WPCL 2BJ|x H   X  6p&6p& I  Hh   c4 P  Fascicle VIII.8 Rec. X.521 PAGE1 ~  HH   c4 P PAGE14 Fascicle VIII.8 Rec. X.521 ~ Hh Hp P X`h!(# X  Ё c4 P  The drawings contained in this Recommendation have been done in AUTOCAD  Recommendation X.521 (B c4 P THE DIRECTORY SELECTED OBJECT CLASSES    HH ЁЍ)Recommendation X.521 and ISO 95947, Information Processing Systems Open Systems Interconnection The Directory Selected object classes, were developed in close collaboration and are technically aligned. ) c4 P   H(N c4 P (Melbourne, 1988) (RCONTENTS 0 Introduction 1 Scope and field of application 2 References 3 Definitions and abbreviations  3.1pOSI Reference Model Definitions  3.2pDirectory Model Definitions 4 Notation SECTION 1 Selected Object Classes 5 Definitions of Useful Attribute Sets  5.1pTelecommunication Attribute Set  5.2pPostal Attribute Set  5.3pLocale Attribute Set  5.4pOrganizational Attribute Set 6 Definition of Selected Object Classes  6.1pTop  6.2pAlias  6.3pCountry  6.4pLocality  6.5pOrganization  6.6pOrganizational Unit  6.7pPerson  6.8pOrganizational Person  6.9pOrganizational R=le  6.10 Group of Names  6.11 Residential Person  6.12 Application Process  6.13 Application Entity  6.14 DSA  6.15 Device  6.16 Strong Authentication User  6.17 Certification Authority Annex A ĩ Selected Object Classes in ASN.1 Annex B ĩ Suggested Name Forms and DIT Structures HP X`h!(#Ђ 0X Introduction  H Hp P X`h!(#Ё0.1  This document, together with the others of the series, has been produced to facilitate the interconnection of information processing systems to provide directory services. The set of all such systems, together with the directory information which they hold, can be viewed as an integrated whole, called the Directory. The information held by the Directory, collectively known as the Directory Information Base (DIB), is typically used to facilitate communication between, with or about objects such as application entities, people, terminals, and distribution lists.  H 0.2  The Directory plays a significant role in Open Systems Interconnection, whose aim is to allow, with a minimum of technical agreement outside of the interconnection standards themselves, the interconnection of information processing systems:   pfrom different manufacturers;   punder different managements;   pof different levels of complexity; and   pof different ages.  H 0.3  This Recommendation defines (in section one) a number of attribute sets and object classes which may be found useful across a range of applications of the Directory. 0.4  Annex A, which is a part of the standard, provides an ASN.1 module containing all of the type and value definitions which appear in this document. 0.5  Annex B, which is not part of the Recommendation provides some common naming and structure rules which may or may not be used by Administrative authorities. HP X`h!(#Ђ 1X Scope and field of application  H Hp P X`h!(#Ё1.1  This Recommendation defines a number of selected attribute sets and object classes which may be found useful across a range of applications of the Directory. The definition of an attribute set involves identifying the attributes that it contains, and facilitates the definition of object classes. The definition of an object class involves optionally allocating an Object Identifier to it, and listing a number of attribute types which are relevant to objects of that class. These definitions are used by the administrative authority which is responsible for the management of the Directory information. 1.2  Any Administrative Authority can define its own object classes and subclasses for any purpose.  H  Note1ĩThese definitions may or may not use the notation specified in Recommendation X.501.  H  Note2ĩIt is recommended that an object class defined in this document, or a subclass derived from one, be used in preference to the generation of a new one, whenever the semantics is appropriate for the application.  H 1.3  Administrative authorities may support some or all the selected object classes, and may also add object classes.  H  All Administrative authorities shall support the object classes which the directory uses for its own purpose (the top, alias and DSA object classes).HP X`h!