3.1.4.1.3.22 RequestFilter

The <RequestFilter> complex type is provided in a request and used by the server to filter the GetPoliciesResponse to contain only CertificateEnrollmentPolicy objects that satisfy the filter.

 <xs:complexType name="RequestFilter">
   <xs:sequence>
     <xs:element name="policyOIDs" type="xcep:FilterOIDCollection"
       nillable="true" />
     <xs:element name="clientVersion" type="xs:int" nillable="true" />
     <xs:element name="serverVersion" type="xs:int" nillable="true" />
     <xs:any namespace="##any" processContents="lax"
       minOccurs="0" maxOccurs="unbounded" />
   </xs:sequence>
 </xs:complexType>

policyOIDs: An instance of a FilterOIDCollection object as defined in section 3.1.4.1.3.14. If the <policyOIDs> element is nil, the server MUST NOT apply an OID filter to the policies returned in the GetPoliciesResponse message.

clientVersion: The server SHOULD only return CertificateEnrollmentPolicy objects whose bitwise AND of the <privateKeyFlags> element of the <attributes> element with 0x0F000000 is smaller than or equal to 0x0Z000000, where Z denotes the value of the clientVersion.<2>

serverVersion: The server SHOULD only return the CertificateEnrollmentPolicy objects whose bitwise AND of the <privateKeyFlags> element of the <attributes> element with 0x000F0000 is smaller than or equal to 0x000Y0000, where Y denotes the value of the serverVersion.<3>

##any: This element provides a vendor-extensible point. Additional elements MAY be included as part of a RequestFilter object instance. Additional elements MAY be ignored by a server.