RFC Errata
RFC 7642, "System for Cross-domain Identity Management: Definitions, Overview, Concepts, and Requirements", September 2015
Source of RFC: scim (sec)
Errata ID: 8470
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Matthias Winter
Date Reported: 2025-06-20
Held for Document Update by: Deb Cooley
Date Held: 2025-12-28
Section 8.7.1 says:
{
"name" : "x509Certificates",
"type" : "complex",
"multiValued" : true,
"description" : "A list of certificates issued to the User.",
"required" : false,
"caseExact" : false,
"subAttributes" : [
{
"name" : "value",
"type" : "binary",
"multiValued" : false,
"description" : "The value of an X.509 certificate.",
"required" : false,
"caseExact" : false,
"mutability" : "readWrite",
"returned" : "default",
"uniqueness" : "none"
},
It should say:
{
"name" : "x509Certificates",
"type" : "complex",
"multiValued" : true,
"description" : "A list of certificates issued to the User.",
"required" : false,
"caseExact" : false,
"subAttributes" : [
{
"name" : "value",
"type" : "binary",
"multiValued" : false,
"description" : "The value of an X.509 certificate.",
"required" : false,
"caseExact" : true,
"mutability" : "readWrite",
"returned" : "default"
},
Notes:
Section 2.3.6 indicates that "binary [...] has no uniqueness." The "x509Certificates" binary "value" subattribute currently lists a "uniqueness" property which should be removed. (See also Errata ID: 6000 - Binary attributes are case-exact)