.501 | ISO/IEC 9594-2
id-at, id-avc, id, id-asx, id-cat, id-coat, id-lmr, id-lsx, id-mr, id-not, id-pr
FROM UsefulDefinitions
{joint-iso-itu-t ds(5) module(1) usefulDefinitions(0) 9} WITH SUCCESSORS
Attribute{}, ATTRIBUTE, AttributeType, AttributeValueAssertion, CONTEXT,
ContextAssertion, DistinguishedName, distinguishedNameMatch,
MAPPING-BASED-MATCHING{}, MATCHING-RULE, OBJECT-CLASS,
objectIdentifierMatch, SubtreeSpecification, SupportedAttributes, SYNTAX-NAME
FROM InformationFramework
{joint-iso-itu-t ds(5) module(1) informationFramework(1) 9} WITH SUCCESSORS
AttributeCombination, ContextCombination, MRMapping
FROM ServiceAdministration
{joint-iso-itu-t ds(5) module(1) serviceAdministration(33) 9} WITH SUCCESSORS
AttributeTypeDescription, DITContentRuleDescription, DITStructureRuleDescription,
MatchingRuleDescription, MatchingRuleUseDescription, NameFormDescription,
ObjectClassDescription
FROM SchemaAdministration
{joint-iso-itu-t ds(5) module(1) schemaAdministration(23) 9} WITH SUCCESSORS
-- from Rec. ITU-T X.509 | ISO/IEC 9594-8
AlgorithmIdentifier{}, Certificate, CertificateList, CertificatePair,
SupportedAlgorithm, SupportedAlgorithms
FROM AuthenticationFramework
{joint-iso-itu-t ds(5) module(1) authenticationFramework(7) 9} WITH SUCCESSORS
G3FacsimileNonBasicParameters
FROM PkiPmiExternalDataTypes
{joint-iso-itu-t ds(5) module(1) pkiPmiExternalDataTypes(40) 9} WITH SUCCESSORS
-- from Rec. ITU-T X.511 | ISO/IEC 9594-3
FilterItem, HierarchySelections, SearchControlOptions, ServiceControlOptions
FROM DirectoryAbstractService
{joint-iso-itu-t ds(5) module(1) directoryAbstractService(2) 9} WITH SUCCESSORS
-- from Rec. ITU-T X.520 | ISO/IEC 9594-6
PwdAlphabet, PwdVocabulary, UserPwd
FROM PasswordPolicy
{joint-iso-itu-t ds(5) module(1) passwordPolicy(39) 9} WITH SUCCESSORS ;
/*from IETF RFC 3727
The following import is provided for information only (see clause 7.2.16), it is not
referenced by any ASN.1 construct within these Directory Specifications. Note that
the ASN.1 module in RFC 3727 imports from the InformationFramework module of edition
4 of Rec. ITU-T X.501 | ISO/IEC 9594-2. A specification importing from both these
Directory Specifications and from RFC 3727 should take corrective actions, e.g.,
by making a copy of the ASN.1 module of RFC 3727 and then update the IMPORT statement.
allComponentsMatch, componentFilterMatch, directoryComponentsMatch, presentMatch, rdnMatch
FROM ComponentMatching {iso(1) 2 36 79672281 xed(3) module (0) component-matching(4)} */
-- Directory string type
UnboundedDirectoryString ::= CHOICE {
teletexString TeletexString(SIZE (1..MAX)),
printableString PrintableString(SIZE (1..MAX)),
bmpString BMPString(SIZE (1..MAX)),
universalString UniversalString(SIZE (1..MAX)),
uTF8String UTF8String(SIZE (1..MAX)) }
DirectoryString{INTEGER:maxSize} ::= CHOICE {
teletexString TeletexString(SIZE (1..maxSize,...)),
printableString PrintableString(SIZE (1..maxSize,...)),
bmpString BMPString(SIZE (1..maxSize,...)),
universalString UniversalString(SIZE (1..maxSize,...)),
uTF8String UTF8String(SIZE (1..maxSize,...)) }
-- Attribute types
knowledgeInformation ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
OBSOLETE TRUE
ID id-at-knowledgeInformation }
name ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"name"}
ID id-at-name }
commonName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"cn", "commonName"}
ID id-at-commonName }
surname ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"sn"}
ID id-at-surname }
givenName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"givenName"}
ID id-at-givenName }
initials ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"initials"}
ID id-at-initials }
generationQualifier ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"generationQualifier"}
ID id-at-generationQualifier }
uniqueIdentifier ATTRIBUTE ::= {
WITH SYNTAX UniqueIdentifier
EQUALITY MATCHING RULE bitStringMatch
LDAP-SYNTAX bitString.&id
LDAP-NAME {"x500UniqueIdentifier"}
ID id-at-uniqueIdentifier }
UniqueIdentifier ::= BIT STRING
dnQualifier ATTRIBUTE ::= {
WITH SYNTAX PrintableString
EQUALITY MATCHING RULE caseIgnoreMatch
ORDERING MATCHING RULE caseIgnoreOrderingMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX printableString.&id
LDAP-NAME {"dnQualifier"}
ID id-at-dnQualifier }
serialNumber ATTRIBUTE ::= {
WITH SYNTAX PrintableString(SIZE (1..MAX))
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX printableString.&id
LDAP-NAME {"serialNumber"}
ID id-at-serialNumber }
pseudonym ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
ID id-at-pseudonym }
uUIDPair ATTRIBUTE ::= {
WITH SYNTAX UUIDPair
EQUALITY MATCHING RULE uUIDPairMatch
ID id-at-uuidpair }
UUIDPair ::= SEQUENCE {
issuerUUID UUID,
subjectUUID UUID,
... }
UUID ::= OCTET STRING(SIZE (16)) -- UUID format only
uri ATTRIBUTE ::= {
WITH SYNTAX URI
EQUALITY MATCHING RULE uriMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"uri"}
ID id-at-uri }
URI ::= UTF8String
urn ATTRIBUTE ::= {
SUBTYPE OF uri
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"urn"}
ID id-at-urn }
url ATTRIBUTE ::= {
SUBTYPE OF uri
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"url"}
ID id-at-url }
dnsName ATTRIBUTE ::= {
WITH SYNTAX DomainName
EQUALITY MATCHING RULE dnsNameMatch
LDAP-SYNTAX dnsString.&id
LDAP-NAME {"DNS name"}
ID id-at-dnsName }
DomainName ::= UTF8String (CONSTRAINED BY { -- Conforms to the format of a domain name. -- })
intEmail ATTRIBUTE ::= {
WITH SYNTAX IntEmail
EQUALITY MATCHING RULE intEmailMatch
SINGLE VALUE TRUE
LDAP-SYNTAX intEmailString.&id
LDAP-NAME {"Internationalized Email"}
ID id-at-intEmail }
IntEmail ::= UTF8String (CONSTRAINED BY { -- Conforms to the format of an (internationalized) email address. -- })
jid ATTRIBUTE ::= {
WITH SYNTAX Jid
EQUALITY MATCHING RULE jidMatch
SINGLE VALUE TRUE
LDAP-SYNTAX jidString.&id
LDAP-NAME {"Jabber identifier"}
ID id-at-jid }
Jid ::= UTF8String (CONSTRAINED BY { /* Conforms to the format of a jabber identifier. */ })
objectIdentifier ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
SINGLE VALUE TRUE
LDAP-SYNTAX oid.&id
LDAP-NAME {"Object Identifier"}
ID id-at-objectIdentifier }
countryName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX CountryName
SINGLE VALUE TRUE
LDAP-SYNTAX countryString.&id
LDAP-NAME {"c"}
ID id-at-countryName }
CountryName ::= PrintableString(SIZE (2)) (CONSTRAINED BY { -- ISO 3166 alpha-2 codes only -- })
countryCode3c ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX CountryCode3c
SINGLE VALUE TRUE
LDAP-SYNTAX countryString3c.&id
LDAP-NAME {"c3"}
ID id-at-countryCode3c }
CountryCode3c ::= PrintableString(SIZE (3)) (CONSTRAINED BY { -- ISO 3166 alpha-3 codes only -- })
countryCode3n ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX CountryCode3n
SINGLE VALUE TRUE
LDAP-SYNTAX countryString3n.&id
LDAP-NAME {"n3"}
ID id-at-countryCode3n }
CountryCode3n ::= NumericString(SIZE (3)) (CONSTRAINED BY { -- ISO 3166 numeric-3 codes only -- })
localityName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"l"}
ID id-at-localityName }
collectiveLocalityName ATTRIBUTE ::= {
SUBTYPE OF localityName
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-l"}
ID id-at-collectiveLocalityName }
stateOrProvinceName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"st"}
ID id-at-stateOrProvinceName }
collectiveStateOrProvinceName ATTRIBUTE ::= {
SUBTYPE OF stateOrProvinceName
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-st"}
ID id-at-collectiveStateOrProvinceName }
streetAddress ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"street"}
ID id-at-streetAddress }
collectiveStreetAddress ATTRIBUTE ::= {
SUBTYPE OF streetAddress
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-street"}
ID id-at-collectiveStreetAddress }
houseIdentifier ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"houseIdentifier"}
ID id-at-houseIdentifier }
utmCoordinates ATTRIBUTE ::= {
WITH SYNTAX UtmCoordinates
SINGLE VALUE TRUE
LDAP-SYNTAX utmCoords.&id
LDAP-NAME {"utmCoordinates"}
ID id-at-utmCoordinates }
UtmCoordinates ::= SEQUENCE {
zone PrintableString,
easting NumericString,
northing NumericString }
