summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc1249.txt
blob: 3e98d256cf007afe6da0d381a01422d8e2464990 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
Network Working Group                                           T. Howes
Request for Comments: 1249                                      M. Smith
                                                              B. Beecher
                                                  University of Michigan
                                                             August 1991


                      DIXIE Protocol Specification

Status of this Memo

   This RFC defines a mechanism by which TCP/UDP based clients can
   access OSI Directory Service without the overhead of the ISO
   transport and presentation protocols required to implement full-blown
   DAP.  This memo provides information for the Internet community.  It
   does not specify any standard.  Distribution of this memo is
   unlimited.

Table of Contents

   1. Introduction ..............................................  2
   1.1 History ..................................................  2
   2. Protocol ..................................................  2
   2.1 Header ...................................................  3
   2.2 Operations ...............................................  4
   2.2.1 Read ...................................................  4
   2.2.1.1 Read Request .........................................  4
   2.2.1.2 Read Reply ...........................................  4
   2.2.2 Search .................................................  5
   2.2.2.1 Search Request .......................................  5
   2.2.2.2 Search Reply .........................................  5
   2.2.3 List ...................................................  5
   2.2.3.1 List Request .........................................  5
   2.2.3.2 List Reply ...........................................  5
   2.2.4 Modify .................................................  5
   2.2.4.1 Modify Request .......................................  6
   2.2.4.2 Modify Reply .........................................  6
   2.2.5 Modify RDN .............................................  6
   2.2.5.1 Modify RDN Request ...................................  6
   2.2.5.2 Modify RDN Reply .....................................  6
   2.2.6 Add ....................................................  6
   2.2.6.1 Add Request ..........................................  7
   2.2.6.2 Add Reply ............................................  7
   2.2.7 Remove .................................................  7
   2.2.7.1 Remove Request .......................................  7
   2.2.7.2 Remove Reply .........................................  7
   2.2.8 Bind ...................................................  7
   2.2.8.1 Bind Request .........................................  7



Howes, Smith, & Beecher                                         [Page 1]
^L
RFC 1249                         DIXIE                       August 1991


   2.2.8.2 Bind Reply ...........................................  8
   2.3 Operation Code Summary ...................................  8
   2.4 Return Code Summary ......................................  8
   3. References ................................................  9
   4. Available Implementations .................................  9
   5. Security Considerations....................................  9
   6. Authors' Addresses ........................................ 10

1.    Introduction

   OSI Directory Service defines a powerful mechanism for storing and
   retrieving information about objects, and for arranging those objects
   in a hierarchical structure.  Many types of objects and information
   can be stored in The Directory, including white pages information,
   application information, service information, etc.  The OSI protocol
   defined to allow access to this information is the Directory Access
   Protocol (DAP).  The DAP, being an OSI application-layer program, is
   fairly heavy-weight and requires a substantial amount of computing
   power and coding investment to implement.

   The DIXIE protocol is designed for use by smaller hosts (e.g.,
   Macintoshes and PCs) that do not have the computing power or
   necessary software to implement a full OSI protocol stack.  The DIXIE
   protocol is also useful for any Internet application that wants a
   simple interface to X.500 that requires very little coding
   investment.

   The basic idea behind DIXIE is the same as that described in RFC 1202
   for the Directory Assistance Protocol.  DIXIE offers both UDP and TCP
   access to The Directory.  While the Directory Assistance Protocol
   exports something of a user interface, DIXIE provides a more direct
   protocol translation.

1.1   History

   The DIXIE protocol has evolved over time, slowly growing into the
   protocol described by this document.  Without an understanding of the
   circumstances surrounding this evolution, the wisdom of some of the
   DIXIE design decisions may not be apparent.

2.    Protocol

   This section describes the DIXIE protocol in detail.  DIXIE follows a
   client-server request and response paradigm.  Clients send request
   packets to a DIXIE server, and the server sends reply packets in
   return.  Communication may be over UDP or TCP, depending upon the
   needs of the client.  All modification operations (ADD, REMOVE,
   MODIFY, MODIFYRDN) must be performed over a TCP connection, which



Howes, Smith, & Beecher                                         [Page 2]
^L
RFC 1249                         DIXIE                       August 1991


   provides some level of authentication.

