1、 I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n ITU-T X.525 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (10/2016) SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Directory Information technology Open Systems Interconnection The Directory: Replication Recom
2、mendation ITU-T X.525 ITU-T X-SERIES RECOMMENDATIONS DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY PUBLIC DATA NETWORKS Services and facilities X.1X.19 Interfaces X.20X.49 Transmission, signalling and switching X.50X.89 Network aspects X.90X.149 Maintenance X.150X.179 Administrative arrange
3、ments X.180X.199 OPEN SYSTEMS INTERCONNECTION Model and notation X.200X.209 Service definitions X.210X.219 Connection-mode protocol specifications X.220X.229 Connectionless-mode protocol specifications X.230X.239 PICS proformas X.240X.259 Protocol Identification X.260X.269 Security Protocols X.270X.
4、279 Layer Managed Objects X.280X.289 Conformance testing X.290X.299 INTERWORKING BETWEEN NETWORKS General X.300X.349 Satellite data transmission systems X.350X.369 IP-based networks X.370X.379 MESSAGE HANDLING SYSTEMS X.400X.499 DIRECTORY X.500X.599 OSI NETWORKING AND SYSTEM ASPECTS Networking X.600
5、X.629 Efficiency X.630X.639 Quality of service X.640X.649 Naming, Addressing and Registration X.650X.679 Abstract Syntax Notation One (ASN.1) X.680X.699 OSI MANAGEMENT Systems management framework and architecture X.700X.709 Management communication service and protocol X.710X.719 Structure of manag
6、ement information X.720X.729 Management functions and ODMA functions X.730X.799 SECURITY X.800X.849 OSI APPLICATIONS Commitment, concurrency and recovery X.850X.859 Transaction processing X.860X.879 Remote operations X.880X.889 Generic applications of ASN.1 X.890X.899 OPEN DISTRIBUTED PROCESSING X.9
7、00X.999 INFORMATION AND NETWORK SECURITY X.1000X.1099 SECURE APPLICATIONS AND SERVICES X.1100X.1199 CYBERSPACE SECURITY X.1200X.1299 SECURE APPLICATIONS AND SERVICES X.1300X.1399 CYBERSECURITY INFORMATION EXCHANGE X.1500X.1599 CLOUD COMPUTING SECURITY X.1600X.1699 For further details, please refer t
8、o the list of ITU-T Recommendations. Rec. ITU-T X.525 (10/2016) i INTERNATIONAL STANDARD ISO/IEC 9594-9 RECOMMENDATION ITU-T X.525 Information technology Open Systems Interconnection The Directory: Replication Summary Recommendation ITU-T X.525 | ISO/IEC 9594-9 specifies a shadow service which Direc
9、tory system agents (DSAs) may use to replicate Directory information. The service allows Directory information to be replicated among DSAs to improve service to Directory users, and provides for the automatic updating of this information. History Edition Recommendation Approval Study Group Unique ID
10、* 1.0 ITU-T X.525 1993-11-16 7 11.1002/1000/3014 2.0 ITU-T X.525 1997-08-09 7 11.1002/1000/4129 2.1 ITU-T X.525 (1997) Technical Cor. 1 2000-03-31 7 11.1002/1000/5045 2.2 ITU-T X.525 (1997) Amd. 1 2000-03-31 7 11.1002/1000/5044 2.3 ITU-T X.525 (1997) Technical Cor. 2 2001-02-02 7 11.1002/1000/5327 3
11、.0 ITU-T X.525 2001-02-02 7 11.1002/1000/5328 4.0 ITU-T X.525 2005-08-29 17 11.1002/1000/8510 4.1 ITU-T X.525 (2005) Cor. 1 2011-02-13 17 11.1002/1000/11052 5.0 ITU-T X.525 2008-11-13 17 11.1002/1000/9600 5.1 ITU-T X.525 (2008) Cor. 1 2011-02-13 17 11.1002/1000/11053 6.0 ITU-T X.525 2012-10-14 17 11
12、.1002/1000/11745 7.0 ITU-T X.525 2016-10-14 17 11.1002/1000/13038 Keywords Attribute, chaining, directory, directory information tree, directory system agent, directory user agent, distinguished name, referral, replication. _ * To access the Recommendation, type the URL http:/handle.itu.int/ in the
13、address field of your web browser, followed by the Recommendations unique ID. For example, http:/handle.itu.int/11.1002/1000/11830-en. ii Rec. ITU-T X.525 (10/2016) FOREWORD The International Telecommunication Union (ITU) is the United Nations specialized agency in the field of telecommunications, i
14、nformation and communication technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing Recommendations on them with a view to standardizing telecommunications on a
15、 worldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics. The approval of ITU-T Recommendations is covered by the procedure laid down
16、 in WTSA Resolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this Recommendation, the expression “Administration“ is used for conciseness to indicate both a telecommunication a
17、dministration and a recognized operating agency. Compliance with this Recommendation is voluntary. However, the Recommendation may contain certain mandatory provisions (to ensure, e.g., interoperability or applicability) and compliance with the Recommendation is achieved when all of these mandatory
