D.3.3.7.1 User Identity sub-item structure(A-ASSOCIATE-RQ)

The User Identity Negotiation Sub-Item shall be made of a sequence of mandatory fixed and variable length fields. This Sub-Item is optional and if supported, only one User Identity Negotiation Sub-Item shall be present in the User Data Item of the A-ASSOCIATE-RQ. Table D.3-14 shows the sequence of the mandatory fields.

Table D.3-14User Identity Negotiation SUB-ITEM FIELDS(A-ASSOCIATE-RQ)

Item Bytes Field Name Description of Field
1 Item-type 58H
2 Reserved This reserved field shall be sent with a value 00H but not tested to this value when received.
3 - 4 Item-length This Item-length shall be the number of bytes from the first byte of the following field to the last byte of the last field sent. It shall be encoded as an unsigned binary number.
5 User-Identity-Type Field value shall be in the range 1 to 4 with the following meanings: 1 – Username as a string in UTF-8 2 – Username as a string in UTF-8 and passcode 3 – Kerberos Service ticket 4 – SAML Assertion Other values are reserved for future standardization.
6 Positive-response-requested Field value: 0 - no response requested 1 - positive response requested
7-8 Primary-field-length The User-Identity-Length shall contain the length of the User-Identity value.
9-n Primary-field This field shall convey the user identity, either the username as a series of characters, or the Kerberos Service ticket encoded in accordance with RFC-1510.
n+1-n+2 Secondary-field-length This field shall be non-zero only if User-Identity-Type has the value 2. It shall contain the length of the secondary-field.
n+3-m Secondary-field This field shall be present only if User-Identity-Type has the value 2. It shall contain the Passcode value.