OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [security-services] LDAP nameidentifier

On Thu, 18 Mar 2004, Rich Salz wrote:

> Is there any reason not to have a NameIdentifier for LDAP names? I don't
> care if the encoding is RFC 2253 or 2253 as modified by DSIG. Messages
> to RTFS (or RTFD) appreciated, as I could have just missed it. :)

The main FD on this is sstc-maler-w28a-attribute-draft-03.pdf.  Part of
the story is clarifying the use of what is now the "AttributeNamespace"
XML attribute; see section 3.2 of maler-w28a.  A NameFormat value would
indicate "this attribute is named by a URI".

The other part of the story is agreeing that X.500 attribute types (since
LDAP per se just uses X.500 attribute type definitions) are represented by
a particular unambiguous kind of URI.  The proposal I have put on the
table is to use the urn:oid namespace (RFC 3001), hence
urn:oid:<string-form-of-oid-for-that-attribute-type>.  Though I'm not
quite sure at this point in which document that proposal is, or is
intended to be.  I think there may be supposed to be an "attribute name
conventions" doc that either doesn't exist yet or I haven't seen yet.

 - RL "Bob"

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]