Technical Summary
In X.500 Directory Services [X.501], such as those accessible using
the Lightweight Directory Access Protocol (LDAP) [RFC3377], an object
is identified by its distinguished name (DN). However, DNs are not
stable identifiers. That is, a new object may be identified by a DN
which previously identified another (now renamed or deleted) object.
This document describes the 'entryUUID' operational attribute which
holds the Universally Unique Identifier (UUID) [ISO11578] assigned to
the object by the server. Clients may use this attribute to
distinguish objects identified by a distinguished name or to locate an
object after renaming. This document also describes mechanisms
for matching and ordering these identifiers. Note, however, that
not all UUID variants have a defined ordering and servers are not
obligated to assign these identifers in any particular order.
The matching rule is provided for completeness.
Working Group Summary
Though this is an individual submission, there was discussion of this
mechanism within the LDUP working group as well as on the
mailing list associated with the concluded LDAPext working group.
Protocol Quality
This document was reviewed for the IESG by Ted Hardie.