organizationName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"o"}
ID id-at-organizationName }
collectiveOrganizationName ATTRIBUTE ::= {
SUBTYPE OF organizationName
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-o"}
ID id-at-collectiveOrganizationName }
organizationalUnitName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"ou"}
ID id-at-organizationalUnitName }
collectiveOrganizationalUnitName ATTRIBUTE ::= {
SUBTYPE OF organizationalUnitName
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-ou"}
ID id-at-collectiveOrganizationalUnitName }
title ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"title"}
ID id-at-title }
organizationIdentifier ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
SINGLE VALUE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"organizationIdentifier"}
ID id-at-organizationIdentifier }
description ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"description"}
ID id-at-description }
searchGuide ATTRIBUTE ::= {
WITH SYNTAX Guide
LDAP-SYNTAX guide.&id
LDAP-NAME {"searchGuide"}
ID id-at-searchGuide }
Guide ::= SET {
objectClass [0] OBJECT-CLASS.&id OPTIONAL,
criteria [1] Criteria,
... }
Criteria ::= CHOICE {
type [0] CriteriaItem,
and [1] SET OF Criteria,
or [2] SET OF Criteria,
not [3] Criteria,
... }
CriteriaItem ::= CHOICE {
equality [0] AttributeType,
substrings [1] AttributeType,
greaterOrEqual [2] AttributeType,
lessOrEqual [3] AttributeType,
approximateMatch [4] AttributeType,
... }
enhancedSearchGuide ATTRIBUTE ::= {
WITH SYNTAX EnhancedGuide
LDAP-SYNTAX enhancedGuide.&id
LDAP-NAME {"enhancedSearchGuide"}
ID id-at-enhancedSearchGuide }
EnhancedGuide ::= SEQUENCE {
objectClass [0] OBJECT-CLASS.&id,
criteria [1] Criteria,
subset [2] INTEGER {
baseObject (0),
oneLevel (1),
wholeSubtree (2)} DEFAULT oneLevel,
... }
businessCategory ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"businessCategory"}
ID id-at-businessCategory }
postalAddress ATTRIBUTE ::= {
WITH SYNTAX PostalAddress
EQUALITY MATCHING RULE caseIgnoreListMatch
SUBSTRINGS MATCHING RULE caseIgnoreListSubstringsMatch
LDAP-SYNTAX postalAddr.&id
LDAP-NAME {"postalAddress"}
ID id-at-postalAddress }
PostalAddress ::= SEQUENCE SIZE (1..MAX) OF UnboundedDirectoryString
collectivePostalAddress ATTRIBUTE ::= {
SUBTYPE OF postalAddress
COLLECTIVE TRUE
LDAP-SYNTAX postalAddr.&id
LDAP-NAME {"c-PostalAddress"}
ID id-at-collectivePostalAddress }
postalCode ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"postalCode"}
ID id-at-postalCode }
collectivePostalCode ATTRIBUTE ::= {
SUBTYPE OF postalCode
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-PostalCode"}
ID id-at-collectivePostalCode }
postOfficeBox ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"postOfficeBox"}
ID id-at-postOfficeBox }
collectivePostOfficeBox ATTRIBUTE ::= {
SUBTYPE OF postOfficeBox
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-PostOfficeBox"}
ID id-at-collectivePostOfficeBox }
physicalDeliveryOfficeName ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"physicalDeliveryOfficeName"}
ID id-at-physicalDeliveryOfficeName }
collectivePhysicalDeliveryOfficeName ATTRIBUTE ::= {
SUBTYPE OF physicalDeliveryOfficeName
COLLECTIVE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"c-PhysicalDeliveryOfficeName"}
ID id-at-collectivePhysicalDeliveryOfficeName }
telephoneNumber ATTRIBUTE ::= {
WITH SYNTAX TelephoneNumber
EQUALITY MATCHING RULE telephoneNumberMatch
SUBSTRINGS MATCHING RULE telephoneNumberSubstringsMatch
LDAP-SYNTAX printableString.&id
LDAP-NAME {"telephoneNumber"}
ID id-at-telephoneNumber }
TelephoneNumber ::= PrintableString(SIZE (1..ub-telephone-number))
-- String complying with Rec. ITU-T E.123 only
ub-telephone-number INTEGER ::= 32
collectiveTelephoneNumber ATTRIBUTE ::= {
SUBTYPE OF telephoneNumber
COLLECTIVE TRUE
LDAP-SYNTAX printableString.&id
LDAP-NAME {"c-TelephoneNumber"}
ID id-at-collectiveTelephoneNumber }
telexNumber ATTRIBUTE ::= {
WITH SYNTAX TelexNumber
LDAP-SYNTAX telexNr.&id
LDAP-NAME {"telexNumber"}
ID id-at-telexNumber }
TelexNumber ::= SEQUENCE {
telexNumber PrintableString(SIZE (1..ub-telex-number)),
countryCode PrintableString(SIZE (1..ub-country-code)),
answerback PrintableString(SIZE (1..ub-answerback)),
... }
ub-telex-number INTEGER ::= 14
ub-country-code INTEGER ::= 4
ub-answerback INTEGER ::= 8
collectiveTelexNumber ATTRIBUTE ::= {
SUBTYPE OF telexNumber
COLLECTIVE TRUE
LDAP-SYNTAX telexNr.&id
LDAP-NAME {"c-TelexNumber"}
ID id-at-collectiveTelexNumber }
facsimileTelephoneNumber ATTRIBUTE ::= {
WITH SYNTAX FacsimileTelephoneNumber
EQUALITY MATCHING RULE facsimileNumberMatch
SUBSTRINGS MATCHING RULE facsimileNumberSubstringsMatch
LDAP-SYNTAX facsimileTelephoneNr.&id
LDAP-NAME {"facsimileTelephoneNumber"}
ID id-at-facsimileTelephoneNumber }
FacsimileTelephoneNumber ::= SEQUENCE {
telephoneNumber TelephoneNumber,
parameters G3FacsimileNonBasicParameters OPTIONAL,
... }
collectiveFacsimileTelephoneNumber ATTRIBUTE ::= {
SUBTYPE OF facsimileTelephoneNumber
COLLECTIVE TRUE
LDAP-SYNTAX facsimileTelephoneNr.&id
LDAP-NAME {"c-FacsimileTelephoneNumber"}
ID id-at-collectiveFacsimileTelephoneNumber }
x121Address ATTRIBUTE ::= {
WITH SYNTAX X121Address
EQUALITY MATCHING RULE numericStringMatch
SUBSTRINGS MATCHING RULE numericStringSubstringsMatch
LDAP-SYNTAX numericString.&id
LDAP-NAME {"x121Address"}
ID id-at-x121Address }
X121Address ::= NumericString(SIZE (1..ub-x121-address))
-- String as defined by Rec. ITU-T X.121
ub-x121-address INTEGER ::= 15
internationalISDNNumber ATTRIBUTE ::= {
WITH SYNTAX InternationalISDNNumber
EQUALITY MATCHING RULE numericStringMatch
SUBSTRINGS MATCHING RULE numericStringSubstringsMatch
LDAP-SYNTAX numericString.&id
LDAP-NAME {"internationalISDNNumber"}
ID id-at-internationalISDNNumber }
InternationalISDNNumber ::=
NumericString(SIZE (1..ub-international-isdn-number))
-- String complying with Rec. ITU-T E.164 only
ub-international-isdn-number INTEGER ::= 16
collectiveInternationalISDNNumber ATTRIBUTE ::= {
SUBTYPE OF internationalISDNNumber
COLLECTIVE TRUE
LDAP-SYNTAX numericString.&id
LDAP-NAME {"c-InternationalISDNNumber"}
ID id-at-collectiveInternationalISDNNumber }
registeredAddress ATTRIBUTE ::= {
SUBTYPE OF postalAddress
WITH SYNTAX PostalAddress
LDAP-SYNTAX postalAddr.&id
LDAP-NAME {"registeredAddress"}
ID id-at-registeredAddress }
destinationIndicator ATTRIBUTE ::= {
WITH SYNTAX DestinationIndicator
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX printableString.&id
LDAP-NAME {"destinationIndicator"}
ID id-at-destinationIndicator }
DestinationIndicator ::= PrintableString(SIZE (1..MAX))
-- alphabetical characters only
communicationsService ATTRIBUTE ::= {
WITH SYNTAX CommunicationsService
EQUALITY MATCHING RULE objectIdentifierMatch
LDAP-SYNTAX oid.&id
LDAP-NAME {"communicationsService"}
ID id-at-communicationsService }
CommunicationsService ::= OBJECT IDENTIFIER
communicationsNetwork ATTRIBUTE ::= {
WITH SYNTAX CommunicationsNetwork
EQUALITY MATCHING RULE objectIdentifierMatch
SINGLE VALUE TRUE
LDAP-SYNTAX oid.&id
LDAP-NAME {"communicationsNetwork"}
ID id-at-communicationsNetwork }
CommunicationsNetwork ::= OBJECT IDENTIFIER
preferredDeliveryMethod ATTRIBUTE ::= {
WITH SYNTAX PreferredDeliveryMethod
SINGLE VALUE TRUE
LDAP-SYNTAX deliveryMethod.&id
LDAP-NAME {"preferredDeliveryMethod"}
ID id-at-preferredDeliveryMethod }
PreferredDeliveryMethod ::= SEQUENCE OF INTEGER {
any-delivery-method (0),
mhs-delivery (1),
physical-delivery (2),
telex-delivery (3),
teletex-delivery (4),
g3-facsimile-delivery (5),
g4-facsimile-delivery (6),
ia5-terminal-delivery (7),
videotex-delivery (8),
telephone-delivery (9) }
presentationAddress ATTRIBUTE ::= {
WITH SYNTAX PresentationAddress
EQUALITY MATCHING RULE presentationAddressMatch
SINGLE VALUE TRUE
LDAP-SYNTAX presentationAddr.&id
LDAP-NAME {"presentationAddress"}
ID id-at-presentationAddress }
PresentationAddress ::= SEQUENCE {
pSelector [0] OCTET STRING OPTIONAL,
sSelector [1] OCTET STRING OPTIONAL,
tSelector [2] OCTET STRING OPTIONAL,
nAddresses [3] SET SIZE (1..MAX) OF OCTET STRING,
... }
supportedApplicationContext ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
LDAP-SYNTAX oid.&id
