From 4bfd864f10b68b71482b35c818559068ef8d5797 Mon Sep 17 00:00:00 2001 From: Thomas Voss Date: Wed, 27 Nov 2024 20:54:24 +0100 Subject: doc: Add RFC documents --- doc/rfc/rfc3944.txt | 1683 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 1683 insertions(+) create mode 100644 doc/rfc/rfc3944.txt (limited to 'doc/rfc/rfc3944.txt') diff --git a/doc/rfc/rfc3944.txt b/doc/rfc/rfc3944.txt new file mode 100644 index 0000000..b74c991 --- /dev/null +++ b/doc/rfc/rfc3944.txt @@ -0,0 +1,1683 @@ + + + + + + +Network Working Group T. Johnson +Request for Comments: 3944 U. of North Carolina +Category: Informational S. Okubo + Waseda University + S. Campos + ITU-T + December 2004 + + + H.350 Directory Services + +Status of this Memo + + This memo provides information for the Internet community. It does + not specify an Internet standard of any kind. Distribution of this + memo is unlimited. + +Copyright Notice + + Copyright (C) The Internet Society (2004). + +Abstract + + The International Telecommunications Union Standardization Sector + (ITU-T) has created the H.350 series of Recommendations that specify + directory services architectures in support of multimedia + conferencing protocols. The goal of the architecture is to + 'directory enable' multimedia conferencing so that these services can + leverage existing identity management and enterprise directories. A + particular goal is to enable an enterprise or service provider to + maintain a canonical source of users and their multimedia + conferencing systems, so that multiple call servers from multiple + vendors, supporting multiple protocols, can all access the same data + store. + + Because SIP is an IETF standard, the contents of H.350 and H.350.4 + are made available via this document to the IETF community. This + document contains the entire normative text of ITU-T Recommendations + H.350 and H.350.4 in sections 4 and 5, respectively. The remaining + sections are included only in this document, not in the ITU-T + version. + + + + + + + + + + +Johnson, et al. Informational [Page 1] + +RFC 3944 H.350 Directory Services December 2004 + + +Table of Contents + + 1. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 + 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 + 3. Conventions used in this document . . . . . . . . . . . . . . 4 + 4. H.350 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 + 4.1. Scope . . . . . . . . . . . . . . . . . . . . . . . . . 4 + 4.1.1. Design Goals . . . . . . . . . . . . . . . . . . 6 + 4.1.2. Extending the Schema . . . . . . . . . . . . . . 7 + 4.2. commURIObject Definition. . . . . . . . . . . . . . . . 10 + 4.2.1. commURIObject. . . . . . . . . . . . . . . . . . 10 + 4.2.2. commURI. . . . . . . . . . . . . . . . . . . . . 10 + 4.3. CommObject Definition . . . . . . . . . . . . . . . . . 11 + 4.3.1. commObject . . . . . . . . . . . . . . . . . . . 11 + 4.3.2. commUniqueId . . . . . . . . . . . . . . . . . . 11 + 4.3.3. commOwner. . . . . . . . . . . . . . . . . . . . 12 + 4.3.4. commPrivate. . . . . . . . . . . . . . . . . . . 13 + 4.4. CommObject LDIF Files . . . . . . . . . . . . . . . . . 13 + 4.4.1. LDIF for commURIObject . . . . . . . . . . . . . 13 + 4.4.2. LDIF for commObject. . . . . . . . . . . . . . . 15 + 4.5. H.350 Annex A Indexing Profile. . . . . . . . . . . . . 17 + 5. H.350.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 + 5.1. Scope . . . . . . . . . . . . . . . . . . . . . . . . . 17 + 5.1.1. Extending the schema . . . . . . . . . . . . . . 18 + 5.2. Object class definitions. . . . . . . . . . . . . . . . 18 + 5.2.1. SIPIdentity. . . . . . . . . . . . . . . . . . . 18 + 5.2.2. SIPIdentitySIPURI. . . . . . . . . . . . . . . . 19 + 5.2.3. SIPIdentityRegistrarAddress. . . . . . . . . . . 19 + 5.2.4. SIPIdentityProxyAddress. . . . . . . . . . . . . 20 + 5.2.5. SIPIdentityAddress . . . . . . . . . . . . . . . 21 + 5.2.6. SIPIdentityPassword. . . . . . . . . . . . . . . 21 + 5.2.7. SIPIdentityUserName. . . . . . . . . . . . . . . 22 + 5.2.8. SIPIdentityServiceLevel. . . . . . . . . . . . . 23 + 5.3. SIPIdentity LDIF Files. . . . . . . . . . . . . . . . . 23 + 5.4. H.350.4 Annex A Indexing profile. . . . . . . . . . . . 26 + 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 26 + 7. Security Considerations . . . . . . . . . . . . . . . . . . . 27 + 8. References. . . . . . . . . . . . . . . . . . . . . . . . . . 28 + 8.1. Normative References. . . . . . . . . . . . . . . . . . 28 + 8.2. Informative References. . . . . . . . . . . . . . . . . 28 + 9. Relationship to Other Specifications. . . . . . . . . . . . . 29 + 10. Authors' Addresses. . . . . . . . . . . . . . . . . . . . . . 29 + Full Copyright Statement. . . . . . . . . . . . . . . . . . . 30 + + + + + + + + +Johnson, et al. Informational [Page 2] + +RFC 3944 H.350 Directory Services December 2004 + + +1. Scope + + The International Telecommunications Union Standardization Sector + (ITU-T) has created the H.350 series of Recommendations that specify + directory services architectures in support of multimedia + conferencing protocols. The goal of the architecture is to + 'directory enable' multimedia conferencing so that these services can + leverage existing identity management and enterprise directories. A + particular goal is to enable an enterprise or service provider to + maintain a canonical source of users and their multimedia + conferencing systems, so that multiple call servers from multiple + vendors, supporting multiple protocols, can all access the same data + store. + + H.350 architectures are not intended to change the operation of + multimedia conferencing protocols in any way. Rather, they are meant + to standardize the way the already defined protocol elements are + stored in a directory, so that they can be accessed in a standardized + manner. + + In the H.350 series, Recommendation H.350 specifies the base + architecture and object classes, while subordinate Recommendations + specify elements that are specific to individual protocols. + Currently, the Recommendations include: + + H.350 - Directory Services Architecture for Multimedia Conferencing + H.350.1 - Directory Services Architecture for H.323 + H.350.2 - Directory Services Architecture for H.235 + H.350.3 - Directory Services Architecture for H.320 + H.350.4 - Directory Services Architecture for SIP + H.350.5 - Directory Services Architecture for Non-Standard Protocols + + Because SIP is an IETF standard, the contents of H.350 and H.350.4 + are made available via this document to the IETF community. + +2. Terminology + + The following terms are used throughout the document: + + * call server: a protocol-specific signalling engine that routes + video or voice calls on the network. In H.323 this entity is a + gatekeeper. In SIP, this entity is a SIP Proxy Server. Note that + not all signalling protocols use a call server. + + * endpoint: a logical device that provides video and/or voice media + encoding/decoding, and signalling functions. Examples include: + + + + + +Johnson, et al. Informational [Page 3] + +RFC 3944 H.350 Directory Services December 2004 + + + * a group