David Partridge wrote:
We need to add in the pkiCA, pkiUser, and deltaCRL ObjectClasses to be in compliance with RFC 4523 to our DS builds.Are these subset of objectClasses from RFC 4523 for Compliance with RFC 4523? If these are correct I will continue this to make recommended changes for the Attribute and ObjectClasses defined in RFC 4523 for 00core.ldif in conjunction to my testing to propose to the 389 community.
Please do not edit 00core.ldif.389 1.2.1 has a separate schema file for this schema now - 05rfc4523.ldif - if you upgrade to 1.2.3 it will automatically fix existing schema to use this new schema file.
objectClasses: ( 2.5.6.22 NAME 'pkiCA' DESC 'X.509 PKI Certificate Authority' SUP top AUXILIARY MAY ( cACertificate $ certificateRevocationList $ authorityRevocationList $ crossCertificatePair ) X-ORIGIN 'RFC 4523' )objectClasses: ( 2.5.6.23 NAME 'deltaCRL' DESC 'X.509 delta CRL' SUP top AUXILIARY MAY deltaRevocationList X-ORIGIN 'RFC 4523')objectClasses: ( 2.5.6.21 NAME 'pkiUser' DESC 'X.509 PKI User' SUP top AUXILIARY MAY userCertificate X-ORIGIN 'RFC 4523')Thanks*David M. Partridge*
<<attachment: smime.p7s>>
-- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users