LDAP-NAME {"supportedApplicationContext"}
ID id-at-supportedApplicationContext }
protocolInformation ATTRIBUTE ::= {
WITH SYNTAX ProtocolInformation
EQUALITY MATCHING RULE protocolInformationMatch
ID id-at-protocolInformation }
ProtocolInformation ::= SEQUENCE {
nAddress OCTET STRING,
profiles SET OF OBJECT IDENTIFIER }
distinguishedName ATTRIBUTE ::= {
WITH SYNTAX DistinguishedName
EQUALITY MATCHING RULE distinguishedNameMatch
LDAP-SYNTAX dn.&id
LDAP-NAME {"distinguishedName"}
ID id-at-distinguishedName }
member ATTRIBUTE ::= {
SUBTYPE OF distinguishedName
LDAP-SYNTAX dn.&id
LDAP-NAME {"member"}
ID id-at-member }
uniqueMember ATTRIBUTE ::= {
WITH SYNTAX NameAndOptionalUID
EQUALITY MATCHING RULE uniqueMemberMatch
LDAP-SYNTAX nameAndOptionalUID.&id
LDAP-NAME {"uniqueMember"}
ID id-at-uniqueMember }
NameAndOptionalUID ::= SEQUENCE {
dn DistinguishedName,
uid UniqueIdentifier OPTIONAL,
... }
owner ATTRIBUTE ::= {
SUBTYPE OF distinguishedName
LDAP-SYNTAX dn.&id
LDAP-NAME {"owner"}
ID id-at-owner }
roleOccupant ATTRIBUTE ::= {
SUBTYPE OF distinguishedName
LDAP-SYNTAX dn.&id
LDAP-NAME {"roleOccupant"}
ID id-at-roleOccupant }
seeAlso ATTRIBUTE ::= {
SUBTYPE OF distinguishedName
LDAP-SYNTAX dn.&id
LDAP-NAME {"seeAlso"}
ID id-at-seeAlso }
dmdName ATTRIBUTE ::= {
SUBTYPE OF name
WITH SYNTAX UnboundedDirectoryString
ID id-at-dmdName }
-- Hierarchical attribute types
oidC1 ATTRIBUTE ::= {
WITH SYNTAX INTEGER
EQUALITY MATCHING RULE integerMatch
SINGLE VALUE TRUE
ID id-oidC1 }
oidC2 ATTRIBUTE ::= {
WITH SYNTAX INTEGER
EQUALITY MATCHING RULE integerMatch
SINGLE VALUE TRUE
ID id-oidC2 }
oidC ATTRIBUTE ::= {
WITH SYNTAX INTEGER
EQUALITY MATCHING RULE integerMatch
SINGLE VALUE TRUE
ID id-oidC }
urnC ATTRIBUTE ::= {
WITH SYNTAX PrintableString
EQUALITY MATCHING RULE caseExactMatch
SINGLE VALUE TRUE
LDAP-SYNTAX printableString.&id
LDAP-NAME {"urnC"}
ID id-at-urnC }
-- Attribute types for tag-based identification
tagOid ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
SINGLE VALUE TRUE
LDAP-SYNTAX oid.&id
LDAP-NAME {"tagOid"}
ID id-at-tagOid }
uiiFormat ATTRIBUTE ::= {
WITH SYNTAX UiiFormat
SINGLE VALUE TRUE
LDAP-SYNTAX uiiForm.&id
LDAP-NAME {"uiiFormat"}
ID id-at-uiiFormat }
UiiFormat ::= SEQUENCE {
baseObject URI OPTIONAL,
subset ENUMERATED {
baseObject (0),
oneLevel (1),
wholeSubtree (2) } DEFAULT baseObject,
next CHOICE {
length INTEGER,
filter UiiFilter } }
UiiFilter ::= CHOICE {
item [0] UiiItem,
and [1] SET OF UiiFilter,
or [2] SET OF UiiFilter,
not [3] UiiFilter }
UiiItem ::= SEQUENCE {
type ATTRIBUTE.&id,
length INTEGER OPTIONAL }
uiiInUrn ATTRIBUTE ::= {
WITH SYNTAX UTF8String
EQUALITY MATCHING RULE caseExactMatch
SINGLE VALUE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"uiiInUrn"}
ID id-at-uiiInUrn }
contentUrl ATTRIBUTE ::= {
SUBTYPE OF url
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"contentUrl"}
ID id-at-contentUrl }
uii ATTRIBUTE ::= {
WITH SYNTAX BIT STRING
EQUALITY MATCHING RULE bitStringMatch
LDAP-SYNTAX bitString.&id
LDAP-NAME {"uii"}
ID id-at-uii }
epc ATTRIBUTE ::= {
WITH SYNTAX BIT STRING
EQUALITY MATCHING RULE bitStringMatch
LDAP-SYNTAX bitString.&id
LDAP-NAME {"epc"}
ID id-at-epc }
tagAfi ATTRIBUTE ::= {
WITH SYNTAX OCTET STRING
EQUALITY MATCHING RULE octetStringMatch
LDAP-SYNTAX octetString.&id
LDAP-NAME {"tagAfi"}
ID id-at-tagAfi }
epcFormat ATTRIBUTE ::= {
WITH SYNTAX EpcFormat
SINGLE VALUE TRUE
LDAP-SYNTAX epcForm.&id
LDAP-NAME {"epcFormat"}
ID id-at-epcFormat }
EpcFormat ::= SEQUENCE {
fields SEQUENCE SIZE (1..MAX) OF SEQUENCE {
bits INTEGER,
charField CHOICE {
characters [0] INTEGER,
maxValue [1] INTEGER },
result ENUMERATED {
numericPad (0),
numeric (1),
alpha7bits (2) } DEFAULT numericPad },
digitShift [0] INTEGER OPTIONAL,
checkCalc [1] INTEGER OPTIONAL,
urnPrefix UTF8String OPTIONAL }
epcInUrn ATTRIBUTE ::= {
SUBTYPE OF urn
SINGLE VALUE TRUE
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"epcInUrn"}
ID id-at-epcInUrn }
ldapUrl ATTRIBUTE ::= {
SUBTYPE OF url
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"ldapUrl"}
ID id-at-ldapUrl }
tagLocation ATTRIBUTE ::= {
SUBTYPE OF utmCoordinates
SINGLE VALUE TRUE
LDAP-SYNTAX utmCoords.&id
LDAP-NAME {"tagLocation"}
ID id-at-tagLocation }
-- Notification attributes
dSAProblem ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
ID id-not-dSAProblem }
searchServiceProblem ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
SINGLE VALUE TRUE
ID id-not-searchServiceProblem }
serviceType ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
SINGLE VALUE TRUE
ID id-not-serviceType }
attributeTypeList ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
ID id-not-attributeTypeList }
matchingRuleList ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
ID id-not-matchingRuleList }
filterItem ATTRIBUTE ::= {
WITH SYNTAX FilterItem
ID id-not-filterItem }
attributeCombinations ATTRIBUTE ::= {
WITH SYNTAX AttributeCombination
ID id-not-attributeCombinations }
contextTypeList ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
ID id-not-contextTypeList }
contextList ATTRIBUTE ::= {
WITH SYNTAX ContextAssertion
ID id-not-contextList }
contextCombinations ATTRIBUTE ::= {
WITH SYNTAX ContextCombination
ID id-not-contextCombinations }
hierarchySelectList ATTRIBUTE ::= {
WITH SYNTAX HierarchySelections
SINGLE VALUE TRUE
ID id-not-hierarchySelectList }
searchControlOptionsList ATTRIBUTE ::= {
WITH SYNTAX SearchControlOptions
SINGLE VALUE TRUE
ID id-not-searchControlOptionsList }
serviceControlOptionsList ATTRIBUTE ::= {
WITH SYNTAX ServiceControlOptions
SINGLE VALUE TRUE
ID id-not-serviceControlOptionsList }
multipleMatchingLocalities ATTRIBUTE ::= {
WITH SYNTAX MultipleMatchingLocalities
ID id-not-multipleMatchingLocalities }
MultipleMatchingLocalities ::= SEQUENCE {
matchingRuleUsed MATCHING-RULE.&id OPTIONAL,
attributeList SEQUENCE OF AttributeValueAssertion,
... }
proposedRelaxation ATTRIBUTE ::= {
WITH SYNTAX MRMappings
ID id-not-proposedRelaxation }
MRMappings ::= SEQUENCE OF MRMapping
appliedRelaxation ATTRIBUTE ::= {
WITH SYNTAX OBJECT IDENTIFIER
EQUALITY MATCHING RULE objectIdentifierMatch
ID id-not-appliedRelaxation }
pwdResponseValue ATTRIBUTE ::= {
WITH SYNTAX PwdResponse
ID id-not-pwdResponse }
PwdResponse ::= SEQUENCE {
warning CHOICE {
timeleft [0] INTEGER(0..MAX),
graceRemaining [1] INTEGER(0..MAX),
... } OPTIONAL,
error ENUMERATED {
passwordExpired (0),
changeAfterReset (1),
... } OPTIONAL}
ldapDiagnosticMsg ATTRIBUTE ::= {
WITH SYNTAX UTF8String
SINGLE VALUE TRUE
ID id-not-ldapDiagnosticMsg }
-- LDAP defined attribute types
uid ATTRIBUTE ::= {
WITH SYNTAX UnboundedDirectoryString
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"uid"}
ID id-coat-uid }
dc ATTRIBUTE ::= {
WITH SYNTAX IA5String
EQUALITY MATCHING RULE caseIgnoreMatch
SUBSTRINGS MATCHING RULE caseIgnoreSubstringsMatch
LDAP-SYNTAX ia5String.&id
LDAP-NAME {"dc"}
ID id-coat-dc }
-- Matching rules
caseExactMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"caseExactMatch"}
ID id-mr-caseExactMatch }
caseIgnoreMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"caseIgnoreMatch"}
ID id-mr-caseIgnoreMatch }
caseExactOrderingMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"caseExactOrderingMatch"}
ID id-mr-caseExactOrderingMatch }
caseIgnoreOrderingMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"caseIgnoreOrderingMatch"}
ID id-mr-caseIgnoreOrderingMatch }
caseExactSubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion -- only the PrintableString choice
LDAP-SYNTAX substringAssertion.&id
LDAP-NAME {"caseExactSubstringsMatch"}
ID id-mr-caseExactSubstringsMatch }
caseIgnoreSubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
LDAP-SYNTAX substringAssertion.&id
LDAP-NAME {"caseIgnoreSubstringsMatch"}
ID id-mr-caseIgnoreSubstringsMatch }
SubstringAssertion ::= SEQUENCE OF CHOICE {
initial [0] UnboundedDirectoryString,
any [1] UnboundedDirectoryString,
final [2] UnboundedDirectoryString,
-- at most one initial and one final component
control Attribute{{SupportedAttributes}},
-- Used to specify interpretation of the following items
... }
numericStringMatch MATCHING-RULE ::= {
SYNTAX NumericString
LDAP-SYNTAX numericString.&id