teleconferencing appliance that is located in a + conference room + + * an IP telephone. + + * a software program that takes video and voice from a camera and + microphone and encodes it and applies signalling using a host + computer. + + * enterprise directory: A canonical collection of information about + users in an organization. Typically this information is collected + from a variety of organizational units to create a whole. For + example, Human Resources may provide name and address, + Telecommunications may provide the telephone number, Information + Technology may provide the email address, etc. For the purposes + of this architecture, it is assumed that an enterprise directory + is accessible via LDAP. + + * White Pages: An application that allows end users to look up the + address of another user. This may be web-based or use some other + user interface. + +3. Conventions used in this document + + Conventions in this document conform to ITU-T guidelines. In this + Recommendation, the following conventions are used: + + "Shall" indicates a mandatory requirement. + + "Should" indicates a suggested but optional course of action. + + "May" indicates an optional course of action rather than a + recommendation that something take place. + + References to clauses, sub clauses, annexes and appendices refer to + those items within this Recommendation unless another specification + is explicitly listed. + +4. H.350 + + The normative text of H.350 is reproduced in this section. + +4.1. Scope + + This Recommendation describes a directory services architecture for + multimedia conferencing using LDAP. Standardized directory services + can support association of persons with endpoints, searchable white + pages, and clickable dialling. Directory services can also assist in + + + +Johnson, et al. Informational [Page 4] + +RFC 3944 H.350 Directory Services December 2004 + + + the configuration of endpoints, and user authentication based on + authoritative data sources. This document describes a standardized + LDAP schema to represent endpoints on the network and associate those + endpoints with users. It discusses design and implementation + considerations for the inter-relation of video and voice-specific + directories, enterprise directories, call servers and endpoints. + + The use of a common, authoritative data source for call server, + endpoint, user, authentication and white pages information is an + important aspect of large scale multimedia conferencing environments. + Without a common data source, service providers must create separate + processes to manage each of these functions. By standardizing the + LDAP schema used to represent the underlying data, products from + different system vendors can be deployed together to create an + overall application environment. For example, a white pages search + engine developed by one provider could serve directory information to + IP telephones produced by a second provider, with signalling managed + by a call server produced by yet a third provider. Each of these + disparate systems can access the same underlying data source, + reducing or eliminating the need to coordinate separate management of + each system. A significant benefit to the user is that the + management of this data can be incorporated into existing customer + management tools, allowing for quick and flexible scaling up of + applications. Indeed, many technology providers have already + incorporate LDAP into their products, but have been forced to do so + without benefit of a standardized schema. This Recommendation + represents an effort to standardize those representations to improve + interoperability and performance. + + While URLs are already standardized for several conferencing + protocols, their representation in a directory is not. This + Recommendation supports a standardized way for URLs to be searched + and located. This is a necessary step to support 'clickable + dialling'. + + Management of endpoint configurations can be improved if the correct + settings are stored by the service provider in a location that is + accessible to both service provider and endpoint. LDAP provides a + convenient storage location that can be accessed by both call server + and endpoint; thus it is possible to use the directory to support + endpoint configuration, which is important for simplified operation + and supporting user mobility. Note that other technologies also + support endpoint configuration, notably the use of SNMP for complete + configuration and SRV records for obtaining registration server + addresses. Therefore, H.350 should be viewed not as an authoritative + endpoint configuration architecture, but rather one tool that can + + + + + +Johnson, et al. Informational [Page 5] + +RFC 3944 H.350 Directory Services December 2004 + + + assist with this task. Note that the use of H.350 has as a feature + endpoint specific configuration, where it is desirable that each + endpoint has a unique configuration. + + This architecture uses a generic object class, called commObject, to + represent attributes common to any video or voice protocol. Auxiliary + classes represent specific protocols, such as H.323, H.235, or H.320, + as described in the H.350.x series of Recommendations. Multiple + H.350.x classes can be combined to represent endpoints that support + more than one protocol. For example, endpoints that support H.323, + H.235 and H.320 would include H.350, H.350.1, H.350.2, and H.350.3 in + their LDAP representations. Further, each entry should contain + commObject to serve as the entry's structural object class. + + There are two basic components in the architecture. The commURI + object is a class whose only purpose is to link a person or resource + to a commObject. By placing a commURI 'pointer' in an individual's + directory entry, that individual becomes associated with the + particular targeted commObject. Similarly, commObject contains a + pointer, called commOwner, which points to the individual or resource + that is associated with the commObject. In this way, people or + resources can be associated with endpoints. The only change required + in the enterprise directory is the addition of the simple object + class commURI. CommObject data may be instantiated in the same or in + entirely separate directories, thus allowing flexibility in + implementation. + +4.1.1. Design Goals + + Large-scale deployments of IP video and voice services have + demonstrated the need for complementary directory services + middleware. Service administrators need call servers that are aware + of enterprise directories to avoid duplication of account management + processes. Users need 'white pages' to locate other users with whom + they wish to communicate. All of these processes should pull their + information from canonical data sources in order to reduce redundant + administrative processes and ensure information accuracy. The + following design criteria are established for this architecture. The + architecture will: + + 1) enable endpoint information to be associated with people. + Alternately it enables