[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Implementing a matching rule for binary (ie:

Kurt Zeilenga wrote:
> On Feb 20, 2009, at 6:11 PM, Stef wrote:
>> I'm working on using openldap to store certificate requests (ie: PKCS#10
>> and SPKAC).
>> I thought I'd use the binary syntax '' for
>> my custom attribute.
> Why?  This syntax should be avoided.  It was dropped with revised LDAP
> specifications (RFC 4510) for good reason.  Any uses of it will suffer
> significant interoperability problems.

Interesting. Thanks for the clear reply.

I guess that means that uses of the userSMIMECertificate and userPKCS12
attributes in openldap will encounter these problems. These are both
defined with the syntax of ''.