1 1.1 tron # OpenLDAP X.509 PMI schema 2 1.1 tron # $OpenLDAP$ 3 1.1 tron ## This work is part of OpenLDAP Software <http://www.openldap.org/>. 4 1.1 tron ## 5 1.1.1.7 christos ## Copyright 1998-2024 The OpenLDAP Foundation. 6 1.1 tron ## All rights reserved. 7 1.1 tron ## 8 1.1 tron ## Redistribution and use in source and binary forms, with or without 9 1.1 tron ## modification, are permitted only as authorized by the OpenLDAP 10 1.1 tron ## Public License. 11 1.1 tron ## 12 1.1 tron ## A copy of this license is available in the file LICENSE in the 13 1.1 tron ## top-level directory of the distribution or, alternatively, at 14 1.1 tron ## <http://www.OpenLDAP.org/license.html>. 15 1.1 tron # 16 1.1 tron ## Portions Copyright (C) The Internet Society (1997-2006). 17 1.1 tron ## All Rights Reserved. 18 1.1 tron # 19 1.1 tron # Includes LDAPv3 schema items from: 20 1.1 tron # ITU X.509 (08/2005) 21 1.1 tron # 22 1.1 tron # This file was automatically generated from pmi.schema; see that file 23 1.1 tron # for complete references. 24 1.1 tron # 25 1.1 tron dn: cn=pmi,cn=schema,cn=config 26 1.1 tron objectClass: olcSchemaConfig 27 1.1 tron cn: pmi 28 1.1 tron olcObjectIdentifier: {0}id-oc-pmiUser 2.5.6.24 29 1.1 tron olcObjectIdentifier: {1}id-oc-pmiAA 2.5.6.25 30 1.1 tron olcObjectIdentifier: {2}id-oc-pmiSOA 2.5.6.26 31 1.1 tron olcObjectIdentifier: {3}id-oc-attCertCRLDistributionPts 2.5.6.27 32 1.1 tron olcObjectIdentifier: {4}id-oc-privilegePolicy 2.5.6.32 33 1.1 tron olcObjectIdentifier: {5}id-oc-pmiDelegationPath 2.5.6.33 34 1.1 tron olcObjectIdentifier: {6}id-oc-protectedPrivilegePolicy 2.5.6.34 35 1.1 tron olcObjectIdentifier: {7}id-at-attributeCertificate 2.5.4.58 36 1.1 tron olcObjectIdentifier: {8}id-at-attributeCertificateRevocationList 2.5.4.59 37 1.1 tron olcObjectIdentifier: {9}id-at-aACertificate 2.5.4.61 38 1.1 tron olcObjectIdentifier: {10}id-at-attributeDescriptorCertificate 2.5.4.62 39 1.1 tron olcObjectIdentifier: {11}id-at-attributeAuthorityRevocationList 2.5.4.63 40 1.1 tron olcObjectIdentifier: {12}id-at-privPolicy 2.5.4.71 41 1.1 tron olcObjectIdentifier: {13}id-at-role 2.5.4.72 42 1.1 tron olcObjectIdentifier: {14}id-at-delegationPath 2.5.4.73 43 1.1 tron olcObjectIdentifier: {15}id-at-protPrivPolicy 2.5.4.74 44 1.1 tron olcObjectIdentifier: {16}id-at-xMLPrivilegeInfo 2.5.4.75 45 1.1 tron olcObjectIdentifier: {17}id-at-xMLPprotPrivPolicy 2.5.4.76 46 1.1 tron olcObjectIdentifier: {18}id-mr 2.5.13 47 1.1 tron olcObjectIdentifier: {19}id-mr-attributeCertificateMatch id-mr:42 48 1.1 tron olcObjectIdentifier: {20}id-mr-attributeCertificateExactMatch id-mr:45 49 1.1 tron olcObjectIdentifier: {21}id-mr-holderIssuerMatch id-mr:46 50 1.1 tron olcObjectIdentifier: {22}id-mr-authAttIdMatch id-mr:53 51 1.1 tron olcObjectIdentifier: {23}id-mr-roleSpecCertIdMatch