Skip to main content

Appendix B. Changes from RFC 2252

This annex lists the significant differences between this specification and RFC 2252.

This annex is provided for informational purposes only. It is not a normative part of this specification.

  1. The IESG Note has been removed.

  2. The major part of Sections 4, 5 and 7 has been moved to [RFC4512] and revised. Changes to the parts of these sections moved to [RFC4512] are detailed in [RFC4512].

  3. BNF descriptions of syntax formats have been replaced by ABNF [RFC4234] specifications.

  4. The ambiguous statement in RFC 2252, Section 4.3 regarding the use of a backslash quoting mechanism to escape separator symbols has been removed. The escaping mechanism is now explicitly represented in the ABNF for the syntaxes where this provision applies.

  5. The description of each of the LDAP syntaxes has been expanded so that they are less dependent on knowledge of X.500 for interpretation.

  6. The relationship of LDAP syntaxes to corresponding ASN.1 type definitions has been made explicit.

  7. The set of characters allowed in a <PrintableString> (formerly <printablestring>) has been corrected to align with the PrintableString ASN.1 type in [ASN.1]. Specifically, the double quote character has been removed and the single quote character and equals sign have been added.

  8. Values of the Directory String, Printable String and Telephone Number syntaxes are now required to have at least one character.

  9. The <DITContentRuleDescription>, <NameFormDescription> and <DITStructureRuleDescription> rules have been moved to [RFC4512].

  10. The corresponding ASN.1 type for the Other Mailbox syntax has been incorporated from RFC 1274.

  11. A corresponding ASN.1 type for the LDAP Syntax Description syntax has been invented.

  12. The Binary syntax has been removed because it was not adequately specified, implementations with different incompatible interpretations exist, and it was confused with the ;binary transfer encoding.

  13. All discussion of transfer options, including the ";binary" option, has been removed. All imperatives regarding binary transfer of values have been removed.

  14. The Delivery Method, Enhanced Guide, Guide, Octet String, Teletex Terminal Identifier and Telex Number syntaxes from RFC 2256 have been incorporated.

  15. The <criteria> rule for the Enhanced Guide and Guide syntaxes has been extended to accommodate empty "and" and "or" expressions.

  16. An encoding for the <ttx-value> rule in the Teletex Terminal Identifier syntax has been defined.

  17. The PKI-related syntaxes (Certificate, Certificate List and Certificate Pair) have been removed. They are reintroduced in [RFC4523] (as is the Supported Algorithm syntax from RFC 2256).

  18. The MHS OR Address syntax has been removed since its specification (in RFC 2156) is not at draft standard maturity.

  19. The DL Submit Permission syntax has been removed as it depends on the MHS OR Address syntax.

  20. The Presentation Address syntax has been removed since its specification (in RFC 1278) is not at draft standard maturity.

  21. The ACI Item, Access Point, Audio, Data Quality, DSA Quality, DSE Type, LDAP Schema Description, Master And Shadow Access Points, Modify Rights, Protocol Information, Subtree Specification, Supplier Information, Supplier Or Consumer and Supplier And Consumer syntaxes have been removed. These syntaxes are referenced in RFC 2252, but not defined.

  22. The LDAP Schema Definition syntax (defined in RFC 2927) and the Mail Preference syntax have been removed on the grounds that they are out of scope for the core specification.

  23. The description of each of the matching rules has been expanded so that they are less dependent on knowledge of X.500 for interpretation.

  24. The caseIgnoreIA5SubstringsMatch matching rule from RFC 2798 has been added.

  25. The caseIgnoreListSubstringsMatch, caseIgnoreOrderingMatch and caseIgnoreSubstringsMatch matching rules have been added to the list of matching rules for which the provisions for handling leading, trailing and multiple adjoining whitespace characters apply (now through string preparation). This is consistent with the definitions of these matching rules in X.500. The caseIgnoreIA5SubstringsMatch rule has also been added to the list.

  26. The specification of the octetStringMatch matching rule from RFC 2256 has been added to this document.

  27. The presentationAddressMatch matching rule has been removed as it depends on an assertion syntax (Presentation Address) that is not at draft standard maturity.

  28. The protocolInformationMatch matching rule has been removed as it depends on an undefined assertion syntax (Protocol Information).

  29. The definitive reference for ASN.1 has been changed from X.208 to X.680 since X.680 is the version of ASN.1 referred to by X.500.

  30. The specification of the caseIgnoreListSubstringsMatch matching rule from RFC 2798 & X.520 has been added.

  31. String preparation algorithms have been applied to the character string matching rules.

  32. The specifications of the booleanMatch, caseExactMatch, caseExactOrderingMatch, caseExactSubstringsMatch, directoryStringFirstComponentMatch, integerOrderingMatch, keywordMatch, numericStringOrderingMatch, octetStringOrderingMatch and wordMatch matching rules from RFC 3698 & X.520 have been added.

Last updated on