summaryrefslogtreecommitdiffstats
path: root/servers/slapd/schema/pmi.ldif
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--servers/slapd/schema/pmi.ldif123
1 files changed, 123 insertions, 0 deletions
diff --git a/servers/slapd/schema/pmi.ldif b/servers/slapd/schema/pmi.ldif
new file mode 100644
index 0000000..ee709ef
--- /dev/null
+++ b/servers/slapd/schema/pmi.ldif
@@ -0,0 +1,123 @@
+# OpenLDAP X.509 PMI schema
+# $OpenLDAP$
+## This work is part of OpenLDAP Software <http://www.openldap.org/>.
+##
+## Copyright 1998-2021 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## <http://www.OpenLDAP.org/license.html>.
+#
+## Portions Copyright (C) The Internet Society (1997-2006).
+## All Rights Reserved.
+#
+# Includes LDAPv3 schema items from:
+# ITU X.509 (08/2005)
+#
+# This file was automatically generated from pmi.schema; see that file
+# for complete references.
+#
+dn: cn=pmi,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: pmi
+olcObjectIdentifier: {0}id-oc-pmiUser 2.5.6.24
+olcObjectIdentifier: {1}id-oc-pmiAA 2.5.6.25
+olcObjectIdentifier: {2}id-oc-pmiSOA 2.5.6.26
+olcObjectIdentifier: {3}id-oc-attCertCRLDistributionPts 2.5.6.27
+olcObjectIdentifier: {4}id-oc-privilegePolicy 2.5.6.32
+olcObjectIdentifier: {5}id-oc-pmiDelegationPath 2.5.6.33
+olcObjectIdentifier: {6}id-oc-protectedPrivilegePolicy 2.5.6.34
+olcObjectIdentifier: {7}id-at-attributeCertificate 2.5.4.58
+olcObjectIdentifier: {8}id-at-attributeCertificateRevocationList 2.5.4.59
+olcObjectIdentifier: {9}id-at-aACertificate 2.5.4.61
+olcObjectIdentifier: {10}id-at-attributeDescriptorCertificate 2.5.4.62
+olcObjectIdentifier: {11}id-at-attributeAuthorityRevocationList 2.5.4.63
+olcObjectIdentifier: {12}id-at-privPolicy 2.5.4.71
+olcObjectIdentifier: {13}id-at-role 2.5.4.72
+olcObjectIdentifier: {14}id-at-delegationPath 2.5.4.73
+olcObjectIdentifier: {15}id-at-protPrivPolicy 2.5.4.74
+olcObjectIdentifier: {16}id-at-xMLPrivilegeInfo 2.5.4.75
+olcObjectIdentifier: {17}id-at-xMLPprotPrivPolicy 2.5.4.76
+olcObjectIdentifier: {18}id-mr 2.5.13
+olcObjectIdentifier: {19}id-mr-attributeCertificateMatch id-mr:42
+olcObjectIdentifier: {20}id-mr-attributeCertificateExactMatch id-mr:45
+olcObjectIdentifier: {21}id-mr-holderIssuerMatch id-mr:46
+olcObjectIdentifier: {22}id-mr-authAttIdMatch id-mr:53
+olcObjectIdentifier: {23}id-mr-roleSpecCertIdMatch id-mr:54
+olcObjectIdentifier: {24}id-mr-basicAttConstraintsMatch id-mr:55
+olcObjectIdentifier: {25}id-mr-delegatedNameConstraintsMatch id-mr:56
+olcObjectIdentifier: {26}id-mr-timeSpecMatch id-mr:57
+olcObjectIdentifier: {27}id-mr-attDescriptorMatch id-mr:58
+olcObjectIdentifier: {28}id-mr-acceptableCertPoliciesMatch id-mr:59
+olcObjectIdentifier: {29}id-mr-delegationPathMatch id-mr:61
+olcObjectIdentifier: {30}id-mr-sOAIdentifierMatch id-mr:66
+olcObjectIdentifier: {31}id-mr-indirectIssuerMatch id-mr:67
+olcObjectIdentifier: {32}AttributeCertificate 1.3.6.1.4.1.4203.666.11.10.2.1
+olcObjectIdentifier: {33}CertificateList 1.3.6.1.4.1.1466.115.121.1.9
+olcObjectIdentifier: {34}AttCertPath 1.3.6.1.4.1.4203.666.11.10.2.4
+olcObjectIdentifier: {35}PolicySyntax 1.3.6.1.4.1.4203.666.11.10.2.5
+olcObjectIdentifier: {36}RoleSyntax 1.3.6.1.4.1.4203.666.11.10.2.6
+olcLdapSyntaxes: {0}( 1.3.6.1.4.1.4203.666.11.10.2.4 DESC 'X.509 PMI attribute
+ cartificate path: SEQUENCE OF AttributeCertificate' X-SUBST '1.3.6.1.4.1.146
+ 6.115.121.1.15' )
+olcLdapSyntaxes: {1}( 1.3.6.1.4.1.4203.666.11.10.2.5 DESC 'X.509 PMI policy sy
+ ntax' X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' )
