iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC 13248-1:1998

(Main)

Information technology — Open Systems Interconnection — The Directory: Protocol Implementation Conformance Statement (PICS) proforma for the Directory Access Protocol — Part 1:

Information technology — Open Systems Interconnection — The Directory: Protocol Implementation Conformance Statement (PICS) proforma for the Directory Access Protocol — Part 1:

Technologies de l'information — Interconnexion de systèmes ouverts (OSI) — L'annuaire: Formulaire de déclaration de conformité d'une implémentation du protocole d'accès à l'annuaire — Partie 1:

General Information

Status
Withdrawn
Publication Date
19-Dec-1998
Withdrawal Date
19-Dec-1998
ICS
35.100.70 - Application layer
Technical Committee
ISO/IEC JTC 1/SC 6 - Telecommunications and information exchange between systems
Drafting Committee
ISO/IEC JTC 1/SC 6 - Telecommunications and information exchange between systems
Current Stage
9599 - Withdrawal of International Standard
Completion Date
12-May-2003
Ref Project

Relations

Consolidated By
ISO 4613-2:1995/Amd 1:2004 - Plastics — Ethylene/vinyl acetate (E/VAC) moulding and extrusion materials — Part 2: Preparation of test specimens and determination of properties — Amendment 1
Effective Date
06-Jun-2022

Buy Standard

ISO/IEC 13248-1:1998 - Information technology -- Open Systems Interconnection -- The Directory: Protocol Implementation Conformance Statement (PICS) proforma for the Directory Access ProtocolISO/IEC 13248-1:1998 - Information technology -- Open Systems Interconnection -- The Directory: Protocol Implementation Conformance Statement (PICS) proforma for the Directory Access Protocol
PreviousNext
Standard
ISO/IEC 13248-1:1998 - Information technology -- Open Systems Interconnection -- The Directory: Protocol Implementation Conformance Statement (PICS) proforma for the Directory Access Protocol
English language
45 pages
sale 15% off
Preview
sale 15% off
Preview
ISO/IEC 13248-1:1998 - Technologies de l'information -- Interconnexion de systemes ouverts (OSI) -- L'annuaire: Formulaire de déclaration de conformité d'une implémentation du protocole d'acces a l'annuaireISO/IEC 13248-1:1998 - Technologies de l'information -- Interconnexion de systemes ouverts (OSI) -- L'annuaire: Formulaire de déclaration de conformité d'une implémentation du protocole d'acces a l'annuaire
PreviousNext
Standard
ISO/IEC 13248-1:1998 - Technologies de l'information -- Interconnexion de systemes ouverts (OSI) -- L'annuaire: Formulaire de déclaration de conformité d'une implémentation du protocole d'acces a l'annuaire
French language
45 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD 13248-1
First edition
1998-12-15
Information technology — Open Systems
Interconnection — The Directory: Protocol
Implementation Conformance Statement
(PICS) proforma for the Directory Access
Protocol
Technologies de l'information — Interconnexion de systèmes ouverts
(OSI) — L'annuaire: Proformes de déclaration de conformité de mise en
œuvre du protocole (PICS) pour le protocole d'accès de l'annuaire
Reference number
B C
ISO/IEC 13248-1:1998(E)

---------------------- Page: 1 ----------------------
ISO/IEC 13248-1:1998(E)
©  ISO/IEC 1998
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or
mechanical, including photocopying and microfilm, without permission in writing from the publisher.
ISO/IEC Copyright Office • Case postale 56 • CH-1211 Genève 20 • Switzerland
Printed in Switzerland
ii

---------------------- Page: 2 ----------------------

ISO/IEC ISO/IEC 13248-1:1998(E)
Contents
Page
1 Scope . 1
2 Normative references. 1
2.1 Identical Recommendations | International Standards. 1
2.2 Paired Recommendations | International Standards equivalent in technical content. 2
2.3 Additional references . 2
3 Definitions . 2
3.1 Directory definitions. 2
3.2 Conformance definitions . 2
3.3 Basicdirectory conformance definitions. 2
4 Abbreviations . 3
5 Conventions. 3
6 Conformance . 3
Annex A – Directory access protocol – Protocol Implementation Conformance Statement (PICS) proforma . 4
A.1 Identification of the ICS proforma corrigenda . 4
A.2 Instructions. 4
A.2.1 Purpose and structure of the proforma . 4
A.2.2 Symbols, terms, and abbreviations. 4
A.2.3 Instructions for completing the PICS proforma . 6
A.3 Identification of the implementation . 7
A.3.1 Identification of PICS. 7
A.3.2 Identification of the implementation and/or system . 7
A.3.3 Identification of the system supplier . 7
A.3.4 Identification of the testlab client. 7
A.4 Identification of the protocol. 8
A.5 Identification of corrigenda to the protocol. 8
A.6 ICS proforma tables. 9
A.6.1 Roles. 9
A.6.2 General capabilities and global statement of conformance . 9
A.6.3 Capabilities and options . 11
A.6.4 Directory Schema and Directory System Schema. 32
A.6.5 Supported ISO/IEC 10646-1 Character Sets (Ref. ISO/IEC 10646-1) . 42
A.6.6 Other information. 45
iii

---------------------- Page: 3 ----------------------
©
ISO/IEC 13248-1:1998(E) ISO/IEC
Foreword
ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form
the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the
development of International Standards through technical committees established by the respective organization to deal
with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest.
Other international organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the
work.
In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. Draft
International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication
as an International Standard requires approval by at least 75 % of the national bodies casting a vote.
International Standard ISO/IEC 13248-1 was prepared by Joint Technical Committee ISO/IEC JTC 1, Information
technology, Subcommittee SC 33, Distributed application services, in collaboration with ITU-T. The identical text is
published as ITU-T Recommendation X.583.
ISO/IEC 13248 consists of the following parts, under the general title Information technology — Open Systems
Interconnection — The Directory:
— Part 1: Protocol Implementation Conformance Statement (PICS) proforma for the Directory Access Protocol
— Part 2: Protocol Implementation Conformance Statement (PICS) proforma for the Directory System Protocol
— Part 3: Protocol Implementation Conformance Statement (PICS) proforma for the Directory Operational Binding
Management Protocol
— Part 4: Protocol Implementation Conformance Statement (PICS) proforma for the Directory Information Shadowing
Protocol
Annex A forms an integral part of this part of ISO/IEC 13248.
iv

---------------------- Page: 4 ----------------------

ISO/IEC ISO/IEC 13248-1:1998(E)
.
Introduction
This Recommendation | International Standard has been produced to facilitate the interconnection of information
processing systems to provide directory services. The set of all such systems, together with the directory information
which they hold, can be viewed as an integrated whole, called the Directory The information held by the Directory,
collectively known as the Directory Information Base (DIB), is typically used to facilitate communication between, with
or about objects such as application entities, people, terminals and distribution lists.
The Directory plays a significant role in Open Systems Interconnection, whose aim is to allow, with a minimum of
technical agreement outside of the interconnection standards themselves, the interconnection of information processing
systems:
– from different manufacturers;
– under different management;
– of different levels of complexity; and
– of different ages.
To evaluate conformance of a particular implementation, it is necessary to have a statement of which capabilities and
options have been implemented for a given OSI protocol. Such statement is called a Protocol Implementation
Conformance Statement (PICS).
This Recommendation | International Standard provides the Protocol Implementation Conformance Statement (PICS)
proforma for the Directory Access Protocol (DAP) specified in ITU-T Rec. X.500-Series (1993) | ISO/IEC 9594:1995.
All references to the Directory Specifications, made throughout this Recommendation | International Standard, are to the
second edition of those specifications (ITU-T Rec. X.500-Series (1993) | ISO/IEC 9594:1995).
Annex A specifies the PICS proforma for the Directory Access Protocol as defined in ITU-T Rec. X.500-Series |
ISO/IEC 9594.
v