(#Ђ  2References  H Hp P X`h!(#ЁRecommendation X.200 Open Systems Interconnection Basic Reference Model (see also ISO 7498) Recommendation X.500 The Directory Overview of Concepts, Models and Services (see also ISO95941) Recommendation X.501 The Directory Models (see also ISO 95942) HP X`h!(#Ђ 3X Definitions and abbreviations 3.1h  OSI Reference Model Definitions Hp P X`h!(# This Recommendation makes use of the following definitions from RecommendationX.200:   a)papplicationentity;   b)papplicationprocess.  HH HP X`h!(#3.2h  Directory Model Definitions  H Hp P X`h!(# This Recommendation makes use of the following definitions from Recommendation X.501.   a)pattribute;   b)pattribute type;   c)pDirectory Information Tree (DIT);   d)pDirectory System Agent (DSA);   e)pattribute set;   f)pentry;   g)pname;   h)pobject class;   i)psubclass.  HH HP X`h!(#Ђ 4X Notation  H Hp P X`h!(#Ё Object classes are defined in this document by the use of special notation, defined as an ASN.1 macro, OBJECTCLASS , in RecommendationX.501. One "generic" object identifier ( objectClass ) is used in specifying the object identifiers being allocated to object classes. Its definition can be found in AnnexB of the same Recommendation.  Attribute sets are defined in this document by the use of special notation, defined as an ASN.1 macro ATTRIBUTESET , in RecommendationX.501. One "generic" object identifier ( attributeSet ) is used in specifying the object identifiers being allocated to attribute set definitions. Its definition can be found in AnnexB of the same Recommendation. SECTION 1 Selected Object Classes HP X`h!(#Ђ 5X Definition of Useful Attribute Sets 5.1h  Telecommunication Attribute Set  H Hp P X`h!(# This set of attributes is used to define those which are commonly used for business communications.   telecommunicationAttributeSet ATTRIBUTESET  hpCONTAINS {  hph pfacsimileTelephoneNumber,  hph piSDNAddress,  hph ptelephoneNumber,  hph pteletexTerminalIdentifier,  hph ptelexNumber, X121Address,  hph ppreferredDeliveryMethod,  hph pdestinationIndicator,  hph pregisteredAddress}  hph p::= {attributeSet 0}  HH HP X`h!(#5.2h  Postal Attribute Set  H Hp P X`h!(# This set of attributes is used to define those which are directly associated with postal delivery.   postalAttributeSet ATTRIBUTESET  hpCONTAINS {  hph pphysicalDeliveryOfficeName,  hph ppostalAddress,  hph ppostalCode,  hph ppostOfficeBox,  hph pstreetAddress}  hph p::= {attributeSet 1}  HH HP X`h!(#5.3h  Locale Attribute Set  H Hp P X`h!(# This set of attributes is used to define those which are commonly used for search purposes to indicate the locale of an object.   localeAttributeSet ATTRIBUTESET  hpCONTAINS {  hph plocalityName,  hph pstateOrProvinceName,  hph pstreetAddress}  hph p::= {attributeSet 2}  HH HP X`h!(#5.4h  Organizational Attribute Set  H Hp P X`h!(# This set of attributes is used to define the attributes that an organization or organizational unit may typically possess.   organizationalAttributeSet ATTRIBUTESET  hpCONTAINS {  hph pdescription,  hph plocaleAttributeSet,  hph ppostalAttributeSet,  hph ptelecommunicationAttributeSet,  hph pbusinessCategory,  hph pseeAlso,  hph psearchGuide,  hph puserPassword}  hph p::= {attributeSet 3}  HH HP X`h!(#Ђ6X Definition of Selected Object Classes 6.1h  Top  H Hp P X`h!(# The top object class, of which every other object class is a subclass, is defined, except for the allocation of an object identifier, in RecommendationX.501.   toppTop ::= {objectClass 0}  HH HP X`h!(#6.2h  Alias  H Hp P X`h!(# The alias object class, from which classes for alias entries may be derived, is defined, except for the allocation of an object identifier, in RecommendationX.501.   alias Alias ::= {objectClass 1}  HH HP X`h!(#6.3h  Country  H Hp P X`h!(# A Country object class is used to define country entries in the DIT.   country OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcountryName}  hpMAY CONTAIN {  hph pdescription,  hph psearchGuide}  hp::= {objectClass 2}  HH HP X`h!(#6.4h  Locality  H Hp P X`h!(# The Locality object class is used to define locality in the DIT.   