ldap pki and pmi schemas
Download
Skip this Video
Download Presentation
LDAP PKI and PMI Schemas

Loading in 2 Seconds...

play fullscreen
1 / 8

LDAP PKI and PMI Schemas - PowerPoint PPT Presentation


  • 114 Views
  • Uploaded on

TrustCoM Project http://www.eu-trustcom.com/. LDAP PKI and PMI Schemas. [email protected] 3 IDs in the series. Internet X.509 Public Key Infrastructure LDAP Schema for X.509 CRLs <draft-ietf-pkix-ldap-crl-schema-02.txt>

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'LDAP PKI and PMI Schemas' - erica-dale


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
ldap pki and pmi schemas
TrustCoM Project

http://www.eu-trustcom.com/

LDAP PKI and PMI Schemas

[email protected]

TrustCoM Project University of Salford

3 ids in the series
3 IDs in the series
  • Internet X.509 Public Key Infrastructure LDAP Schema for X.509 CRLs
  • Internet X.509 Public Key Infrastructure

LDAP Schema for X.509 Attribute Certificates

  • Internet X.509 Public Key Infrastructure

LDAP Schema for X.509 Certificates

ALL DESTINED FOR INFORMATIONAL RFCS

TrustCoM Project University of Salford

attribute extraction
[ ]Attribute Extraction

LDAP

directory

XPS

server

+

Search for Att 1.. Att i

Return X.509 attribute

Att1, Att2…Att n

CA/AA

TrustCoM Project University of Salford

the dit structure
The DIT Structure
  • PKCs and ACs are held in child entries
  • CRLs are held in child subtrees

dc=com

dc=myorg

dc=com

dc=myorg

ou=My CA

ou=people

CRL

AC containing roles

cn=my entry

Encryption PKC

CRL entries

Signing PKC

serialno=nnnn + issuer=‘ou=MyCA,dc=myorg,dc=com’

TrustCoM Project University of Salford

implementation details
Implementation Details
  • Implemented in OpenLDAP 2.2.11 and newer
  • Code is not in the main branch yet since it's being reviewed by OpenLDAP programmers

TrustCoM Project University of Salford

ldap client view of xps
LDAP Client view of XPS

TrustCoM Project University of Salford

way forward
Way Forward
  • Latest versions
    • Added IANA considerations and acks, re-arranged object classes, aligned all 3 IDs, minor corrections
  • Outstanding Issues
    • None
  • WG Last Call ?? Is it needed for an Inf RFC
  • Ready to go now

TrustCoM Project University of Salford

other ldap work
Other LDAP work
  • V3 Profile

TrustCoM Project University of Salford

ad