---------------------- Page: 5 ----------------------
ISO/IEC 13248-1 : 1998 (E)
INTERNATIONAL STANDARD
ISO/IEC 13248-1 : 1998 (E)
ITU-T Rec. X.583 (1997 E)
ITU-T RECOMMENDATION
INFORMATION TECHNOLOGY – OPEN SYSTEMS INTERCONNECTION –
THE DIRECTORY: PROTOCOL IMPLEMENTATION CONFORMANCE
STATEMENT (PICS) PROFORMA FOR THE DIRECTORY ACCESS PROTOCOL
1 Scope
This Recommendation | International Standard provides the PICS proforma for the Directory Access Protocol (DAP)
specified in ITU-T Rec. X.500-Series (1993) | ISO/IEC 9594:1995. This PICS proforma is in compliance with the
relevant requirements, and in accordance with the relevant guidance for PICS proforma, given in ITU-T Rec. X.296 |
ISO/IEC 9646-7.
The supplier of a DAP implementation that is claimed to conform to ITU-T Rec. X.500-Series | ISO/IEC 9594 is
required to complete a copy of the PICS proforma provided in Annex A and is required to provide the information
necessary to identify both the supplier and the implementation.
The scope of this Recommendation | International Standard is the specification of the conformance statements for a
Directory User Agent (DUA) and a Directory System Agent (DSA).
2 Normative references
The following Recommendations and International Standards contain provisions which, through reference in this text,
constitute provisions of this Recommendation | International Standard. Members of IEC and ISO maintain registers of
currently valid International Standards. The Telecommunication Standardization Bureau of the ITU maintains a list of
currently valid ITU-T Recommendations.
2.1 Identical Recommendations | International Standards
– ITU-T Recommendation X.500 (1993) | ISO/IEC 9594-1:1995, Information technology – Open Systems
Interconnection – The Directory: Overview of concepts, models and services.
– ITU-T Recommendation X.501 (1993) | ISO/IEC 9594-2:1995, Information technology – Open Systems
Interconnection – The Directory: Models.
– ITU-T Recommendation X.509 (1993) | ISO/IEC 9594-8:1995, Information technology – Open Systems
Interconnection – The Directory: Authentication framework.
– ITU-T Recommendation X.511 (1993) | ISO/IEC 9594-3:1995, Information technology – Open Systems
Interconnection – The Directory: Abstract service definition.
– ITU-T Recommendation X.518 (1993) | ISO/IEC 9594-4:1995, Information technology – Open Systems
Interconnection – The Directory: Procedures for distributed operation.
ITU-T Rec. X.583 (1997 E) 1

---------------------- Page: 6 ----------------------
ISO/IEC 13248-1 : 1998 (E)
– ITU-T Recommendation X.519 (1993) | ISO/IEC 9594-5:1995, Information technology – Open Systems
Interconnection – The Directory: Protocol specifications.
– ITU-T Recommendation X.520 (1993) | ISO/IEC 9594-6:1995, Information technology – Open Systems
Interconnection – The Directory: Selected attribute types.
– ITU-T Recommendation X.521 (1993) | ISO/IEC 9594-7:1995, Information technology – Open Systems
Interconnection – The Directory: Selected object classes.
– ITU-T Recommendation X.525 (1993) | ISO/IEC 9594-9:1995, Information technology – Open Systems
Interconnection – The Directory: Replication.
2.2 Paired Recommendations | International Standards equivalent in technical content
– ITU-T Recommendation X.290 (1995), OSI conformance testing methodology and framework for
protocol Recommendations for ITU-T applications – General concepts.
ISO/IEC 9646-1:1994, Information technology – Open Systems Interconnection – Conformance testing
methodology and framework – Part 1: General concepts.
– ITU-T Recommendation X.296 (1995), OSI conformance testing methodology and framework for
protocol Recommendations for ITU-T applications – Implementation conformance statements.
ISO/IEC 9646-7:1995, Information technology – Open Systems Interconnection – Conformance testing
methodology and framework – Part 7: Implementation Conformance Statements.
2.3 Additional references
ISO/IEC 10646-1:1993 as amended, Information technology – Universal Multiple-Octet Coded Character
Set (UCS) – Part 1: Architecture and Basic Multilingual Plane.
3 Definitions
For the purposes of this Recommendation | International Standard, the following definitions apply.
3.1 Directory definitions
This Recommendation | International Standard uses terms defined in ITU-T Rec. X.500-Series | ISO/IEC 9594.
3.2 Conformance definitions
The following terms are defined in ITU-T Rec. X.290 | ISO/IEC 9646-1:
a) Protocol Implementation Conformance Statement (PICS);
b) PICS proforma;
c) conformance;
d) mandatory requirement;
e) optional requirement;
f) conditional requirement.
3.3 Basic directory conformance definitions
The following terms are defined in this Recommendation | International Standard.
3.3.1 centralized DSA: A DSA that is not capable of holding knowledge information about other DSAs. Such a
DSA is not capable of returning referrals.
3.3.2 cooperating DSA: A DSA that is capable of holding knowledge references. Such a DSA is capable of
returning referrals, and may also be a chaining DSA.
3.3.3 chaining DSA: A cooperating DSA that is capable of invoking chained operations, functioning as a DSP
invoker. A chaining DSA is also a cooperating DSA.
2 ITU-T Rec. X.583 (1997 E)

---------------------- Page: 7 ----------------------
ISO/IEC 13248-1 : 1998 (E)
3.3.4 security levels: Security levels shall be declared for peer entity authentication, originator authentication and
results authentication, respectively:
a) for originator authentication, there are five security levels which are "none", "simple without password",
"simple with unprotected password", "simple with protected password" and "strong";
b) for peer entity authentication, there are three security levels which are "none", "simple with distinguished
name" and "strong";
c) for results authentication, there are two security levels which are "none" and "strong".
4 Abbreviations
For the purposes of this Protocol Implementation Conformance Statement, the following abbreviations apply:
ACI Access Control Information
CCITT International Telegraph & Telephone Consultative Committee
DAP Directory Access Protocol
DISP Directory Information Shadowing Protocol
DIB Directory Information Base
DIT Directory Information Tree
DOP Directory Operational Binding Management Protocol
DSA Directory System Agent
DSP Directory System Protocol
DUA Directory User Agent
IEC International Electrotechnical Commission
ISO International Organization for Standardization
ITU International Telecommunication Union
ITU-T International Telecommunication Union – Telecommunication Standardization Sector
IUT Implementation Under Test
NSSR Non-Specific Subordinate Reference
NSAP Network Service Access Point
PDU Protocol Data Unit
PICS Protocol Implementation Conformance Statement
RDN Relative Distinguished Name
ROSE Remote Operations Service Element
5 Conventions
This Recommendation | International Standard refers exclusively to the second edition of the Directory Specifications
listed in clause 2.
6 Conformance
A conforming PICS proforma shall be technically equivalent to ITU-T Rec. X.500-Series | ISO/IEC 9594 and shall
preserve the numbering and ordering of the items in ITU-T Rec. X.500-Series (1993) | ISO/IEC 9594:1995.
A PICS which conforms to this Recommendation | International Standard shall:
a) describe an implementation which conforms to the ITU-T Rec. X.500-Series | ISO/IEC 9594;
b) be a conforming PICS proforma, which has been completed in accordance with the instructions for
completion given in A.2;
c) include information necessary to uniquely identify both the supplier and the implementation.
ITU-T Rec. X.583 (1997 E) 3

---------------------- Page: 8 ----------------------
ISO/IEC 13248-1 : 1998 (E)
1)
Annex A
Directory access protocol –
Protocol Implementation Conformance Statement (PICS) proforma
(This annex forms an integral part of this Recommendation | International Standard)
A.1 Identification of the ICS proforma corrigenda
The supplier of the PICS proforma shall identify any corrigenda (i.e. Technical Corrigenda or equivalent) to the
published proforma that have been applied. Suppliers of the proforma should modify the proforma, or attach relevant
additional pages in order to apply the corrigenda, and then record the application of the corrigenda in the table below.
Identification of corrigenda applied to this ITU-T X.583 (1997) | ISO/IEC 13248-1:1998
PICS proforma
Corr:
Corr:
Corr:
Corr:
A.2 Instructions
A.2.1 Purpose and structure of the proforma
The purpose of this PICS proforma is to provide suppliers of implementations of ITU-T Rec. X.500-Series (1993) |
ISO/IEC 9594:1995 with consistent means of stating which capabilities have been implemented.
The proforma is in the form of a questionnaire and consists of a set of items. An item is provided for each capability for
which an implementation choice is allowed. Items are also provided for mandatory capabilities for which no implemen-
tation choice is allowed. Each item includes an item number, item description, a status value specifying the support
requirement, and room for a support answer to be provided by the supplier.
This subclause provides general information and instructions for completion of the proforma.
Subclause A.3 is for the identification of the implementation.
Subclause A.4 is for identifying the protocol within ITU-T Rec. X.500-Series | ISO/IEC 9594.
Subclause A.5 is for the identification of the Technical Corrigenda to the protocol.
Subclause A.6 contains tables in which the supplier specifies details of the implementation options chosen.
A.2.2 Symbols, terms, and abbreviations
A.2.2.1 Introduction
Notations have been introduced in order to reduce the size of the tables in the PICS proforma. These have allowed the
use of multi-column layout where the columns are headed ‘Status’ and ‘Support’. Definitions of each are given below.
Additionally, the following definitions apply.
A.2.2.1.1 (PICS) item: A row in the PICS proforma table.
A.2.2.1.2 (PICS) question: The question to be answered in the intersection of a PICS item and either a support column
(i.e. "Is this item supported in the context applying to this table and column?") or supported value column (i.e. "What
values are supported for this item in the context applying to this table and column?") in a PICS proforma table.
A.2.2.1.3 status (value): An allowed entry in the status column for an item in a PICS proforma table.
_______________
1)
Copyright release for ICS proforma
Users of this Recommendation | International Standard may freely reproduce the ICS proforma in this annex so that it can be used for its intended
purpose, and may further publish the completed ICS.
4 ITU-T Rec. X.583 (1997 E)

