1、 International Telecommunication Union ITU-T H.350.2TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (05/2011) SERIES H: AUDIOVISUAL AND MULTIMEDIA SYSTEMSInfrastructure of audiovisual services Directory services architecture for audiovisual and multimedia services Directory services architecture for
2、 H.235 Recommendation ITU-T H.350.2 ITU-T H-SERIES RECOMMENDATIONS AUDIOVISUAL AND MULTIMEDIA SYSTEMS CHARACTERISTICS OF VISUAL TELEPHONE SYSTEMS H.100H.199 INFRASTRUCTURE OF AUDIOVISUAL SERVICES General H.200H.219 Transmission multiplexing and synchronization H.220H.229 Systems aspects H.230H.239 C
3、ommunication procedures H.240H.259 Coding of moving video H.260H.279 Related systems aspects H.280H.299 Systems and terminal equipment for audiovisual services H.300H.349 Directory services architecture for audiovisual and multimedia services H.350H.359Quality of service architecture for audiovisual
4、 and multimedia services H.360H.369 Supplementary services for multimedia H.450H.499 MOBILITY AND COLLABORATION PROCEDURES Overview of Mobility and Collaboration, definitions, protocols and procedures H.500H.509 Mobility for H-Series multimedia systems and services H.510H.519 Mobile multimedia colla
5、boration applications and services H.520H.529 Security for mobile multimedia systems and services H.530H.539 Security for mobile multimedia collaboration applications and services H.540H.549 Mobility interworking procedures H.550H.559 Mobile multimedia collaboration inter-working procedures H.560H.5
6、69 BROADBAND, TRIPLE-PLAY AND ADVANCED MULTIMEDIA SERVICES Broadband multimedia services over VDSL H.610H.619 Advanced multimedia services and applications H.620H.629 IPTV MULTIMEDIA SERVICES AND APPLICATIONS FOR IPTV General aspects H.700H.719 IPTV terminal devices H.720H.729 IPTV middleware H.730H
7、.739 IPTV application event handling H.740H.749 IPTV metadata H.750H.759 IPTV multimedia application frameworks H.760H.769 IPTV service discovery up to consumption H.770H.779 For further details, please refer to the list of ITU-T Recommendations. Rec. ITU-T H.350.2 (05/2011) i Recommendation ITU-T H
8、.350.2 Directory services architecture for H.235 Summary Recommendation ITU-T H.350.2 describes a lightweight directory access protocol (LDAP) schema to represent ITU-T H.235 elements. It is an auxiliary class related to Recommendation ITU-T H.350 and derives much of its functionality from that arch
9、itecture. Implementers should review Recommendation ITU-T H.350 in detail before proceeding with this Recommendation. Its attributes include ITU-T H.235 identity, password and certificate elements. These elements can be downloaded to an endpoint for automatic configuration or accessed by a gatekeepe
10、r for call signalling and authentication. The scope of this Recommendation does not include normative methods for the use of the LDAP directory itself or the data it contains. The purpose of the schema is not to represent all possible data elements in the ITU-T H.235 protocol, but rather to represen
11、t the minimal set required to accomplish the design goals enumerated in Recommendation ITU-T H.350. This revised version of Recommendation ITU-T H.350.2 introduces several enhancements and clarifications to the previous version, primarily the addition of ITU-T X.500 directories support. This Recomme
12、ndation includes an electronic attachment containing a schema configuration file for h235Identity. History Edition Recommendation Approval Study Group 1.0 ITU-T H.350.2 2003-08-06 16 1.0 ITU-T H.350.2 attachment 2003-08-06 16 2.0 ITU-T H.350.2 2011-05-14 16 Keywords Directory services, ITU-T H.235.0
13、, ITU-T H.320, ITU-T H.323, LDAP, SIP, ITU-T X.500. ii Rec. ITU-T H.350.2 (05/2011) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, information and communication technologies (ICTs). The ITU Telecommunication Stand
14、ardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Assembly (WTSA), wh
15、ich meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information technology which fall within
16、ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. Compliance with this Recommendat
17、ion is voluntary. However, the Recommendation may contain certain mandatory provisions (to ensure, e.g., interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory provisions are met. The words “shall“ or some other obligatory language such as “
18、must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implementation of this Recommendation