LDAP-NAME {"numericStringMatch"}
ID id-mr-numericStringMatch }
numericStringOrderingMatch MATCHING-RULE ::= {
SYNTAX NumericString
LDAP-SYNTAX numericString.&id
LDAP-NAME {"numericStringOrderingMatch"}
ID id-mr-numericStringOrderingMatch }
numericStringSubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
LDAP-SYNTAX substringAssertion.&id
LDAP-NAME {"numericStringSubstringsMatch"}
ID id-mr-numericStringSubstringsMatch }
caseIgnoreListMatch MATCHING-RULE ::= {
SYNTAX CaseIgnoreList
LDAP-SYNTAX postalAddr.&id
LDAP-NAME {"caseIgnoreListMatch"}
ID id-mr-caseIgnoreListMatch }
CaseIgnoreList ::= SEQUENCE OF UnboundedDirectoryString
caseIgnoreListSubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
LDAP-SYNTAX substringAssertion.&id
LDAP-NAME {"caseIgnoreListSubstringsMatch"}
ID id-mr-caseIgnoreListSubstringsMatch }
storedPrefixMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
ID id-mr-storedPrefixMatch }
booleanMatch MATCHING-RULE ::= {
SYNTAX BOOLEAN
LDAP-SYNTAX bitString.&id
LDAP-NAME {"booleanMatch"}
ID id-mr-booleanMatch }
integerMatch MATCHING-RULE ::= {
SYNTAX INTEGER
LDAP-SYNTAX integer.&id
LDAP-NAME {"integerMatch"}
ID id-mr-integerMatch }
integerOrderingMatch MATCHING-RULE ::= {
SYNTAX INTEGER
LDAP-SYNTAX integer.&id
LDAP-NAME {"integerOrderingMatch"}
ID id-mr-integerOrderingMatch }
bitStringMatch MATCHING-RULE ::= {
SYNTAX BIT STRING
LDAP-SYNTAX bitString.&id
LDAP-NAME {"bitStringMatch"}
ID id-mr-bitStringMatch }
octetStringMatch MATCHING-RULE ::= {
SYNTAX OCTET STRING
LDAP-SYNTAX octetString.&id
LDAP-NAME {"octetStringMatch"}
ID id-mr-octetStringMatch }
octetStringOrderingMatch MATCHING-RULE ::= {
SYNTAX OCTET STRING
LDAP-SYNTAX octetString.&id
LDAP-NAME {"octetStringOrderingMatch"}
ID id-mr-octetStringOrderingMatch }
octetStringSubstringsMatch MATCHING-RULE ::= {
SYNTAX OctetSubstringAssertion
ID id-mr-octetStringSubstringsMatch }
OctetSubstringAssertion ::= SEQUENCE OF CHOICE {
initial [0] OCTET STRING,
any [1] OCTET STRING,
final [2] OCTET STRING,
... } -- at most one initial and one final component
telephoneNumberMatch MATCHING-RULE ::= {
SYNTAX TelephoneNumber
LDAP-SYNTAX telephoneNr.&id
LDAP-NAME {"telephoneNumberMatch"}
ID id-mr-telephoneNumberMatch }
telephoneNumberSubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
LDAP-SYNTAX substringAssertion.&id
LDAP-NAME {"telephoneNumberSubstringsMatch"}
ID id-mr-telephoneNumberSubstringsMatch }
presentationAddressMatch MATCHING-RULE ::= {
SYNTAX PresentationAddress
ID id-mr-presentationAddressMatch }
uniqueMemberMatch MATCHING-RULE ::= {
SYNTAX NameAndOptionalUID
LDAP-SYNTAX nameAndOptionalUID.&id
LDAP-NAME {"uniqueMemberMatch"}
ID id-mr-uniqueMemberMatch }
protocolInformationMatch MATCHING-RULE ::= {
SYNTAX OCTET STRING
ID id-mr-protocolInformationMatch }
facsimileNumberMatch MATCHING-RULE ::= {
SYNTAX TelephoneNumber
ID id-mr-facsimileNumberMatch }
facsimileNumberSubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
ID id-mr-facsimileNumberSubstringsMatch }
uUIDPairMatch MATCHING-RULE ::= {
SYNTAX UUIDPair
ID id-mr-uuidpairmatch }
uTCTimeMatch MATCHING-RULE ::= {
SYNTAX UTCTime
ID id-mr-uTCTimeMatch }
uTCTimeOrderingMatch MATCHING-RULE ::= {
SYNTAX UTCTime
ID id-mr-uTCTimeOrderingMatch }
generalizedTimeMatch MATCHING-RULE ::= {
SYNTAX GeneralizedTime
-- as per 46.3 b) or c) of Rec. ITU-T X.680 | ISO/IEC 8824-1
LDAP-SYNTAX generalizedTime.&id
LDAP-NAME {"generalizedTimeMatch"}
ID id-mr-generalizedTimeMatch }
generalizedTimeOrderingMatch MATCHING-RULE ::= {
SYNTAX GeneralizedTime
-- as per 46.3 b) or c) of Rec. ITU-T X.680 | ISO/IEC 8824-1
LDAP-SYNTAX generalizedTime.&id
LDAP-NAME {"generalizedTimeOrderingMatch"}
ID id-mr-generalizedTimeOrderingMatch }
systemProposedMatch MATCHING-RULE ::= {
ID id-mr-systemProposedMatch }
integerFirstComponentMatch MATCHING-RULE ::= {
SYNTAX INTEGER
LDAP-SYNTAX integer.&id
LDAP-NAME {"integerFirstComponentMatch"}
ID id-mr-integerFirstComponentMatch }
objectIdentifierFirstComponentMatch MATCHING-RULE ::= {
SYNTAX OBJECT IDENTIFIER
LDAP-SYNTAX oid.&id
LDAP-NAME {"objectIdentifierFirstComponentMatch"}
ID id-mr-objectIdentifierFirstComponentMatch }
directoryStringFirstComponentMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"directoryStringFirstComponentMatch"}
ID id-mr-directoryStringFirstComponentMatch }
wordMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"wordMatch"}
ID id-mr-wordMatch }
keywordMatch MATCHING-RULE ::= {
SYNTAX UnboundedDirectoryString
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"keywordMatch"}
ID id-mr-keywordMatch }
generalWordMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
ID id-mr-generalWordMatch }
sequenceMatchType ATTRIBUTE ::= {
WITH SYNTAX SequenceMatchType
SINGLE VALUE TRUE
ID id-cat-sequenceMatchType } -- defaulting to sequenceExact
SequenceMatchType ::= ENUMERATED {
sequenceExact (0),
sequenceDeletion (1),
sequenceRestrictedDeletion (2),
sequencePermutation (3),
sequencePermutationAndDeletion (4),
sequenceProviderDefined (5),
... }
wordMatchTypes ATTRIBUTE ::= {
WITH SYNTAX WordMatchTypes
SINGLE VALUE TRUE
ID id-cat-wordMatchType } -- defaulting to wordExact
WordMatchTypes ::= ENUMERATED {
wordExact (0),
wordTruncated (1),
wordPhonetic (2),
wordProviderDefined (3),
... }
characterMatchTypes ATTRIBUTE ::= {
WITH SYNTAX CharacterMatchTypes
SINGLE VALUE TRUE
ID id-cat-characterMatchTypes }
CharacterMatchTypes ::= ENUMERATED {
characterExact (0),
characterCaseIgnore (1),
characterMapped (2),
... }
selectedContexts ATTRIBUTE ::= {
WITH SYNTAX ContextAssertion
ID id-cat-selectedContexts }
approximateStringMatch MATCHING-RULE ::= {
ID id-mr-approximateStringMatch }
ignoreIfAbsentMatch MATCHING-RULE ::= {
ID id-mr-ignoreIfAbsentMatch }
nullMatch MATCHING-RULE ::= {
ID id-mr-nullMatch }
ZONAL-MATCHING ::=
MAPPING-BASED-MATCHING{ZonalSelect, TRUE, ZonalResult, zonalMatch.&id}
ZonalSelect ::= SEQUENCE OF AttributeType
ZonalResult ::= ENUMERATED {
cannot-select-mapping (0),
zero-mappings (2),
multiple-mappings (3),
... }
zonalMatch MATCHING-RULE ::= {
UNIQUE-MATCH-INDICATOR multipleMatchingLocalities
ID id-mr-zonalMatch }
uriMatch MATCHING-RULE ::= {
SYNTAX UTF8String
LDAP-SYNTAX directoryString.&id
LDAP-NAME {"uriMatch"}
ID id-mr-uriMatch }
dnsNameMatch MATCHING-RULE ::= {
SYNTAX DomainName
LDAP-SYNTAX dnsString.&id
LDAP-NAME {"dnsNameMatch"}
ID id-mr-dnsNameMatch }
intEmailMatch MATCHING-RULE ::= {
SYNTAX IntEmail
LDAP-SYNTAX dnsString.&id
LDAP-NAME {"intEmailMatch"}
ID id-mr-intEmailMatch }
jidMatch MATCHING-RULE ::= {
SYNTAX Jid
LDAP-SYNTAX dnsString.&id
LDAP-NAME {"jidMatch"}
ID id-mr-jidMatch }
-- LDAP defined matching rules
caseExactIA5Match MATCHING-RULE ::= {
SYNTAX IA5String
LDAP-SYNTAX ia5String.&id
LDAP-NAME {"caseExactIA5Match"}
ID id-lmr-caseExactIA5Match }
caseIgnoreIA5Match MATCHING-RULE ::= {
SYNTAX IA5String
LDAP-SYNTAX ia5String.&id
LDAP-NAME {"caseIgnoreIA5Match"}
ID id-lmr-caseIgnoreIA5Match }
caseIgnoreIA5SubstringsMatch MATCHING-RULE ::= {
SYNTAX SubstringAssertion
LDAP-SYNTAX substringAssertion.&id
LDAP-NAME {"caseIgnoreIA5SubstringsMatch"}
ID id-lmr-caseIgnoreIA5Match }
-- Syntaxes defined by this Directory Specification
utmCoords SYNTAX-NAME ::= {
LDAP-DESC "UTM Coordinates"
DIRECTORY SYNTAX UtmCoordinates
ID id-asx-utmCoords }
uiiForm SYNTAX-NAME ::= {
LDAP-DESC "UII Format"
DIRECTORY SYNTAX UiiFormat
ID id-asx-uiiForm }
epcForm SYNTAX-NAME ::= {
LDAP-DESC "EPC Format"
DIRECTORY SYNTAX EpcFormat
ID id-asx-epcForm }
countryString3c SYNTAX-NAME ::= {
LDAP-DESC "Country String 3 characters"
DIRECTORY SYNTAX CountryCode3c
ID id-asx-countryString3c }
countryString3n SYNTAX-NAME ::= {
LDAP-DESC "Country String 3 numeric characters"
DIRECTORY SYNTAX CountryCode3n
ID id-asx-countryString3n }
dnsString SYNTAX-NAME ::= {
LDAP-DESC "DNS Name String"
DIRECTORY SYNTAX DomainName
ID id-asx-dnsString }
intEmailString SYNTAX-NAME ::= {
LDAP-DESC "Internationalized Email"
DIRECTORY SYNTAX IntEmail
ID id-asx-intEmailString }
jidString SYNTAX-NAME ::= {
LDAP-DESC "Jabber identifier"
DIRECTORY SYNTAX Jid
ID id-asx-jidString }
-- Syntaxes defined under the ldap-syntax OID arc
attributeTypeDescription SYNTAX-NAME ::= {
LDAP-DESC "Attribute Type Description"