---------------------- Page: 9 ----------------------
ISO/IEC 13248-1 : 1998 (E)
A.2.2.1.4 (support) answer: An allowed entry in the support values columns for an item in PICS, in answer to a PICS
question.
A.2.2.2 Prerequisite notation
If a predicate applies to a whole table, a prerequisite line may be specified in front of the table to which it applies. A
prerequisite line takes the form:
Prerequisite:
The meaning of such a line is that if is True, then the table applies, else it is not applicable.
A.2.2.3 Item reference numbers
Each line within the PICS proforma is numbered at the left-hand edge of the line. This numbering is included as a means
of uniquely identifying all possible implementation details within the PICS proforma. This referencing is used both
inside the PICS proforma, and for references from other test specification documents.
The means of referencing individual responses is done by the following sequence:
– a reference to the smallest enclosing the relevant item;
– a solidus character, '/';
– the reference number of the row in which the response appears;
– if, and only if, more than one response occurs in the row identified by the reference number, then each
possible entry is implicitly labeled a, b, c, etc., from left to right, and this letter is appended to the
sequence.
An example of the use of this notation would be A.6.3.3.1.1/1, which refers to the support for credentials in a
DirectoryBind protocol data unit.
A.2.2.4 Status column
This column indicates the level of support required for conformance to this Recommendation | International Standard.
The values are as follows:
m The capability is required to be implemented in conformance with the related specification
o The capability may be implemented and if it is implemented it is required to conform to the related
specification
c The requirement on the capability depends on the selection of other optional or conditional items
i The capability is outside the scope of this PICS, and hence irrelevant and not subject to conformance
testing
– In the given context it is impossible to use this capability
Nested conditionals are denoted by nested numbering (e.g. 1, 1.1, 1.1.1, etc.) of the item descriptions in the tables. A
table may have zero, one or more levels of nesting. The status of a leading item is specified by its status entry, as defined
above. The status of a subordinate (that is nested) item is specified as follows: if the superior item is supported, the status
of the subordinate item is determined by its status column entry and applicable predicate, if any. If the superior item is
not supported, the subordinate item is not applicable, independent of its status column entry.
The Status "DUA" or "DSA" identifies whether the implementation is a DUA or DSA, respectively.
A.2.2.5 Support column
This column shall be completed by the supplier or implementor, to indicate the level of implementation of each item. An
item is not considered implemented simply because a default value has been defined by the standard. In order for an
Implementation Under Test (IUT) to claim a protocol element is implemented, it must have the ability, where
appropriate, to generate, receive, and perform the appropriate action.
The proforma is designed such that support values are:
Y Yes, the item has been implemented
N No, the item has not been implemented
– The item is not applicable
ITU-T Rec. X.583 (1997 E) 5

---------------------- Page: 10 ----------------------
ISO/IEC 13248-1 : 1998 (E)
A.2.2.6 Definition of support
A capability is said to be supported if the Implementation Under Test (IUT) is able:
– to generate the corresponding operation parameters (either automatically or because the end user
explicitly requires that capability);
– to interpret, handle and, when required, make available to the end user the corresponding error or result.
A protocol element is said to be supported for a sending implementation if it is able to generate it under some
circumstances (either automatically or because the end user requires relevant services explicitly).
A protocol element is said to be supported for a receiving implementation if it is correctly interpreted and handled and,
when appropriate, made available to the end user.
An object class is said to be supported if the IUT is able to construct entries of that object class. Support of an object
class also requires support of the object identifier(s) of the superclass(es) of that object class.
An attribute type is said to be supported by a DUA implementation if the DUA supports those aspects of the attribute
syntax which are pertinent to encoding, decoding or both of the attribute.
An attribute type is said to be supported by a DSA implementation if the DSA supports the specified syntax, and hence
data types, to which every value in such attributes shall conform.
A.2.2.7 Predicate column
The item number contained in the predicate column, if any, means that the status in the "Status" column applies only
when the PICS states that one or more features identified by the item is supported.
A.2.2.8 Predicate Name
The predicate name indicates that name upon which the predicate is based. A predicate name flagged with an asterisk
preceding the predicate name indicates the condition by which the predicate is being set. A predicate name not flagged
with an asterisk indicates the predicate on which the conditional support is based.
Note that the predicate may be set by the DUA or DSA but only applies for the type of agent claiming support. For
example, if an implementation includes both a DUA and a DSA, then if the DSA supports the Read operation (which is
mandatory for a DSA), the "Read" predicate will be set for the DSA only. If the Read operation is also supported for the
DUA (which is optional) the predicate would be set for both the DUA and DSA.
A.2.2.9 Note column
This column indicates the following:
notexx: Refers to Note xx
d(xx): A default value xx within ( ) is defined in the standard. When absent in the PDU, both sender and
receiver shall interpret it as having the default value specified in the standard.
See xx: Refers to Table xx
A.2.3 Instructions for completing the PICS proforma
The supplier shall complete all entries in the column marked ‘Support’. In certain clauses of the PICS proforma further
guidance for completion may be necessary. Such guidance shall supplement the guidance given in this clause and shall
have a scope restricted to the clause in which it appears. In addition, other specifically identified information shall be
provided by the implementor where requested. No changes shall be made to the proforma except the completion as
required. Recognizing that the level of detail required may, in some instances, exceed the space available for responses,
a number of responses specifically allow for the addition of appendices to the PICS.
All entries within the PICS proforma shall be made in ink. Alterations to such entries shall be made by crossing out, not
erasing or making the original entry illegible, and writing the new entry alongside the alteration. All such alterations to
records shall be initialized by the staff making them.
6 ITU-T Rec. X.583 (1997 E)

---------------------- Page: 11 ----------------------
ISO/IEC 13248-1 : 1998 (E)
A.3 Identification of the implementation
A.3.1 Identification of PICS
Item No. Question Response
1 Date of Statement (DD/MM/YY)
2 PICS Serial Number
3 System Conformance
Statement Cross Reference
A.3.2 Identification of the implementation and/or system
Item No. Question Response
1 Implementation Name
2 Version Number
3 Machine Name
4 Machine Version Number
5 Operating System Name
6 Operating System Version No.
7 Other information
A.3.3 Identification of the system supplier
Item No. Question Response
1 Organization Name
2 Contact Name(s)
3 Address
4 Telephone Number
5 Telex Number
6 Fax Number
7 E-Mail Address
8 Other information
A.3.4 Identification of the testlab client
Item No. Question Response
1 Organization Name
2 Contact Name(s)
3 Address
4 Telephone Number
5 Telex Number
6 Fax Number
7 E-Mail Address
8 Other information
ITU-T Rec. X.583 (1997 E) 7

