[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Implementing a matching rule for binary (ie: 1.3.6.1.4.1.1466.115.121.1.5)

To: stef@memberwebs.com
Subject: Re: Implementing a matching rule for binary (ie: 1.3.6.1.4.1.1466.115.121.1.5)
From: Kurt Zeilenga <Kurt@OpenLDAP.org>
Date: Thu, 26 Feb 2009 06:27:40 -0800
Cc: openldap-devel@openldap.org
In-reply-to: <20090223194934.473D2EFB8B9@mx.npubs.com>
References: <20090221021102.BA015EFB6F3@mx.npubs.com> <6A064351-F5D0-455C-A8D7-6545E466A388@OpenLDAP.org> <20090223194934.473D2EFB8B9@mx.npubs.com>


On Feb 23, 2009, at 11:49 AM, Stef wrote:

Kurt Zeilenga wrote:
On Feb 20, 2009, at 6:11 PM, Stef wrote:
I'm working on using openldap to store certificate requests (ie: PKCS#10 and SPKAC).

I thought I'd use the binary syntax '1.3.6.1.4.1.1466.115.121.1.5' for my custom attribute.
Why? This syntax should be avoided. It was dropped with revised LDAP specifications (RFC 4510) for good reason. Any uses of it will suffer significant interoperability problems.
Interesting. Thanks for the clear reply.
I guess that means that uses of the userSMIMECertificate and userPKCS12 attributes in openldap will encounter these problems. These are both defined with the syntax of '1.3.6.1.4.1.1466.115.121.1.5'.


Yes, and such problems have been previously raised on openldap-software.

References:
- Implementing a matching rule for binary (ie: 1.3.6.1.4.1.1466.115.121.1.5)
  - From: Stef <stef-list@memberwebs.com>
- Re: Implementing a matching rule for binary (ie: 1.3.6.1.4.1.1466.115.121.1.5)
  - From: Kurt Zeilenga <Kurt@OpenLDAP.org>
- Re: Implementing a matching rule for binary (ie: 1.3.6.1.4.1.1466.115.121.1.5)
  - From: Stef <stef-list@memberwebs.com>

Prev by Date: Re: Implementing a matching rule for binary (ie: 1.3.6.1.4.1.1466.115.121.1.5)
Index(es):
- Chronological
- Thread