RFC 7643, "System for Cross-domain Identity Management: Core Schema", September 2015

Errata ID: 6000
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Shelley Baker
Date Reported: 2020-03-02

Section 8.7.1 says:

      {
        "name" : "x509Certificates",
        "type" : "complex",
        "multiValued" : true,
        "description" : "A list of certificates issued to the User.",
        "required" : false,
        "caseExact" : false,
        "subAttributes" : [
          {
            "name" : "value",
            "type" : "binary",
            "multiValued" : false,
            "description" : "The value of an X.509 certificate.",
            "required" : false,
            "caseExact" : false,
            "mutability" : "readWrite",
            "returned" : "default",
            "uniqueness" : "none"
          },

It should say:

      {
        "name" : "x509Certificates",
        "type" : "complex",
        "multiValued" : true,
        "description" : "A list of certificates issued to the User.",
        "required" : false,
        "caseExact" : false,
        "subAttributes" : [
          {
            "name" : "value",
            "type" : "binary",
            "multiValued" : false,
            "description" : "The value of an X.509 certificate.",
            "required" : false,
            "caseExact" : true,
            "mutability" : "readWrite",
            "returned" : "default",
            "uniqueness" : "none"
          },

Notes:

Section 2.3.6 indicates that "binary is case exact." The "x509Certificates" binary "value" subattribute's "caseExact" characteristic is currently listed as "false", but should be "true".

Report New Errata