---------------------- Page: 12 ----------------------
ISO/IEC 13248-1 : 1998 (E)
A.4 Identification of the protocol
Item No. Identification of protocol specification Support
1 ITU-T Rec. X.500 (1993) | ISO/IEC 9594-1:1995,
Information technology – Open Systems Interconnection –
The Directory: Overview of concepts, models and services
2 ITU-T Rec. X.501 (1993) | ISO/IEC 9594-2:1995,
Information technology – Open Systems Interconnection –
The Directory: Models
3 ITU-T Rec. X.511 (1993) | ISO/IEC 9594-3:1995,
Information technology – Open Systems Interconnection –
The Directory: Abstract service definition
4 ITU-T Rec. X.518 (1993) | ISO/IEC 9594-4:1995,
Information technology – Open Systems Interconnection –
The Directory: Procedures for distributed operations
5 ITU-T Rec. X.519 (1993) | ISO/IEC 9594-5:1995,
Information technology – Open Systems Interconnection –
The Directory: Protocol specifications
6 ITU-T Rec. X.520 (1993) | ISO/IEC 9594-6:1995,
Information technology – Open Systems Interconnection –
The Directory: Selected Attribute Types
7 ITU-T Rec. X.521 (1993) | ISO/IEC 9594-7:1995,
Information technology – Open Systems Interconnection –
The Directory: Selected object classes
8 ITU-T Rec. X.509 (1993) | ISO/IEC 9594-8:1995,
Information technology – Open Systems Interconnection –
The Directory: Authentication framework
9 ITU-T Rec. X.525 (1993) | ISO/IEC 9594-9:1995,
Information technology – Open Systems Interconnection –
The Directory: Replication
A.5 Identification of corrigenda to the protocol
Item No. Specification Technical Corrigenda Support
 1 ITU-T Rec. X.501 (1993) | ISO/IEC 9594-2:1995 Cor.1: 1995
 2 ITU-T Rec. X.501 (1993) | ISO/IEC 9594-2:1995 Cor.2: 1995
 3 ITU-T Rec. X.509 (1993) | ISO/IEC 9594-8:199
...

NORME ISO/CEI
INTERNATIONALE 13248-1
Première édition
1998-12-15
Technologies de l'information —
Interconnexion de systèmes ouverts
(OSI) — L'annuaire: Formulaire de
déclaration de conformité d'une
implémentation du protocole d'accès
à l'annuaire
Information technology — Open Systems Interconnection — The Directory:
Protocol Implementation Conformance Statement (PICS) proforma for
the Directory Access Protocol
Numéro de référence
bc
ISO/CEI 13248-1:1998(F)

---------------------- Page: 1 ----------------------
ISO/CEI 13248-1:1998(F)
©  ISO/CEI 1998
Droits de reproduction réservés. Sauf prescription différente, aucune partie de cette publication ne peut être reproduite ni utilisée sous
quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie et les microfilms, sans l'accord écrit de
l'éditeur.
ISO/CEI Copyright Office • Case postale 56 • CH-1211 Genève 20 • Suisse
Version française tirée en 1999
Imprimé en Suisse
ii

---------------------- Page: 2 ----------------------
©
ISO/CEI 13248-1:1998(F) ISO/CEI
Avant-propos
L'ISO (Organisation internationale de normalisation) et la CEI (Commission électrotechnique internationale) forment
ensemble un système consacré à la normalisation internationale considérée comme un tout. Les organismes nationaux
membres de l'ISO ou de la CEI participent au développement de Normes internationales par l'intermédiaire des comités
techniques créés par l'organisation concernée afin de s'occuper des différents domaines particuliers de l'activité technique. Les
comités techniques de l'ISO et de la CEI collaborent dans des domaines d'intérêt commun. D'autres organisations
internationales, gouvernementales et non gouvernementales, en liaison avec l'ISO et la CEI participent également aux travaux.
Dans le domaine des technologies de l'information, l'ISO et la CEI ont créé un comité technique mixte, l'ISO/CEI JTC 1. Les
projets de Normes internationales adoptés par le comité technique mixte sont soumis aux organismes nationaux pour
approbation, avant leur acceptation comme Normes internationales. Les Normes internationales sont approuvées
conformément aux procédures qui requièrent l'approbation de 75 % au moins des organismes nationaux votants.
La Norme internationale ISO/CEI 13248-1 a été élaborée par le comité technique mixte ISO/CEI JTC 1, Technologies de
l'information, sous-comité SC 33, Services d'applications distribuées, en collaboration avec l'UIT-T. Le texte identique est
publié en tant que Recommandation UIT-T X.583.
L'ISO/CEI 13248 comprend les parties suivantes, présentées sous le titre général Technologies de l'information —
Interconnexion de systèmes ouverts (OSI) — L'annuaire:
— Partie 1: Formulaire de déclaration de conformité d'une implémentation du protocole d'accès à l'annuaire

Partie 2: Formulaire de déclaration de conformité d'une implémentation du protocole de système d'annuaire

Partie 3: Formulaire de déclaration de conformité d'une implémentation du protocole de gestion de liant opérationnel à
l'annuaire
— Partie 4: Formulaire de déclaration de conformité d'une implémentation du protocole d'ombrage d'information à
l'annuaire
L'annexe A fait partie intégrante de la présente partie de l'ISO/CEI 13248.
iv

---------------------- Page: 3 ----------------------
©
ISO/CEI ISO/CEI 13248-1:1998(F)
Introduction
La présente Recommandation | Norme internationale a été élaborée en vue de faciliter l'interconnexion des équipements
informatiques et permettre ainsi d'assurer des services d'annuaire. L'ensemble de ces équipements, avec les informations
d'annuaire qu'ils contiennent, peut être considéré comme un tout intégré, appelé l'Annuaire. Les informations contenues
dans l'Annuaire, appelées collectivement "base de données de l'annuaire" (DIB, directory information base), sont
généralement utilisées pour faciliter la communication entre des objets tels que entités d'application, individus,
terminaux, listes de distribution, ainsi que les communications avec ces objets ou au sujet de ces objets.
L'Annuaire joue un rôle important dans l'interconnexion des systèmes ouverts, dont le but est de permettre, moyennant
un minimum d'accords techniques en dehors des normes d'interconnexion, l'interconnexion d'équipements informatiques:
– provenant de divers fabricants;
– gérés différemment;
– de niveaux de complexité différents;
– de générations différentes.
Pour évaluer la conformité d'une implémentation particulière, il est nécessaire de disposer d'une déclaration des capacités
et des options qui ont été incluses pour un protocole OSI donné. Une telle déclaration est appelée déclaration de
conformité d'une implémentation de protocole (PICS).
La présente Recommandation | Norme internationale contient le formulaire de déclaration de conformité d'une
implémentation de protocole (PICS) pour le protocole d'accès à l'annuaire (DAP, directory access protocol) spécifié
dans les Recommandations UIT-T de la série X.500 (1993) | ISO/CEI 9594:1995. Toutes les références concernant les
spécifications d'Annuaire paraissant dans la présente Recommandation | Norme internationale se rapportent à la
deuxième version de ces spécifications (Recommandations UIT-T de la série X.500 (1993) | ISO/CEI 9594:1995).
L'Annexe A contient la spécification du formulaire PICS pour le protocole d'accès à l'annuaire, tel qu'il est défini dans
les Recommandations UIT-T de la série X.500 | ISO/CEI 9594.
v