Locaty OBJECTCLASS  hpSUBCLASS OF top  hpMAY CONTAIN {  hph pdescription,  hph plocalityName,  hph pstateOrProvinceName,  hph psearchGuide,  hph pseeAlso,  hph pstreetAddress}  hp::= {objectClass 3}  H  At least one of Locality Name or State or Province Name must be present. HP X`h!(#6.5h  Organization  H Hp P X`h!(# The Organization object class is used to define organization entries in the DIT.   organization OBJECTCLASS -ƌ hpSUBCLASS OF top  hpMUST CONTAIN {  hph porganizationName}  hpMAY CONTAIN {  hph porganizationalAttributeSet}  hp::= {objectClass 4}  HH HP X`h!(#6.6h  Organizational Unit Hp P X`h!(# The Organizational Unit object class is used to define entries representing subdivisions or organizations.   organizationalUnit OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph porganizationalUnitName}  hpMAY CONTAIN {  hph porganizationalAttributeSet}  hp::= {objectClass 5} HP X`h!(#  6.7P Person  H Hp P X`h!(# The Person object class is used to define entries representing people generically.   person OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcommonName,  hph psurname}  hpMAY CONTAIN {  hph pdescription,  hph pseeAlso,  hph ptelephoneNumber,  hph puserPassword}  hp::= {objectClass 6}  HH HP X`h!(#6.8h  Organizational Person  Hh Hp P X`h!(# The Organizational Person object class is used to define entries representing people employed by, or in some other important way associated with, an organization.   organizationalPerson OBJECTCLASS  hpSUBCLASS OF person  hpMAY CONTAIN {  hph plocaleAttributeSet,  hph porganizationalUnitName,  hph ppostalAttributeSet,  hph ptelecommunicationAttributeSet,  hph ptitle}  hp::= {objectClass 7}  HH HP X`h!(#6.9h  Organizational R=le Hp P X`h!(# The Organizational R=le object class is used to define entries representing an organizational role, i.e. a position or r=le within  H an organization. An organizational r=le is normally considered to be filled by a particular organizational person. Over its lifetime, however, an organizational r=le may be filled by a number of different organizational people in succession. In general, an organizational r=le may be filled by a person or a nonhuman entity.   organizationalRole OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcommonName}  hpMAY CONTAIN {  hph pdescription,  hph plocaleAttributeSet,  hph porganizationalUnitName,  hph ppostalAttributeSet,  hph ppreferredDeliveryMethod,  hph proleOccupant,  hph pseeAlso,  hph ptelecommunicationAttributeSet}  hp::= {objectClass 8}  HH HP X`h!(#6.10  Group of Names  H Hp P X`h!(# The Group of Names object class is used to define entries representing an unordered set of names which represent individual objects or other groups  H of names. The membership of a group is static; that is, it is explicitly modified by administrative action, rather than dynamically determined each time the group is referred to.  H  The membership of a group can be reduced to a set of individual object's names by replacing each group with its membership. This process could be carried out recursively until all constituent group names have been eliminated, and only the names of individual objects remain.   groupOfNames OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcommonName,  hph pmember}  hpMAY CONTAIN {  hph pdescription,  hph porganizationName,  hph porganizationalUnitName,  hph powner,  hph pseeAlso,  hph pbusinessCategory}  hp::= {objectClass 9}  HH HP X`h!(#6.11  Residential Person  H Hp P X`h!(# The Residential Person object class is used to define entries representing a person in the residential environment.   residentialPerson OBJECTCLASS  hpSUBCLASS OF person  hpMUST CONTAIN {  hph plocalityName}  hpMAY CONTAIN {  hph plocaleAttributeSet,  hph ppostalAttributeSet,  hph ppreferredDeliveryMethod,  hph ptelecommunicationAttributeSet,  hph pbusinessCategory}  hp::= {objectClass 10}  HH HP X`h!(#6.12  Application Process Hp P X`h!(# The Application Process object class is used to define entries representing application processes. An application process is an element within a real open system which performs the information processing for a particular application (see RecommendationX.200).   