   Whichever method of communication is used, the general packet format
   is the same.  Each packet consists of a sixteen octet header followed
   by some data.  The format of the header and data for each kind of
   request is described below.

   The representation used for all X.500 data passed between the server
   and the client is the QUIPU EDB format.  So, for example, a
   Distinguished Name might look something like "c=US@o=University of
   Michigan".  For a complete description of this format, see volume 5
   of the ISODE Manual.

   The DIXIE server listens on port 96 for both UDP packets and TCP
   connections.

2.1   Header

   The DIXIE packet header is sixteen octets long.  For requests, the
   header is described by the following:

      Start Length    Description
      0       1       An opcode specifying one of the operations
                      described below.  (see section 2.3 for a summary)
      1       2       A request identifier to be included in the reply.
                      This number should be unique to a request.
      3       4       The total length of the request packet, excluding
                      the header.
      7       2       Unused.
      9       1       Options.  Currently, there are only three options.
                      If bit 0 is set, "large" attributes will be
                      included in the response.  The choice of what
                      constitutes large is up to the implementation.
                      If bit 1 is set, the dereference aliases service
                      control will be set for the X.500 operation.  If
                      bit 2 is set, aliases will NOT be dereferenced and
                      searched during a search operation.
      10      1       Protocol version. The current version is 1.
      11      1       For the search operation, this byte specifies the
                      scope of the search.  (see section 2.2.2.1)
      12      2       Timelimit in seconds for the operation.
      14      2       Sizelimit for the operation (search and list).









Howes, Smith, & Beecher                                         [Page 3]
^L
RFC 1249                         DIXIE                       August 1991


   For replies, the header is described by the following:

      Start Length    Description
      0       1       A return code specifying either success or
                      describing any error that occurred.  (see
                      section 2.4 for a description of each code)
      1       2       The identifier included in the corresponding
                      request packet.
      3       4       The total length of the response packet, excluding
                      the header.
      7       3       Unused.
      10      1       Protocol version.  The current version is 1.
      11      5       Unused.

   All unused fields should be set to null octets and are reserved for
   future expansion.

2.2   Operations

   This section describes the DIXIE operations, which closely parallel
   the X.500 DAP operations.

2.2.1 Read

   The DIXIE read operation corresponds to an X.500 DAP READ operation.

2.2.1.1 Read Request

   The header opcode should be set to 0x01.  The data portion of the
   packet consists of the DN of the entry to read, a null octet, and
   then a null-octet separated list of attributes whose values are to be
   returned from the read.  If no attributes to return are listed, all
   attributes are returned.  The packet is terminated by two null octets
   in a row.

2.2.1.2 Read Reply

   The reply data for the read operation consists of the entry read,
   followed by a null octet.  An entry consists of the DN of the entry,
   followed by the octet 0x02, followed by a 0x02-octet separated list
   of attribute values.  An attribute value consists of an attribute
   type, followed by the octet 0x01, followed by a 0x01-octet separated
   list of values.  Each attribute type, attribute value and
   distinguished name has the form defined by the QUIPU EDB format.







Howes, Smith, & Beecher                                         [Page 4]
^L
RFC 1249                         DIXIE                       August 1991


2.2.2 Search

   The DIXIE search operation corresponds to an X.500 DAP SEARCH
   operation.

2.2.2.1 Search Request

   The header opcode should be set to 0x0f.  Octet 11 in the header
   should be set to 0x01, 0x02, or 0x03, for a search scope of base
   object, one level, or whole subtree, respectively.  The data portion
   of the packet consists of the DN of the entry from which to start the
   search, a null octet, a string containing the search filter (dish-
   style), a null-octet, and then a null-octet separated list of
   attributes whose values are to be returned from the search.  If no
   attributes to return are listed, all attributes are returned.  The
   packet is terminated by two null octets in a row.

2.2.2.2 Search Reply

   The reply data to the search operation consists of two octets in
   network byte order specifying the number of matches returned.  Next
   comes this number of sequences of the form: one 0x03 octet followed
   by one entry.  Each entry is as described above in section 2.2.1.2.

