diff options
Diffstat (limited to 'source4/heimdal/lib/hdb/hdb.asn1')
-rw-r--r-- | source4/heimdal/lib/hdb/hdb.asn1 | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/source4/heimdal/lib/hdb/hdb.asn1 b/source4/heimdal/lib/hdb/hdb.asn1 index c8a1a34b4f..c8c276ff6e 100644 --- a/source4/heimdal/lib/hdb/hdb.asn1 +++ b/source4/heimdal/lib/hdb/hdb.asn1 @@ -1,4 +1,4 @@ --- $Id: hdb.asn1,v 1.13 2005/08/11 13:15:44 lha Exp $ +-- $Id: hdb.asn1,v 1.17 2006/08/24 10:45:19 lha Exp $ HDB DEFINITIONS ::= BEGIN @@ -41,7 +41,10 @@ HDBFlags ::= BIT STRING { require-hwauth(10), -- must use hwauth ok-as-delegate(11), -- as in TicketFlags user-to-user(12), -- may use user-to-user auth - immutable(13) -- may not be deleted + immutable(13), -- may not be deleted + trusted-for-delegation(14), -- Trusted to print forwardabled tickets + allow-kerberos4(15), -- Allow Kerberos 4 requests + allow-digest(16) -- Allow digest requests } GENERATION ::= SEQUENCE { @@ -52,10 +55,14 @@ GENERATION ::= SEQUENCE { HDB-Ext-PKINIT-acl ::= SEQUENCE OF SEQUENCE { subject[0] UTF8String, - issuer[1] UTF8String + issuer[1] UTF8String OPTIONAL, + anchor[2] UTF8String OPTIONAL } -HDB-Ext-PKINIT-certificate ::= SEQUENCE OF OCTET STRING +HDB-Ext-PKINIT-hash ::= SEQUENCE OF SEQUENCE { + digest-type[0] OBJECT IDENTIFIER, + digest[1] OCTET STRING +} HDB-Ext-Constrained-delegation-acl ::= SEQUENCE OF Principal @@ -80,7 +87,7 @@ HDB-extension ::= SEQUENCE { -- be rejected data[1] CHOICE { pkinit-acl[0] HDB-Ext-PKINIT-acl, - pkinit-cert[1] HDB-Ext-PKINIT-certificate, + pkinit-cert-hash[1] HDB-Ext-PKINIT-hash, allowed-to-delegate-to[2] HDB-Ext-Constrained-delegation-acl, -- referral-info[3] HDB-Ext-Referrals, lm-owf[4] HDB-Ext-Lan-Manager-OWF, |