DIRECTORY SYNTAX AttributeTypeDescription
ID id-lsx-attributeTypeDescription }
bitString SYNTAX-NAME ::= {
LDAP-DESC "Bit String"
DIRECTORY SYNTAX BIT STRING
ID id-lsx-bitString }
boolean SYNTAX-NAME ::= {
LDAP-DESC "Boolean"
DIRECTORY SYNTAX BOOLEAN
ID id-lsx-boolean }
countryString SYNTAX-NAME ::= {
LDAP-DESC "Country String"
DIRECTORY SYNTAX CountryName
ID id-lsx-countryString }
dn SYNTAX-NAME ::= {
LDAP-DESC "DN"
DIRECTORY SYNTAX DistinguishedName
ID id-lsx-dn }
deliveryMethod SYNTAX-NAME ::= {
LDAP-DESC "Delevery Method"
DIRECTORY SYNTAX PreferredDeliveryMethod
ID id-lsx-deliveryMethod }
directoryString SYNTAX-NAME ::= {
LDAP-DESC "Directory String"
DIRECTORY SYNTAX UnboundedDirectoryString
ID id-lsx-directoryString }
dITContentRuleDescription SYNTAX-NAME ::= {
LDAP-DESC "DIT Content Rule Description"
DIRECTORY SYNTAX DITContentRuleDescription
ID id-lsx-dITContentRuleDescription }
dITStructureRuleDescription SYNTAX-NAME ::= {
LDAP-DESC "DIT StructureRule Description"
DIRECTORY SYNTAX DITStructureRuleDescription
ID id-lsx-dITStructureRuleDescription }
enhancedGuide SYNTAX-NAME ::= {
LDAP-DESC "Enhanced Guide"
DIRECTORY SYNTAX EnhancedGuide
ID id-lsx-enhancedGuide }
facsimileTelephoneNr SYNTAX-NAME ::= {
LDAP-DESC "Facsimile Telephone Number"
DIRECTORY SYNTAX FacsimileTelephoneNumber
ID id-lsx-facsimileTelephoneNr }
fax SYNTAX-NAME ::= {
LDAP-DESC "Fax"
DIRECTORY SYNTAX NULL
ID id-lsx-fax }
generalizedTime SYNTAX-NAME ::= {
LDAP-DESC "Generalized Time"
DIRECTORY SYNTAX GeneralizedTime
ID id-lsx-generalizedTime }
guide SYNTAX-NAME ::= {
LDAP-DESC "Guide"
DIRECTORY SYNTAX Guide
ID id-lsx-guide }
ia5String SYNTAX-NAME ::= {
LDAP-DESC "IA5 String"
DIRECTORY SYNTAX IA5String
ID id-lsx-ia5String }
integer SYNTAX-NAME ::= {
LDAP-DESC "INTEGER"
DIRECTORY SYNTAX INTEGER
ID id-lsx-integer }
jpeg SYNTAX-NAME ::= {
LDAP-DESC "JPEG"
DIRECTORY SYNTAX NULL
ID id-lsx-jpeg }
matchingRuleDescription SYNTAX-NAME ::= {
LDAP-DESC "Matching Rule Description"
DIRECTORY SYNTAX MatchingRuleDescription
ID id-lsx-matchingRuleDescription }
matchingRuleUseDescription SYNTAX-NAME ::= {
LDAP-DESC "Matching Rule Use Description"
DIRECTORY SYNTAX MatchingRuleUseDescription
ID id-lsx-matchingRuleUseDescription }
nameAndOptionalUID SYNTAX-NAME ::= {
LDAP-DESC "Name And Optional UID"
DIRECTORY SYNTAX NameAndOptionalUID
ID id-lsx-nameAndOptionalUID }
nameFormDescription SYNTAX-NAME ::= {
LDAP-DESC "Name Form Description"
DIRECTORY SYNTAX NameFormDescription
ID id-lsx-nameFormDescription }
numericString SYNTAX-NAME ::= {
LDAP-DESC "Numeric String"
DIRECTORY SYNTAX NumericString
ID id-lsx-numericString }
objectClassDescription SYNTAX-NAME ::= {
LDAP-DESC "Object Class Description"
DIRECTORY SYNTAX ObjectClassDescription
ID id-lsx-objectClassDescription }
oid SYNTAX-NAME ::= {
LDAP-DESC "OID"
DIRECTORY SYNTAX OBJECT IDENTIFIER
ID id-lsx-oid }
otherMailbox SYNTAX-NAME ::= {
LDAP-DESC "Other Mailbox"
DIRECTORY SYNTAX NULL
ID id-lsx-otherMailbox }
octetString SYNTAX-NAME ::= {
LDAP-DESC "Octet String"
DIRECTORY SYNTAX OCTET STRING
ID id-lsx-octetString }
postalAddr SYNTAX-NAME ::= {
LDAP-DESC "Postal Address"
DIRECTORY SYNTAX PostalAddress
ID id-lsx-postalAddr }
presentationAddr SYNTAX-NAME ::= {
LDAP-DESC "Presentation Address"
DIRECTORY SYNTAX PresentationAddress
ID id-lsx-presentationAddr }
printableString SYNTAX-NAME ::= {
LDAP-DESC "Printable String"
DIRECTORY SYNTAX PrintableString
ID id-lsx-printableString }
subtreeSpec SYNTAX-NAME ::= {
LDAP-DESC "SubtreeSpecification"
DIRECTORY SYNTAX SubtreeSpecification
ID id-lsx-subtreeSpec }
telephoneNr SYNTAX-NAME ::= {
LDAP-DESC "Telephone Number"
DIRECTORY SYNTAX TelephoneNumber
ID id-lsx-telephoneNr }
telexNr SYNTAX-NAME ::= {
LDAP-DESC "Telex Number"
DIRECTORY SYNTAX TelexNumber
ID id-lsx-telexNr }
utcTime SYNTAX-NAME ::= {
LDAP-DESC "UTC Time"
DIRECTORY SYNTAX UTCTime
ID id-lsx-utcTime }
ldapSyntaxDescription SYNTAX-NAME ::= {
LDAP-DESC "LDAP Syntax Description"
DIRECTORY SYNTAX NULL
ID id-lsx-ldapSyntaxDescription }
substringAssertion SYNTAX-NAME ::= {
LDAP-DESC "Substring Assertion"
DIRECTORY SYNTAX SubstringAssertion
ID id-lsx-substringAssertion }
-- Contexts
languageContext CONTEXT ::= {
WITH SYNTAX LanguageContextSyntax
ID id-avc-language }
LanguageContextSyntax ::= PrintableString(SIZE (2..3)) -- ISO 639-2 codes only
temporalContext CONTEXT ::= {
WITH SYNTAX TimeSpecification
ASSERTED AS TimeAssertion
ID id-avc-temporal }
TimeSpecification ::= SEQUENCE {
time CHOICE {
absolute SEQUENCE {
startTime [0] GeneralizedTime OPTIONAL,
endTime [1] GeneralizedTime OPTIONAL,
... },
periodic SET SIZE (1..MAX) OF Period},
notThisTime BOOLEAN DEFAULT FALSE,
timeZone TimeZone OPTIONAL,
... }
Period ::= SEQUENCE {
timesOfDay [0] SET SIZE (1..MAX) OF DayTimeBand OPTIONAL,
days [1] CHOICE {
intDay SET OF INTEGER,
bitDay BIT STRING {
sunday (0),
monday (1),
tuesday (2),
wednesday (3),
thursday (4),
friday (5),
saturday (6)},
dayOf XDayOf,
...} OPTIONAL,
weeks [2] CHOICE {
allWeeks NULL,
intWeek SET OF INTEGER,
bitWeek BIT STRING {
week1 (0),
week2 (1),
week3 (2),
week4 (3),
week5 (4)},
... } OPTIONAL,
months [3] CHOICE {
allMonths NULL,
intMonth SET OF INTEGER,
bitMonth BIT STRING {
january (0),
february (1),
march (2),
april (3),
may (4),
june (5),
july (6),
august (7),
september (8),
october (9),
november (10),
december (11)},
...} OPTIONAL,
years [4] SET OF INTEGER(1000..MAX) OPTIONAL,
... }
XDayOf ::= CHOICE {
first [1] NamedDay,
second [2] NamedDay,
third [3] NamedDay,
fourth [4] NamedDay,
fifth [5] NamedDay }
NamedDay ::= CHOICE {
intNamedDays ENUMERATED {
sunday (1),
monday (2),
tuesday (3),
wednesday (4),
thursday (5),
friday (6),
saturday (7)},
bitNamedDays BIT STRING {
sunday (0),
monday (1),
tuesday (2),
wednesday (3),
thursday (4),
friday (5),
saturday (6)} }
DayTimeBand ::= SEQUENCE {
startDayTime [0] DayTime DEFAULT {hour 0},
endDayTime [1] DayTime DEFAULT {hour 23, minute 59, second 59},
... }
DayTime ::= SEQUENCE {
hour [0] INTEGER(0..23),
minute [1] INTEGER(0..59) DEFAULT 0,
second [2] INTEGER(0..59) DEFAULT 0,
... }
TimeZone ::= INTEGER(-12..12)
TimeAssertion ::= CHOICE {
now NULL,
at GeneralizedTime,
between SEQUENCE {
startTime [0] GeneralizedTime,
endTime [1] GeneralizedTime OPTIONAL,
entirely BOOLEAN DEFAULT FALSE,
...},
... }
localeContext CONTEXT ::= {
WITH SYNTAX LocaleContextSyntax
ID id-avc-locale }
LocaleContextSyntax ::= CHOICE {
localeID1 OBJECT IDENTIFIER,
localeID2 UnboundedDirectoryString,
... }
ldapAttributeOptionContext CONTEXT ::= {
WITH SYNTAX AttributeOptionList
ASSERTED AS AttributeOptionList
ABSENT-MATCH FALSE
ID id-avc-ldapAttributeOption }
AttributeOptionList ::= SEQUENCE OF UTF8String
-- Object identifier assignments
-- object identifiers assigned in other modules are shown in comments
-- Attributes
-- id-at-objectClass OBJECT IDENTIFIER ::= {id-at 0}
-- id-at-aliasedEntryName OBJECT IDENTIFIER ::= {id-at 1}
-- id-at-encryptedAliasedEntryName OBJECT IDENTIFIER ::= {id-at 1 2}
id-at-knowledgeInformation OBJECT IDENTIFIER ::= {id-at 2}
id-at-commonName OBJECT IDENTIFIER ::= {id-at 3}
-- id-at-encryptedCommonName OBJECT IDENTIFIER ::= {id-at 3 2}
id-at-surname OBJECT IDENTIFIER ::= {id-at 4}
-- id-at-encryptedSurname OBJECT IDENTIFIER ::= {id-at 4 2}
id-at-serialNumber OBJECT IDENTIFIER ::= {id-at 5}
-- id-at-encryptedSerialNumber OBJECT IDENTIFIER ::= {id-at 5 2}
id-at-countryName OBJECT IDENTIFIER ::= {id-at 6}
-- id-at-encryptedCountryName OBJECT IDENTIFIER ::= {id-at 6 2}
id-at-localityName OBJECT IDENTIFIER ::= {id-at 7}
-- id-at-encryptedLocalityName OBJECT IDENTIFIER ::= {id-at 7 2}
id-at-collectiveLocalityName OBJECT IDENTIFIER ::= {id-at 7 1}
-- id-at-encryptedCollectiveLocalityName OBJECT IDENTIFIER ::= {id-at 7 1 2}
id-at-stateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8}
-- id-at-encryptedStateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8 2}
id-at-collectiveStateOrProvinceName OBJECT IDENTIFIER ::= {id-at 8 1}
-- id-at-encryptedCollectiveStateOrProvinceName
-- OBJECT IDENTIFIER ::= {id-at 8 1 2}
id-at-streetAddress OBJECT IDENTIFIER ::= {id-at 9}
-- id-at-encryptedStreetAddress OBJECT IDENTIFIER ::= {id-at 9 2}