2.2.3 List

   The DIXIE list operation corresponds to an X.500 DAP LIST operation.

2.2.3.1 List Request

   The header opcode should be set to 0x10.  The data portion of the
   packet consists of the DN of the entry on which to perform the list,
   followed by a null octet.

2.2.3.2 List Reply

   The reply data to the list operation consists of two octets in
   network byte order specifying the number of subordinates returned,
   followed by this number of sequences of the form: one 0x03 octet
   followed by a Relative Distinguished Name of a subordinate.

2.2.4 Modify

   The DIXIE modify operation corresponds to an X.500 DAP MODIFY
   operation.






Howes, Smith, & Beecher                                         [Page 5]
^L
RFC 1249                         DIXIE                       August 1991


2.2.4.1 Modify Request

   The header opcode should be set to 0x02.  The data portion of the
   packet consists of the DN of the entry to modify, followed by a null
   octet, followed by a null-separated list of modify operations to
   perform.  Each modify operation is one of the following:

           type            remove attribute type
           type=value      make value the sole value for attribute type
           type+=value     add value to attribute type
           type-=value     remove value from attribute type

   The second form will see to it that existing values (if any) are
   deleted before the new ones are added.  The third form will add the
   attribute type if it does not already exist.  Note that the QUIPU EDB
   format, used to specify value, allows multiple values to be specified
   separated by the "&" character.  This operation is only allowed over
   TCP.

2.2.4.2 Modify Reply

   There is no reply data for the modify operation.  The only indication
   of success or failure is the return code in the header.

2.2.5 Modify RDN

   The DIXIE modify RDN operation corresponds to an X.500 DAP  MODIFYRDN
   operation.

2.2.5.1 Modify RDN Request

   The header opcode should be set to 0x13.  The data portion of the
   packet consists of the DN of the entry to modify, followed by a null
   octet, followed by the new RDN the entry should have, followed by a
   final null octet.  The old value of the RDN is never kept as an
   attribute of the entry.  This operation is only allowed over TCP.

2.2.5.2 Modify RDN Reply

   There is no reply data to the modify RDN operation.  The only
   indication of success or failure is the return code in the header.

2.2.6 Add

   The DIXIE add operation corresponds to an X.500 DAP ADD operation.






Howes, Smith, & Beecher                                         [Page 6]
^L
RFC 1249                         DIXIE                       August 1991


2.2.6.1 Add Request

   The header opcode should be set to 0x11.  The data portion of the
   packet consists of the DN of the entry to add, followed by a null
   octet, followed by a null-separated list of the entry's attributes.
   Each attribute in this list has the form:

           type=value

   where value can consist of a single value, or multiple values
   separated by the "&" character.  The request is terminated by two
   null octets in a row.  This operation is only allowed over TCP.

2.2.6.2 Add Reply

   There is no reply data to the add operation.  The only indication of
   success or failure is the return code in the header.

2.2.7 Remove

   The DIXIE remove operation corresponds to an X.500 DAP REMOVE
   operation.

2.2.7.1 Remove Request

   The header opcode should be set to 0x12.  The data portion of the
   packet consists of the DN of the entry to remove, followed by a null
   octet.  This operation is only allowed over TCP.

2.2.7.2 Remove Reply

   There is no reply data for the remove operation.  The only indication
   of success or failure is the return code in the header.

2.2.8 Bind

   The DIXIE bind operation corresponds to an X.500 DAP BIND operation
   using simple authentication as defined in Recommendation X.509.

2.2.8.1 Bind Request

   The header opcode should be set to 0x04.  The data portion of the
   packet consists of the DN of the entry as which to bind, followed by
   a null octet, followed by the password of the entry as which to bind,
   followed by a final null octet.  A null DN corresponds causes a bind
   as NULLDN to occur.





Howes, Smith, & Beecher                                         [Page 7]
^L
RFC 1249                         DIXIE                       August 1991


2.2.8.2 Bind Reply

   The format of the bind reply packet depends on whether the operation
   was invoked over TCP or UDP.  If the operation was invoked over TCP,
   there is no reply data.  Success or failure of the operation is
   indicated by the return code in the packet header.