18、provisions are met. The words “shall“ or some other obligatory language such as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the Recommendation is required of any party. INTELLECTUAL PROPERTY RIGHTSITU draws attenti
19、on to the possibility that the practice or implementation of this Recommendation may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual Property Rights, whether asserted by ITU members or others o
20、utside of the Recommendation development process. As of the date of approval of this Recommendation, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this Recommendation. However, implementers are cautioned that this may not represent the
21、 latest information and are therefore strongly urged to consult the TSB patent database at http:/www.itu.int/ITU-T/ipr/. ITU 2017 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written permission of ITU. Rec. ITU-T X.525 (10/2016) iii C
22、ONTENTS Page 1 Scope 1 2 Normative references 1 2.1 Identical Recommendations | International Standards 1 3 Definitions 1 3.1 Basic Directory definitions 1 3.2 Directory model definitions 2 3.3 Abstract service definitions . 2 3.4 Distributed operation definitions . 2 3.5 Protocol definitions . 2 3.
23、6 Replication definitions 2 4 Abbreviations . 3 5 Conventions 3 6 Replication in the Directory . 4 6.1 Caching . 4 6.2 Shadowing . 4 6.3 Shadowing functional model . 5 7 Shadowing in the Directory 6 7.1 Shadowing agreement . 6 7.2 Shadowed information 7 7.3 Shadow operations 10 7.4 DSA Shadow Bind a
24、nd DSA Shadow Unbind operation 11 8 Shadow operational binding . 11 8.1 Shadow operational binding type characteristics 11 8.2 DSA procedures for operational binding management . 12 8.3 Operational binding . 13 9 Shadowing agreement 14 9.1 Shadowing agreement specification 14 9.2 Unit of replication
25、 . 15 9.3 Update mode . 20 10 Directory information shadow service 21 10.1 Shadow supplier initiated service 21 10.2 Shadow consumer initiated service . 22 11 Shadow operations . 22 11.1 Coordinate Shadow Update operation . 22 11.2 Request Shadow Update operation 24 11.3 Update Shadow operation . 26
26、 12 Shadow error 29 12.1 Shadow error problems . 30 12.2 Last update 30 12.3 Update window . 30 12.4 Common results 30 Annex A Directory shadow abstract service in ASN.1 . 31 Annex B Amendments and corrigenda . 37 iv Rec. ITU-T X.525 (10/2016) Introduction This Recommendation | International Standar
27、d, together with other Recommendations | International Standards, has been produced to facilitate the interconnection of information processing systems to provide Directory services. A set of such systems, together with the Directory information that they hold, can be viewed as an integrated whole,
28、called the Directory. The information held by the Directory, collectively known as the Directory Information Base (DIB) is typically used to facilitate communication between, with or about objects such as application-entities, people, terminals and distribution lists. The Directory plays a significa
29、nt role in Open Systems Interconnection, whose aim is to allow, with a minimum of technical agreement outside of the interconnection standards themselves, the interconnection of information processing systems: from different manufacturers; under different managements; of different levels of complexi
30、ty; and of different ages. This Recommendation | International Standard defines the replication capabilities provided by Directory system agents (DSAs) to improve the level of service to Directory users. This Recommendation | International Standard provides the foundation frameworks upon which indus
31、try profiles can be defined by other standards groups and industry forums. Many of the features defined as optional in these frameworks may be mandated for use in certain environments through profiles. This eighth edition technically revises and enhances the seventh edition of this Recommendation |
32、International Standard. This eighth edition specifies versions 1 and 2 of the Directory protocols. The first and second editions specified only version 1. Most of the services and protocols specified in this edition are designed to function under version 1. However, some enhanced services and protoc
33、ols, e.g., signed errors, will not function unless all Directory entities involved in the operation have negotiated version 2. Whichever version has been negotiated, differences between the services and between the protocols defined in the eight editions, except for those specifically assigned to ve
34、rsion 2, are accommodated using the rules of extensibility defined in Rec. ITU-T X.519 | ISO/IEC 9594-5. Annex A, which is an integral part of this Recommendation | International Standard, provides the ASN.1 module for the Directory shadow abstract service. Annex B, which is not an integral part of