+olcLdapSyntaxes: {2}( 1.3.6.1.4.1.4203.666.11.10.2.6 DESC 'X.509 PMI role synt
+ ax' X-SUBST '1.3.6.1.4.1.1466.115.121.1.15' )
+olcAttributeTypes: {0}( id-at-role NAME 'role' DESC 'X.509 Role attribute, use
+ ;binary' SYNTAX RoleSyntax )
+olcAttributeTypes: {1}( id-at-xMLPrivilegeInfo NAME 'xmlPrivilegeInfo' DESC 'X
+ .509 XML privilege information attribute' SYNTAX 1.3.6.1.4.1.1466.115.121.1.1
+ 5 )
+olcAttributeTypes: {2}( id-at-attributeCertificate NAME 'attributeCertificateA
+ ttribute' DESC 'X.509 Attribute certificate attribute, use ;binary' EQUALITY
+ attributeCertificateExactMatch SYNTAX AttributeCertificate )
+olcAttributeTypes: {3}( id-at-aACertificate NAME 'aACertificate' DESC 'X.509 A
+ A certificate attribute, use ;binary' EQUALITY attributeCertificateExactMatch
+ SYNTAX AttributeCertificate )
+olcAttributeTypes: {4}( id-at-attributeDescriptorCertificate NAME 'attributeDe
+ scriptorCertificate' DESC 'X.509 Attribute descriptor certificate attribute,
+ use ;binary' EQUALITY attributeCertificateExactMatch SYNTAX AttributeCertific
+ ate )
+olcAttributeTypes: {5}( id-at-attributeCertificateRevocationList NAME 'attribu
+ teCertificateRevocationList' DESC 'X.509 Attribute certificate revocation lis
+ t attribute, use ;binary' SYNTAX CertificateList X-EQUALITY 'certificateListE
+ xactMatch, not implemented yet' )
+olcAttributeTypes: {6}( id-at-attributeAuthorityRevocationList NAME 'attribute
+ AuthorityRevocationList' DESC 'X.509 AA certificate revocation list attribute
+ , use ;binary' SYNTAX CertificateList X-EQUALITY 'certificateListExactMatch,
+ not implemented yet' )
+olcAttributeTypes: {7}( id-at-delegationPath NAME 'delegationPath' DESC 'X.509
+ Delegation path attribute, use ;binary' SYNTAX AttCertPath )
+olcAttributeTypes: {8}( id-at-privPolicy NAME 'privPolicy' DESC 'X.509 Privile
+ ge policy attribute, use ;binary' SYNTAX PolicySyntax )
+olcAttributeTypes: {9}( id-at-protPrivPolicy NAME 'protPrivPolicy' DESC 'X.509
+ Protected privilege policy attribute, use ;binary' EQUALITY attributeCertifi
+ cateExactMatch SYNTAX AttributeCertificate )
+olcAttributeTypes: {10}( id-at-xMLPprotPrivPolicy NAME 'xmlPrivPolicy' DESC 'X
+ .509 XML Protected privilege policy attribute' SYNTAX 1.3.6.1.4.1.1466.115.12
+ 1.1.15 )
+olcObjectClasses: {0}( id-oc-pmiUser NAME 'pmiUser' DESC 'X.509 PMI user objec
+ t class' SUP top AUXILIARY MAY attributeCertificateAttribute )
+olcObjectClasses: {1}( id-oc-pmiAA NAME 'pmiAA' DESC 'X.509 PMI AA object clas
+ s' SUP top AUXILIARY MAY ( aACertificate $ attributeCertificateRevocationList
+ $ attributeAuthorityRevocationList ) )
+olcObjectClasses: {2}( id-oc-pmiSOA NAME 'pmiSOA' DESC 'X.509 PMI SOA object c
+ lass' SUP top AUXILIARY MAY ( attributeCertificateRevocationList $ attributeA
+ uthorityRevocationList $ attributeDescriptorCertificate ) )
+olcObjectClasses: {3}( id-oc-attCertCRLDistributionPts NAME 'attCertCRLDistrib
+ utionPt' DESC 'X.509 Attribute certificate CRL distribution point object clas
+ s' SUP top AUXILIARY MAY ( attributeCertificateRevocationList $ attributeAuth
+ orityRevocationList ) )
+olcObjectClasses: {4}( id-oc-pmiDelegationPath NAME 'pmiDelegationPath' DESC '
+ X.509 PMI delegation path' SUP top AUXILIARY MAY delegationPath )
+olcObjectClasses: {5}( id-oc-privilegePolicy NAME 'privilegePolicy' DESC 'X.50
+ 9 Privilege policy object class' SUP top AUXILIARY MAY privPolicy )
+olcObjectClasses: {6}( id-oc-protectedPrivilegePolicy NAME 'protectedPrivilege
+ Policy' DESC 'X.509 Protected privilege policy object class' SUP top AUXILIAR
+ Y MAY protPrivPolicy )