id-at-collectiveStreetAddress OBJECT IDENTIFIER ::= {id-at 9 1}
-- id-at-encryptedCollectiveStreetAddress OBJECT IDENTIFIER ::= {id-at 9 1 2}
id-at-organizationName OBJECT IDENTIFIER ::= {id-at 10}
-- id-at-encryptedOrganizationName OBJECT IDENTIFIER ::= {id-at 10 2}
id-at-collectiveOrganizationName OBJECT IDENTIFIER ::= {id-at 10 1}
-- id-at-encryptedCollectiveOrganizationName
-- OBJECT IDENTIFIER ::= {id-at 10 1 2}
id-at-organizationalUnitName OBJECT IDENTIFIER ::= {id-at 11}
-- id-at-encryptedOrganizationalUnitName OBJECT IDENTIFIER ::= {id-at 11 2}
id-at-collectiveOrganizationalUnitName OBJECT IDENTIFIER ::= {id-at 11 1}
-- id-at-encryptedCollectiveOrganizationalUnitNam
-- OBJECT IDENTIFIER ::= {id-at 11 1 2}
id-at-title OBJECT IDENTIFIER ::= {id-at 12}
-- id-at-encryptedTitle OBJECT IDENTIFIER ::= {id-at 12 2}
id-at-description OBJECT IDENTIFIER ::= {id-at 13}
-- id-at-encryptedDescription OBJECT IDENTIFIER ::= {id-at 13 2}
id-at-searchGuide OBJECT IDENTIFIER ::= {id-at 14}
-- id-at-encryptedSearchGuide OBJECT IDENTIFIER ::= {id-at 14 2}
id-at-businessCategory OBJECT IDENTIFIER ::= {id-at 15}
-- id-at-encryptedBusinessCategory OBJECT IDENTIFIER ::= {id-at 15 2}
id-at-postalAddress OBJECT IDENTIFIER ::= {id-at 16}
-- id-at-encryptedPostalAddress OBJECT IDENTIFIER ::= {id-at 16 2}
id-at-collectivePostalAddress OBJECT IDENTIFIER ::= {id-at 16 1}
-- id-at-encryptedCollectivePostalAddress OBJECT IDENTIFIER ::= {id-at 16 1 2}
id-at-postalCode OBJECT IDENTIFIER ::= {id-at 17}
-- id-at-encryptedPostalCode OBJECT IDENTIFIER ::= {id-at 17 2}
id-at-collectivePostalCode OBJECT IDENTIFIER ::= {id-at 17 1}
-- id-at-encryptedCollectivePostalCode OBJECT IDENTIFIER ::= {id-at 17 1 2}
id-at-postOfficeBox OBJECT IDENTIFIER ::= {id-at 18}
id-at-collectivePostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 1}
-- id-at-encryptedPostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 2}
-- id-at-encryptedCollectivePostOfficeBox OBJECT IDENTIFIER ::= {id-at 18 1 2}
id-at-physicalDeliveryOfficeName OBJECT IDENTIFIER ::= {id-at 19}
id-at-collectivePhysicalDeliveryOfficeName
OBJECT IDENTIFIER ::= {id-at 19 1}
-- id-at-encryptedPhysicalDeliveryOfficeName
-- OBJECT IDENTIFIER ::= {id-at 19 2}
-- id-at-encryptedCollectivePhysicalDeliveryOfficeName
-- OBJECT IDENTIFIER ::= {id-at 19 1 2}
id-at-telephoneNumber OBJECT IDENTIFIER ::= {id-at 20}
-- id-at-encryptedTelephoneNumber OBJECT IDENTIFIER ::= {id-at 20 2}
id-at-collectiveTelephoneNumber OBJECT IDENTIFIER ::= {id-at 20 1}
-- id-at-encryptedCollectiveTelephoneNumber
-- OBJECT IDENTIFIER ::= {id-at 20 1 2}
id-at-telexNumber OBJECT IDENTIFIER ::= {id-at 21}
-- id-at-encryptedTelexNumber OBJECT IDENTIFIER ::= {id-at 21 2}
id-at-collectiveTelexNumber OBJECT IDENTIFIER ::= {id-at 21 1}
-- id-at-encryptedCollectiveTelexNumber OBJECT IDENTIFIER ::= {id-at 21 1 2}
-- id-at-teletexTerminalIdentifier OBJECT IDENTIFIER ::= {id-at 22}
-- id-at-encryptedTeletexTerminalIdentifier
-- OBJECT IDENTIFIER ::= {id-at 22 2}
-- id-at-collectiveTeletexTerminalIdentifier
-- OBJECT IDENTIFIER ::= {id-at 22 1}
-- id-at-encryptedCollectiveTeletexTerminalIdentifier
-- OBJECT IDENTIFIER ::= {id-at 22 1 2}
id-at-facsimileTelephoneNumber OBJECT IDENTIFIER ::= {id-at 23}
-- id-at-encryptedFacsimileTelephoneNumber
-- OBJECT IDENTIFIER ::= {id-at 23 2}
id-at-collectiveFacsimileTelephoneNumber OBJECT IDENTIFIER ::= {id-at 23 1}
-- id-at-encryptedCollectiveFacsimileTelephoneNumber
-- OBJECT IDENTIFIER ::= {id-at 23 1 2}
id-at-x121Address OBJECT IDENTIFIER ::= {id-at 24}
-- id-at-encryptedX121Address OBJECT IDENTIFIER ::= {id-at 24 2}
id-at-internationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25}
-- id-at-encryptedInternationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25 2}
id-at-collectiveInternationalISDNNumber OBJECT IDENTIFIER ::= {id-at 25 1}
-- id-at-encryptedCollectiveInternationalISDNNumber
-- OBJECT IDENTIFIER ::= {id-at 25 1 2}
id-at-registeredAddress OBJECT IDENTIFIER ::= {id-at 26}
-- id-at-encryptedRegisteredAddress OBJECT IDENTIFIER ::= {id-at 26 2}
id-at-destinationIndicator OBJECT IDENTIFIER ::= {id-at 27}
-- id-at-encryptedDestinationIndicator OBJECT IDENTIFIER ::= {id-at 27 2}
id-at-preferredDeliveryMethod OBJECT IDENTIFIER ::= {id-at 28}
-- id-at-encryptedPreferredDeliveryMethod OBJECT IDENTIFIER ::= {id-at 28 2}
id-at-presentationAddress OBJECT IDENTIFIER ::= {id-at 29}
-- id-at-encryptedPresentationAddress OBJECT IDENTIFIER ::= {id-at 29 2}
id-at-supportedApplicationContext OBJECT IDENTIFIER ::= {id-at 30}
-- id-at-encryptedSupportedApplicationContext
-- OBJECT IDENTIFIER ::= {id-at 30 2}
id-at-member OBJECT IDENTIFIER ::= {id-at 31}
-- id-at-encryptedMember OBJECT IDENTIFIER ::= {id-at 31 2}
id-at-owner OBJECT IDENTIFIER ::= {id-at 32}
-- id-at-encryptedOwner OBJECT IDENTIFIER ::= {id-at 32 2}
id-at-roleOccupant OBJECT IDENTIFIER ::= {id-at 33}
-- id-at-encryptedRoleOccupant OBJECT IDENTIFIER ::= {id-at 33 2}
id-at-seeAlso OBJECT IDENTIFIER ::= {id-at 34}
-- id-at-encryptedSeeAlso OBJECT IDENTIFIER ::= {id-at 34 2}
-- id-at-userPassword OBJECT IDENTIFIER ::= {id-at 35} X.509|Part 8
-- id-at-encryptedUserPassword OBJECT IDENTIFIER ::= {id-at 35 2}
-- id-at-userCertificate OBJECT IDENTIFIER ::= {id-at 36} X.509|Part 8
-- id-at-encryptedUserCertificate OBJECT IDENTIFIER ::= {id-at 36 2}
-- id-at-cACertificate OBJECT IDENTIFIER ::= {id-at 37} X.509|Part 8
-- id-at-encryptedCACertificate OBJECT IDENTIFIER ::= {id-at 37 2}
-- id-at-authorityRevocationList OBJECT IDENTIFIER ::= {id-at 38} X.509|Part 8
-- id-at-encryptedAuthorityRevocationList OBJECT IDENTIFIER ::= {id-at 38 2}
-- id-at-certificateRevocationList OBJECT IDENTIFIER ::= {id-at 39} X.509|Part 8
-- id-at-encryptedCertificateRevocationList
-- OBJECT IDENTIFIER ::= {id-at 39 2}
-- id-at-crossCertificatePair OBJECT IDENTIFIER ::= {id-at 40} X.509|Part 8
-- id-at-encryptedCrossCertificatePair OBJECT IDENTIFIER ::= {id-at 40 2}
id-at-name OBJECT IDENTIFIER ::= {id-at 41}
id-at-givenName OBJECT IDENTIFIER ::= {id-at 42}
-- id-at-encryptedGivenName OBJECT IDENTIFIER ::= {id-at 42 2}
id-at-initials OBJECT IDENTIFIER ::= {id-at 43}
-- id-at-encryptedInitials OBJECT IDENTIFIER ::= {id-at 43 2}
id-at-generationQualifier OBJECT IDENTIFIER ::= {id-at 44}
-- id-at-encryptedGenerationQualifier OBJECT IDENTIFIER ::= {id-at 44 2}
id-at-uniqueIdentifier OBJECT IDENTIFIER ::= {id-at 45}
-- id-at-encryptedUniqueIdentifier OBJECT IDENTIFIER ::= {id-at 45 2}
id-at-dnQualifier OBJECT IDENTIFIER ::= {id-at 46}
-- id-at-encryptedDnQualifier OBJECT IDENTIFIER ::= {id-at 46 2}
id-at-enhancedSearchGuide OBJECT IDENTIFIER ::= {id-at 47}
-- id-at-encryptedEnhancedSearchGuide OBJECT IDENTIFIER ::= {id-at 47 2}
id-at-protocolInformation OBJECT IDENTIFIER ::= {id-at 48}
-- id-at-encryptedProtocolInformation OBJECT IDENTIFIER ::= {id-at 48 2}
id-at-distinguishedName OBJECT IDENTIFIER ::= {id-at 49}
-- id-at-encryptedDistinguishedName OBJECT IDENTIFIER ::= {id-at 49 2}
id-at-uniqueMember OBJECT IDENTIFIER ::= {id-at 50}
-- id-at-encryptedUniqueMember OBJECT IDENTIFIER ::= {id-at 50 2}
id-at-houseIdentifier OBJECT IDENTIFIER ::= {id-at 51}
-- id-at-encryptedHouseIdentifier OBJECT IDENTIFIER ::= {id-at 51 2}
-- id-at-supportedAlgorithms OBJECT IDENTIFIER ::= {id-at 52} X.509|Part 8
-- id-at-encryptedSupportedAlgorithms OBJECT IDENTIFIER ::= {id-at 52 2}
-- id-at-deltaRevocationList OBJECT IDENTIFIER ::= {id-at 53} X.509|Part 8
-- id-at-encryptedDeltaRevocationList OBJECT IDENTIFIER ::= {id-at 53 2}
id-at-dmdName OBJECT IDENTIFIER ::= {id-at 54}
-- id-at-encryptedDmdName OBJECT IDENTIFIER ::= {id-at 54 2}
-- id-at-clearance OBJECT IDENTIFIER ::= {id-at 55}
-- id-at-encryptedClearance OBJECT IDENTIFIER ::= {id-at 55 2}
-- id-at-defaultDirQop OBJECT IDENTIFIER ::= {id-at 56}
-- id-at-encryptedDefaultDirQop OBJECT IDENTIFIER ::= {id-at 56 2}
-- id-at-attributeIntegrityInfo OBJECT IDENTIFIER ::= {id-at 57}
-- id-at-encryptedAttributeIntegrityInfo OBJECT IDENTIFIER ::= {id-at 57 2}
-- id-at-attributeCertificate OBJECT IDENTIFIER ::= {id-at 58} X.509|Part 8
-- id-at-encryptedAttributeCertificate OBJECT IDENTIFIER ::= {id-at 58 2}