19、 may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others outside of the Recommendation development process. As of the date of approval of
20、this Recommendation, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementers are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent d
21、atabase at http:/www.itu.int/ITU-T/ipr/. ITU 2012 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. Rec. ITU-T H.350.2 (05/2011) iii Table of Contents Page 1 Scope 1 1.1 Extending the schema . 1 2 References. 1 3
22、 Definitions 2 4 Abbreviations 2 5 Conventions 3 6 Object class definitions . 3 6.1 h235Identity 3 6.2 h235IdentityEndpointID . 3 6.3 h235IdentityPassword 4 7 h235Identity LDIF files 5 8 Using ITU-T H.350 with ITU-T X.500 directories 6 8.1 IMPORTS of ITU-T X.500 ASN.1 6 8.2 h235IdentityASN1.asn . 7
23、Annex A Indexing profile . 9 Appendix I Electronic attachment . 10 Bibliography. 11 Electronic attachment: Schema configuration file for h235Identity Rec. ITU-T H.350.2 (05/2011) 1 Recommendation ITU-T H.350.2 Directory services architecture for H.235 1 Scope This Recommendation1describes a lightwei
24、ght directory access protocol (LDAP) schema to represent ITU-T H.235 elements. It is an auxiliary class related to ITU-T H.350 and derives much of its functionality from that architecture. Implementers should review ITU-T H.350 in detail before proceeding with this Recommendation. Its attributes inc
25、lude ITU-T H.235 identity, password and certificate elements. These aliases can be downloaded to an endpoint for automatic configuration or accessed by a gatekeeper for call signalling and authentication. The scope of this Recommendation does not include normative methods for the use of the LDAP dir
26、ectory itself or the data it contains. The purpose of the schema is not to represent all possible data elements in the ITU-T H.235 protocol, but rather to represent the minimal set required to accomplish the design goals enumerated in ITU-T H.350. 1.1 Extending the schema The h235Identity classes ma
27、y be extended as necessary for specific implementations. See the base ITU-T H.350 for a discussion on schema extension. 2 References The following ITU-T Recommendations and other references contain provisions which, through reference in this text, constitute provisions of this Recommendation. At the
28、 time of publication, the editions indicated were valid. All Recommendations and other references are subject to revision; users of this Recommendation are therefore encouraged to investigate the possibility of applying the most recent edition of the Recommendations and other references listed below
29、. A list of the currently valid ITU-T Recommendations is regularly published. The reference to a document within this Recommendation does not give it, as a stand-alone document, the status of a Recommendation. ITU-T H.225.0 Recommendation ITU-T H.225.0 (2009), Call signalling protocols and media str
30、eam packetization for packet-based multimedia communication systems. ITU-T H.235.0 Recommendation ITU-T H.235.0 (2005), H.323 security: Framework for security in H-series (H.323 and other H.245-based) multimedia systems. ITU-T H.235.1 Recommendation ITU-T H.235.1 (2005), H.323 security: Baseline sec
31、urity profile. ITU-T H.235.2 Recommendation ITU-T H.235.2 (2005), H.323 security: Signature security profile. ITU-T H.323 Recommendation ITU-T H.323 (2009), Packet-based multimedia communications systems. ITU-T H.350 Recommendation ITU-T H.350 (2011), Directory services architecture for multimedia c
32、onferencing. ITU-T X.500 Recommendation ITU-T X.500 (2008) | ISO/IEC 9594-1:2008, Information technology Open Systems Interconnection The Directory: Overview of concepts, models and services. _ 1This Recommendation includes an electronic attachment containing a text file with a schema configuration
33、for h235Identity. 2 Rec. ITU-T H.350.2 (05/2011) ITU-T X.501 Recommendation ITU-T X.501 (2008) | ISO/IEC 9594-2:2008, Information technology Open Systems Interconnection The Directory: Models. ITU-T X.509 Recommendation ITU-T X.509 (2008) | ISO/IEC 9594-8:2008, Information technology Open Systems In
34、terconnection The Directory: Public-key and attribute certificate frameworks. ITU-T X.511 Recommendation ITU-T X.511 (2008) | ISO/IEC 9594-3:2008, Information technology Open Systems Interconnection The Directory: Abstract service definition. ITU-T X.518 Recommendation ITU-T X.518 (2008) | ISO/IEC 9