applicationProcess OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcommonName}  hpMAY CONTAIN {  hph pdescription,  hph plocalityName,  hph porganizationalUnitName,  hph pseeAlso}  hp::= {objectClass 11} HP X`h!(#6.13  Application Entity  H Hp P X`h!(# The Application Entity object class is used to define entries representing application entities. An application entity consists of those aspects of an applicationprocess pertinent to OSI.   applicationEntity OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcommonName,  hph ppresentationAddress}  hpMAY CONTAIN {  hph pdescription,  hph plocalityName,  hph porganizationName,  hph porganizationalUnitName,  hph pseeAlso,  hph psupportedApplicationContext}  hp::= {objectClass 12}  H  Note ĩ If Application Entity is represented as a Directory object that is distinct from an Application Process, the commonName attribute is used to carry the value of Application Entity Qualifier. HP X`h!(#6.14  DSA  H Hp P X`h!(# The DSA object class is used to define entries representing DSAs. A DSA - is as defined in RecommendationX.501.   dSA OBJECTCLASS  hpSUBCLASS OF applicationEntity  hpMAY CONTAIN {  hph pknowledgeInformation}  hp::= {objectClass 13}  HH HP X`h!(#6.15  Device  H Hp P X`h!(# The Device object class is used to define entries representing devices. A device is a physical unit which can communicate, such as a modem, disk drive, etc.   device OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcommonName}  hpMAY CONTAIN {  hph pdescription,  hph plocalityName,  hph porganizationName,  hph porganizationalUnitName,  hph powner,  hph pseeAlso,  hph pserialNumber}  hp::= {objectClass 14}  H  Note ĩ At least one of localityName , serialNumber , owner , should be included. The choice is dependent on device type. HP X`h!(#6.16  Strong Authentication User  H Hp P X`h!(# The Strong Authentication User object class is used in defining entries for objects which participate in strong authentication, as defined in RecommendationX.509.   strongAuthenticationUser OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {userCertificate}  hp::= {objectClass 15}  H  The Certification Authority object class is used in defining entries for objects which act as certification authorities, as defined in RecommendationX.509. certificationAuthority OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcACertificate,  hph pcertificateRevocationList,  hph pauthorityRevocationList }  hpMAY CONTAIN {crossCertificatePair}  hp::= {objectClass 16}  HH Ђ8O c4 P ANNEX A 8F c4 P (to Recommendation X.521) 8B Selected Object Classes in ASN.1  H Ё This Annex includes all of the ASN.1 type and value definitions contained in this Recommendation in the form of the ASN.1 module, SelectedObjectClasses .   SelectedObjectClasses"X%{jointISOCCITT ds(5) modules(1)  hph   selectedObjectClasses(6)}   DEFINITIONS ::=   BEGIN   exports everything   IMPORTS  H  hpobjectClass, attributeSet, informationFramework, selectedAttributeTypes  hph pFROM UsefulDefinitions {jointisoccitt ds(5) modules(1) usefulDefinitions(0)}  hpOBJECTCLASS,ATTRIBUTESET, Top, Alias  hph pFROM InformationFramework informationFramework  hpauthorityRevocationList, businessCategory, CACertificate, certificateRevocationList,  hpcommonName, countryName, description, destinationIndicator, facsimileTelephoneNumber,  H  hpinternationalISDNNumber, knowledgeInformation, localityName, member, organizationName,  hporganizationalUnitName, owner, physicalDeliveryOfficeName, postOfficeBox, postalAddress,  hppostalCode, preferredDeliveryMethod, presentationAddress, registeredAddress,  H  hproleOccupant, searchGuide, seeAlso, serialNumber, stateOrProvinceName, streetAddress,  hpsupportedApplicationContext, surname, telephoneNumber, teletexTerminalIdentifier,  H  hptelexNumber, title, userCertificate, userPassword, x121Address  hph pFROM SelectedAttributeTypes selectedAttributeTypes;   telecommunicationAttributeSet ATTRIBUTESET  hpCONTAINS {  hph pfacsimileTelephoneNumber,  hph piSDNAddress,  hph ptelephoneNumber,  hph pteletexTerminalIdentifier,  hph ptelexNumber,  H  hph px121Address, preferredDeliveryMethod, destinationIndicator,  hph pregisteredAddress}  hph p::= {attributeSet 