source: branches/samba-3.5.x/source4/heimdal/lib/asn1/rfc2459.asn1

Last change on this file was 414, checked in by Herwig Bauernfeind, 16 years ago

Samba 3.5.0: Initial import
File size: 16.6 KB
Line 
1-- $Id$ --
2-- Definitions from rfc2459/rfc3280
3
4RFC2459 DEFINITIONS ::= BEGIN
5
6IMPORTS heim_any FROM heim;
7
8Version ::= INTEGER {
9 rfc3280_version_1(0),
10 rfc3280_version_2(1),
11 rfc3280_version_3(2)
12}
13
14id-pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
15 rsadsi(113549) pkcs(1) 1 }
16id-pkcs1-rsaEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 1 }
17id-pkcs1-md2WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 2 }
18id-pkcs1-md5WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 4 }
19id-pkcs1-sha1WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 5 }
20id-pkcs1-sha256WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 11 }
21id-pkcs1-sha384WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 12 }
22id-pkcs1-sha512WithRSAEncryption OBJECT IDENTIFIER ::= { id-pkcs-1 13 }
23
24id-heim-rsa-pkcs1-x509 OBJECT IDENTIFIER ::= { 1 2 752 43 16 1 }
25
26id-pkcs-2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
27 rsadsi(113549) pkcs(1) 2 }
28id-pkcs2-md2 OBJECT IDENTIFIER ::= { id-pkcs-2 2 }
29id-pkcs2-md4 OBJECT IDENTIFIER ::= { id-pkcs-2 4 }
30id-pkcs2-md5 OBJECT IDENTIFIER ::= { id-pkcs-2 5 }
31
32id-rsa-digestAlgorithm OBJECT IDENTIFIER ::=
33{ iso(1) member-body(2) us(840) rsadsi(113549) 2 }
34
35id-rsa-digest-md2 OBJECT IDENTIFIER ::= { id-rsa-digestAlgorithm 2 }
36id-rsa-digest-md4 OBJECT IDENTIFIER ::= { id-rsa-digestAlgorithm 4 }
37id-rsa-digest-md5 OBJECT IDENTIFIER ::= { id-rsa-digestAlgorithm 5 }
38
39id-pkcs-3 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
40 rsadsi(113549) pkcs(1) 3 }
41
42id-pkcs3-rc2-cbc OBJECT IDENTIFIER ::= { id-pkcs-3 2 }
43id-pkcs3-rc4 OBJECT IDENTIFIER ::= { id-pkcs-3 4 }
44id-pkcs3-des-ede3-cbc OBJECT IDENTIFIER ::= { id-pkcs-3 7 }
45
46id-rsadsi-encalg OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
47 rsadsi(113549) 3 }
48
49id-rsadsi-rc2-cbc OBJECT IDENTIFIER ::= { id-rsadsi-encalg 2 }
50id-rsadsi-des-ede3-cbc OBJECT IDENTIFIER ::= { id-rsadsi-encalg 7 }
51
52id-secsig-sha-1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
53 oiw(14) secsig(3) algorithm(2) 26 }
54
55id-nistAlgorithm OBJECT IDENTIFIER ::= {
56 joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) 4 }
57
58id-nist-aes-algs OBJECT IDENTIFIER ::= { id-nistAlgorithm 1 }
59
60id-aes-128-cbc OBJECT IDENTIFIER ::= { id-nist-aes-algs 2 }
61id-aes-192-cbc OBJECT IDENTIFIER ::= { id-nist-aes-algs 22 }
62id-aes-256-cbc OBJECT IDENTIFIER ::= { id-nist-aes-algs 42 }
63
64id-nist-sha-algs OBJECT IDENTIFIER ::= { id-nistAlgorithm 2 }
65
66id-sha256 OBJECT IDENTIFIER ::= { id-nist-sha-algs 1 }
67id-sha224 OBJECT IDENTIFIER ::= { id-nist-sha-algs 4 }
68id-sha384 OBJECT IDENTIFIER ::= { id-nist-sha-algs 2 }
69id-sha512 OBJECT IDENTIFIER ::= { id-nist-sha-algs 3 }
70
71id-dhpublicnumber OBJECT IDENTIFIER ::= {
72 iso(1) member-body(2) us(840) ansi-x942(10046)
73 number-type(2) 1 }
74
75-- ECC
76
77id-ecPublicKey OBJECT IDENTIFIER ::= {
78 iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 }
79
80id-ecDH OBJECT IDENTIFIER ::= {
81 iso(1) identified-organization(3) certicom(132) schemes(1)
82 ecdh(12) }
83
84id-ecMQV OBJECT IDENTIFIER ::= {
85 iso(1) identified-organization(3) certicom(132) schemes(1)
86 ecmqv(13) }
87
88id-ecdsa-with-SHA256 OBJECT IDENTIFIER ::= {
89 iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
