mail us  |  mail this page

contact us
training  | 
tech stuff  | 

Appendix C: LDAP RFCs & X.500

The following RFCs and X.500 series specifications describe LDAP or are relevant to it.

The ITU-T (the 800 lb gorilla of the standards world) have lots of specs on X.500 (each of which costs you lots of money). To be fair you can get some free specs but their policy seems to keep changing. They do however seem to be publishing their ASN.1 definitions for free (X.519 example).

Note: The main repository for RFCs is maintained by the IETF, text versions (the normative reference, but PDF and HTML versions are also available) may be viewed at or (where XXXX is the 4 digit RFC number - left padded with zeros as necessary). Currently published RFCs are pointed to which contains various information and links to the text (normative) reference and PDF and HTML (non-normative) version. The RFC may also be viewed at which also contains various RFC status information including errata together with a list of alternative formats, such as, text, PDF and HTML (this is the working area version of the document). Finally, there is now a searchable RFC list.

<ingrained habit> The RFC links below yield a plain text (nrmative) version which was copied to our site when the RFC was issued. We started this service a long time ago when the world was young, RFCs were maintained in some strange places, occasionally moved location, and performance and reliability of the repositories was very variable (being generous). None of these conditions apply today, far from it. The RFC repository is a robust, fast service. Nevertheless, we persist in our ingrained habits for no particularly good reason (old tricks..). If you want/prefer/need more choice you are advised to use one of the links identified above, if, however, you just want to read the darned RFC, feel free to click the links below.</ingrained habit>