endpoint information to be associated + with resources such as conference rooms or classrooms; + + 2) enable online searchable "white pages" where dialling + information (e.g., endpoint addresses) can be found, along with + other "traditional" directory information about a user, such as + name, address, telephone, email, etc.; + + + +Johnson, et al. Informational [Page 6] + +RFC 3944 H.350 Directory Services December 2004 + + + 3) enable all endpoint information to be stored in a canonical data + source (the Directory), rather than local to the call server, so + that endpoints can be managed through manipulations of an + enterprise directory, rather than by direct entry into the call + server; + + 4) support the creation of very large-scale distributed + directories. These include white pages "portals" that allow + searching for users across multiple institutional directories. + In this application, each enterprise directory registers itself + with (or is unknowingly discovered by) a directory of + directories that is capable of searching across multiple LDAP + directories; + + 5) be able to support multiple instances of endpoints per user or + resource; + + 6) represent endpoints that support more than one protocol, for + example, endpoints that are both H.320 and H.323; + + 7) store enough information about endpoint configuration so that + correct configuration settings can be documented to end users on + a per-endpoint basis, as a support tool, or loaded automatically + into the endpoint; + + 8) be extendible as necessary to allow implementation-specific + attributes to be included; + + 9) be non-invasive to the enterprise directory, so that support for + multimedia conferencing can be added in a modular fashion + without significant changes to the enterprise directory. + + The scope of this Recommendation does not include extensions of + functionality to protocols as defined within the protocols + themselves. It is not the intent of the Recommendation to add + features, but merely to represent existing protocol attributes. The + exception to this case is when functionality is implied by the + directory itself, such as the commPrivate attribute. + +4.1.2. Extending the Schema + + H.350 object classes may be extended as necessary for specific + implementations. For example, a class may be extended to support + billing reference codes. Extensions to the schema are not considered + as part of the Recommendation and do not signify compliance. + + + + + + +Johnson, et al. Informational [Page 7] + +RFC 3944 H.350 Directory Services December 2004 + + + In some cases it may be necessary to extend the H.350 schemas in + order to represent more information than is supported by the + Recommendations. This may be important for developers that implement + proprietary endpoint functionality that needs to be represented by + attributes in the directory. It may also be important for enterprise + applications. For example 'modelNumber', and 'accountNumber' are + examples of attributes that are not defined in the Recommendation but + may be useful if implemented. Adding attributes to this architecture + must be done in a way that does not break compatibility with this + Recommendation. + + A full discussion of schema design and extension is beyond the scope + of this Recommendation. See IETF RFC 2252 for details. Two basic + approaches to schema extension that do not break compatibility with + this Recommendation, are extension through subclass and extension + through the use of auxiliary classes. + +4.1.2.1. Extension Through Subclass + + It is possible to create a subclass of an existing predefined object + class in order to add new attributes to it. To create a subclass, a + new object class must be defined, that is a subclass of the existing + one, by indicating in the definition of the new class that the + existing class is its superior. Once the subclass is created, new + attributes can be defined within it. + + The following example shows how the commObject class can be + subclassed in order to add an attribute to represent a billing + account and a billing manager. + + objectclass ( BillingInfo-OID + NAME 'BillingInfo' + DESC 'Billing Reference Information' + SUP commObject STRUCTURAL + MAY ( BillingAccount $ BillingManager $ ) + ) + + Note that BillingInfo-OID must be replaced by an actual OID. Also + note that, whenever a structural class is extended, its subclass must + also be structural. + + The following sample entry shows the newly created attributes. This + example also uses ITU-T Rec. H.350.1 for h323Identity. + + dn: commUniqueId=2000,ou=h323identity, dc=company, dc=com + objectclass: top + objectclass: commObject + objectclass: h323Identity + + + +Johnson, et al. Informational [Page 8] + +RFC 3944 H.350 Directory Services December 2004 + + + objectclass: BillingInfo + commUniqueId: 2000 + BillingAccount: 0023456 + BillingManager: John Smith + + Note that this example and approach demonstrate extension of the + general commObject object class, and not any individual H.350.x + classes. If it is desired to extend an H.350.x auxiliary class, then + that should be accomplished through the definition of additional + auxiliary classes that support the desired attributes, as described + in section 4.1.2.2. + +4.1.2.2. Extension Through The Use Of Auxiliary Classes + + It is possible to add attributes to an LDAP entry by defining an + auxiliary class containing the new attributes and applying those + attributes to instantiated values in the directory. The auxiliary + class will not be subclassed from any existing object class. Note + that it should have the special class top as its superior. The + following example creates the same billing account and billing + manager attributes as the previous example, but does so by defining + them in their own auxiliary class. + + objectclass ( BillingInfo-OID + NAME 'BillingInfo' + DESC 'Billing Reference Information' + SUP top AUXILIARY + MAY ( BillingAccount $ BillingManager $ ) + ) + + Note how the superior was changed from commObject to top and the + object class changed from being a structural to auxiliary. + + It is recommended that all attributes in the auxiliary class be + optional rather than mandatory. In this way, the auxiliary object + class itself can be associated with an entry regardless of whether + any values for its attributes are present. + + The following example shows a sample endpoint that utilizes the new + auxiliary class and attributes. This example also uses H.350.1 for + h323Identity. + + dn: commUniqueId=2000,ou=h323identity, dc=company, dc=com + objectclass: top + objectclass: commObject + objectclass: BillingInfo + + + + + +Johnson, et al. Informational [Page 9] + +RFC 3944 H.350 Directory Services December 2004 + + + commUniqueId: 2000 + BillingAccount: 0023456 + BillingManager: John Smith + +4.1.2.3. Object Identifiers + + An attribute's Object Identifier (OID) is a unique numerical + identifier usually written as a sequence of integers separated by + dots. For example, the OID for the commUniqueId is + 0.0.8.350.1.1.2.1.1. All attributes