   If the bind operation was invoked over UDP, the data portion of the
   reply packet consists of an Internet address in standard dot
   notation, followed by a 0x01 octet, followed by a decimal number (in
   text form), followed by a null octet.  The address and number should
   be taken to be the IP address and port number to which the client
   should connect to obtain an authenticated TCP connection, bound as
   the entity specified in the request packet.

2.3 Operation Code Summary

   This section describes the  possible  values  for  the  DIXIE  header
   operation code.  There are currently 8 possible values:

      0x01    Read
      0x02    Modify
      0x04    Bind
      0x0f    Search
      0x10    List
      0x11    Add
      0x12    Remove
      0x13    Modify RDN

2.4 Return Code Summary

   This section describes the possible values for the the DIXIE header
   return code.  There are currently 17 possible values:

      0x01    The request was successful.
      0x02    The search did not find any matches.
      0x03    Some unknown, generic DIXIE error has occurred.
      0x04    The DIXIE opcode was not recognized by the DIXIE server.
      0x05    Insufficient access to perform a modification.
      0x06    A malformed DN was supplied.
      0x07    Some time limit or size limit was reached.
              Partial results will be returned.
      0x08    A modify was attempted before a bind.
      0x09    A fragment requested was not found.
      0x0a    An attribute type specified is invalid.
      0x0b    An attribute specified does not exist in the entry.
      0x0c    An attribute value specification is invalid.
      0x0d    An attribute value does not exist (as for removal of the



Howes, Smith, & Beecher                                         [Page 8]
^L
RFC 1249                         DIXIE                       August 1991


              value).
      0x0e    A modification of an entry's RDN was attempted via a modify
              operation.  This is not allowed (use modrdn instead).
      0x0f    A supplied DN references an invalid portion of the tree.
      0x10    The DSA has passed back a referral to another DSA (as for a
              modification to a non-local entry), and the DIXIE server was
              unable to follow it.
      0x11    The DSA is down or unreachable.

3.    References

   [1] Information Processing - Open Systems Interconnection - The
       Directory, International Organization for Standardization,
       International Standard 9594, 1988.

   [2] Kille, S., Robbins, C., Roe, M., and A. Turland, "The ISO
       Development Environment: User's Manual", Volume 5: QUIPU,
       Performance Systems International, January 1990.

   [3] Rose, M., "Directory Assistance Service", RFC 1202, Performance
       Systems International, February 1991.

4.    Available Implementations

       This section is not meant as an endorsement of any
       implementation, it is provided merely as information for the
       Internet community.  A full Un*x-based implementation of the
       DIXIE protocol in the form of a DIXIE server and DIXIE
       application library is freely available for anonymous FTP from
       the host terminator.cc.umich.edu in the ~ftp/x500 directory.
       Un*x and Macintosh clients that use the DIXIE protocol have also
       been implemented and are available from the same location.

       There is also a discussion list for DIXIE-related topics called
       dixie@terminator.cc.umich.edu.  To join, send mail to dixie-
       request@terminator.cc.umich.edu.

5.    Security Considerations

   Security issues are not discussed in this memo.











Howes, Smith, & Beecher                                         [Page 9]
^L
RFC 1249                         DIXIE                       August 1991


6.    Authors' Addresses

   Tim Howes
   University of Michigan
   Information Technology Division
   535 West William St.
   Ann Arbor, MI 48103-4943

   Phone: +1 313 764-2278
   EMail: tim@umich.edu


   Mark Smith
   University of Michigan
   Information Technology Division
   535 West William St.
   Ann Arbor, MI 48103-4943

   Phone: +1 313 764-2277
   EMail: mcs@umich.edu


   Bryan Beecher
   University of Michigan
   Information Technology Division
   535 West William St.
   Ann Arbor, MI 48103-4943

   Phone: +1 313 764-4050
   EMail: bryan@umich.edu





















Howes, Smith, & Beecher                                        [Page 10]
^L