RFC 1274 The COSINE and Internet X.500 Schema. P. Barker, S. Kille. November 1991. (Format: TXT=92827 bytes) (Obsoleted by RFC4524) (Status: PROPOSED STANDARD)
RFC 1823 The LDAP Application Program Interface. T. Howes, M. Smith. August 1995. (Format: TXT=41081 bytes) (Status: INFORMATIONAL)
RFC 2247 Using Domains in LDAP/X.500 Distinguished Names. S. Kille, M. Wahl, A. Grimstad, R. Huber, S. Sataluri. January 1998. (Format: TXT=12411 bytes) (Status: PROPOSED STANDARD)
RFC 2251 Lightweight Directory Access Protocol (v3). M. Wahl, T. Howes, S. Kille. December 1997. (Format: TXT=114488 bytes) (Obsoleted by RFC4510, RFC4511, RFC4513, RFC4512) (Updated by RFC3377, RFC3771) (Status: PROPOSED STANDARD)
RFC 2252 Lightweight Directory Access Protocol (v3): Attribute Syntax Definitions. M. Wahl, A. Coulbeck, T. Howes, S. Kille. December 1997. (Format: TXT=60204 bytes) (Obsoleted by RFC4510, RFC4517, RFC4523, RFC4512) (Updated by RFC3377) (Status: PROPOSED STANDARD)
RFC 2253 Lightweight Directory Access Protocol (v3): UTF-8 String Representation of Distinguished Names. M. Wahl, S. Kille, T. Howes. December 1997. (Format: TXT=18226 bytes) (Obsoletes RFC1779) (Obsoleted by RFC4510, RFC4514) (Updated by RFC3377) (Status: PROPOSED STANDARD)
RFC 2254 The String Representation of LDAP Search Filters. T. Howes. December 1997. (Format: TXT=13511 bytes) (Obsoletes RFC1960) (Obsoleted by RFC4510, RFC4515) (Updated by RFC3377) (Status: PROPOSED STANDARD)
RFC 2255 The LDAP URL Format. T. Howes, M. Smith. December 1997. (Format: TXT=20685 bytes) (Obsoletes RFC1959) (Obsoleted by RFC4510, RFC4516) (Updated by RFC3377) (Status: PROPOSED STANDARD)
RFC 2256 A Summary of the X.500(96) User Schema for use with LDAPv3. M. Wahl. December 1997. (Format: TXT=32377 bytes) (Obsoleted by RFC4517, RFC4519, RFC4523, RFC4512, RFC4510) (Updated by RFC3377) (Status: PROPOSED STANDARD)
RFC 2307 An Approach for Using LDAP as a Network Information Service. L. Howard. March 1998. (Format: TXT=41396 bytes) (Status: EXPERIMENTAL)
RFC 2377 Naming Plan for Internet Directory-Enabled Applications. A. Grimstad, R. Huber, S. Sataluri, M. Wahl. September 1998. (Format: TXT=38274 bytes) (Status: INFORMATIONAL)
RFC 2425 A MIME Content-Type for Directory Information. T. Howes, M. Smith, F. Dawson. September 1998. (Format: TXT=64478 bytes) (Status: PROPOSED STANDARD)
RFC 2426 vCard MIME Directory Profile. F. Dawson, T. Howes. September 1998. (Format: TXT=74646 bytes) (Status: PROPOSED STANDARD)
RFC 2596 Use of Language Codes in LDAP. M. Wahl, T. Howes. May 1999. (Format: TXT=17413 bytes) (Status: PROPOSED STANDARD)
RFC 2696 LDAP Control Extension for Simple Paged Results Manipulation. C. Weider, A. Herron, A. Anantha, T. Howes. September 1999. (Format: TXT=12809 bytes) (Status: INFORMATIONAL)
RFC 2713 Schema for Representing Java(tm) Objects in an LDAP Directory. V. Ryan, S. Seligman, R. Lee. October 1999. (Format: TXT=40745 bytes) (Status: INFORMATIONAL)
RFC 2714 Schema for Representing CORBA Object References in an LDAP Directory. V. Ryan, R. Lee, S. Seligman. October 1999. (Format: TXT=14709 bytes) (Status: INFORMATIONAL)
RFC 2739 Calendar Attributes for vCard and LDAP. T. Small, D. Hennessy, F. Dawson. January 2000. (Format: TXT=25892 bytes) (Status: PROPOSED STANDARD)
RFC 2798 Definition of the inetOrgPerson LDAP Object Class. M. Smith. April 2000. (Format: TXT=32929 bytes) (Status: INFORMATIONAL)
RFC 2829 Authentication Methods for LDAP. M. Wahl, H. Alvestrand, J. Hodges, R. Morgan. May 2000. (Format: TXT=33471 bytes) (Updated by RFC3377) (Status: PROPOSED STANDARD)
RFC 2849 The LDAP Data Interchange Format (LDIF) - Technical Specification. G. Good. June 2000. (Format: TXT=26017 bytes) (Status: PROPOSED STANDARD)
RFC 2891 LDAP Control Extension for Server Side Sorting of Search Results. T. Howes, M. Wahl, A. Anantha. August 2000. (Format: TXT=15833 bytes) (Status: PROPOSED STANDARD)
RFC 2927 MIME Directory Profile for LDAP Schema. M. Wahl. September 2000. (Format: TXT=16122 bytes) (Status: INFORMATIONAL)
RFC 3045 Storing Vendor Information in the LDAP root DSE. M. Meredith. January 2001. (Format: TXT=10518 bytes) (Status: INFORMATIONAL)
RFC 3062 LDAP Password Modify Extended Operation. K. Zeilenga. February 2001. (Format: TXT=11807 bytes) (Status: PROPOSED STANDARD)
RFC 3296 Named Subordinate References in Lightweight Directory Access Protocol (LDAP) Directories. K. Zeilenga. July 2002. (Format: TXT=27389 bytes) (Status: PROPOSED STANDARD)
