1 karl  1.1.2.2 // Copyright (c) 2005 DMTF.  All rights reserved.
 2                  [Version ( "2.8.0" ), 
 3                   UMLPackagePath ( "CIM::User::PublicKey" ), 
 4                   Description ( 
 5                      "A Certificate Authority (CA) is a credential management "
 6                      "service that issues and cryptographically signs certificates. "
 7                      "It acts as an trusted third-party intermediary in establishing "
 8                      "trust relationships. The CA authenticates the identity of the "
 9                      "holder of the \'private\' key, related to the certificate\'s "
10                      "\'public\' key." )]
11               class CIM_CertificateAuthority : CIM_CredentialManagementService {
12               
13                     [Description ( 
14                         "The CAPolicyStatement describes what care is taken by "
15                         "the CertificateAuthority when signing a new certificate. "
16                         "The CAPolicyStatment may be a dot-delimited ASN.1 OID "
17                         "string which identifies to the formal policy statement." )]
18                  string CAPolicyStatement;
19               
20                     [Description ( 
21                         "A CRL, or CertificateRevocationList, is a list of "
22 karl  1.1.2.2           "certificates which the CertificateAuthority has revoked "
23                         "and which are not yet expired. Revocation is necessary "
24                         "when the private key associated with the public key of a "
25                         "certificate is lost or compromised, or when the person "
26                         "for whom the certificate is signed no longer is entitled "
27                         "to use the certificate." ), 
28                      OctetString]
29                  string CRL[];
30               
31                     [Description ( 
32                         "Certificate revocation lists may be available from a "
33                         "number of distribution points. CRLDistributionPoint "
34                         "array values provide URIs for those distribution points." )]
35                  string CRLDistributionPoint[];
36               
37                     [Description ( 
38                         "Certificates refer to their issuing CA by its "
39                         "Distinguished Name (as defined in X.501)." ), 
40                      Dn]
41                  string CADistinguishedName;
42               
43 karl  1.1.2.2       [Description ( 
44                         "The frequency, expressed in hours, at which the CA will "
45                         "update its Certificate Revocation List. Zero implies "
46                         "that the refresh frequency is unknown." ), 
47                      Units ( "Hours" ), 
48                      PUnit ( "hour" )]
49                  uint8 CRLRefreshFrequency;
50               
51                     [Description ( 
52                         "The maximum number of certificates in a certificate "
53                         "chain permitted for credentials issued by this "
54                         "certificate authority or it\'s subordinate CAs. \n"
55                         "The MaxChainLength of a superior CA in the trust "
56                         "hierarchy should be greater than this value and the "
57                         "MaxChainLength of a subordinate CA in the trust "
58                         "hierarchy should be less than this value." )]
59                  uint8 MaxChainLength;
60               
61               
62               };