/etc/dirsrv/schema/05rfc4523.ldif is in 389-ds-base 1.3.4.9-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 | # RFC 4523 - Schema Definitions for X.509 Certificates
################################################################################
#
dn: cn=schema
#
################################################################################
# TODO - Add Certificate syntax
#attributeTypes: ( 2.5.4.36 NAME 'userCertificate'
# DESC 'X.509 user certificate'
# EQUALITY certificateExactMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
attributeTypes: ( 2.5.4.36 NAME 'userCertificate'
DESC 'X.509 user certificate'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
X-ORIGIN 'RFC 4523' )
#
################################################################################
# TODO - Add Certificate syntax
#attributeTypes: ( 2.5.4.37 NAME 'cACertificate'
# DESC 'X.509 CA certificate'
# EQUALITY certificateExactMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
attributeTypes: ( 2.5.4.37 NAME 'cACertificate'
DESC 'X.509 CA certificate'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
X-ORIGIN 'RFC 4523' )
#
################################################################################
# TODO - Add CertificatePair syntax
#attributeTypes: ( 2.5.4.40 NAME 'crossCertificatePair'
# DESC 'X.509 cross certificate pair'
# EQUALITY certificatePairExactMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.10
# X-ORIGIN 'RFC 4523' )
attributeTypes: ( 2.5.4.40 NAME 'crossCertificatePair'
DESC 'X.509 cross certificate pair'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
X-ORIGIN 'RFC 4523' )
#
################################################################################
# TODO - Add CertificateList syntax
#attributeTypes: ( 2.5.4.39 NAME 'certificateRevocationList'
# DESC 'X.509 certificate revocation list'
# EQUALITY certificateListExactMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.9
# X-ORIGIN 'RFC 4523' )
attributeTypes: ( 2.5.4.39 NAME 'certificateRevocationList'
DESC 'X.509 certificate revocation list'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
X-ORIGIN 'RFC 4523' )
#
################################################################################
# TODO - Add CertificateList syntax
#attributeTypes: ( 2.5.4.38 NAME 'authorityRevocationList'
# DESC 'X.509 authority revocation list'
# EQUALITY certificateListExactMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.9
# X-ORIGIN 'RFC 4523' )
attributeTypes: ( 2.5.4.38 NAME 'authorityRevocationList'
DESC 'X.509 authority revocation list'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
X-ORIGIN 'RFC 4523' )
#
################################################################################
# TODO - Add CertificateList syntax
#attributeTypes: ( 2.5.4.53 NAME 'deltaRevocationList'
# DESC 'X.509 delta revocation list'
# EQUALITY certificateListExactMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.9
# X-ORIGIN 'RFC 4523' )
attributeTypes: ( 2.5.4.53 NAME 'deltaRevocationList'
DESC 'X.509 delta revocation list'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
X-ORIGIN 'RFC 4523' )
#
################################################################################
# TODO - Add SupportedAlgorithm syntax
#attributeTypes: ( 2.5.4.52 NAME 'supportedAlgorithms'
# DESC 'X.509 supported algorithms'
# EQUALITY algorithmIdentifierMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.49
# X-ORIGIN 'RFC 4523' )
attributeTypes: ( 2.5.4.52 NAME 'supportedAlgorithms'
DESC 'X.509 supported algorithms'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
X-ORIGIN 'RFC 4523' )
#
################################################################################
#
objectClasses: ( 2.5.6.21 NAME 'pkiUser'
DESC 'X.509 PKI User'
SUP top AUXILIARY
MAY userCertificate
X-ORIGIN 'RFC 4523' )
#
################################################################################
#
objectClasses: ( 2.5.6.22 NAME 'pkiCA'
DESC 'X.509 PKI Certificate Authority'
SUP top AUXILIARY
MAY ( cACertificate $ certificateRevocationList $
authorityRevocationList $ crossCertificatePair )
X-ORIGIN 'RFC 4523' )
#
################################################################################
#
objectClasses: ( 2.5.6.19 NAME 'cRLDistributionPoint'
DESC 'X.509 CRL distribution point'
SUP top STRUCTURAL
MUST cn
MAY ( certificateRevocationList $
authorityRevocationList $ deltaRevocationList )
X-ORIGIN 'RFC 4523' )
#
################################################################################
#
objectClasses: ( 2.5.6.23 NAME 'deltaCRL'
DESC 'X.509 delta CRL'
SUP top AUXILIARY
MAY deltaRevocationList
X-ORIGIN 'RFC 4523' )
#
################################################################################
#
objectClasses: ( 2.5.6.15 NAME 'strongAuthenticationUser'
DESC 'X.521 strong authentication user'
SUP top AUXILIARY
MUST userCertificate
X-ORIGIN 'RFC 4523' )
#
################################################################################
#
objectClasses: ( 2.5.6.18 NAME 'userSecurityInformation'
DESC 'X.521 user security information'
SUP top AUXILIARY
MAY ( supportedAlgorithms )
X-ORIGIN 'RFC 4523' )
#
################################################################################
#
objectClasses: ( 2.5.6.16 NAME 'certificationAuthority'
DESC 'X.509 certificate authority'
SUP top AUXILIARY
MUST ( authorityRevocationList $
certificateRevocationList $ cACertificate )
MAY crossCertificatePair
X-ORIGIN 'RFC 4523' )
#
################################################################################
#
objectClasses: ( 2.5.6.16.2 NAME 'certificationAuthority-V2'
DESC 'X.509 certificate authority, version 2'
SUP certificationAuthority AUXILIARY
MAY deltaRevocationList
X-ORIGIN 'RFC 4523' )
#
################################################################################
#
|