must have an OID. OIDs can be + obtained from anyone who has one and is willing to delegate a portion + of it as an arc, keeping a record of the arc to avoid duplication. + Further, the Internet Assigned Numbers Authority (IANA) gives out + OIDs to any organization that asks. + +4.2. commURIObject Definition + + Auxiliary object class that contains the commURI attribute. This + attribute is added to a person or resource object to associate one or + more commObject instances with that object. Its values are LDAP URIs + that point to the associated commObjects, for example, to a user's + H.323 conferencing station and SIP IP phone. Note that multiple + instances of commURI need not point to the same commObject directory. + In fact, each commURI instance could point to an endpoint managed by + a different service provider. + +4.2.1. commURIObject + + OID: 0.0.8.350.1.1.1.2.1 + objectclasses: (0.0.8.350.1.1.1.2.1 + NAME 'commURIObject' + DESC 'object that contains the URI attribute type' + SUP top AUXILIARY + MAY ( commURI ) + ) + +4.2.2. commURI + + OID: 0.0.8.350.1.1.1.1.1 + attributetypes:( 0.0.8.350.1.1.1.1.1 + NAME 'commURI' + DESC 'Labeled URI format to point to the distinguished name of the + commUniqueId' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + Application utility class + Standard + + + + +Johnson, et al. Informational [Page 10] + +RFC 3944 H.350 Directory Services December 2004 + + + Number of values + multi + Definition + Labelled URI containing an LDAP URL identifying the directory + containing the referenced commObject instance. The search filter + specified by this LDAP URL shall specify an equality search of the + commUniqueId attribute of the commObject class. + Permissible values (if controlled) + Notes + Used to find the endpoint of the user in question. The label + field may be used to represent the function of the endpoint, such as + 'home IP phone' or 'desktop video' for user interface display + purposes. + Note that the label portion of the field may contain spaces as + in the example below showing 'desktop video'. + Semantics + Example applications for which this attribute would be useful + Example (LDIF fragment) + commURI: + ldap://directory.acme.com/dc=acme,dc=com??sub?(commUniqueId=bob) + desktop video + +4.3. CommObject Definition + + Abstraction of video or voice over IP device. The commObject class + permits an endpoint (H.323 endpoint or SIP user agent or other + protocol endpoint) and all their aliases to be represented by a + single entry in a directory. Note that every directory entry should + contain commObject as the entry's structural object class. That + entry may also contain H.350.x auxiliary classes. + +4.3.1. commObject + + OID: 0.0.8.350.1.1.2.2.1 + objectclasses: (0.0.8.350.1.1.2.2.1 + NAME 'commObject' + DESC 'object that contains the Communication attributes' + SUP top STRUCTURAL + MUST commUniqueId + MAY ( commOwner $ commPrivate ) + ) + +4.3.2. commUniqueId + + OID: 0.0.8.350.1.1.2.1.1 + attributetypes: (0.0.8.350.1.1.2.1.1 + NAME 'commUniqueId' + DESC 'To hold the endpoints unique Id' + + + +Johnson, et al. Informational [Page 11] + +RFC 3944 H.350 Directory Services December 2004 + + + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + Application utility class + standard + Number of values + multi + Definition + The endpoint's unique ID. + Permissible values (if controlled) + Notes + This is the RDN of this object. In practice, there will always + be one and only one commUniqueId for every endpoint. This attribute + uniquely identifies an endpoint in the commObject directory. It must + be unique within that directory, but need not be unique globally. + This attribute has no relationship to the enterprise directory. + Semantics + Example applications for which this attribute would be useful + Example (LDIF fragment) + commUniqueId: bob + +4.3.3. commOwner + + OID: 0.0.8.350.1.1.2.1.2 + attributetypes: 0.0.8.350.1.1.2.1.2 + NAME 'commOwner' + DESC 'Labeled URI to point back to the original owner' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + Application utility class + Standard + Number of values + multi + Definition + Labelled URI format to point back to the person or resource + object associated with this entry. + Permissible values (if controlled) + Notes + Used as a reverse entry finder of the owner(s). This attribute + may point to groups. Note that this URI can point to a cn, but in + applications where it is desired to bind authentication information + across both the commObject and enterprise directories, it may be + desirable that commOwner points to a dn rather than a cn, thus + uniquely identifying the owner of the commObject. + Semantics + Example applications for which this attribute would be useful + Example (LDIF fragment) + + + + +Johnson, et al. Informational [Page 12] + +RFC 3944 H.350 Directory Services December 2004 + + + commOwner: + ldap://directory.acme.com/dc=acme,dc=com??sub?(cn=bob%20smith) + commOwner: uid=bob,ou=people,dc=acme,dc=com + +4.3.4. commPrivate + + OID: 0.0.8.350.1.1.2.1.3 + attributetypes: (0.0.8.350.1.1.2.1.3 + NAME 'commPrivate' + DESC 'To decide whether the entry is visible to world or not' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + Application utility class + Standard + Number of values + multi + Definition + To be used by the user and indicate privacy options for an + endpoint, i.e., unlisted number. + Permissible values (if controlled) + Notes + This attribute is defined as Boolean. Future version of this + Recommendation may develop a controlled vocabulary for this + attribute to accommodate multiple types of privacy. + Semantics + Example applications for which this attribute would be useful + Example (LDIF fragment) + commPrivate: true + +4.4. CommObject LDIF Files + + This section contains a schema configuration file for commURIObject + and commObject that can be used to configure an LDAP server to + support these classes. + +4.4.1. LDIF for commURIObject + +# Communication Object Schema +# +# Schema for Representing Communication Objects in an LDAP Directory +# +# Abstract +# +# This document defines the schema for representing Communication +# objects in an LDAP directory [LDAPv3]. It defines schema elements +# to represent a communication object URI [commURIObject]. +# +# +# + + + +Johnson, et al. Informational [Page 13] + +RFC 3944 H.350 Directory Services December 2004 + + +# .1 = Communication related work +# .1.1 = commURIObject +# .1.1.1 = attributes +# .1.1.2 = objectclass +# .1.1.3 = syntax +# +# Attribute Type Definitions +# +# The following attribute types are defined in this document: +# +# commURI +dn: cn=schema +changetype: modify +# +# if you need to change the definition of an attribute, +# then first delete and re-add in one step +# +# if this is the first time you are adding the commObject +# objectclass using this LDIF file, then you should comment +# out the delete attributetypes modification since this will +# fail. Alternatively, if your ldapmodify has a switch to continue +# on errors, then just use that switch -- if you're careful +# +delete: attributetypes +attributetypes: (0.0.8.350.1.1.1.1.1 NAME 'commURI' ) +- +# +# re-add the attributes -- in case there is a change of definition +# +# +add: attributetypes +attributetypes: (0.0.8.350.1.1.1.1.1 + NAME 'commURI' + DESC 'Labeled URI format to point to the distinguished name of +the commUniqueId' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +- +# Object Class Definitions +# +# The following object classes are defined in this document: +# +# commURIObject +# +# commURIObject +# +# This auxiliary object class represents a URI attribute type +# + + + +Johnson, et al. Informational [Page 14] + +RFC 3944 H.350 Directory Services December 2004 + + +# +delete: objectclasses +objectclasses: (0.0.8.350.1.1.1.2.1 NAME 'commURIObject' ) +- +add: objectclasses +objectclasses: (0.0.8.350.1.1.1.2.1 + NAME 'commURIObject' + DESC 'object that contains the URI attribute type' + SUP top AUXILIARY + MAY ( commURI ) + ) +- +# +# end of LDIF +# + +4.4.2. LDIF for commObject + +# Communication Object Schema +# +# Schema for Representing Communication Objects in an LDAP Directory +# +# Abstract +# +# This document defines the schema for representing Communication +# objects in an LDAP directory [LDAPv3]. It defines schema elements +# to represent a communication object [commObject]. +# +# +# .1 = Communication related work +# .1.2 = commObject +# .1.2.1 = attributes +# .1.2.2 = objectclass +# .1.2.3 = syntax +# +# +# Attribute Type Definitions +# +# The following attribute types are defined in this document: +# +# commUniqueId +# commOwner +# commPrivate +dn: cn=schema +changetype: modify +# +# if you need to change the definition of an attribute, +# then first delete and re-add in one step + + + +Johnson, et al. Informational [Page 15] + +RFC 3944 H.350 Directory Services December 2004 + + +# +# if this is the first time you are adding the commObject +# objectclass using this LDIF file, then you should comment +# out the delete attributetypes modification since this will +# fail. Alternatively, if your ldapmodify has a switch to continue +# on errors, then just use that switch -- if you're careful +# +delete: attributetypes +attributetypes: (0.0.8.350.1.1.2.1.1 NAME 'commUniqueId' ) +attributetypes: (0.0.8.350.1.1.2.1.2 NAME 'commOwner' ) +attributetypes: (0.0.8.350.1.1.2.1.3 NAME 'commPrivate' ) +- +# +# re-add the attributes -- in case there is a change of definition +# +# +add: attributetypes +attributetypes: (0.0.8.350.1.1.2.1.1 + NAME 'commUniqueId' + DESC 'To hold the endpoints unique Id' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributetypes: (0.0.8.350.1.1.2.1.2 + NAME 'commOwner' + DESC 'Labeled URI to point back to the original owner' + EQUALITY caseExactMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributetypes: (0.0.8.350.1.1.2.1.3 + NAME 'commPrivate' + DESC 'To decide whether the entry is visible to world or not' + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +- +# Object Class Definitions +# +# The following object classes are defined in this document: +# +# commObject +# +# commObject +# +# +delete: objectclasses +objectclasses: (0.0.8.350.1.1.2.2.1 NAME 'commObject' ) +- +add: objectclasses +objectclasses: (0.0.8.350.1.1.2.2.1 + NAME 'commObject' + + + +Johnson, et al. Informational [Page 16] + +RFC 3944 H.350 Directory Services December 2004 + + + DESC 'object that contains the Communication attributes' + SUP top STRUCTURAL + MUST commUniqueId + MAY ( commOwner $ commPrivate ) + ) +- +# +# end of LDIF +# + +4.5. H.350 Annex A Indexing Profile + + Indexing of attributes is an implementation-specific activity and + depends upon the desired application. Non-indexed attributes can + result in search times sufficiently long to render some applications + unusable. Notably, user and alias lookup should be fast. The Annex + A Indexing Profile describes an indexing configuration for commObject + directories that will be optimized for use in directory of + directories applications. Use of this profile is optional. + + commURI: no recommendation + + commUniqueId: equality + + commOwner: presence + + commPrivate: presence + +5. H.350.4 + + The normative text of H.350 is reproduced in this section. + +5.1. Scope + + This Recommendation describes an LDAP directory services architecture + for multimedia conferencing using SIP. In particular, it defines an + LDAP schema to represent SIP User Agents (UAs) on the network and + associate those endpoints with users. + + This Recommendation is intended to supplement the CommObject + directory architecture as discussed in ITU-T Rec. H.350, and not + intended to be used as a stand-alone architecture. The + implementation of this LDAP schema, together with the use of the + H.350 CommObject architecture, facilitates the integration of SIP + User Agents and conferencing devices into existing Enterprise + Directories, thus allowing the user to perform white page lookups and + access clickable dialling supported by SIP devices. The primary + reasons for implementing this schema include those listed in ITU-T + + + +Johnson, et al. Informational [Page 17] + +RFC 3944 H.350 Directory Services December 2004 + + + Rec. H.350 (the CommObject class definition) as they apply + specifically to the use of SIP UAs, and to facilitate vendors making + SIP services more readily available to their users. + + The scope of this Recommendation includes recommendations for the + architecture to integrate endpoint information for endpoints using + SIP into existing enterprise directories and white pages. + + The scope of this Recommendation does not include normative methods + for the use of the LDAP directory itself or the data it contains. The + purpose of the schema is not to represent all possible data elements + in the SIP protocol, but rather to represent the minimal set required + to accomplish the design goals enumerated in ITU-T Rec. H.350. + + Note that SIP provides well-defined methods for discovering registrar + addresses and locating users on the network. Some of the attributes + defined here are intended for more trivial or manual implementations + and may not be needed for all applications. For example, + SIPIdentityRegistrarAddress and SIPIdentityAddress may not be needed + for many applications, but are included here for completeness. Thus, + SIPIdentitySIPURI is the primary attribute of interest that will be + served out, especially for white page directory applications. + +5.1.1. Extending the schema + + The SIPIdentity classes may be extended as necessary for specific + implementations. See the base of ITU-T Rec. H.350 for a discussion + on schema extension. + +5.2. Object class definitions + + The SIPIdentity object class represents SIP User Agents (UAs). It is + an auxiliary class and is derived from the commObject class, which is + defined in the ITU-T Rec. H.350. + +5.2.1. SIPIdentity + + OID: 0.0.8.350.1.1.6.2.1 + objectclasses: (0.0.8.350.1.1.6.2.1 + NAME 'SIPIdentity' + DESC 'SIPIdentity object' + SUP top AUXILIARY + MAY ( SIPIdentitySIPURI $ SIPIdentityRegistrarAddress $ + SIPIdentityProxyAddress $ SIPIdentityUserName $ + SIPIdentityPassword $ SIPIdentityServiceLevel $ + userSMIMECertificate ) + ) + + + + +Johnson, et al. Informational [Page 18] + +RFC 3944 H.350 Directory Services December 2004 + + +5.2.2. SIPIdentitySIPURI + + OID: 0.0.8.350.1.1.6.1.1 + attributetypes: (0.0.8.350.1.1.6.1.1 + NAME 'SIPIdentitySIPURI' + DESC 'Universal Resource Indicator of the SIP UA' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + Application utility class + standard + Number of values + multi + Definition + Uniform Resource Identifier that identifies a communication + resource in SIP. Usually contains a user name and a host name and is + often similar in format to an email address. + Permissible values (if controlled) + Notes + This URI may institute SIP or SIPS (secure). In the event that + SIPS is instituted, the URI must reflect that it is using SIPS as + opposed to SIP. See Examples below. + Semantics + Example applications for which this attribute would be useful + Online representation of most current listing of a user's + SIP(S) UA. + Example + SIPIdentitySIPURI: sip:alice@foo.com // SIP example + SIPIdentitySIPURI: sip:alice@152.2.158.212 // SIP example + SIPIdentitySIPURI: sips:bob@birmingham.edu // SIPS example + +5.2.3. SIPIdentityRegistrarAddress + + OID: 0.0.8.350.1.1.6.1.2 + attributetypes: (0.0.8.350.1.1.6.1.2 + NAME 'SIPIdentityRegistrarAddress' + DESC 'specifies the location of the registrar' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + Application utility class + Standard + Number of values + multi + Definition + Address for the domain to which the server that handles + REGISTER requests and forwarding to the location server for a + particular domain belongs. + Permissible values (if controlled) + + + +Johnson, et al. Informational [Page 19] + +RFC 3944 H.350 Directory Services December 2004 + + + Notes + Note that RFC 3261 states that user agents can discover their + registrar address by configuration, using the address-of-record, or + by multicast. The first scenario, by configuration, is noted as out + of scope for RFC 3261. This attribute may be used for the first + scenario. It can be accomplished manually, (e.g., a web page that + displays a user's correct registrar address) or automatically with + an H.350.4 aware user agent. + Semantics + Example applications for which this attribute would be useful + white pages, a web page that displays a user's correct + configuration information. + Example (LDIF fragment) + SIPIdentityRegistrarAddress: 152.2.15.22 //IP address example + SIPIdentityRegistrarAddress: sipregistrar.unc.edu //FQDN example + +5.2.4. SIPIdentityProxyAddress + + OID: 0.0.8.350.1.1.6.1.3 + attributetypes: (0.0.8.350.1.1.6.1.3 + NAME 'SIPIdentityProxyAddress' + DESC 'Specifies the location of the SIP Proxy' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + Application utility class + Standard + Number of values + multi + Definition + Address which specifies the domain location of SIP proxy within + a domain. RFC 3261 defines the role of the SIP proxy. + Permissible values (if controlled) + Notes + SIP User Agents are not REQUIRED to use a proxy, but will in + many cases. + Semantics + Example applications for which this attribute would be useful + white pages, a web page that displays a user's correct + configuration information. + Example (LDIF fragment) + SIPIdentityProxyAddress: 172.2.13.234 //IP address example + SIPIdentityProxyAddress: sipproxy.unc.edu //FQDN example + + + + + + + + + +Johnson, et al. Informational [Page 20] + +RFC 3944 H.350 Directory Services December 2004 + + +5.2.5. SIPIdentityAddress + + OID: 0.0.8.350.1.1.6.1.4 + attributetypes: (0.0.8.350.1.1.6.1.4 + NAME 'SIPIdentityAddress' + DESC 'IP address or FQDN of the UA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + Application utility class + standard + Number of values + multi + Definition + Specifies the IP address or fully qualified domain name of the + UA. + Permissible values (if controlled) + Notes + This attribute may be useful for applications in which UA to UA + communication is direct, not involving a proxy or registrar. + Example applications for which this attribute would be useful + A web page that displays a user's proper user agent + configuration information. + Example (LDIF fragment) + SIPIdentityAddress: 152.2.121.36 // IP address example + SIPIdentityAddress: ipPhone.foo.org // FQDN example + +5.2.6. SIPIdentityPassword + + OID: 0.0.8.350.1.1.6.1.5 + attributetypes: (0.0.8.350.1.1.6.1.5 + NAME 'SIPIdentityPassword' + DESC 'The user agent SIP password ' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) + Application utility class + Standard + Number of values + multi + Definition + The SIP user agent's password, used for the HTTP digest + authentication scheme as defined in RFC 2617. + Permissible values (if controlled) + Notes + Because RFC 2069, which was made obsolete by RFC 2617, was used + as the basis for HTTP Digest in RFC 2543, any SIP servers supporting + RFC 2617 must ensure backward compatibility with RFC 2069. + This SIPIdentityUserName, together with SIPIdentityPassword, + are reserved for the purpose of use with Digest Access + + + +Johnson, et al. Informational [Page 21] + +RFC 3944 H.350 Directory Services December 2004 + + + Authentication, and not intended for use with Basic Authentication + methods. + LDAP provides one method to store user passwords for reference. + If passwords are stored in LDAP it makes the LDAP server a + particularly valuable target for attack. Implementors are encouraged + to exercise caution and implement appropriate security procedures + such as encryption, access control, and transport layer security for + access to this attribute. + Semantics + Example applications for which this attribute would be useful + Example (LDIF fragment) + SIPIdentityPassword: 36zxJmCIB18dM0FVAj + +5.2.7. SIPIdentityUserName + + OID: 0.0.8.350.1.1.6.1.6 + attributetypes: (0.0.8.350.1.1.6.1.6 + NAME 'SIPIdentityUserName' + DESC 'The user agent user name.' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + Application utility class + Standard + Number of values + multi + Definition + The SIP user agent's user name, used for the HTTP digest + authentication scheme as defined in RFC 2617. + Permissible values (if controlled) + Notes + Because RFC 2069, which was made obsolete by RFC 2617, was used + as the basis for HTTP Digest Authentication in RFC 2543, any SIP + servers supporting HTTP Digest Authentication as defined in RFC 2617 + must ensure backward compatibility with RFC 2069. + This SIPIdentityUserName, together with SIPIdentityPassword, + are reserved for the purpose of use with Digest Access + Authentication, and not intended for use with Basic Authentication + methods. + Note that in many cases the user name will be parsed from the + user@proxy.domain portion of the SIP URI. In that case it may not be + necessary to populate this attribute. + Semantics + Example applications for which this attribute would be useful + Example (LDIF fragment) + SIPIdentityUserName: nelkhour + + + + + +Johnson, et al. Informational [Page 22] + +RFC 3944 H.350 Directory Services December 2004 + + +5.2.8. SIPIdentityServiceLevel + + OID: 0.0.8.350.1.1.6.1.7 + attributetypes: (0.0.8.350.1.1.6.1.7 + NAME 'SIPIdentityServiceLevel' + DESC 'To define services that a user can belong to.' