Class CIM_AcceptCredentialFrom
extends CIM_Dependency

This association specifies that a credential management service (e.g., CertificateAuthority or Kerberos key distribution service) is to be trusted to certify credentials, presented at the packet level. The association defines an 'approved' CredentialManagementService that is used for validation. The use of this class is best explained via an example: If a CertificateAuthority is specified using this association, and a corresponding X509CredentialFilterEntry is also associated with a PacketFilterCondition (via the relationship, FilterOfPacketCondition), then the credential MUST match the FilterEntry data AND be certified by that CA (or one of the CredentialManagementServices in its trust hierarchy). Otherwise, the X509CredentialFilterEntry is deemed not to match. If a credential is certified by a CredentialManagementService associated with the PacketFilterCondition through the AcceptCredentialFrom relationship, but there is no corresponding CredentialFilterEntry, then all credentials from the related service are considered to match.

Table of Contents
Hierarchy
Direct Known Subclasses
Class Qualifiers
Class Properties
Class Methods


Class Hierarchy

CIM_Dependency
   |
   +--CIM_AcceptCredentialFrom

Direct Known Subclasses

Class Qualifiers

NameData TypeValue
Associationbooleantrue
DescriptionstringThis association specifies that a credential management service (e.g., CertificateAuthority or Kerberos key distribution service) is to be trusted to certify credentials, presented at the packet level. The association defines an 'approved' CredentialManagementService that is used for validation. The use of this class is best explained via an example: If a CertificateAuthority is specified using this association, and a corresponding X509CredentialFilterEntry is also associated with a PacketFilterCondition (via the relationship, FilterOfPacketCondition), then the credential MUST match the FilterEntry data AND be certified by that CA (or one of the CredentialManagementServices in its trust hierarchy). Otherwise, the X509CredentialFilterEntry is deemed not to match. If a credential is certified by a CredentialManagementService associated with the PacketFilterCondition through the AcceptCredentialFrom relationship, but there is no corresponding CredentialFilterEntry, then all credentials from the related service are considered to match.
MappingStringsstringIPSP Policy Model.IETF|AcceptCredentialFrom
UMLPackagePathstringCIM::Policy
Versionstring2.8.0

Class Properties

Association References

NameClass OriginReference Class
AntecedentCIM_AcceptCredentialFromCIM_CredentialManagementService
DependentCIM_AcceptCredentialFromCIM_PacketFilterCondition

Class Methods