RFC 3377 Lightweight Directory Access Protocol (v3): Technical Specification. J. Hodges, R. Morgan. September 2002. (Format: TXT=9981 bytes) (Updates RFC2251, RFC2252, RFC2253, RFC2254, RFC2255, RFC2256, RFC2829, RFC2830) (Status: PROPOSED STANDARD)
RFC 3383 Internet Assigned Numbers Authority (IANA) Considerations for the Lightweight Directory Access Protocol (LDAP). K. Zeilenga. September 2002. (Format: TXT=45893 bytes) (Also BCP0064) (Status: BEST CURRENT PRACTICE)
RFC 3384 Lightweight Directory Access Protocol (version 3) Replication Requirements. E. Stokes, R. Weiser, R. Moats, R. Huber. October 2002. (Format: TXT=66871 bytes) (Status: INFORMATIONAL)
RFC 3641 Generic String Encoding Rules (GSER) for ASN.1 Types. S. Legg. October 2003. (Format: TXT=34207 bytes) (Updated by RFC4792) (Status: PROPOSED STANDARD)
RFC 3671 Collective Attributes in the Lightweight Directory Access Protocol (LDAP). K. Zeilenga. December 2003. (Format: TXT=17912 bytes) (Status: PROPOSED STANDARD)
RFC 3672 Subentries in the Lightweight Directory Access Protocol (LDAP). K. Zeilenga. December 2003. (Format: TXT=24447 bytes) (Status: PROPOSED STANDARD)
RFC 3673 Lightweight Directory Access Protocol version 3 (LDAPv3): All Operational Attributes. K. Zeilenga. December 2003. (Format: TXT=10003 bytes) (Status: PROPOSED STANDARD)
RFC 3674 Feature Discovery in Lightweight Directory Access Protocol (LDAP). K. Zeilenga. December 2003. (Format: TXT=10282 bytes) (Status: PROPOSED STANDARD)
RFC 3687 Lightweight Directory Access Protocol (LDAP) and X.500 Component Matching Rules. S. Legg. February 2004. (Format: TXT=96256 bytes) (Status: PROPOSED STANDARD)
RFC 3698 Lightweight Directory Access Protocol (LDAP): Additional Matching Rules. K. Zeilenga, Ed.. February 2004. (Format: TXT=17562 bytes) (Updates RFC2798) (Status: PROPOSED STANDARD)
RFC 3703 Policy Core Lightweight Directory Access Protocol (LDAP) Schema. J. Strassner, B. Moore, R. Moats, E. Ellesson. February 2004. (Format: TXT=142983 bytes) (Status: PROPOSED STANDARD)
RFC 3712 Lightweight Directory Access Protocol (LDAP): Schema for Printer Services. P. Fleming, I. McDonald. February 2004. (Format: TXT=62301 bytes) (Status: INFORMATIONAL)
RFC 3727 ASN.1 Module Definition for the LDAP and X.500 Component Matching Rules. S. Legg. February 2004. (Format: TXT=8297 bytes) (Status: PROPOSED STANDARD)
RFC 3771 The Lightweight Directory Access Protocol (LDAP) Intermediate Response Message. R. Harrison, K. Zeilenga. April 2004. (Format: TXT=17114 bytes) (Updates RFC2251) (Status: PROPOSED STANDARD)
RFC 3829 Lightweight Directory Access Protocol (LDAP) Authorization Identity Request and Response Controls. R. Weltman, M. Smith, M. Wahl. July 2004. (Format: TXT=11986 bytes) (Status: INFORMATIONAL)
RFC 3866 Language Tags and Ranges in the Lightweight Directory Access Protocol (LDAP). K. Zeilenga, Ed.. July 2004. (Format: TXT=31501 bytes) (Obsoletes RFC2596) (Status: PROPOSED STANDARD)
RFC 3876 Returning Matched Values with the Lightweight Directory Access Protocol version 3 (LDAPv3). D. Chadwick, S. Mullan. September 2004. (Format: TXT=24233 bytes) (Status: PROPOSED STANDARD)
RFC 3909 Lightweight Directory Access Protocol (LDAP) Cancel Operation. K. Zeilenga. October 2004. (Format: TXT=13423 bytes) (Status: PROPOSED STANDARD)
RFC 3928 Lightweight Directory Access Protocol (LDAP) Client Update Protocol (LCUP). R. Megginson, Ed., M. Smith, O. Natkovich, J. Parham. October 2004. (Format: TXT=36892 bytes) (Status: PROPOSED STANDARD)
RFC 4370 Lightweight Directory Access Protocol (LDAP) Proxied Authorization Control. R. Weltman. February 2006. (Format: TXT=10624 bytes) (Status: PROPOSED STANDARD)
RFC 4373 Lightweight Directory Access Protocol (LDAP) Bulk Update/Replication Protocol (LBURP). R. Harrison, J. Sermersheim, Y. Dong. January 2006. (Format: TXT=31091 bytes) (Status: INFORMATIONAL)
RFC 4403 Lightweight Directory Access Protocol (LDAP) Schema for Universal Description, Discovery, and Integration version 3 (UDDIv3). B. Bergeson, K. Boogert, V. Nanjundaswamy. February 2006. (Format: TXT=78747 bytes) (Status: INFORMATIONAL)
RFC 4510 Lightweight Directory Access Protocol (LDAP): Technical Specification Road Map. K. Zeilenga. June 2006. (Format: TXT=12354 bytes) (Obsoletes RFC2251, RFC2252, RFC2253, RFC2254, RFC2255, RFC2256, RFC2829, RFC2830, RFC3377, RFC3771) (Status: PROPOSED STANDARD)
RFC 4511 Lightweight Directory Access Protocol (LDAP): The Protocol. J. Sermersheim, Ed.. June 2006. (Format: TXT=150116 bytes) (Obsoletes RFC2251, RFC2830, RFC3771) (Status: PROPOSED STANDARD)
RFC 4512 Lightweight Directory Access Protocol (LDAP): Directory Information Models. K. Zeilenga, Ed.. June 2006. (Format: TXT=108377 bytes) (Obsoletes RFC2251, RFC2252, RFC2256, RFC3674) (Status: PROPOSED STANDARD)