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) + Application utility class + Standard + Number of values + multi + Definition + This describes the level of services a user can belong to. + Permissible values (if controlled) + Notes + This attribute does not represent a data element found in SIP. + SIP itself does not support distinctions in service levels. Instead, + this attribute provides a mechanism for the storage of service level + information directly in LDAP. This mapping allows service providers + to adapt to an existing LDAP directory without changing the values + of the SIPIdentityServiceLevel instances in the directory. + Semantics + Example applications for which this attribute would be useful + Example (LDIF fragment) + SIPIdentityServiceLevel: premium + +5.3. SIPIdentity LDIF Files + + This clause contains a schema configuration file for SIPIdentity + that can be used to configure an LDAP server to support this class. + +# SIPIdentity Object Schema +# +# Schema for representing SIPIdentity Object in an LDAP Directory +# +# Abstract +# +# This Recommendation defines the schema for representing +SIPIdentity +# object in an LDAP directory [LDAPv3]. It defines schema elements +# to represent an SIPIdentity object [SIPIdentity]. +# +# .1 = Communication related work +# .1.6 = SIPIdentity +# .1.6.1 = attributes +# .1.6.2 = objectclass + + + +Johnson, et al. Informational [Page 23] + +RFC 3944 H.350 Directory Services December 2004 + + +# .1.6.3 = syntax +# +# +# +# Attribute Type Definitions +# +# The following attribute types are defined in this +Recommendation: +# +# SIPIdentitySIPURI +# SIPIdentityRegistrarAddress +# SIPIdentityProxyAddress +# SIPIdentityAddress +# SIPIdentityPassword +# SIPIdentityUserName +# SIPIdentityServiceLevel +dn: cn=schema +changetype: modify +# +# if you need to change the definition of an attribute, +# then first delete and re-add in one step +# +# if this is the first time you are adding the SIPIdentity +# objectclass using this LDIF file, then you should comment +# out the delete attributetypes modification since this will +# fail. Alternatively, if your ldapmodify has a switch to continue +# on errors, then just use that switch -- if you are careful +# +delete: attributetypes +attributetypes: (0.0.8.350.1.1.6.1.1 NAME 'SIPIdentitySIPURI' ) +attributetypes: (0.0.8.350.1.1.6.1.2 NAME 'SIPIdentityRegistrarAddress') +attributetypes: (0.0.8.350.1.1.6.1.3 NAME 'SIPIdentityProxyAddress') +attributetypes: (0.0.8.350.1.1.6.1.4 NAME 'SIPIdentityAddress' ) +attributetypes: (0.0.8.350.1.1.6.1.5 NAME 'SIPIdentityPassword' ) +attributetypes: (0.0.8.350.1.1.6.1.6 NAME 'SIPIdentityUserName' ) +attributetypes: (0.0.8.350.1.1.6.1.7 NAME 'SIPIdentityServiceLevel') +- +# +# re-add the attributes -- in case there is a change of definition +# +# +add: attributetypes +attributetypes: (0.0.8.350.1.1.6.1.1 + NAME 'SIPIdentitySIPURI' + DESC 'Universal Resource Indicator of the SIP UA' + EQUALITY caseExactMatch + SUBSTR caseExactSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) + + + +Johnson, et al. Informational [Page 24] + +RFC 3944 H.350 Directory Services December 2004 + + +attributetypes: (0.0.8.350.1.1.6.1.2 + NAME 'SIPIdentityRegistrarAddress' + DESC 'specifies the location of the registrar' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributetypes: (0.0.8.350.1.1.6.1.3 + NAME 'SIPIdentityProxyAddress' + DESC 'Specifies the location of the SIP Proxy' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributetypes: (0.0.8.350.1.1.6.1.4 + NAME 'SIPIdentityAddress' + DESC 'IP address of the UA' + EQUALITY caseIgnoreIA5Match + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +attributetypes: (0.0.8.350.1.1.6.1.5 + NAME 'SIPIdentityPassword' + DESC 'The user agent SIP password ' + EQUALITY octetStringMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) +attributetypes: (0.0.8.350.1.1.6.1.6 + NAME 'SIPIdentityUserName' + DESC 'The user agent user name.' + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) +attributetypes: (0.0.8.350.1.1.6.1.7 + NAME 'SIPIdentityServiceLevel' + DESC 'To define services that a user can belong to.' + EQUALITY caseIgnoreIA5Match + SUBSTR caseIgnoreIA5SubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 ) +- +# Object Class Definitions +# +# The following object class is defined in this Recommendation: +# +# SIPIdentity +# +# SIPIdentity +# +# +delete: objectclasses +objectclasses: (0.0.8.350.1.1.6.2.1 NAME 'SIPIdentity' ) +- +add: objectclasses +objectclasses: (0.0.8.350.1.1.6.2.1 + NAME 'SIPIdentity' + + + +Johnson, et al. Informational [Page 25] + +RFC 3944 H.350 Directory Services December 2004 + + + DESC 'SIPIdentity object' + SUP top AUXILIARY + MAY ( SIPIdentitySIPURI $ SIPIdentityRegistrarAddress $ + SIPIdentityProxyAddress $ SIPIdentityAddress $ + SIPIdentityPassword $ SIPIdentityUserName $ + SIPIdentityServiceLevel $ userSMIMECertificate ) + ) +- +# +# end of LDIF +# + +5.4. H.350.4 Annex A Indexing profile + + Indexing of attributes is an implementation-specific activity and + depends upon the desired application. Non-indexed attributes can + result in search times sufficiently long to render some applications + unusable. Notably, user and alias lookup should be fast. The Annex + A Indexing Profile describes an indexing configuration for + SIPIdentity directories that will be optimized for use in directory + of directories applications. Use of this profile is optional. + + SIPIdentitySIPURI: equality + + SIPIdentityRegistrarAddress: no recommendation + + SIPIdentityProxyAddress: no recommendation + + SIPIdentityAddress: equality + + SIPIdentityUserName: equality + + SIPIdentityPassword: no recommendation + + SIPIdentityServiceLevel: equality + +6. Acknowledgments + + We are grateful to numerous colleagues for reaching across multiple + boundaries of standards bodies, research networks, academia and + private industry in order to produce an architecture that works + toward integrating multimedia conferencing deployments. In + particular, standards from both IETF and ITU-T were drawn from + extensively, and the architecture is meant to serve all communities. + + + + + + + +Johnson, et al. Informational [Page 26] + +RFC 3944 H.350 Directory Services December 2004 + + + This work developed out of the Video Conferencing Middleware + (VidMid-VC) working group, a joint effort of Internet2 + (www.internet2.edu) and the Video Development Initiative + (www.vide.net). The architecture was developed in response to + deployment challenges discovered in the ViDeNet + (https//:videnet.unc.edu) academic test bed providing video and voice + over IP infrastructure across research networks internationally. + + This work was supported in part by a grant from the United States + National Science Foundation contract number ANI-0222710. + +7. Security Considerations + + This section is not present in the ITU-T standard, but gives + information for the