---------------------- Page: 4 ----------------------
ISO/CEI 13248-1 : 1998 (F)
NORME INTERNATIONALE
ISO/CEI 13248-1 : 1998 (F)
Rec. UIT-T X.583 (1997 F)
RECOMMANDATION UIT-T
TECHNOLOGIES DE L'INFORMATION – INTERCONNEXION DE SYSTÈMES
OUVERTS (OSI) – L'ANNUAIRE: FORMULAIRE DE DÉCLARATION DE
CONFORMITÉ D'UNE IMPLÉMENTATION DU PROTOCOLE
D'ACCÈS À L'ANNUAIRE
1 Domaine d'application
La présente Recommandation | Norme internationale contient le formulaire PICS pour le protocole d'accès à l'annuaire
(DAP), spécifié dans les Recommandations UIT-T de la série X.500 (1993) | ISO/CEI 9594:1995. Ce formulaire est
conforme aux prescriptions applicables et respecte les directives relatives aux formulaires PICS, données dans la
Rec. UIT-T X.296 | ISO/CEI 9646-7.
Le fournisseur d'une implémentation de protocole DAP qu'il déclare conforme aux spécifications des Recomman-
dations UIT-T de la série X.500 | ISO/CEI 9594 doit remplir un exemplaire du formulaire PICS reproduit à l'Annexe A
et fournir les renseignements nécessaires pour permettre d'identifier le fournisseur et l'implémentation.
La présente Recommandation | Norme internationale a pour objet la spécification des déclarations de conformité pour un
agent d'utilisateur d'annuaire (DUA) et pour un agent de système d'annuaire (DSA).
2 Références normatives
Les Recommandations et les Normes internationales suivantes contiennent des dispositions qui, par suite de la référence
qui y est faite, constituent des dispositions valables pour la présente Recommandation | Norme internationale. Les
membres de la CEI et de l'ISO possèdent le registre des Normes internationales en vigueur. Le Bureau de la
normalisation des télécommunications de l'UIT tient à jour une liste des Recommandations de l'UIT-T en vigueur.
2.1 Recommandations | Normes internationales identiques
– Recommandation UIT-T X.500 (1993) | ISO/CEI 9594-1:1995, Technologies de l'information –
Interconnexion des systèmes ouverts – L'annuaire: vue d'ensemble des concepts, modèles et services.
– Recommandation UIT-T X.501 (1993) | ISO/CEI 9594-2:1995, Technologies de l'information –
Interconnexion des systèmes ouverts – L'annuaire: les modèles.
– Recommandation UIT-T X.509 (1993) | ISO/CEI 9594-8:1995, Technologies de l'information –
Interconnexion des systèmes ouverts – L'annuaire: cadre d'authentification.
– Recommandation UIT-T X.511 (1993) | ISO/CEI 9594-3:1995, Technologies de l'information –
Interconnexion des systèmes ouverts – L'annuaire: définition du service abstrait.
– Recommandation UIT-T X.518 (1993) | ISO/CEI 9594-4:1995, Technologies de l'information –
Interconnexion des systèmes ouverts – L'annuaire: procédures pour le fonctionnement réparti.
– Recommandation UIT-T X.519 (1993) | ISO/CEI 9594-5:1995, Technologies de l'information –
Interconnexion des systèmes ouverts – L'annuaire: spécification du protocole.
– Recommandation UIT-T X.520 (1993) | ISO/CEI 9594-6:1995, Technologies de l'information –
Interconnexion des systèmes ouverts – L'annuaire: types d'attributs sélectionnés.
– Recommandation UIT-T X.521 (1993) | ISO/CEI 9594-7:1995, Technologies de l'information –
Interconnexion des systèmes ouverts – L'annuaire: classes d'objets sélectionnées.
– Recommandation UIT-T X.525 (1993) | ISO/CEI 9594-9:1995, Technologies de l'information –
Interconnexion des systèmes ouverts – L'annuaire: duplication.
Rec. UIT-T X.583 (1997 F) 1

---------------------- Page: 5 ----------------------
ISO/CEI 13248-1 : 1998 (F)
2.2 Paires de Recommandations | Normes internationales équivalentes par leur contenu technique
– Recommandation UIT-T X.290 (1995), Cadre général et méthodologie des tests de conformité
d'interconnexion des systèmes ouverts pour les Recommandations sur les protocoles pour les applications
de l'UIT-T – Concepts généraux.
ISO/CEI 9646-1:1994, Technologies de l'information – Interconnexion de systèmes ouverts – Cadre
général et méthodologie des tests de conformité OSI – Partie 1: Concepts généraux.
– Recommandation UIT-T X.296 (1995), Cadre général et méthodologie des tests de conformité OSI pour
les Recommandations sur les protocoles pour les applications de l'UIT-T – Déclarations de conformité
d'instance.
ISO/CEI 9646-7:1995, Technologies de l'information – Interconnexion de systèmes ouverts (OSI) –
Essais de conformité – Méthodologie générale et procédures – Partie 7: Déclarations de conformité des
mises en œuvre.
2.3 Autres références
ISO/CEI 10646-1:1993 (telle que modifiée), Technologies de l'information – Jeu universel de caractères codés
à plusieurs octets – Partie 1: Architecture et table multilingue.
3 Définitions
Pour les besoins de la présente Recommandation | Norme internationale, les définitions suivantes s'appliquent.
3.1 Définitions relatives à l'annuaire
La présente Recommandation | Norme internationale utilise les termes définis dans les Recommandations UIT-T de la
série X.500 | ISO/CEI 9594.
3.2 Définitions relatives à la conformité
Les termes suivants sont définis dans la Recommandation UIT-T X.290 | ISO/CEI 9646-1:
a) déclaration de conformité d'une implémentation de protocole (PICS);
b) formulaire PICS;
c) conformité;
d) prescription obligatoire;
e) prescription optionnelle;
f) prescription conditionnelle.
3.3 Définitions de base pour la conformité relative à l'annuaire
Pour les besoins de la présente Recommandation | Norme internationale, les définitions suivantes s'appliquent.
3.3.1 agent DSA centralisé: agent de système d'annuaire (DSA) qui n'est pas capable de disposer d'informations sur
d'autres agents DSA. Un tel agent DSA n'est pas capable de retourner des éléments en référence.
3.3.2 agent DSA coopérant: agent DSA capable de détenir des informations sur les références. Un tel agent DSA
est capable de retourner des éléments en référence et peut aussi être un agent DSA de chaînage.
3.3.3 agent DSA de chaînage: agent DSA coopérant capable d'invoquer des opérations chaînées, fonctionnant
comme un invocateur de protocole DSP. Un agent DSA de chaînage est aussi un agent DSA coopérant.
3.3.4 niveau de sécurité: des niveaux de sécurité seront déclarés pour l'authentification de l'entité homologue, pour
l'authentification de l'expéditeur et pour l'authentification des résultats.
a) Pour l'authentification de l'expéditeur, il existe cinq niveaux de sécurité: "aucune", "simple sans mot de
passe", "simple avec mot de passe non protégé", "simple avec mot de passe protégé" et "forte".
2 Rec. UIT-T X.583 (1997 F)

---------------------- Page: 6 ----------------------
ISO/CEI 13248-1 : 1998 (F)
b) Pour l'authentification de l'entité homologue, il existe trois niveaux de sécurité: "aucune", "simple avec
nom distinctif" et "forte".
c) Pour l'authentification des résultats, il existe deux niveaux de sécurité: "aucune" et "forte".
4 Abréviations
Pour les besoins de la présente déclaration de conformité d'implémentation de protocole, les abréviations suivantes
s'appliquent.
ACI Information de contrôle d'accès (access control information)
CCITT Comité consultatif international télégraphique et téléphonique
CEI Commission électrotechnique internationale
DAP Protocole d'accès à l'annuaire (directory access protocol)
DIB Base de données de l'annuaire (directory information base)
DISP Protocole de duplication miroir des informations d'annuaire (directory information shadowing
protocol)
DIT Arbre d'informations de l'annuaire (directory information tree)
DOP Protocole de gestion de liens opérationnels de l'annuaire (directory operational binding management
protocol)
DSA Agent de système d'annuaire (directory system agent)
DSP Protocole de système d'annuaire (directory system protocol)
DUA Agent d'utilisateur d'annuaire (directory user agent)
ISO Organisation internationale de normalisation (International organization for standardization)
IUT Implémentation sous test (implementation under test)
NSAP Point d'accès aux services de couche Réseau (network service access point)
NSSR Référence subordonnée non spécifique (non-specific subordinate reference)
PDU Unité de données protocolaires (protocol data unit)
PICS Déclaration de conformité d'une implémentation de protocole (protocol implementation conformance
statement)
RDN Nom distinctif relatif (relative distinguished name)
ROSE Elément de service d'opérations distantes (remote operations service element)
UIT Union internationale des télécommunications
UIT-T Union internationale des télécommunications – Secteur de la normalisation des télécommunications
5 Conventions
La présente Recommandation | Norme internationale se rapporte exclusivement à la deuxième édition des spécifications
relatives à l'annuaire, énumérées à l'article 2.
6 Conformité
Un formulaire PICS conforme doit être techniquement équivalent au formulaire PICS publié par les Recommandations
UIT-T de la série X.500 (1993) | ISO/CEI 9594:1995 et doit en conserver la numérotation et l'ordre des articles.
Un formulaire PICS qui obéit aux dispositions de la présente Recommandation | Norme internationale doit:
a) décrire une implémentation qui obéit aux dispositions des Recommandations UIT-T de la série X.500 |
ISO/CEI 9594;
b) être un formulaire PICS conforme, qui a été rempli selon les règles données en A.2;
c) contenir les renseignements nécessaires pour permettre d'identifier de façon univoque le fournisseur et
l'implémentation.
Rec. UIT-T X.583 (1997 F) 3