0}   postalAttributeSet ATTRIBUTESET  hpCONTAINS {  hph pphysicalDeliveryOfficeName,  hph ppostalAddress,  hph ppostalCode,  hph ppostOfficeBox,  hph pstreetAddress}  hph p::= {attributeSet 1} localeAttributeSet ATTRIBUTESET  hpCONTAINS {  hph plocalityName,  hph pstateOrProvinceName,  hph pstreetAddress}  hph p::= {attributeSet 2}   organizationalAttributeSet ATTRIBUTESET  hpCONTAINS {  hph pdescription,  hph plocaleAttributeSet,  hph ppostalAttributeSet,  hph ptelecommunicationAttributeSet,  hph pbusinessCategory,  hph pseeAlso,  hph psearchGuide,  hph puserPassword}  hph p::= {attributeSet 3}   topp Top ::= {objectclass 0}   alias Alias ::= {objectClass 1}   country OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcountryName}  hpMAY CONTAIN {  hph pdescription,  hph psearchGuide}  hp::= {objectClass 2}   locality OBJECTCLASS  hpSUBCLASS OF top  hpMAY CONTAIN {  hph pdescription,  hph plocalityName,  hph pstateOrProvinceName,  hph psearchGuide,  hph pseeAlso,  hph pstreetAddress}  hp::= {objectClass 3}   organization OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph porganizationName}  hpMAY CONTAIN {  hph porganizationalAttributeSet}  hp::= {objectClass 4}   organizationalUnit OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph porganizationalUnitName}  hpMAY CONTAIN {  hph porganizationalAttributeSet}  hp::= {objectClass 5}   person OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcommonName,  hph psurname}  hpMAY CONTAN {  hph pdescription,  hph pseeAlso,  hph ptelephoneNumber,  hph puserPassword}  hp::= {objectClass 6}   organizationalPerson OBJECTCLASS  hpSUBCLASS OF person  hpMAY CONTAIN {  hph plocaleAttributeSet,  hph porganizationalUnitName,  hph ppostalAttributeSet,  hph ptelecommunicationAttributeSet,  hph ptitle}  hp::= {objectClass 7}   organizationalRole OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcommonName}  hpMAY CONTAIN {  hph pdescription,  hph plocaleAttributeSet,  hph porganizationalUnitName,  hph ppostalAttributeSet,  hph ppreferredDeliveryMethod,  hph proleOccupant,  hph pseeAlso,  hph ptelecommunicationAttributeSet}  hp ::= {objectClass 8}   groupOfNames OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcommonName,  hph pmember}  hpMAY CONTAIN {  hph pdescription,  hph porganizationName,  hph porganizationalUnitName,  hph powner,  hph pseeAlso,  hph pbusinessCategory}  hp::= {objectClass 9}   residentialPerson OBJECTCLASS  hpSUBCLASS OF person  hpMUST CONTAIN {  hph plocalityName}  hpMAY CONTAIN {  hph plocaleAttributeSet,  hph ppostalAttributeSet,  hph ppreferredDeliveryMethod,  hph ptelecommunicationAttributeSet,  hph pbusinessCategory}  hp::= {objectClass 10}   applicationProcess OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcommonName}  hpMAY CONTAIN {  hph pdescription,  hph plocalityName,  hph porganizationalUnitName,  hph pseeAlso}  hp::= {objectClass 11}   applicationEntity OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcommonName, -ƌ hph ppresentationAddress}  hpMAY CONTAIN {  hph pdescription,  hph plocalityName,  hph porganizationName,  hph porganizationalUnitName,  hph pseeAlso,  hph psupportedApplicationContext}  hp::= {objectClass 12}   dSA OBJECTCLASS  hpSUBCLASS OF applicationEntity  hpMAY CONTAIN {  hph pknowledgeInformation}  hp::= {objectClass 13}   device OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcommonName}  hpMAY CONTAIN {  hph pdescription,  hph plocalityName,  hph porganizationName,  hph porganizationalUnitName,  hph powner,  hph pseeAlso,  hph pserialNumber}  hp::= {objectClass 14}   strongAuthenticationUser OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph puserCertificate}  hp::= {objectClass 15}   certificationAuthority OBJECTCLASS  hpSUBCLASS OF top  hpMUST CONTAIN {  hph pcACertificate,  hph pcertificateRevocationList,  hph pauthorityRevocationList}  hpMAY CONTAIN {  hph pcrossCertificatePair}  hp::={objectClass 16}   END HH Ђ c4 P  8OANNEX B 8F c4 P (to Recommendation X.521) 8? Suggested Name Forms and DIT Structures  This Annex is not part of this Recommendation.  