On Aug 10, 2007, at 1:56 PM, Alex Karasulu wrote:

<big snip>
That's quite useful but not quite definitive :-).  I guess the first thing is to check if triplesec trunk has update the oids...looks like "no".

I don't think it has so yes you are right.  It is using a Safehaus based OID branch.

So should triplesec (lets assume we can merge our efforts) get
1.3.6.1.4.1.18060.0.4.6 
and then
 1.3.6.1.4.1.18060.0.4.X.0  ApacheDS LDAP Schema syntaxes
1.3.6.1.4.1.18060.0.4.X.1 ApacheDS LDAP Schema matchingRules
1.3.6.1.4.1.18060.0.4.X.2 ApacheDS LDAP Schema attributeTypes
1.3.6.1.4.1.18060.0.4.X.3 ApacheDS LDAP Schema objectClasses
1.3.6.1.4.1.18060.0.4.X.4 ApacheDS LDAP Schema dITStructureRules
1.3.6.1.4.1.18060.0.4.X.5 ApacheDS LDAP Schema nameForms

where X == 6 for the different types?

1.3.6.1.4.1.18060.0.4.6 is the branch you are creating for Triplesec?  If you take another
look at the document we already allocated 1.3.6.1.4.1.18060.0.1 as the Tsec base.  You
can then assign various kinds of schema elements to OIDs off this base.  Here's what I
would do:

1.3.6.1.4.1.18060.0.1.0 Tsec LDAP Schema syntaxes
1.3.6.1.4.1.18060.0.1.1 Tsec LDAP Schema matchingRules
1.3.6.1.4.1.18060.0.1.2 Tsec LDAP Schema attributeTypes
1.3.6.1.4.1.18060.0.1.3 Tsec LDAP Schema objectClasses
1.3.6.1.4.1.18060.0.1.4 Tsec LDAP Schema dITStructureRules
1.3.6.1.4.1.18060.0.1.5 Tsec LDAP Schema nameForms



I'm happy to use these but.... right below where the page suggests 1.3.6.1.4.1.18060.0.1 as the tsec base it says "um, that's not a good idea, even better...." and says 1.3.6.1.4.1.18060.0.1 should be for ApacheDS LDAP Extended Operations

I followed what I thought the second suggestion was.  I'm happy with either scheme or yet a third one.... let me know.  I think it might be a good idea for this page to have clearer advice :-)

thanks
david jencks