35、594-4:2008, Information technology Open Systems Interconnection The Directory: Procedures for distributed operation. ITU-T X.519 Recommendation ITU-T X.519 (2008) | ISO/IEC 9594-5:2008, Information technology Open Systems Interconnection The Directory: Protocol specifications. ITU-T X.520 Recommenda
36、tion ITU-T X.520 (2008) | ISO/IEC 9594-6:2008, Information technology Open Systems Interconnection The Directory: Selected attribute types. ITU-T X.525 Recommendation ITU-T X.525 (2008) | ISO/IEC 9594-9:2008, Information technology Open Systems Interconnection The Directory: Replication. IETF RFC 45
37、10 IETF RFC 4510 (2006), Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map. IETF RFC 4511 IETF RFC 4511 (2006), Lightweight Directory Access Protocol (LDAP): The Protocol. 3 Definitions This Recommendation defines the following terms: 3.1 commObject: An LDAP object class
38、 defined in ITU-T H.350 that represents generic multimedia conferencing endpoints. 3.2 endpoint: A logical device that provides video and/or voice media encoding/decoding, and signalling functions. Examples include: 1) a group teleconferencing appliance that is located in a conference room; 2) an IP
39、 telephone; 3) a software program that takes video and voice from a camera and microphone, encodes it and applies signalling, using a host computer. Note that from the perspective of most signalling protocols, gateways and MCUs are special cases of endpoints. 4 Abbreviations This Recommendation uses
40、 the following abbreviations: LDAP Lightweight Directory Access Protocol NOTE This is consistent with IETF RFC 4510. LDIF LDAP Data Interchange Format Rec. ITU-T H.350.2 (05/2011) 3 5 Conventions In this Recommendation, the following conventions are used: “Shall“ indicates a mandatory requirement. “
41、Should“ indicates a suggested but optional course of action. “May“ indicates an optional course of action rather than a recommendation that something takes place. References to clauses, subclauses, annexes and appendices refer to those items within this Recommendation, unless another specification i
42、s explicitly listed. 6 Object class definitions The h235Identity object class defines two attributes, h235IdentityEndpointID and h235IdentityPassword, which are needed to be able to implement ITU-T H.235.1. The remaining attributes that are used, and which are already defined in LDAP, are needed to
43、be able to implement ITU-T H.235.2. Those attributes are userCertificate, cACertificate, authorityRevocationList, certificateRevocationList, and crossCertificatePair. The definitions and purpose of each of those attributes are defined in IETF RFC 4510. 6.1 h235Identity OID: 0.0.8.350.1.1.4.2.1 objec
44、tclasses: (0.0.8.350.1.1.4.2.1 NAME h235Identity DESC h235Identity object SUP top AUXILIARY MAY ( h235IdentityEndpointID $ h235IdentityPassword $ userCertificate $ cACertificate $ authorityRevocationList $ certificateRevocationList $ crossCertificatePair ) ) 6.2 h235IdentityEndpointID OID: 0.0.8.350
45、.1.1.4.1.1 attributetypes: (0.0.8.350.1.1.4.1.1 NAME h235IdentityEndpointID DESC The Sender ID as defined in ITU-T H.235.1. EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) Application utility class Standard Number of values multi Definition The endpoi
46、nts sendersID as defined in ITU-T H.235.1. This is always identical to endpointID. Permissible values (if controlled) 4 Rec. ITU-T H.350.2 (05/2011) Notes In practice, there will always be one and only one h235dentityEndpointID attribute for every endpoint. For applications where the endpoint authen
47、ticates against an LDAP directory, this value may be equal to the commUniqueId value defined in ITU-T H.350. Semantics Example applications for which this attribute would be useful Example (LDIF fragment) h235IdentityEndpointID: bobsmith 6.3 h235IdentityPassword OID: 0.0.8.350.1.1.4.1.2 attributetyp
48、es: (0.0.8.350.1.1.4.1.2 NAME h235IdentityPassword DESC The endpoint password as defined in ITU-T H.235.1. EQUALITY octetStringMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 ) Application utility class Standard Number of values multi Definition The endpoints ITU-T H.323 password as defined in ITU-T H.23
49、5.1. Permissible values (if controlled) Notes In practice, there will always be one and only one h235IdentityPassword attribute for every endpoint. If the password is stored in LDAP in an encrypted format, then the LDAP encryption algorithm should match the encryption algorithm for the gatekeeper and endpoint, i.e., the gatekeeper and endpoint should support the same encryption format as the LDAP server, even as systems are upg