H  This Annex suggests some common naming practices and DIT structures that may or may not be used by an Administrative authority. Naming practices and DIT structure definitions for an object class include specification of the attributes used for naming and which object classes its superior entry or its subordinate entry in the DIT can have. All entries of a given object class must include at least the attributes used for naming. Users of the Directory should be informed of the suggested name forms to be able to predict names of objects with which they communicate. The following paragraphs suggest naming and structure rules for some object classes.  The structure rules are depicted in Figure B1/X.521. K c4 P FIGURE B1/X.521 070468088  c4 P  HP X`h!(#ЁB.1h  Country Hp P X`h!(# Attribute countryName is used for naming.  H  The Root is the immediate superior to entries of object class country . HP X`h!(#B.2h  Organization Hp P X`h!(# Attribute organizationName is used for naming.  The Root, country or locality can be immediate superior to entries of object class organization .  H  Note ĩ When the organization is directly under the root, this denotes an international organization. The values of the organizationName attribute for international organizations must all be distinct. HP X`h!(#B.3h  Locality Hp P X`h!(# Attribute localityName or stateOrprovinceName is used for naming.  H  The Root, country , locality , organization or organizationalUnit can be immediate superior to entries of object class locality . HP X`h!(#B.4h  Organizational Unit Hp P X`h!(# Attribute organizationalUnitName is used for naming.  H  organization , organizationalUnit or locality can be immediate superior to entries of object class organizationalUnit .HP X`h!(#  B.5P Organizational Person  H Hp P X`h!(# Attribute commonName and optionally organizationalUnitName is used for naming.  H  organization or organizationalUnit can be immediate superior to entries of object class organizationalPerson .  H  Note ĩ There are two ways that an organizationalUnitName attribute may be acquired in names: by having an organizationalUnit object as superior or by having such an attribute directly. HP X`h!(#B.6h  Organizational R=le Hp P X`h!(# Attribute commonName is used for naming.  H  organization or organizationalUnit can be immediate superior to entries of object class organizationalRole .  H  Note ĩ There are two ways that an organizationalUnitName attribute may be acquired in names: by having an organizationalUnit object as superior or by having such an attribute directly. HP X`h!(#B.7h  Group of Names Hp P X`h!(# Attribute commonName is used for naming.  H  locality , organization or organizationalUnit can be immediate superior to entries of object class groupOfNames .  H  Note ĩ There are two ways that an organizationalUnitName attribute may be acquired in names: by having an organizationalUnit object as superior or by having such an attribute directly. HP X`h!(#B.8h  Residential Person Hp P X`h!(# Attribute commonName and optionally streetAddress is used for naming.  locality is the immediate superior to entries of object class residentialPerson . HP X`h!(#B.9h  Application Entity  H Hp P X`h!(# Attribute commonName is used for naming. The commonName should contain an applicationentity qualifier (see Recommendation X.200).  H  applicationProcess is the immediate superior to entries of object class applicationEntity . HP X`h!(#B.10  Device Hp P X`h!(# Attribute commonName is used for naming.  H  organization or organizationalUnit can be immediate superior to entries of object class device .  H  Note ĩ There are two ways that an organizationalUnitName attribute may be acquired in names: by having an organizationalUnit object as superior or by having such an attribute directly. HP X`h!(#B.11  Application Process Hp P X`h!(# Attribute commonName is used for naming.  H  organization or organizationalUnit can be immediate superior to entries of object class applicationProcess .  Note 1 ĩ How commonName should be chosen for an Application Entity is documented in RecommendationX.200.  H  Note 2 ĩ There are two ways that an organizationalUnitName attribute may be acquired in names: by having an organizationalUnit object as superior or by having such an attribute directly.