---------------------- Page: 7 ----------------------
ISO/CEI 13248-1 : 1998 (F)
1)
Annexe A
Protocole d'accès à l'annuaire –
Formulaire de déclaration de conformité d'implémentation de protocole
(Cette annexe fait partie intégrante de la présente Recommandation | Norme internationale)
A.1 Identification of the ICS proforma corrigenda
The supplier of the PICS proforma shall identify any corrigenda (i.e. Technical Corrigenda or equivalent) to the
published proforma that have been applied. Suppliers of the proforma should modify the proforma, or attach relevant
additional pages in order to apply the corrigenda, and then record the application of the corrigenda in the table below.
Identification of corrigenda applied to this ITU-T X.583 (1997) | ISO/IEC 13248-1:1998
PICS proforma
Corr:
Corr:
Corr:
Corr:
A.2 Instructions
A.2.1 Purpose and structure of the proforma
The purpose of this PICS proforma is to provide suppliers of implementations of ITU-T Rec. X.500-Series (1993) |
ISO/IEC 9594:1995 with consistent means of stating which capabilities have been implemented.
The proforma is in the form of a questionnaire and consists of a set of items. An item is provided for each capability for
which an implementation choice is allowed. Items are also provided for mandatory capabilities for which no implemen-
tation choice is allowed. Each item includes an item number, item description, a status value specifying the support
requirement, and room for a support answer to be provided by the supplier.
This subclause provides general information and instructions for completion of the proforma.
Subclause A.3 is for the identification of the implementation.
Subclause A.4 is for identifying the protocol within ITU-T Rec. X.500-Series | ISO/IEC 9594.
Subclause A.5 is for the identification of the Technical Corrigenda to the protocol.
Subclause A.6 contains tables in which the supplier specifies details of the implementation options chosen.
A.2.2 Symbols, terms, and abbreviations
A.2.2.1 Introduction
Notations have been introduced in order to reduce the size of the tables in the PICS proforma. These have allowed the
use of multi-column layout where the columns are headed ‘Status’ and ‘Support’. Definitions of each are given below.
Additionally, the following definitions apply.
A.2.2.1.1 (PICS) item: A row in the PICS proforma table.
A.2.2.1.2 (PICS) question: The question to be answered in the intersection of a PICS item and either a support column
(i.e. "Is this item supported in the context applying to this table and column?") or supported value column (i.e. "What
values are supported for this item in the context applying to this table and column?") in a PICS proforma table.
A.2.2.1.3 status (value): An allowed entry in the status column for an item in a PICS proforma table.
_______________
1)
Droits de reproduction du formulaire ICS
Les utilisateurs de la présente Recommandation | Norme internationale sont autorisés à reproduire le formulaire ICS de la présente annexe pour
utiliser celui-ci conformément à son objet.
4 Rec. UIT-T X.583 (1997 F)

---------------------- Page: 8 ----------------------
ISO/CEI 13248-1 : 1998 (F)
A.2.2.1.4 (support) answer: An allowed entry in the support values columns for an item in PICS, in answer to a PICS
question.
A.2.2.2 Prerequisite notation
If a predicate applies to a whole table, a prerequisite line may be specified in front of the table to which it applies. A
prerequisite line takes the form:
Prerequisite:
The meaning of such a line is that if is True, then the table applies, else it is not applicable.
A.2.2.3 Item reference numbers
Each line within the PICS proforma is numbered at the left-hand edge of the line. This numbering is included as a means
of uniquely identifying all possible implementation details within the PICS proforma. This referencing is used both
inside the PICS proforma, and for references from other test specification documents.
The means of referencing individual responses is done by the following sequence:
– a reference to the smallest enclosing the relevant item;
– a solidus character, '/';
– the reference number of the row in which the response appears;
– if, and only if, more than one response occurs in the row identified by the reference number, then each
possible entry is implicitly labeled a, b, c, etc., from left to right, and this letter is appended to the
sequence.
An example of the use of this notation would be A.6.3.3.1.1/1, which refers to the support for credentials in a
DirectoryBind protocol data unit.
A.2.2.4 Status column
This column indicates the level of support required for conformance to this Recommendation | International Standard.
The values are as follows:
m The capability is required to be implemented in conformance with the related specification
o The capability may be implemented and if it is implemented it is required to conform to the related
specification
c The requirement on the capability depends on the selection of other optional or conditional items
i The capability is outside the scope of this PICS, and hence irrelevant and not subject to conformance
testing
– In the given context it is impossible to use this capability
Nested conditionals are denoted by nested numbering (e.g. 1, 1.1, 1.1.1, etc.) of the item descriptions in the tables. A
table may have zero, one or more levels of nesting. The status of a leading item is specified by its status entry, as defined
above. The status of a subordinate (that is nested) item is specified as follows: if the superior item is supported, the status
of the subordinate item is determined by its status column entry and applicable predicate, if any. If the superior item is
not supported, the subordinate item is not applicable, independent of its status column entry.
The Status "DUA" or "DSA" identifies whether the implementation is a DUA or DSA, respectively.
A.2.2.5 Support column
This column shall be completed by the supplier or implementor, to indicate the level of implementation of each item. An
item is not considered implemented simply because a default value has been defined by the standard. In order for an
Implementation Under Test (IUT) to claim a protocol element is implemented, it must have the ability, where
appropriate, to generate, receive, and perform the appropriate action.
The proforma is designed such that support values are:
Y Yes, the item has been implemented
N No, the item has not been implemented
– The item is not applicable
Rec. UIT-T X.583 (1997 F) 5

---------------------- Page: 9 ----------------------
ISO/CEI 13248-1 : 1998 (F)
A.2.2.6 Definition of support
A capability is said to be supported if the Implementation Under Test (IUT) is able:
– to generate the corresponding operation parameters (either automatically or because the end user
explicitly requires that capability);
– to interpret, handle and, when required, make available to the end user the corresponding error or result.
A protocol element is said to be supported for a sending implementation if it is able to generate it under some
circumstances (either automatically or because the end user requires relevant services explicitly).
A protocol element is said to be supported for a receiving implementation if it is correctly interpreted and handled and,
when appropriate, made available to the end user.
An object class is said to be supported if the IUT is able to construct entries of that object class. Support of an object
class also requires support of the object identifier(s) of the superclass(es) of that object class.
An attribute type is said to be supported by a DUA implementation if the DUA supports those aspects of the attribute
syntax which are pertinent to encoding, decoding or both of the attribute.
An attribute type is said to be supported by a DSA implementation if the DSA supports the specified syntax, and hence
data types, to which every value in such attributes shall conform.
A.2.2.7 Predicate column
The item number contained in the predicate column, if any, means that the status in the "Status" column applies only
when the PICS states that one or more features identified by the item is supported.
A.2.2.8 Predicate Name
The predicate name indicates that name upon which the predicate is based. A predicate name flagged with an asterisk
preceding the predicate name indicates the condition by which the predicate is being set. A predicate name not flagged
with an asterisk indicates the predicate on which the conditional support is based.
Note that the predicate may be set by the DUA or DSA but only applies for the type of agent claiming support. For
example, if an implementation includes both a DUA and a DSA, then if the DSA supports the Read operation (which is
mandatory for a DSA), the "Read" predicate will be set for the DSA only. If the Read operation is also supported for the
DUA (which is optional) the predicate would be set for both the DUA and DSA.
A.2.2.9 Note column
This column indicates the following:
notexx: Refers to Note xx
d(xx): A default value xx within ( ) is defined in the standard. When absent in the PDU, both sender and
receiver shall interpret it as having the default value specified in the standard.
See xx: Refers to Table xx
A.2.3 Instructions for completing the PICS proforma
The supplier shall complete all entries in the column marked ‘Support’. In certain clauses of the PICS proforma further
guidance for completion may be necessary. Such guidance shall supplement the guidance given in this clause and shall
have a scope restricted to the clause in which it appears. In addition, other specifically identified information shall be
provided by the implementor where requested. No changes shall be made to the proforma except the completion as
required. Recognizing that the level of detail required may, in some instances, exceed the space available for responses,
a number of responses specifically allow for the addition of appendices to the PICS.
All entries within the PICS proforma shall be made in ink. Alterations to such entries shall be made by crossing out, not
erasing or making the original entry illegible, and writing the new entry alongside the alteration. All such alterations to
records shall be initialized by the staff making them.
6 Rec. UIT-T X.583 (1997 F)