RFC 4513 Lightweight Directory Access Protocol (LDAP): Authentication Methods and Security Mechanisms. R. Harrison, Ed.. June 2006. (Format: TXT=80546 bytes) (Obsoletes RFC2251, RFC2829, RFC2830) (Status: PROPOSED STANDARD)
RFC 4514 Lightweight Directory Access Protocol (LDAP): String Representation of Distinguished Names. K. Zeilenga, Ed.. June 2006. (Format: TXT=31859 bytes) (Obsoletes RFC2253) (Status: PROPOSED STANDARD)
RFC 4515 Lightweight Directory Access Protocol (LDAP): String Representation of Search Filters. M. Smith, Ed., T. Howes. June 2006. (Format: TXT=23885 bytes) (Obsoletes RFC2254) (Status: PROPOSED STANDARD)
RFC 4516 Lightweight Directory Access Protocol (LDAP): Uniform Resource Locator. M. Smith, Ed., T. Howes. June 2006. (Format: TXT=3056 bytes) (Obsoletes RFC2255) (Status: PROPOSED STANDARD)
RFC 4517 Lightweight Directory Access Protocol (LDAP): Syntaxes and Matching Rules. S. Legg, Ed.. June 2006. (Format: TXT=114285 bytes) (Obsoletes RFC2252, RFC2256) (Updates RFC3698) (Status: PROPOSED STANDARD)
RFC 4518 Lightweight Directory Access Protocol (LDAP): Internationalized String Preparation. K. Zeilenga. June 2006. (Format: TXT=28166 bytes) (Status: PROPOSED STANDARD)
RFC 4519 Lightweight Directory Access Protocol (LDAP): Schema for User Applications. A. Sciberras, Ed.. June 2006. (Format: TXT=64996 bytes) (Obsoletes RFC2256) (Updates RFC2247, RFC2798, RFC2377) (Status: PROPOSED STANDARD)
RFC 4520 Internet Assigned Numbers Authority (IANA) Considerations for the Lightweight Directory Access Protocol (LDAP). K. Zeilenga. June 2006. (Format: TXT=34298 bytes) (Obsoletes RFC3383) (Also BCP0064) (Status: BEST CURRENT PRACTICE)
RFC 4521 Considerations for Lightweight Directory Access Protocol (LDAP) Extensions. K. Zeilenga. June 2006. (Format: TXT=34585 bytes) (Also BCP0118) (Status: BEST CURRENT PRACTICE)
RFC 4522 Lightweight Directory Access Protocol (LDAP): The Binary Encoding Option. S. Legg. June 2006. (Format: TXT=16276 bytes) (Status: PROPOSED STANDARD)
RFC 4523 Lightweight Directory Access Protocol (LDAP) Schema Definitions for X.509 Certificates. K. Zeilenga. June 2006. (Format: TXT=43753 bytes) (Obsoletes RFC2252, RFC2256, RFC2587) (Status: PROPOSED STANDARD)
RFC 4524 COSINE LDAP/X.500 Schema. K. Zeilenga, Ed.. June 2006. (Format: TXT=11245 bytes) (Obsoletes RFC1274) (Updates RFC2247, RFC2798) (Status: PROPOSED STANDARD)
RFC 4525 Lightweight Directory Access Protocol (LDAP) Modify-Increment Extension. K. Zeilenga. June 2006. (Format: TXT=11251 bytes) (Status: INFORMATIONAL)
RFC 4526 Lightweight Directory Access Protocol (LDAP) Absolute True and False Filters. K. Zeilenga. June 2006. (Format: TXT=10097 bytes) (Status: PROPOSED STANDARD)
RFC 4527 Lightweight Directory Access Protocol (LDAP) Read Entry Controls. K. Zeilenga. June 2006. (Format: TXT=15987 bytes) (Status: PROPOSED STANDARD)
RFC 4528 Lightweight Directory Access Protocol (LDAP) Assertion Control. K. Zeilenga. June 2006. (Format: TXT=12539 bytes) (Status: PROPOSED STANDARD)
RFC 4529 Requesting Attributes by Object Class in the Lightweight Directory Access Protocol. K. Zeilenga. June 2006. (Format: TXT=11927 bytes) (Status: INFORMATIONAL)
RFC 4530 Lightweight Directory Access Protocol (LDAP) entryUUID Operational Attribute. K. Zeilenga. June 2006. (Format: TXT=15191 bytes) (Status: PROPOSED STANDARD)
RFC 4531 Lightweight Directory Access Protocol (LDAP) Turn Operation. K. Zeilenga. June 2006. (Format: TXT=18986 bytes) (Status: EXPERIMENTAL)
RFC 4532 Lightweight Directory Access Protocol (LDAP) "Who am I?" Operation. K. Zeilenga. June 2006. (Format: TXT=14247 bytes) (Status: PROPOSED STANDARD)
RFC 4533 The Lightweight Directory Access Protocol (LDAP) Content Synchronization Operation. K. Zeilenga, J.H. Choi. June 2006. (Format: TXT=73895 bytes) (Status: EXPERIMENTAL)
RFC 4792 Encoding Instructions for the Generic String Encoding Rules (GSER). S. Legg. January 2007. (Format: TXT=17637 bytes) (Updates RFC3641) (Status: PROPOSED STANDARD)
RFC 5020 The Lightweight Directory Access Protocol (LDAP) entryDN Operational Attribute. K. Zeilenga. August 2007. (Format: TXT=8607 bytes) (Status: PROPOSED STANDARD)
RFC 6171 The Lightweight Directory Access Protocol (LDAP) Don't Use Copy Control. K. Zeilenga. March 2011. (Status: PROPOSED STANDARD)
RFC 7612 Lightweight Directory Access Protocol (LDAP): Schema for Printer Services. P. Fleming, I. McDonald. June 2015. (Format: TXT=99282 bytes) (Obsoletes RFC3712) (Status: INFORMATIONAL) (DOI: 10.17487/RFC7612)

