[Date Prev][Date Next] [Chronological] [Thread] [Top]

Modelling certificate directory service using LDAP?

To: OpenLDAP <openldap-general@OpenLDAP.org>
Subject: Modelling certificate directory service using LDAP?
From: Heiko Nardmann <h.nardmann@secunet.de>
Date: Fri, 21 Jul 2000 16:33:12 +0200
Organization: secunet Security Networks AG

I would like to use modell a certificate directory service using LDAP.
So below top I want to have an objectclass ca. Below that there shall
be the objectclasses mainCert and attributeCert.
I would like to define the CA objectclass like the following:

objectclass ca
  requires
    algID bin single,
    issuerNameHash bin single
  allows
    issuerKeyHash bin single

The mainCert and attributeCert objectclasses shall be defined like the
following:

objectclass mainCert
  requires
    certNr int single,
    certHash bin single,
    Tn_T cis single,
    Tn_CN cis single,
    ...

objectclass attributeCert
  requires
    certNr int single,
    certHash bin single,
    ...

Since I am new to LDAP I wonder whether this is possible to make sure
that I can address a user certificate using algId, issuerNamehash and
certNr ?

As far as I understand I have to define a search base. This could be
e.g. the
CA. But how do I define binary attributes in my search base?

--
Heiko Nardmann (Dipl.-Ing.), h.nardmann@secunet.de, Software Development

secunet Security Networks AG - Sicherheit in Netzwerken
(www.secunet.de),
Weidenauer Str. 223-225, D-57076 Siegen
Tel. : +49 271 48950-13, Fax  : +49 271 48950-50

Prev by Date: LDAP-GINA: Was Re: A possible way to have NT authentic against LDAP
Next by Date: passwd and permission user for ldapsearch
Index(es):
- Chronological
- Thread