diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2010-05-21 15:15:20 -0400 |
|---|---|---|
| committer | Rob Crittenden <rcritten@redhat.com> | 2010-05-27 10:50:49 -0400 |
| commit | fe7cb34f76a04e04e4dd0ffe9e1795752b422e26 (patch) | |
| tree | 09b928bbf08db93bd598a84b9c1333ef86a9507c /install/share/key_escrow_schema.ldif | |
| parent | de154919a6dc7e2302af62735baa81773bb2b121 (diff) | |
| download | freeipa-fe7cb34f76a04e04e4dd0ffe9e1795752b422e26.tar.gz freeipa-fe7cb34f76a04e04e4dd0ffe9e1795752b422e26.tar.xz freeipa-fe7cb34f76a04e04e4dd0ffe9e1795752b422e26.zip | |
Re-number some attributes to compress our usage to be contiguous
No longer install the policy or key escrow schemas and remove their
OIDs for now.
594149
Diffstat (limited to 'install/share/key_escrow_schema.ldif')
| -rw-r--r-- | install/share/key_escrow_schema.ldif | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/install/share/key_escrow_schema.ldif b/install/share/key_escrow_schema.ldif new file mode 100644 index 000000000..d60f82037 --- /dev/null +++ b/install/share/key_escrow_schema.ldif @@ -0,0 +1,18 @@ +# Key escrow schema. Currently unused + +# Main schema: +attributeTypes: (2.16.840.1.113730.3.8.A.X NAME 'ipaVolumeEscrowPacket' DESC 'An encrypted packet containing a secret used for encrypting the volume' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE ) +attributeTypes: (2.16.840.1.113730.3.8.A.X NAME 'ipaVolumeHost' DESC 'Link to the host that contains this volume' SUP memberHost SYNTAX 1.3.6.1.4.1.1466.115.121.1.12) +attributeTypes: (2.16.840.1.113730.3.8.A.X NAME 'ipaVolumeKeySecretType' DESC 'Type of the secret defined in this packet' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE) +attributeTypes: (2.16.840.1.113730.3.8.A.X NAME 'ipaVolumeInfo' DESC 'Information about a volume: NAME:VALUE' SYNTAX 1.3.6.1.4.1.1466.115.121.1.40) +attributeTypes: (2.16.840.1.113730.3.8.A.X NAME 'ipaVolumeKeyObsoletionTimestamp' DESC 'Time when a key was marked as obsolete' SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 SINGLE-VALUE) +objectClasses: (2.16.840.1.113730.3.8.O.Y NAME 'ipaVolumeKey' SUP top STRUCTURAL MUST ( ipaUniqueID $ ipaVolumeHost $ ipaVolumeEscrowPacket ) MAY ( ipaVolumeKeySecretType $ ipaVolumeInfo $ ipaVolumeKeyObsoletionTimestamp )) + + +# Config schema: +attributeTypes: ( 2.16.840.1.113730.3.8.3.50 NAME 'ipaObsoleteEscrowPacketLifetime' DESC 'Number of days before an obsolete escrow packet is deleted (if a newer packet for the same volume is available)' SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE) +attributeTypes: ( 2.16.840.1.113730.3.8.3.51 NAME 'ipaEscrowKeyCertificate' DESC 'Certificate for encrypting escrow packets' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 SINGLE-VALUE) +attributeTypes: ( 2.16.840.1.113730.3.8.3.52 NAME 'ipaEscrowKey' DESC 'PKCS#12-formatted encrypted certificate and private key for encrypting escrow packets' SYNTAX 1.3.6.1.4.1.1466.115.121.1.5) + +# Attributes removed from config object +#$ ipaObsoleteEscrowPacketLifetime $ ipaEscrowKeyCertificate $ ipaEscrowKey |