id-mr:54 52 1.1 tron olcObjectIdentifier: {24}id-mr-basicAttConstraintsMatch id-mr:55 53 1.1 tron olcObjectIdentifier: {25}id-mr-delegatedNameConstraintsMatch id-mr:56 54 1.1 tron olcObjectIdentifier: {26}id-mr-timeSpecMatch id-mr:57 55 1.1 tron olcObjectIdentifier: {27}id-mr-attDescriptorMatch id-mr:58 56 1.1 tron olcObjectIdentifier: {28}id-mr-acceptableCertPoliciesMatch id-mr:59 57 1.1 tron olcObjectIdentifier: {29}id-mr-delegationPathMatch id-mr:61 58 1.1 tron olcObjectIdentifier: {30}id-mr-sOAIdentifierMatch id-mr:66 59 1.1 tron olcObjectIdentifier: {31}id-mr-indirectIssuerMatch id-mr:67 60 1.1 tron olcObjectIdentifier: {32}AttributeCertificate 1.3.6.1.4.1.4203.666.11.10.2.1 61 1.1 tron olcObjectIdentifier: {33}CertificateList 1.3.6.1.4.1.1466.115.121.1.9 62 1.1 tron olcObjectIdentifier: {34}AttCertPath 1.3.6.1.4.1.4203.666.11.10.2.4 63 1.1 tron olcObjectIdentifier: {35}PolicySyntax 1.3.6.1.4.1.4203.666.11.10.2.5 64 1.1 tron olcObjectIdentifier: {36}RoleSyntax 1.3.6.1.4.1.4203.666.11.10.2.6 65 1.1 tron olcLdapSyntaxes: {0}( 1.3.6.1.4.1.4203.666.11.10.2.4 DESC 'X.509 PMI attribute 66 1.1.1.6 christos certificate path: SEQUENCE OF AttributeCertificate' X-SUBST '1.3.6.1.4.1.146 67 1.1 tron 6.115.121.1.15' ) 68 1.1 tron olcLdapSyntaxes: {1}( 1.3.6.1.4.1.4203.666.11.10.2.5 DESC 'X.509 PMI policy sy 69 1.1 tron ntax' X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) 70 1.1 tron olcLdapSyntaxes: {2}( 1.3.6.1.4.1.4203.666.11.10.2.6 DESC 'X.509 PMI role synt 71 1.1 tron ax' X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' ) 72 1.1 tron olcAttributeTypes: {0}( id-at-role NAME 'role' DESC 'X.509 Role attribute, use 73 1.1 tron ;binary' SYNTAX RoleSyntax ) 74 1.1 tron olcAttributeTypes: {1}( id-at-xMLPrivilegeInfo NAME 'xmlPrivilegeInfo' DESC 'X 75 1.1 tron .509 XML privilege information attribute' SYNTAX 1.3.6.1.4.1.1466.115.121.1.1 76 1.1 tron 5 ) 77 1.1 tron olcAttributeTypes: {2}( id-at-attributeCertificate NAME 'attributeCertificateA 78 1.1 tron ttribute' DESC 'X.509 Attribute certificate attribute, use ;binary' EQUALITY 79 1.1 tron attributeCertificateExactMatch SYNTAX AttributeCertificate ) 80 1.1 tron olcAttributeTypes: {3}( id-at-aACertificate NAME 'aACertificate' DESC 'X.509 A 81 1.1 tron A certificate attribute, use ;binary' EQUALITY attributeCertificateExactMatch 82 1.1 tron SYNTAX AttributeCertificate ) 83 1.1 tron olcAttributeTypes: {4}( id-at-attributeDescriptorCertificate NAME 'attributeDe 84 1.1 tron scriptorCertificate' DESC 'X.509 Attribute descriptor certificate attribute, 85 1.1 tron use ;binary' EQUALITY attributeCertificateExactMatch SYNTAX AttributeCertific 86 1.1 tron ate ) 87 1.1 tron olcAttributeTypes: {5}( id-at-attributeCertificateRevocationList NAME 'attribu 88 1.1 tron teCertificateRevocationList' DESC 'X.509 Attribute