-- id-at-attributeCertificateRevocationList
-- OBJECT IDENTIFIER ::= {id-at 59} X.509|Part 8
-- id-at-encryptedAttributeCertificateRevocationList
-- OBJECT IDENTIFIER ::= {id-at 59 2}
-- id-at-confKeyInfo OBJECT IDENTIFIER ::= {id-at 60}
-- id-at-encryptedConfKeyInfo OBJECT IDENTIFIER ::= {id-at 60 2}
-- id-at-aACertificate OBJECT IDENTIFIER ::= {id-at 61} X.509|Part 8
-- id-at-attributeDescriptorCertificate OBJECT IDENTIFIER ::= {id-at 62} X.509|Part 8
-- id-at-attributeAuthorityRevocationList OBJECT IDENTIFIER ::= {id-at 63} X.509|Part 8
-- id-at-family-information OBJECT IDENTIFIER ::= {id-at 64}
id-at-pseudonym OBJECT IDENTIFIER ::= {id-at 65}
id-at-communicationsService OBJECT IDENTIFIER ::= {id-at 66}
id-at-communicationsNetwork OBJECT IDENTIFIER ::= {id-at 67}
-- id-at-certificationPracticeStmt OBJECT IDENTIFIER ::= {id-at 68} X.509|Part 8
-- id-at-certificatePolicy OBJECT IDENTIFIER ::= {id-at 69} X.509|Part 8
-- id-at-pkiPath OBJECT IDENTIFIER ::= {id-at 70} X.509|Part 8
-- id-at-privPolicy OBJECT IDENTIFIER ::= {id-at 71} X.509|Part 8
-- id-at-role OBJECT IDENTIFIER ::= {id-at 72} X.509|Part 8
-- id-at-delegationPath OBJECT IDENTIFIER ::= {id-at 73} X.509|Part 8
-- id-at-protPrivPolicy OBJECT IDENTIFIER ::= {id-at 74} X.509|Part 8
-- id-at-xMLPrivilegeInfo OBJECT IDENTIFIER ::= {id-at 75} X.509|Part 8
-- id-at-xmlPrivPolicy OBJECT IDENTIFIER ::= {id-at 76} X.509|Part 8
id-at-uuidpair OBJECT IDENTIFIER ::= {id-at 77}
id-at-tagOid OBJECT IDENTIFIER ::= {id-at 78}
id-at-uiiFormat OBJECT IDENTIFIER ::= {id-at 79}
id-at-uiiInUrn OBJECT IDENTIFIER ::= {id-at 80}
id-at-contentUrl OBJECT IDENTIFIER ::= {id-at 81}
-- id-at-permission OBJECT IDENTIFIER ::= {id-at 82} X.509|Part 8
id-at-uri OBJECT IDENTIFIER ::= {id-at 83}
-- id-at-pwdAttribute OBJECT IDENTIFIER ::= {id-at 84} X.501|Part 2
-- id-at-userPwd OBJECT IDENTIFIER ::= {id-at 85} Annex B
id-at-urn OBJECT IDENTIFIER ::= {id-at 86}
id-at-url OBJECT IDENTIFIER ::= {id-at 87}
id-at-utmCoordinates OBJECT IDENTIFIER ::= {id-at 88}
id-at-urnC OBJECT IDENTIFIER ::= {id-at 89}
id-at-uii OBJECT IDENTIFIER ::= {id-at 90}
id-at-epc OBJECT IDENTIFIER ::= {id-at 91}
id-at-tagAfi OBJECT IDENTIFIER ::= {id-at 92}
id-at-epcFormat OBJECT IDENTIFIER ::= {id-at 93}
id-at-epcInUrn OBJECT IDENTIFIER ::= {id-at 94}
id-at-ldapUrl OBJECT IDENTIFIER ::= {id-at 95}
id-at-tagLocation OBJECT IDENTIFIER ::= {id-at 96}
id-at-organizationIdentifier OBJECT IDENTIFIER ::= {id-at 97}
id-at-countryCode3c OBJECT IDENTIFIER ::= {id-at 98}
id-at-countryCode3n OBJECT IDENTIFIER ::= {id-at 99}
id-at-dnsName OBJECT IDENTIFIER ::= {id-at 100}
--id-at-eepkCertificatRevocationList OBJECT IDENTIFIER ::= {id-at 101} X.509|Part 8
--id-at-eeAttrCertificateRevocationList OBJECT IDENTIFIER ::= {id-at 102} X.509|Part 8
--id-at-supportedPublicKeyAlgorithms OBJECT IDENTIFIER ::= {id-at 103} X.509|Part 8
id-at-intEmail OBJECT IDENTIFIER ::= {id-at 104}
id-at-jid OBJECT IDENTIFIER ::= {id-at 105}
id-at-objectIdentifier OBJECT IDENTIFIER ::= {id-at 106}
-- id-asx-userPwdDescription OBJECT IDENTIFIER ::= {id-asx 0}
-- id-asx-pwdVocabularyDescription OBJECT IDENTIFIER ::= {id-asx 1}
-- id-asx-pwdAlphabetDescription OBJECT IDENTIFIER ::= {id-asx 2}
-- id-asx-pwdEncAlgDescription OBJECT IDENTIFIER ::= {id-asx 3}
id-asx-utmCoords OBJECT IDENTIFIER ::= {id-asx 4}
id-asx-uiiForm OBJECT IDENTIFIER ::= {id-asx 5}
id-asx-epcForm OBJECT IDENTIFIER ::= {id-asx 6}
id-asx-countryString3c OBJECT IDENTIFIER ::= {id-asx 7}
id-asx-countryString3n OBJECT IDENTIFIER ::= {id-asx 8}
id-asx-dnsString OBJECT IDENTIFIER ::= {id-asx 9}
-- id-asx-x509SupportedPublicKeyAlgorithms
-- OBJECT IDENTIFIER ::= {id-asx 10} X.509|Part 8
id-asx-intEmailString OBJECT IDENTIFIER ::= {id-asx 11}
id-asx-jidString OBJECT IDENTIFIER ::= {id-asx 12}
id-lsx-attributeTypeDescription OBJECT IDENTIFIER ::= {id-lsx 3}
id-lsx-bitString OBJECT IDENTIFIER ::= {id-lsx 6}
id-lsx-boolean OBJECT IDENTIFIER ::= {id-lsx 7}
-- id-lsx-x509Certificate OBJECT IDENTIFIER ::= {id-lsx 8} X.509|Part 8
-- id-lsx-x509CertificateList OBJECT IDENTIFIER ::= {id-lsx 9} X.509|Part 8
-- id-lsx-x509CertificatePair OBJECT IDENTIFIER ::= {id-lsx 10} X.509|Part 8
id-lsx-countryString OBJECT IDENTIFIER ::= {id-lsx 11}
id-lsx-dn OBJECT IDENTIFIER ::= {id-lsx 12}
id-lsx-deliveryMethod OBJECT IDENTIFIER ::= {id-lsx 14}
id-lsx-directoryString OBJECT IDENTIFIER ::= {id-lsx 15}
id-lsx-dITContentRuleDescription OBJECT IDENTIFIER ::= {id-lsx 16}
id-lsx-dITStructureRuleDescription OBJECT IDENTIFIER ::= {id-lsx 17}
id-lsx-enhancedGuide OBJECT IDENTIFIER ::= {id-lsx 21}
id-lsx-facsimileTelephoneNr OBJECT IDENTIFIER ::= {id-lsx 22}
id-lsx-fax OBJECT IDENTIFIER ::= {id-lsx 23}
id-lsx-generalizedTime OBJECT IDENTIFIER ::= {id-lsx 24}
id-lsx-guide OBJECT IDENTIFIER ::= {id-lsx 25}
id-lsx-ia5String OBJECT IDENTIFIER ::= {id-lsx 26}
id-lsx-integer OBJECT IDENTIFIER ::= {id-lsx 27}
id-lsx-jpeg OBJECT IDENTIFIER ::= {id-lsx 28}
id-lsx-matchingRuleDescription OBJECT IDENTIFIER ::= {id-lsx 30}
id-lsx-matchingRuleUseDescription OBJECT IDENTIFIER ::= {id-lsx 31}
id-lsx-nameAndOptionalUID OBJECT IDENTIFIER ::= {id-lsx 34}
id-lsx-nameFormDescription OBJECT IDENTIFIER ::= {id-lsx 35}
id-lsx-numericString OBJECT IDENTIFIER ::= {id-lsx 36}
id-lsx-objectClassDescription OBJECT IDENTIFIER ::= {id-lsx 37}
id-lsx-oid OBJECT IDENTIFIER ::= {id-lsx 38}
id-lsx-otherMailbox OBJECT IDENTIFIER ::= {id-lsx 39}
id-lsx-octetString OBJECT IDENTIFIER ::= {id-lsx 40}
id-lsx-postalAddr OBJECT IDENTIFIER ::= {id-lsx 41}
id-lsx-presentationAddr OBJECT IDENTIFIER ::= {id-lsx 43}
id-lsx-printableString OBJECT IDENTIFIER ::= {id-lsx 44}
id-lsx-subtreeSpec OBJECT IDENTIFIER ::= {id-lsx 45}
-- id-lsx-x509SupportedAlgorithm OBJECT IDENTIFIER ::= {id-lsx 49} X.509|Part 8
id-lsx-telephoneNr OBJECT IDENTIFIER ::= {id-lsx 50}
id-lsx-telexNr OBJECT IDENTIFIER ::= {id-lsx 52}
id-lsx-utcTime OBJECT IDENTIFIER ::= {id-lsx 53}
id-lsx-ldapSyntaxDescription OBJECT IDENTIFIER ::= {id-lsx 54}
id-lsx-substringAssertion OBJECT IDENTIFIER ::= {id-lsx 58}
-- id-lsx-x509SupportedPublicKeyAlgos OBJECT IDENTIFIER ::= {id-lsx 59}
-- Object identifiers for LDAP X.509 assertion syntaxes
-- id-ldx-certExactAssertion OBJECT IDENTIFIER ::= {id-ldx 1} X.509|Part 8
-- id-ldx-certAssertion OBJECT IDENTIFIER ::= {id-ldx 2} X.509|Part 8
-- id-ldx-certPairExactAssertion OBJECT IDENTIFIER ::= {id-ldx 3} X.509|Part 8
-- id-ldx-certPairAssertion OBJECT IDENTIFIER ::= {id-ldx 4} X.509|Part 8
-- id-ldx-certListExactAssertion OBJECT IDENTIFIER ::= {id-ldx 5} X.509|Part 8
-- id-ldx-certListAssertion OBJECT IDENTIFIER ::= {id-ldx 6} X.509|Part 8
-- id-ldx-algorithmIdentifier OBJECT IDENTIFIER ::= {id-ldx 7} X.509|Part 8
-- id-lsx-x509SupportedPublicKeyAlgorithms
id-oidC1 OBJECT IDENTIFIER ::= {id 0}
id-oidC2 OBJECT IDENTIFIER ::= {id 1}
id-oidC OBJECT IDENTIFIER ::= {id 2}
-- Control attributes
id-cat-sequenceMatchType OBJECT IDENTIFIER ::= {id-cat 1}
id-cat-wordMatchType OBJECT IDENTIFIER ::= {id-cat 2}
id-cat-characterMatchTypes OBJECT IDENTIFIER ::= {id-cat 3}
id-cat-selectedContexts OBJECT IDENTIFIER ::= {id-cat 4}
-- Notification attributes
id-not-dSAProblem OBJECT IDENTIFIER ::= {id-not 0}
id-not-searchServiceProblem OBJECT IDENTIFIER ::= {id-not 1}
id-not-serviceType OBJECT IDENTIFIER ::= {id-not 2}
id-not-attributeTypeList OBJECT IDENTIFIER ::= {id-not 3}
id-not-matchingRuleList OBJECT IDENTIFIER ::= {id-not 4}
id-not-filterItem OBJECT IDENTIFIER ::= {id-not 5}
id-not-attributeCombinations OBJECT IDENTIFIER ::= {id-not 6}
id-not-contextTypeList OBJECT IDENTIFIER ::= {id-not 7}
id-not-contextList OBJECT IDENTIFIER ::= {id-not 8}
id-not-contextCombinations OBJECT IDENTIFIER ::= {id-not 9}
id-not-hierarchySelectList OBJECT IDENTIFIER ::= {id-not 10}
id-not-searchControlOptionsList OBJECT IDENTIFIER ::= {id-not 11}
id-not-serviceControlOptionsList OBJECT IDENTIFIER ::= {id-not 12}
id-not-multipleMatchingLocalities OBJECT IDENTIFIER ::= {id-not 13}
id-not-proposedRelaxation OBJECT IDENTIFIER ::= {id-not 14}
id-not-appliedRelaxation OBJECT IDENTIFIER ::= {id-not 15}
id-not-pwdResponse OBJECT IDENTIFIER ::= {id-not 16}
id-not-ldapDiagnosticMsg OBJECT IDENTIFIER ::= {id-not 17}