ITU-T X.500 Series

You can purchase the X.500 specs from the ITU for a princely sum. They recently had a two-per-year freebie offer but their policy seems to change frequently.

Number Title ISO
X.500 Information technology - Open Systems Interconnection - The Directory: Overview of concepts, models and services -
X.501 Information technology - Open Systems Interconnection - The Directory: Models -
X.509 Information technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks -
X.511 Information technology - Open Systems Interconnection - The Directory: Abstract service definition -
X.518 Information technology - Open Systems Interconnection - The Directory: Procedures for distributed operation -
X.519 Information technology - Open Systems Interconnection - The Directory: Protocol specifications ISO/IEC 9594-5:1998
X.520 Information technology - Open Systems Interconnection - The Directory: Selected attribute types -
X.521 Information technology - Open Systems Interconnection - The Directory: Selected object classes -
X.525 Information technology - Open Systems Interconnection - The Directory: Replication -
X.530 Information technology - Open Systems Interconnection - The Directory: Use of systems management for administration of the Directory -
Information technology - Open Systems Interconnection - The Directory: Protocol Implementation Conformance Statement (PICS) proforma for the X.500 series -

Problems, comments, suggestions, corrections (including broken links) or something to add? Please take the time from a busy life to 'mail us' (at top of screen), the webmaster (below) or info-support at zytrax. You will have a warm inner glow for the rest of the day.


tech info
guides home
1 objectives
big picture
2 concepts
3 ldap objects
4 install ldap
5 samples
6 configuration
7 replica & refer
8 ldif
9 protocol
10 ldap api
11 howtos
12 trouble
13 performance
14 ldap tools
15 security
notes & info
ldap resources
rfc's & x.500
ldap objects
change log

Creative Commons License
This work is licensed under a Creative Commons License.

If you are happy it's OK - but your browser is giving a less than optimal experience on our site. You could, at no charge, upgrade to a W3C STANDARDS COMPLIANT browser such as Firefox




Icons made by Icomoon from is licensed by CC 3.0 BY
share page via facebook tweet this page


email us Send to a friend feature print this page Display full width page Decrease font size Increase font size



Debian Linux


GNU-Free SW Foundation


Open Source Initiative
Creative Commons


Ibiblio - Library
Open Book Project
Open Directory


CSS Technology SPF Record Conformant Domain
Copyright © 1994 - 2025 ZyTrax, Inc.
All rights reserved. Legal and Privacy
site by zytrax
hosted by
web-master at zytrax
Page modified: January 20 2022.