extern const struct dom_sid global_sid_Asserted_Identity;
extern const struct dom_sid global_sid_Asserted_Identity_Service;
extern const struct dom_sid global_sid_Asserted_Identity_Authentication_Authority;
+extern const struct dom_sid global_sid_Fresh_Public_Key_Identity;
extern const struct dom_sid global_sid_Creator_Owner;
extern const struct dom_sid global_sid_Creator_Group;
extern const struct dom_sid global_sid_Owner_Rights;
const struct dom_sid global_sid_Asserted_Identity_Service = /* Asserted Identity Service */
{ 1, 1, {0,0,0,0,0,18}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+/* S-1-18-3 */
+const struct dom_sid global_sid_Fresh_Public_Key_Identity = /* Fresh Public Key Identity */
+{ 1, 1, {0,0,0,0,0,18}, {3,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
+
/* S-1-5-2 */
const struct dom_sid global_sid_Network = /* Network rids */
{ 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}};
*/
const string SID_SERVICE_ASSERTED_IDENTITY = "S-1-18-2";
+ /*
+ * This is added during the AS-REQ/AS-REP exchange after the
+ * PKINIT Freshness extension is used (shows current
+ * possession, rather than just a saved signature, of the
+ * client pulic key).
+ */
+ const string SID_FRESH_PUBLIC_KEY_IDENTITY = "S-1-18-3";
+
const string SID_COMPOUNDED_AUTHENTICATION = "S-1-5-21-0-0-0-496";
const string SID_CLAIMS_VALID = "S-1-5-21-0-0-0-497";