[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Implementing a matching rule for binary (ie: 1.3.6.1.4.1.1466.115.121.1.5)
Kurt Zeilenga wrote:
>
> On Feb 20, 2009, at 6:11 PM, Stef wrote:
>
>> I'm working on using openldap to store certificate requests (ie: PKCS#10
>> and SPKAC).
>>
>> I thought I'd use the binary syntax '1.3.6.1.4.1.1466.115.121.1.5' for
>> my custom attribute.
>
> Why? This syntax should be avoided. It was dropped with revised LDAP
> specifications (RFC 4510) for good reason. Any uses of it will suffer
> significant interoperability problems.
Interesting. Thanks for the clear reply.
I guess that means that uses of the userSMIMECertificate and userPKCS12
attributes in openldap will encounter these problems. These are both
defined with the syntax of '1.3.6.1.4.1.1466.115.121.1.5'.
Cheers,
Stef