-- Problem definitions
id-pr-targetDsaUnavailable OBJECT IDENTIFIER ::= {id-pr 1}
id-pr-dataSourceUnavailable OBJECT IDENTIFIER ::= {id-pr 2}
id-pr-unidentifiedOperation OBJECT IDENTIFIER ::= {id-pr 3}
id-pr-unavailableOperation OBJECT IDENTIFIER ::= {id-pr 4}
id-pr-searchAttributeViolation OBJECT IDENTIFIER ::= {id-pr 5}
id-pr-searchAttributeCombinationViolation OBJECT IDENTIFIER ::= {id-pr 6}
id-pr-searchValueNotAllowed OBJECT IDENTIFIER ::= {id-pr 7}
id-pr-missingSearchAttribute OBJECT IDENTIFIER ::= {id-pr 8}
id-pr-searchValueViolation OBJECT IDENTIFIER ::= {id-pr 9}
id-pr-attributeNegationViolation OBJECT IDENTIFIER ::= {id-pr 10}
id-pr-searchValueRequired OBJECT IDENTIFIER ::= {id-pr 11}
id-pr-invalidSearchValue OBJECT IDENTIFIER ::= {id-pr 12}
id-pr-searchContextViolation OBJECT IDENTIFIER ::= {id-pr 13}
id-pr-searchContextCombinationViolation OBJECT IDENTIFIER ::= {id-pr 14}
id-pr-missingSearchContext OBJECT IDENTIFIER ::= {id-pr 15}
id-pr-searchContextValueViolation OBJECT IDENTIFIER ::= {id-pr 16}
id-pr-searchContextValueRequired OBJECT IDENTIFIER ::= {id-pr 17}
id-pr-invalidContextSearchValue OBJECT IDENTIFIER ::= {id-pr 18}
id-pr-unsupportedMatchingRule OBJECT IDENTIFIER ::= {id-pr 19}
id-pr-attributeMatchingViolation OBJECT IDENTIFIER ::= {id-pr 20}
id-pr-unsupportedMatchingUse OBJECT IDENTIFIER ::= {id-pr 21}
id-pr-matchingUseViolation OBJECT IDENTIFIER ::= {id-pr 22}
id-pr-hierarchySelectForbidden OBJECT IDENTIFIER ::= {id-pr 23}
id-pr-invalidHierarchySelect OBJECT IDENTIFIER ::= {id-pr 24}
id-pr-unavailableHierarchySelect OBJECT IDENTIFIER ::= {id-pr 25}
id-pr-invalidSearchControlOptions OBJECT IDENTIFIER ::= {id-pr 26}
id-pr-invalidServiceControlOptions OBJECT IDENTIFIER ::= {id-pr 27}
id-pr-searchSubsetViolation OBJECT IDENTIFIER ::= {id-pr 28}
id-pr-unmatchedKeyAttributes OBJECT IDENTIFIER ::= {id-pr 29}
id-pr-ambiguousKeyAttributes OBJECT IDENTIFIER ::= {id-pr 30}
id-pr-unavailableRelaxationLevel OBJECT IDENTIFIER ::= {id-pr 31}
id-pr-emptyHierarchySelection OBJECT IDENTIFIER ::= {id-pr 32}
id-pr-administratorImposedLimit OBJECT IDENTIFIER ::= {id-pr 33}
id-pr-permanentRestriction OBJECT IDENTIFIER ::= {id-pr 34}
id-pr-temporaryRestriction OBJECT IDENTIFIER ::= {id-pr 35}
id-pr-relaxationNotSupported OBJECT IDENTIFIER ::= {id-pr 36}
id-coat-uid OBJECT IDENTIFIER ::= {id-coat 1}
id-coat-dc OBJECT IDENTIFIER ::= {id-coat 25}
-- Matching rules
-- id-mr-objectIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 0} X.501|Part2
-- id-mr-distinguishedNameMatch OBJECT IDENTIFIER ::= {id-mr 1} X.501|Part2
id-mr-caseIgnoreMatch OBJECT IDENTIFIER ::= {id-mr 2}
id-mr-caseIgnoreOrderingMatch OBJECT IDENTIFIER ::= {id-mr 3}
id-mr-caseIgnoreSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 4}
id-mr-caseExactMatch OBJECT IDENTIFIER ::= {id-mr 5}
id-mr-caseExactOrderingMatch OBJECT IDENTIFIER ::= {id-mr 6}
id-mr-caseExactSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 7}
id-mr-numericStringMatch OBJECT IDENTIFIER ::= {id-mr 8}
id-mr-numericStringOrderingMatch OBJECT IDENTIFIER ::= {id-mr 9}
id-mr-numericStringSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 10}
id-mr-caseIgnoreListMatch OBJECT IDENTIFIER ::= {id-mr 11}
id-mr-caseIgnoreListSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 12}
id-mr-booleanMatch OBJECT IDENTIFIER ::= {id-mr 13}
id-mr-integerMatch OBJECT IDENTIFIER ::= {id-mr 14}
id-mr-integerOrderingMatch OBJECT IDENTIFIER ::= {id-mr 15}
id-mr-bitStringMatch OBJECT IDENTIFIER ::= {id-mr 16}
id-mr-octetStringMatch OBJECT IDENTIFIER ::= {id-mr 17}
id-mr-octetStringOrderingMatch OBJECT IDENTIFIER ::= {id-mr 18}
id-mr-octetStringSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 19}
id-mr-telephoneNumberMatch OBJECT IDENTIFIER ::= {id-mr 20}
id-mr-telephoneNumberSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 21}
id-mr-presentationAddressMatch OBJECT IDENTIFIER ::= {id-mr 22}
id-mr-uniqueMemberMatch OBJECT IDENTIFIER ::= {id-mr 23}
id-mr-protocolInformationMatch OBJECT IDENTIFIER ::= {id-mr 24}
id-mr-uTCTimeMatch OBJECT IDENTIFIER ::= {id-mr 25}
id-mr-uTCTimeOrderingMatch OBJECT IDENTIFIER ::= {id-mr 26}
id-mr-generalizedTimeMatch OBJECT IDENTIFIER ::= {id-mr 27}
id-mr-generalizedTimeOrderingMatch OBJECT IDENTIFIER ::= {id-mr 28}
id-mr-integerFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 29}
id-mr-objectIdentifierFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 30}
id-mr-directoryStringFirstComponentMatch OBJECT IDENTIFIER ::= {id-mr 31}
id-mr-wordMatch OBJECT IDENTIFIER ::= {id-mr 32}
id-mr-keywordMatch OBJECT IDENTIFIER ::= {id-mr 33}
-- id-mr-certificateExactMatch OBJECT IDENTIFIER ::= {id-mr 34} X.509|Part8
-- id-mr-certificateMatch OBJECT IDENTIFIER ::= {id-mr 35} X.509|Part8
-- id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= {id-mr 36} X.509|Part8
-- id-mr-certificatePairMatch OBJECT IDENTIFIER ::= {id-mr 37} X.509|Part8
-- id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= {id-mr 38} X.509|Part8
-- id-mr-certificateListMatch OBJECT IDENTIFIER ::= {id-mr 39} X.509|Part8
-- id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 40} X.509|Part8
id-mr-storedPrefixMatch OBJECT IDENTIFIER ::= {id-mr 41}
-- id-mr-attributeCertificateMatch OBJECT IDENTIFIER ::= {id-mr 42} X.509|Part8
-- id-mr-readerAndKeyIDMatch OBJECT IDENTIFIER ::= {id-mr 43}
-- id-mr-attributeIntegrityMatch OBJECT IDENTIFIER ::= {id-mr 44}
-- id-mr-attributeCertificateExactMatch OBJECT IDENTIFIER ::= {id-mr 45} X.509|Part8
-- id-mr-holderIssuerMatch OBJECT IDENTIFIER ::= {id-mr 46} X.509|Part8
id-mr-systemProposedMatch OBJECT IDENTIFIER ::= {id-mr 47}
id-mr-generalWordMatch OBJECT IDENTIFIER ::= {id-mr 48}
id-mr-approximateStringMatch OBJECT IDENTIFIER ::= {id-mr 49}
id-mr-ignoreIfAbsentMatch OBJECT IDENTIFIER ::= {id-mr 50}
id-mr-nullMatch OBJECT IDENTIFIER ::= {id-mr 51}
id-mr-zonalMatch OBJECT IDENTIFIER ::= {id-mr 52}
-- id-mr-authAttIdMatch OBJECT IDENTIFIER ::= {id-mr 53} X.509|Part8
-- id-mr-roleSpecCertIdMatch OBJECT IDENTIFIER ::= {id-mr 54} X.509|Part8
-- id-mr-basicAttConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 55} X.509|Part8
-- id-mr-delegatedNameConstraintsMatch OBJECT IDENTIFIER ::= {id-mr 56} X.509|Part8
-- id-mr-timeSpecMatch OBJECT IDENTIFIER ::= {id-mr 57} X.509|Part8
-- id-mr-attDescriptorMatch OBJECT IDENTIFIER ::= {id-mr 58} X.509|Part8
-- id-mr-acceptableCertPoliciesMatch OBJECT IDENTIFIER ::= {id-mr 59} X.509|Part8
-- id-mr-policyMatch OBJECT IDENTIFIER ::= {id-mr 60} X.509|Part8
-- id-mr-delegationPathMatch OBJECT IDENTIFIER ::= {id-mr 61} X.509|Part8
-- id-mr-pkiPathMatch OBJECT IDENTIFIER ::= {id-mr 62} X.509|Part8
id-mr-facsimileNumberMatch OBJECT IDENTIFIER ::= {id-mr 63}
id-mr-facsimileNumberSubstringsMatch OBJECT IDENTIFIER ::= {id-mr 64}
-- id-mr-enhancedCertificateMatch OBJECT IDENTIFIER ::= {id-mr 65} X.509|Part8
-- id-mr-sOAIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 66} X.509|Part8
-- id-mr-extensionPresenceMatch OBJECT IDENTIFIER ::= {id-mr 67} X.509|Part8
id-mr-uuidpairmatch OBJECT IDENTIFIER ::= {id-mr 68}
-- id-mr-dualStringMatch OBJECT IDENTIFIER ::= {id-mr 69} X.509|Part8
id-mr-uriMatch OBJECT IDENTIFIER ::= {id-mr 70}
-- id-mr-userPwdMatch OBJECT IDENTIFIER ::= {id-mr 71} Annex B
-- id-mr-pwdEncAlgMatch OBJECT IDENTIFIER ::= {id-mr 72} Annex B
-- id-mr-userPwdHistoryMatch OBJECT IDENTIFIER ::= {id-mr 73} Annex B
id-mr-dnsNameMatch OBJECT IDENTIFIER ::= {id-mr 74}
id-mr-intEmailMatch OBJECT IDENTIFIER ::= {id-mr 75}
id-mr-jidMatch OBJECT IDENTIFIER ::= {id-mr 76}
-- LDAP defined matching rules
id-lmr-caseExactIA5Match OBJECT IDENTIFIER ::= {id-lmr 1}
id-lmr-caseIgnoreIA5Match OBJECT IDENTIFIER ::= {id-lmr 2}
id-lmr-caseIgnoreIA5SubstringsMatch OBJECT IDENTIFIER ::= {id-lmr 3}
-- contexts
id-avc-language OBJECT IDENTIFIER ::= {id-avc 0}
id-avc-temporal OBJECT IDENTIFIER ::= {id-avc 1}
id-avc-locale OBJECT IDENTIFIER ::= {id-avc 2}
-- id-avc-attributeValueSecurityLabelContext
-- OBJECT IDENTIFIER ::= {id-avc 3}
-- id-avc-attributeValueIntegrityInfoContext
-- OBJECT IDENTIFIER ::= {id-avc 4}
id-avc-ldapAttributeOption OBJECT IDENTIFIER ::= {id-avc 5}
END -- SelectedAttributeTypes