1 marek 1.1 // Copyright (c) 2005 DMTF. All rights reserved.
2 [Version ( "2.8.0" ),
3 UMLPackagePath ( "CIM::User::PublicKey" ),
4 Description (
5 "A Certificate Authority (CA) is a credential management "
6 "service that issues and cryptographically signs certificates. "
7 "It acts as an trusted third-party intermediary in establishing "
8 "trust relationships. The CA authenticates the identity of the "
9 "holder of the \'private\' key, related to the certificate\'s "
10 "\'public\' key." )]
11 class CIM_CertificateAuthority : CIM_CredentialManagementService {
12
13 [Description (
14 "The CAPolicyStatement describes what care is taken by "
15 "the CertificateAuthority when signing a new certificate. "
16 "The CAPolicyStatment may be a dot-delimited ASN.1 OID "
17 "string which identifies to the formal policy statement." )]
18 string CAPolicyStatement;
19
20 [Description (
21 "A CRL, or CertificateRevocationList, is a list of "
22 marek 1.1 "certificates which the CertificateAuthority has revoked "
23 "and which are not yet expired. Revocation is necessary "
24 "when the private key associated with the public key of a "
25 "certificate is lost or compromised, or when the person "
26 "for whom the certificate is signed no longer is entitled "
27 "to use the certificate." ),
28 OctetString]
29 string CRL[];
30
31 [Description (
32 "Certificate revocation lists may be available from a "
33 "number of distribution points. CRLDistributionPoint "
34 "array values provide URIs for those distribution points." )]
35 string CRLDistributionPoint[];
36
37 [Description (
38 "Certificates refer to their issuing CA by its "
39 "Distinguished Name (as defined in X.501)." ),
40 Dn]
41 string CADistinguishedName;
42
43 marek 1.1 [Description (
44 "The frequency, expressed in hours, at which the CA will "
45 "update its Certificate Revocation List. Zero implies "
46 "that the refresh frequency is unknown." ),
47 Units ( "Hours" ),
48 PUnit ( "hour" )]
49 uint8 CRLRefreshFrequency;
50
51 [Description (
52 "The maximum number of certificates in a certificate "
53 "chain permitted for credentials issued by this "
54 "certificate authority or it\'s subordinate CAs. \n"
55 "The MaxChainLength of a superior CA in the trust "
56 "hierarchy should be greater than this value and the "
57 "MaxChainLength of a subordinate CA in the trust "
58 "hierarchy should be less than this value." )]
59 uint8 MaxChainLength;
60
61
62 };
|