---------------------- Page: 10 ----------------------
ISO/CEI 13248-1 : 1998 (F)
A.3 Identification of the implementation
A.3.1 Identification of PICS
Item No. Question Response
1 Date of Statement (DD/MM/YY)
2 PICS Serial Number
3 System Conformance
Statement Cross Reference
A.3.2 Identification of the implementation and/or system
Item No. Question Response
1 Implementation Name
2 Version Number
3 Machine Name
4 Machine Version Number
5 Operating System Name
6 Operating System Version No.
7 Other information
A.3.3 Identification of the system supplier
Item No. Question Response
1 Organization Name
2 Contact Name(s)
3 Address
4 Telephone Number
5 Telex Number
6 Fax Number
7 E-Mail Address
8 Other information
A.3.4 Identification of the testlab client
Item No. Question Response
1 Organization Name
2 Contact Name(s)
3 Address
4 Telephone Number
5 Telex Number
6 Fax Number
7 E-Mail Address
8 Other information
Rec. UIT-T X.583 (1997 F) 7

---------------------- Page: 11 ----------------------
ISO/CEI 13248-1 : 1998 (F)
A.4 Identification of the protocol
Item No. Identification of protocol specification Support
1 ITU-T Rec. X.500 (1993) | ISO/IEC 9594-1:1995,
Information technology – Open Systems Interconnection –
The Directory: Overview of concepts, models and services
2 ITU-T Rec. X.501 (1993) | ISO/IEC 9594-2:1995,
Information technology – Open Systems Interconnection –
The Directory: Models
3 ITU-T Rec. X.511 (1993) | ISO/IEC 9594-3:1995,
Information technology – Open Systems Interconnection –
The Directory: Abstract service definition
4 ITU-T Rec. X.518 (1993) | ISO/IEC 9594-4:1995,
Information technology – Open Systems Interconnection –
The Directory: Procedures for distributed operations
5 ITU-T Rec. X.519 (1993) | ISO/IEC 9594-5:1995,
Information technology – Open Systems Interconnection –
The Directory: Protocol specifications
6 ITU-T Rec. X.520 (1993) | ISO/IEC 9594-6:1995,
Information technology – Open Systems Interconnection –
The Directory: Selected Attribute Types
7 ITU-T Rec. X.521 (1993) | ISO/IEC 9594-7:1995,
Information technology – Open Systems Interconnection –
The Directory: Selected object classes
8 ITU-T Rec. X.509 (1993) | ISO/IEC 9594-8:1995,
Information technology – Open Systems Interconnection –
The Directory: Authentication framework
9 ITU-T Rec. X.525 (1993) | ISO/IEC 9594-9:1995,
Information technology – Open Systems Interconnection –
The Directory: Replication
A.5 Identification of corrigenda to the protocol
Item No. Specification Technical Corrigenda Support
 1 ITU-T Rec. X.501 (1993) | ISO/IEC 9594-2:1995 Cor.1: 1995
 2 ITU-T Rec. X.501 (1993) | ISO/IEC 9594-2:1995 Cor.2: 1995
 3 ITU-T Rec. X.509 (1993) | ISO/IEC 9594-8:1995 Cor.1: 1995
 4 ITU-T Rec. X.509 (1993) | ISO/IEC 9594-8:1995 Cor.2: 1995
 5 ITU-T Rec. X.509 (1993) | ISO/IEC 9594-8:1995 Cor.3: 1995
 6 ITU-T Rec. X.511 (1993) | ISO/IEC 9594-3:1995 Cor.1: 1995
 7 ITU-T Rec. X.511 (1993) | ISO/IEC 9594-3:1995 Cor.2: 1995
 8 ITU-T Rec. X.518 (1993) | ISO/IEC 9594-4:1995 Cor.1: 1995
 9 ITU-T Rec. X.518 (1993) | ISO/IEC 9594-4:1995 Cor.2: 1995
10 ITU-T Rec. X.519 (1993) | ISO/IEC 9594-5:1995 Cor.1: 1995
11 ITU-T Rec. X.520 (1993) | ISO/IEC 9594-6:1995 Cor.1: 1995
12 ITU-T Rec. X.525 (1993) | ISO/IEC 9594-9:1995 Cor.1: 1995
13 ITU-T Rec. X.525 (1993) | ISO/IEC 9594-9:1995 Cor.2: 1995
8 Rec. UIT-T X.583 (1997 F)

---------------------- Page: 12 ----------------------
ISO/CEI 13248-1 : 1998 (F)
A.6 ICS proforma tables
A.6.1 Roles
Item No. Role Status Support Predicate Name
1 Centralized DSA o
2 Cooperating DSA o *CoOp-DSA
3 First-Level DSA o *FirstLevel-DSA
4 DUA for connection to centralized DSA o
5 DUA for connection to cooperating DSA o *CoOp-DUA
A.6.2 General capabilities and global statement of conformance
If the supplied implementation is a DSA implementation, A.6.2.1 is required to be answered by the supplier. In addition,
appropriate DSA support/status columns in A.6.3, A.6.4 and A.6.5 apply.
If the supplied implementation is a DUA implementation, A.6.2.2 is required to be answered by the supplier. In addition,
appropriate DUA support/status columns in A.6.3, A.6.4 and A.6.5 apply.
Answering "No" to A.6.2.1.1/1 or A.6.2.2.1/1 indicates non-conformance to the protocol specification. Non-supported
mandatory capabilities are to be identified in the PICS, with an explanation of why the implementation is
non-conformant. Such information shall be provided in A.6.6 "Other information".
A.6.2.1 DSA Capabilities
A.6.2.1.1 General capabilities
Item No. Question Status Support Predicate Name
 1 Are all mandatory general capabilities for the DSA m
implemented?
 2 Are all mandatory first-level DSA requirements (ITU-T c1
Rec. X.518 | ISO/IEC 9594-4) implemented?
 3 Are the minimum knowledge requirements (ITU-T Rec. m
X.501| ISO/IEC 9594-2) implemented?
 4 Is as
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO/IEC 9594-11:2020(Main)
Information technology — Open systems interconnection directory — Part 11: Protocol specifications for secure operations

The scope of this Recommendation | International Standard is threefold. This Recommendation | International Standard provides guidance on how to prepare new and old protocols for cryptographic algorithm migration, and defines auxiliary cryptographic algorithms to be used for migration purposes. This Recommendation | International Standard specifies a general wrapper protocol that provides authentication, integrity and confidentiality (encryption) protection for other protocols. This wrapper protocol includes a migration path for cryptographic algorithms allowing for smooth migration to stronger cryptographic algorithms as such requirements evolve. This will allow migration to quantum-safe cryptographic algorithms. Protected protocols can then be developed without taking security and cryptographic algorithms into consideration. This Recommendation | International Standard also includes some protocols to be protected by the wrapper protocol primarily for support of public-key infrastructure (PKI). Other specifications, e.g., Recommendations or International Standards, may also develop protocols designed to be protected by the wrapper protocol.

  • Standard
    84 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-7:2020(Main)
Information technology — Open systems interconnection — Part 7: The Directory: Selected object classes

This document defines a number of object classes and name forms which may be found useful across a range of applications of the Directory. The definition of an object class involves listing a number of attribute types which are relevant to objects of that class. The definition of a name form involves naming the object class to which it applies and listing the attributes to be used in forming names for objects of that class. These definitions are used by the administrative authority which is responsible for the management of the directory information. Any administrative authority can define its own object classes or subclasses and name forms for any purpose. NOTE 1 ? Those definitions may or may not use the notation specified in Rec. ITU-T X.501 | ISO/IEC 9594-2. NOTE 2 ? It is recommended that an object class defined in this Recommendation | International Standard, or a subclass derived from one, or a name form defined in this Recommendation | International Standard, be used in preference to the generation of a new one, whenever the semantics is appropriate for the application. Administrative authorities may support some or all the selected object classes and name forms, and may also add additional ones. All administrative authorities shall support the object classes which the directory uses for its own purpose (the top, alias and Directory system agent (DSA) object classes).

  • Standard
    30 pages
    English language
    sale 15% off
  • Standard
    30 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-9:2020(Main)
Information technology — Open systems interconnection — Part 9: The Directory: Replication

This document specifies a shadow service which Directory system agents (DSAs) may use to replicate Directory information. The service allows Directory information to be replicated among DSAs to improve service to Directory users. The shadowed information is updated, using the defined protocol, thereby improving the service provided to users of the Directory.

