Bonjour, 2017-01-23 8:55 GMT+01:00 Michael Ströder <[email protected]>:
> Francesco Sordi wrote: > > Unfortunately ITU did not clarify if this attribute is part of a new > class (i.e. legal > > person) or if it is an attribute for the organization objectclass or > another one. > > I would like to find an exixsting implementation, after all this > attribute has been > > "invented" in 2008. > > I look at a lot of different LDAP schema definitions. Until you brought up > this I never > saw 'organizationIdentifier' in a LDAP schema. So you probably have to use > it in your own > custom object class. Note that LDAP RFCs (e.g. RFC 4524) have X.501(1993) > as normative > references. > And while X.520 introduced this attribute, X.521 hasn't included it in any class. > BTW: I can imagine a lot of diffent IDs for companies, > educational/governmental > organizations, etc. So the more interesting question is: > What's the _exact_ semantics of that attribute? > There is no "exact" semantics for this attribute. ETSI EN 319412-1 has a proposed one that is to be used in the eIDAS context (using national trade register number or a national VAT number), but this semantics is not mandatory. Francesco, as said, you'll have to create your new class for this. Either you create an auxiliary class so this attribute can be added to any entry, or you create a brand new structural class containing all the bells and whistles you want. > Ciao, Michael. > > > Il Giovedì 19 Gennaio 2017 0:46, Quanah Gibson-Mount <[email protected]> > ha scritto: > > > > > > --On Wednesday, January 18, 2017 10:59 AM +0000 Francesco Sordi > > <[email protected] <mailto:[email protected]>> wrote: > > > >> attributeType ( id-at-organizationIdentifier > >> NAME 'organizationIdentifier' > >> DESC 'X520 attribute Organization Identifier' > >> SUP name > >> EQUALITY caseIgnoreMatch > >> SUBSTR caseIgnoreSubstringsMatch SINGLE-VALUE ) > >> > >> > >> But i cannot understand which objectclass can use this attribute and how > >> to add an object using it. > > > > You would need to create a custom objectClass that allows this attribute. > > > > Regards, > > Quanah > -- Erwann.
