[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: About userSMIMECertificate&userPKCS12 attributes
ZhangPu wrote:
> There is a question about the attributes userSMIMECertificate and
> userPKCS12.
>
> Currently, OpenLDAP does not support the ";binary" transferring method
> for the two attributes above although this had been defined in RFC2798.
>
> Because the syntax of these two attributes was defined with
> "1.3.6.1.4.1.1466.115.121.1.5" (also this syntax was defined as meaning
> "BINARY" in RFC2252), I'm not sure, are these two attributes always
> transferred by BINARY mode in any case from client to server or from
> server to client?
>
> They have SYNTAX that it is "BINARY", so I assume maybe these two
> attributes are handled by a different processing to "jpegphoto" or
> "audio".
Yes. But this is only relevant for matching rules and syntax validation.
In search results you will get back the binary data.
> I think "jpegphoto" and "audio" can be transferred by both
> BINARY and BASE64 mode. <-- Is my understanding correct?
There's no such thing like a base64 mode for LDAP search operations.
> In addition, does Kurt will correct RFC2798 document to restrict
> transferred method of "userSMIMECertificate" and "userPKCS12" to "::"
It seems you're mixing the LDIF text file representation of directory data
and what you get back as a result of LDAP search operation.
Ciao, Michael.