IETF community. Its content has the consensus of + the ITU-T Study Group 16. + + H.350 does not alter the security architectures of any particular + protocol. However, it does offer a standardized place to store + authentication credentials where appropriate. It should be noted + that both H.323 and SIP support shared secret authentication (H.235 + Annex D and HTTP Digest, respectively). These approaches require + that the call server have access to the password. Thus, if the call + server or H.350 directory is compromised, passwords also may become + compromised. These weaknesses may be due to weaknesses in the + systems (H.350 directory or call servers) and their operation rather + than in H.350 per se. + + The userSMIMECertificate attribute is defined in RFC 2798 (section + 2.8) as a part of inetOrgPerson. The SIP user agent's X.509 + certificate can be stored in this attribute. When the certificate is + present, it can be employed with S/MIME to provide authentication, + integrity, and confidentiality as specified in RFC 3261 [5]. + + It is strongly encouraged that call servers and an H.350 directory + mutually authenticate each other before sharing information. + Further, it is strongly encouraged that communications between H.350 + directories and call servers or endpoints happen over secure + communication channels such as SSL or TLS. + + Finally, access control lists on LDAP servers are a matter of policy + and are not a part of the standard. System administrators are + advised to use common sense when setting access control on H.350 + attributes. For example, password attributes should only be + accessible by the authenticated user, while address attributes might + be publicly available. + + + + + +Johnson, et al. Informational [Page 27] + +RFC 3944 H.350 Directory Services December 2004 + + +8. References + +8.1. Normative References + + [1] Hodges, J. and R. Morgan, "Lightweight Directory Access Protocol + (v3): Technical Specification", RFC 3377, September 2002. + + [2] ITU-T Recommendation H.350, "Directory services architecture for + multimedia conferencing", 2003. + + [3] ITU-T Recommendation H.350.4, "Directory services architecture + for SIP", 2003. + + [4] Franks, J., Hallam-Baker P., Hostetler, J., Lawrence, S., Leach, + P., Luotonen, A., and L. Stewart, "HTTP Authentication: Basic + and Digest Access Authentication", RFC 2617, June 1999. + + [5] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., + Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: + Session Initiation Protocol", RFC 3261, June 2002. + + [6] Rosenberg, J. and H. Schulzrinne, "Session Initiation Protocol + (SIP): Locating SIP Servers", RFC 3263, June 2002. + + [7] Smith, M., "Definition of the inetOrgPerson LDAP Object Class", + RFC 2798, April 2000. + +8.2. Informative References + + [8] ITU-T Recommendation H.350.1, "Directory services architecture + for H.323", 2003. + + [9] ITU-T Recommendation H.350.2, "Directory services architecture + for H.235", 2003. + + [10] ITU-T Recommendation H.350.3, "Directory services architecture + for H.320", 2003. + + [11] ITU-T Recommendation H.350.5, "Directory services architecture + for Non-Standard Protocols", 2003. + + [12] ITU-T Recommendation H.350.6, "Directory services architecture + for Call Forwarding and Preferences", 2004. + + [13] Howes T. and M. Smith, "Understanding And Deploying LDAP + Directory Services", New Riders Publishing, ISBN: 1578700701, + 1999. + + + + +Johnson, et al. Informational [Page 28] + +RFC 3944 H.350 Directory Services December 2004 + + + [14] Howes T. and M. Smith, "LDAP Programming Directory-Enabled + Applications with Lightweight Directory Access Protocol", New + Riders Publishing, ISBN: 1578700000, 1997. + +9. Relationship to Other Specifications + + This specification is an RFC publication of an ITU-T publication [4], + without textual changes within the standard itself (Section 4). The + present section appears in the RFC publication only. In order for + this specification to be implemented properly, a number of standards + pertaining to LDAP [1], [7], H.350 [2],[3], and SIP [4], [5], [6], + [7], need to be implemented in whole or in part by the implementor. + + For some background information on the ITU and IETF directory service + protocols, reading [8], [9], [10], [11], and [12] is valuable, and + [13] and [14] are recommended books. + +10. Authors' Addresses + + Tyler Johnson + Editor, H.350 + University of North Carolina + Chapel Hill, NC 27599 + + Phone: +1.919.843.7004 + EMail: Tyler_Johnson@unc.edu + + + Sakae Okubo + Rapporteur for Q.4/16, ITU-T SG16 + Waseda University + YRP Ichibankan, 3-4 Hikarinooka + Yokosuka-shi, 239-0847 Japan + + Phone: +81 46 847 5406 + EMail: sokubo@waseda.jp + + + Simao Ferraz de Campos Neto + Counsellor, ITU-T SG 16 + International Telecommunication Union + Place des Nations + Geneva CH1211 - Switzerland + + Phone: +41-22-730-6805 + EMail: simao.campos@itu.int + + + + + +Johnson, et al. Informational [Page 29] + +RFC 3944 H.350 Directory Services December 2004 + + +Full Copyright Statement + + Copyright (C) The Internet Society (2004). + + This document is subject to the rights, licenses and restrictions + contained in BCP 78, and at www.rfc-editor.org, and except as set + forth therein, the authors retain all their rights. + + This document and the information contained herein are provided on an + "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS + OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET + ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, + INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE + INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED + WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + +Intellectual Property + + The IETF takes no position regarding the validity or scope of any + Intellectual Property Rights or other rights that might be claimed to + pertain to the implementation or use of the technology described in + this document or the extent to which any license under such rights + might or might not be available; nor does it represent that it has + made any independent effort to identify any such rights. Information + on the ISOC's procedures with respect to rights in ISOC Documents can + be found in BCP 78 and BCP 79. + + Copies of IPR disclosures made to the IETF Secretariat and any + assurances of licenses to be made available, or the result of an + attempt made to obtain a general license or permission for the use of + such proprietary rights by implementers or users of this + specification can be obtained from the IETF on-line IPR repository at + http://www.ietf.org/ipr. + + The IETF invites any interested party to bring to its attention any + copyrights, patents or patent applications, or other proprietary + rights that may cover technology that may be required to implement + this standard. Please address the information to the IETF at ietf- + ipr@ietf.org. + +Acknowledgement + + Funding for the RFC Editor function is currently provided by the + Internet Society. + + + + + + + +Johnson, et al. Informational [Page 30] + -- cgit v1.2.3