| Name | Data Type | Default Value | Qualifiers |
| Name | Data Type | Value |
| MatchFieldName | uint32 | |
| Description | string | MatchFieldName specifies the X.509 attribute to match against MatchFieldValue. Note that this enumeration is modified from the IETF's IPSP Policy Model to explicitly list the 'standard' X.509 attributes. |
| MappingStrings | string | IPSP Policy Model.IETF|CredentialFilterEntry.MatchFieldName |
| ModelCorrespondence | string | CIM_X509CredentialFilterEntry.MatchFieldValue |
| Required | boolean | true |
| ValueMap | string | 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, .., 0x8000.. |
| Values | string | Other, Version, Serial Number, Signature Algorithm Identifier, Issuer Name, Validity Period, Subject Name, Subject Public Key Info, Key Usage, Alternate Name, DMTF Reserved, Vendor Reserved |
| MatchFieldValue | string | |
| Description | string | MatchFieldValue specifies the value to compare with the credential attribute (defined in MatchFieldName), to determine if the credential matches this filter entry. An implementation must convert this string to a DER- encoded string before matching against the values extracted from credentials at runtime.
Note that a wildcard mechanism may be used when MatchFieldName specifies a general character string (for example, if MatchFieldName=7, 'Subject Name'). MatchFieldValue may contain a wildcard character, '*', in the pattern match specification. For example, for 'Subject Name', a MatchFieldValue of 'cn=*,ou=engineering,o=foo,c=be' will successfully match a certificate whose subject attribute is 'cn=JaneDoe,ou=engineering,o=foo,c=be'. A wildcard can be used to represent 0 or more characters as would be displayed to the user (i.e., a wildcard pattern match operates on displayable character boundaries). |
| MappingStrings | string | IPSP Policy Model.IETF|CredentialFilterEntry.MatchFieldName |
| ModelCorrespondence | string | CIM_X509CredentialFilterEntry.MatchFieldName |
| Required | boolean | true |