  • Standard
    38 pages
    English language
    sale 15% off
  • Standard
    38 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-6:2020(Main)
Information technology — Open systems interconnection — Part 6: The Directory: Selected attribute types

This document defines a number of attribute types and matching rules which may be found useful across a range of applications of the Directory. Attribute types and matching rules fall into three categories, as described below. Some attribute types and matching rules are used by a wide variety of applications or are understood and/or used by the Directory itself. NOTE 1 ? It is recommended that an attribute type or matching rule defined in this Recommendation | International Standard be used, in preference to the generation of a new one, whenever it is appropriate for the application. NOTE 2 ? The attribute and context types definitions by this Recommendation | International Standard have some associated semantics. Such specifications should not be used in situations where these semantics do not apply. Some attribute types and matching rules are internationally standardized, but are application‑specific. These are defined in the standards associated with the application concerned. Any administrative authority can define its own attribute types and matching rules for any purpose. These are not internationally standardized, and are available to others beyond the administrative authority which created them only through bilateral agreement.

  • Standard
    122 pages
    English language
    sale 15% off
  • Standard
    122 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-3:2020(Main)
Information technology — Open systems interconnection — Part 3: The Directory: Abstract service definition

This document defines in an abstract way the externally visible service provided by the Directory. This document does not specify individual implementations or products.

  • Standard
    120 pages
    English language
    sale 15% off
  • Draft
    120 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-1:2020(Main)
Information technology — Open systems interconnection — Part 1: The Directory: Overview of concepts, models and services

This document provides the directory capabilities required by many application layer standards and telecommunication services. Among the capabilities which it provides are those of "user-friendly naming", whereby objects can be referred to by names which are suitable for citing by human users (though not all objects need have user-friendly names); and "name-to-address mapping" which allows the binding between objects and their locations to be dynamic. The latter capability allows networks, for example, to be "self-configuring" in the sense that addition, removal and the changes of object location do not affect network operation. The Directory is not intended to be a general-purpose database system, although it may be built on such systems. It is assumed, for instance, that, as is typical with communication directories, there is a considerably higher frequency of "queries" than of updates. The rate of updates is expected to be governed by the dynamics of people and organizations, rather than, for example, the dynamics of networks. There is also no need for instantaneous global commitment of updates; transient conditions, where both old and new versions of the same information are available, are quite acceptable. It is a characteristic of the Directory that, except as a consequence of differing access rights or un-propagated updates, the results of directory queries will not be dependent on the identity or location of the inquirer. This characteristic renders the Directory unsuitable for some telecommunication applications, for example some types of routing. For cases where the results are dependent on the identity of the inquirer, access to directory information and updates of the Directory may be denied.

  • Standard
    22 pages
    English language
    sale 15% off
  • Standard
    22 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-4:2020(Main)
Information technology — Open systems interconnection — Part 4: The Directory: Procedures for distributed operation

This document specifies the behaviour of DSAs taking part in a distributed directory consisting of multiple Directory systems agents (DSAs) and/or LDAP servers with at least one DSA. The allowed behaviour has been designed to ensure a consistent service given a wide distribution of the DIB across a distributed directory. Only the behaviour of DSAs taking part in a distributed directory is specified. The behaviour of LDAP servers are specified in relevant LDAP specifications. There are no special requirements on an LDAP server beyond those given by the LDAP specifications. The Directory is not intended to be a general purpose database system, although it may be built on such systems. It is assumed that there is a considerably higher frequency of queries than of updates.

  • Standard
    125 pages
    English language
    sale 15% off
  • Draft
    125 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-8:2020(Main)
Information technology — Open systems interconnection — Part 8: The Directory: Public-key and attribute certificate frameworks

This document addresses some of the security requirements in the areas of authentication and other security services through the provision of a set of frameworks upon which full services can be based. Specifically, this Recommendation | International Standard defines frameworks for: ? public-key certificates; and ? attribute certificates. The public-key certificate framework defined in this Recommendation | International Standard specifies the information objects and data types for a public-key infrastructure (PKI), including public-key certificates, certificate revocation lists (CRLs), trust broker and authorization and validation lists (AVLs). The attribute certificate framework specifies the information objects and data types for a privilege management infrastructure (PMI), including attribute certificates, and attribute certificate revocation lists (ACRLs). This Recommendation | International Standard also provides the framework for issuing, managing, using and revoking certificates. An extensibility mechanism is included in the defined formats for both certificate types and for all revocation list schemes. This Recommendation | International Standard also includes a set of extensions, which is expected to be generally useful across a number of applications of PKI and PMI. The schema components (including object classes, attribute types and matching rules) for storing PKI and PMI information in a directory, are included in this Recommendation | International Standard. This Recommendation | International Standard specifies the framework for strong authentication, involving credentials formed using cryptographic techniques. It is not intended to establish this as a general framework for authentication, but it can be of general use for applications which consider these techniques adequate. Authentication (and other security services) can only be provided within the context of a defined security policy. It is a matter for users of an application to define their own security policy.

  • Standard
    224 pages
    English language
    sale 15% off
  • Standard
    224 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-5:2020(Main)
Information technology — Open systems interconnection — Part 5: The Directory: Protocol specifications

This document specifies the Directory Access Protocol, the Directory System Protocol, the Directory Information Shadowing Protocol, and the Directory Operational Binding Management Protocol which fulfil the abstract services specified in Rec. ITU-T X.511 | ISO/IEC 9594-3, Rec. ITU-T X.518 | ISO/IEC 9594-4, Rec. ITU‑T X.525 | ISO/IEC 9594-9, and Rec. ITU-T X.501 | ISO/IEC 9594-2.

  • Standard
    83 pages
    English language
    sale 15% off
  • Standard
    83 pages
    English language
    sale 15% off
ISO
ISO/IEC 9594-2:2020(Main)
Information technology — Open systems interconnection — Part 2: The Directory: Models

This document provides a conceptual and terminological framework for the other ITU-T X.500-series Recommendations | parts of ISO/IEC 9594 which define various aspects of the Directory. The functional and administrative authority models define ways in which the Directory can be distributed, both functionally and administratively. Generic Directory System Agent (DSA) and DSA information models and an Operational Framework are also provided to support Directory distribution. The generic Directory Information Models describe the logical structure of the Directory Information Base (DIB) from the perspective of Directory and Administrative Users. In these models, the fact that the Directory is distributed, rather than centralized, is not visible. This Recommendation | International Standard provides a specialization of the generic Directory Information Models to support Directory Schema administration. The other ITU-T Recommendations in the X.500 series | parts of ISO/IEC 9594 make use of the concepts defined in this Recommendation | International Standard to define specializations of the generic information and DSA models to provide specific information, DSA and operational models supporting particular directory capabilities (e.g., Replication): a) the service provided by the Directory is described (in Rec. ITU-T X.511 | ISO/IEC 9594-3) in terms of the concepts of the information framework: this allows the service provided to be somewhat independent of the physical distribution of the DIB; b) the distributed operation of the Directory is specified (in Rec. ITU-T X.518 | ISO/IEC 9594-4) so as to provide that service, and therefore maintain that logical information structure, given that the DIB is in fact highly distributed; c) replication capabilities offered by the component parts of the Directory to improve overall Directory performance are specified (in Rec. ITU-T X.525 | ISO/IEC 9594-9). The security model establishes a framework for the specification of access control mechanisms. It provides a mechanism for identifying the access control scheme in effect in a particular portion of the Directory Information Tree (DIT), and it defines three flexible, specific access control schemes which are suitable for a wide variety of applications and styles of use. The security model also provides a framework for protecting the confidentiality and integrity of directory operations using mechanisms such as encryption and digital signatures. This makes use of the framework for authentication defined in Rec. ITU-T X.509 | ISO/IEC 9594-8 as well as generic upper layers security tools defined in Rec. ITU-T X.830 | ISO/IEC 11586-1. DSA models establish a framework for the specification of the operation of the components of the Directory. Specifically: a) the Directory functional model describes how the Directory is manifested as a set of one or more components, each being a DSA; b) the Directory distribution model describes the principals according to which the DIB entries and entry‑copies may be distributed among DSAs; c) the DSA information model describes the structure of the Directory user and operational information held in a DSA; d) the DSA operational framework describes the means by which the definition of specific forms of cooperation between DSAs to achieve particular objectives (e.g., shadowing) is structured.

  • Standard
    238 pages
    English language
    sale 15% off
  • Standard
    238 pages
    English language
    sale 15% off