35、this Recommendation | International Standard, lists the amendments and defect reports that have been incorporated to form this edition of this Recommendation | International Standard. ISO/IEC 9594-9:2017 (E) Rec. ITU-T X.525 (10/2016) 1 INTERNATIONAL STANDARD ITU-T RECOMMENDATION Information technol
36、ogy Open Systems Interconnection The Directory: Replication 1 Scope This Recommendation | International Standard specifies a shadow service which Directory system agents (DSAs) may use to replicate Directory information. The service allows Directory information to be replicated among DSAs to improve
37、 service to Directory users. The shadowed information is updated, using the defined protocol, thereby improving the service provided to users of the Directory. 2 Normative references The following Recommendations and International Standards contain provisions which, through reference in this text, c
38、onstitute provisions of this Recommendation | International Standard. At the time of publication, the editions indicated were valid. All Recommendations and Standards are subject to revision, and parties to agreements based on this Recommendation | International Standard are encouraged to investigat
39、e the possibility of applying the most recent edition of the Recommendations and Standards listed below. Members of IEC and ISO maintain registers of currently valid International Standards. The Telecommunication Standardization Bureau of the ITU maintains a list of currently valid ITU-T Recommendat
40、ions. 2.1 Identical Recommendations | International Standards Recommendation ITU-T X.500 (2016) | ISO/IEC 9594-1:2017, Information technology Open Systems Interconnection The Directory: Overview of concepts, models and services. Recommendation ITU-T X.501 (2016) | ISO/IEC 9594-2:2017, Information te
41、chnology Open Systems Interconnection The Directory: Models. Recommendation ITU-T X.509 (2016) | ISO/IEC 9594-8:2017, Information technology Open Systems Interconnection The Directory: Public-key and attribute certificate frameworks. Recommendation ITU-T X.511 (2016) | ISO/IEC 9594-3:2017, Informati
42、on technology Open Systems Interconnection The Directory: Abstract service definition. Recommendation ITU-T X.518 (2016) | ISO/IEC 9594-4:2017, Information technology Open Systems Interconnection The Directory: Procedures for distributed operation. Recommendation ITU-T X.519 (2016) | ISO/IEC 9594-5:
43、2017, Information technology Open Systems Interconnection The Directory: Protocol specifications. Recommendation ITU-T X.520 (2016) | ISO/IEC 9594-6:2017, Information technology Open Systems Interconnection The Directory: Selected attribute types. Recommendation ITU-T X.521 (2016) | ISO/IEC 9594-7:2
44、017, Information technology Open Systems Interconnection The Directory: Selected object classes. Recommendation ITU-T X.680 (2015) | ISO/IEC 8824-1:2015, Information technology Abstract Syntax Notation One (ASN.1): Specification of basic notation. 3 Definitions For the purposes of this Recommendatio
45、n | International Standard, the following definitions apply. 3.1 Basic Directory definitions The following term is defined in Rec. ITU-T X.500 | ISO/IEC 9594-1: (the) Directory. ISO/IEC 9594-9:2017 (E) 2 Rec. ITU-T X.525 (10/2016) 3.2 Directory model definitions The following terms are defined in Re
46、c. ITU-T X.501 | ISO/IEC 9594-2: a) distinguished name; b) Directory information tree (DIT); c) DSA-specific entry (DSE); d) DSA information model; e) DSA information tree; f) Directory system agent (DSA). 3.3 Abstract service definitions The following term is defined in Rec. ITU-T X.511 | ISO/IEC 9
47、594-3: a) request; b) requestor. 3.4 Distributed operation definitions The following terms are defined in Rec. ITU-T X.518 | ISO/IEC 9594-4: a) access point; b) knowledge information; c) name resolution; d) naming context; e) non-specific subordinate reference; f) subordinate reference. 3.5 Protocol
48、 definitions The following term is defined in Rec. ITU-T X.519 | ISO/IEC 9594-5: a) application-association. 3.6 Replication definitions The following terms are defined in this Recommendation | International Standard: 3.6.1 area prefix: The sequence of RDNs and associated administrative information
49、common to all entries within a replicated area. 3.6.2 attribute completeness: Indicates whether or not all user attributes are included in an entry-copy. 3.6.3 cache-copy: A copy of an entry (or part of an entry) whose consistency with its corresponding entry is maintained by means outside the scope of this Directory Specification. 3.6.4 caching: The process of creating cache copies. This process is outside the scope of this Direc