certificate revocation lis 89 1.1 tron t attribute, use ;binary' SYNTAX CertificateList X-EQUALITY 'certificateListE 90 1.1 tron xactMatch, not implemented yet' ) 91 1.1 tron olcAttributeTypes: {6}( id-at-attributeAuthorityRevocationList NAME 'attribute 92 1.1 tron AuthorityRevocationList' DESC 'X.509 AA certificate revocation list attribute 93 1.1 tron , use ;binary' SYNTAX CertificateList X-EQUALITY 'certificateListExactMatch, 94 1.1 tron not implemented yet' ) 95 1.1 tron olcAttributeTypes: {7}( id-at-delegationPath NAME 'delegationPath' DESC 'X.509 96 1.1 tron Delegation path attribute, use ;binary' SYNTAX AttCertPath ) 97 1.1 tron olcAttributeTypes: {8}( id-at-privPolicy NAME 'privPolicy' DESC 'X.509 Privile 98 1.1 tron ge policy attribute, use ;binary' SYNTAX PolicySyntax ) 99 1.1 tron olcAttributeTypes: {9}( id-at-protPrivPolicy NAME 'protPrivPolicy' DESC 'X.509 100 1.1 tron Protected privilege policy attribute, use ;binary' EQUALITY attributeCertifi 101 1.1 tron cateExactMatch SYNTAX AttributeCertificate ) 102 1.1 tron olcAttributeTypes: {10}( id-at-xMLPprotPrivPolicy NAME 'xmlPrivPolicy' DESC 'X 103 1.1 tron .509 XML Protected privilege policy attribute' SYNTAX 1.3.6.1.4.1.1466.115.12 104 1.1 tron 1.1.15 ) 105 1.1 tron olcObjectClasses: {0}( id-oc-pmiUser NAME 'pmiUser' DESC 'X.509 PMI user objec 106 1.1 tron t class' SUP top AUXILIARY MAY attributeCertificateAttribute ) 107 1.1 tron olcObjectClasses: {1}( id-oc-pmiAA NAME 'pmiAA' DESC 'X.509 PMI AA object clas 108 1.1 tron s' SUP top AUXILIARY MAY ( aACertificate $ attributeCertificateRevocationList 109 1.1 tron $ attributeAuthorityRevocationList ) ) 110 1.1 tron olcObjectClasses: {2}( id-oc-pmiSOA NAME 'pmiSOA' DESC 'X.509 PMI SOA object c 111 1.1 tron lass' SUP top AUXILIARY MAY ( attributeCertificateRevocationList $ attributeA 112 1.1 tron uthorityRevocationList $ attributeDescriptorCertificate ) ) 113 1.1 tron olcObjectClasses: {3}( id-oc-attCertCRLDistributionPts NAME 'attCertCRLDistrib 114 1.1 tron utionPt' DESC 'X.509 Attribute certificate CRL distribution point object clas 115 1.1 tron s' SUP top AUXILIARY MAY ( attributeCertificateRevocationList $ attributeAuth 116 1.1 tron orityRevocationList ) ) 117 1.1 tron olcObjectClasses: {4}( id-oc-pmiDelegationPath NAME 'pmiDelegationPath' DESC ' 118 1.1 tron X.509 PMI delegation path' SUP top AUXILIARY MAY delegationPath ) 119 1.1 tron olcObjectClasses: {5}( id-oc-privilegePolicy NAME 'privilegePolicy' DESC 'X.50 120 1.1 tron 9 Privilege policy object class' SUP top AUXILIARY MAY privPolicy ) 121 1.1 tron olcObjectClasses: {6}( id-oc-protectedPrivilegePolicy NAME 'protectedPrivilege 122 1.1 tron Policy' DESC 'X.509 Protected privilege policy object class' SUP top AUXILIAR 123 1.1 tron Y MAY protPrivPolicy ) 124
Indexes created Tue May 05 00:25:04 UTC 2026