View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0009624 | 10000-018: Role-Based Security | Spec | public | 2024-06-26 22:56 | 2025-02-25 08:09 |
| Reporter | Randy Armstrong | Assigned To | Matthias Damm | ||
| Priority | urgent | Severity | major | Reproducibility | always |
| Status | resolved | Resolution | no change required | ||
| Product Version | 1.05.04 | ||||
| Summary | 0009624: Clarification for 'SubjectName' in Part 18 | ||||
| Description | Add RFC 4514, LDAP: String Representation of Distinguished Names Update If the criteriaType is X509Subject, the criteria is the X509 subject name of a Certificate of a user which is trusted by the Server. The format of the subject name criteria consists of a sequence of name value pairs using the syntax defined by Section 3 in RFC 4514. The Each name shall be one of entries in Table 8 and shall be followed by a '=' and then followed by the value. The names are case insensitive. The order shall be by the order shown in Table 8 with the lowest number first. Every value from Table 8 present in the Certificate shall be included in the criteria, others shall not be included. The value may be any printable character with reserved characters escaped as defined in RFC 4514. For example: CN=Smith\, John", /O=Company. Table 8 contains all subject name attributes where support is required by X509 and some commonly used attributes where support is optional. Additional fields may be added in the future. If one name is used multiple times in the certificate, the name is also repeated in the criteria. The entries with the same name are entered in the order they appear in the Certificate. All names listed in Table 8 that are included in the X509 subject name shall match the content of the criteria. Names not included in Table 8 are ignored. Add 10 STREET Street Address | ||||
| Tags | No tags attached. | ||||
| Commit Version | |||||
| Fix Due Date | |||||
| related to | 0009990 | assigned | Randy Armstrong | 10000-012: Discovery | Inconsistent SubjectName requirements in Part 12 and Part 6 |
|
|
As discussed in 0009990 it is not possible to change the fomat since it makes existing implementations incompatible for no reason. |
|
|
Any change to the syntax would require a new criteria type since it would make all existing implementations but also all existing product instance configurations incompatible. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-06-26 22:56 | Randy Armstrong | New Issue | |
| 2024-06-26 22:56 | Randy Armstrong | Status | new => assigned |
| 2024-06-26 22:56 | Randy Armstrong | Assigned To | => Randy Armstrong |
| 2024-06-26 22:56 | Randy Armstrong | Issue generated from: 0009615 | |
| 2024-06-26 22:57 | Randy Armstrong | Project | 10000-006: Mappings => 10000-018: Role-Based Security |
| 2025-02-25 08:06 | Matthias Damm | Relationship added | related to 0009990 |
| 2025-02-25 08:06 | Matthias Damm | Assigned To | Randy Armstrong => Matthias Damm |
| 2025-02-25 08:07 | Matthias Damm | Note Added: 0022404 | |
| 2025-02-25 08:09 | Matthias Damm | Status | assigned => resolved |
| 2025-02-25 08:09 | Matthias Damm | Resolution | open => no change required |
| 2025-02-25 08:09 | Matthias Damm | Note Added: 0022405 |
