[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] LDAP nameidentifier
On Thu, 18 Mar 2004, Rich Salz wrote: > Is there any reason not to have a NameIdentifier for LDAP names? I don't > care if the encoding is RFC 2253 or 2253 as modified by DSIG. Messages > to RTFS (or RTFD) appreciated, as I could have just missed it. :) The main FD on this is sstc-maler-w28a-attribute-draft-03.pdf. Part of the story is clarifying the use of what is now the "AttributeNamespace" XML attribute; see section 3.2 of maler-w28a. A NameFormat value would indicate "this attribute is named by a URI". The other part of the story is agreeing that X.500 attribute types (since LDAP per se just uses X.500 attribute type definitions) are represented by a particular unambiguous kind of URI. The proposal I have put on the table is to use the urn:oid namespace (RFC 3001), hence urn:oid:<string-form-of-oid-for-that-attribute-type>. Though I'm not quite sure at this point in which document that proposal is, or is intended to be. I think there may be supposed to be an "attribute name conventions" doc that either doesn't exist yet or I haven't seen yet. - RL "Bob"
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]