90 ecdsa-with-SHA2(3) 2 }
91
92id-ecdsa-with-SHA1 OBJECT IDENTIFIER ::= {
93 iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 1 }
94
95-- some EC group ids
96
97id-ec-group-secp256r1 OBJECT IDENTIFIER ::= {
98 iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3)
99 prime(1) 7 }
100
101id-ec-group-secp160r1 OBJECT IDENTIFIER ::= {
102 iso(1) identified-organization(3) certicom(132) 0 8 }
103
104id-ec-group-secp160r2 OBJECT IDENTIFIER ::= {
105 iso(1) identified-organization(3) certicom(132) 0 30 }
106
107-- DSA
108
109id-x9-57 OBJECT IDENTIFIER ::= {
110 iso(1) member-body(2) us(840) ansi-x942(10046) 4 }
111
112id-dsa OBJECT IDENTIFIER ::= { id-x9-57 1 }
113id-dsa-with-sha1 OBJECT IDENTIFIER ::= { id-x9-57 3 }
114
115-- x.520 names types
116
117id-x520-at OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) ds(5) 4 }
118
119id-at-commonName OBJECT IDENTIFIER ::= { id-x520-at 3 }
120id-at-surname OBJECT IDENTIFIER ::= { id-x520-at 4 }
121id-at-serialNumber OBJECT IDENTIFIER ::= { id-x520-at 5 }
122id-at-countryName OBJECT IDENTIFIER ::= { id-x520-at 6 }
123id-at-localityName OBJECT IDENTIFIER ::= { id-x520-at 7 }
124id-at-stateOrProvinceName OBJECT IDENTIFIER ::= { id-x520-at 8 }
125id-at-streetAddress OBJECT IDENTIFIER ::= { id-x520-at 9 }
126id-at-organizationName OBJECT IDENTIFIER ::= { id-x520-at 10 }
127id-at-organizationalUnitName OBJECT IDENTIFIER ::= { id-x520-at 11 }
128id-at-name OBJECT IDENTIFIER ::= { id-x520-at 41 }
129id-at-givenName OBJECT IDENTIFIER ::= { id-x520-at 42 }
130id-at-initials OBJECT IDENTIFIER ::= { id-x520-at 43 }
131id-at-generationQualifier OBJECT IDENTIFIER ::= { id-x520-at 44 }
132id-at-pseudonym OBJECT IDENTIFIER ::= { id-x520-at 65 }
133-- RFC 2247
134id-Userid OBJECT IDENTIFIER ::=
135 { 0 9 2342 19200300 100 1 1 }
136id-domainComponent OBJECT IDENTIFIER ::=
137 { 0 9 2342 19200300 100 1 25 }
138
139
140-- rfc3280
141
142id-x509-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29}
143
144AlgorithmIdentifier ::= SEQUENCE {
145 algorithm OBJECT IDENTIFIER,
146 parameters heim_any OPTIONAL
147}
148
149AttributeType ::= OBJECT IDENTIFIER
150
151AttributeValue ::= heim_any
152
153TeletexStringx ::= [UNIVERSAL 20] IMPLICIT OCTET STRING
154
155DirectoryString ::= CHOICE {
156 ia5String IA5String,
157 teletexString TeletexStringx,
158 printableString PrintableString,
159 universalString UniversalString,
160 utf8String UTF8String,
161 bmpString BMPString
162}
163
164Attribute ::= SEQUENCE {
165 type AttributeType,
166 value SET OF -- AttributeValue -- heim_any
167}
168
169AttributeTypeAndValue ::= SEQUENCE {
170 type AttributeType,
171 value DirectoryString
172}
173
174RelativeDistinguishedName ::= SET OF AttributeTypeAndValue
175
176RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
177
178Name ::= CHOICE {
179 rdnSequence RDNSequence
180}
181
182CertificateSerialNumber ::= INTEGER
183
184Time ::= CHOICE {
185 utcTime UTCTime,
186 generalTime GeneralizedTime
187}
188
189Validity ::= SEQUENCE {
190 notBefore Time,
191 notAfter Time
192}
193
194UniqueIdentifier ::= BIT STRING
195
196SubjectPublicKeyInfo ::= SEQUENCE {
197 algorithm AlgorithmIdentifier,
198 subjectPublicKey BIT STRING
199}
200
201Extension ::= SEQUENCE {
202 extnID OBJECT IDENTIFIER,
203 critical BOOLEAN OPTIONAL, -- DEFAULT FALSE XXX
204 extnValue OCTET STRING
205}
206
207Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
208
209TBSCertificate ::= SEQUENCE {
210 version [0] Version OPTIONAL, -- EXPLICIT nnn DEFAULT 1,
211 serialNumber CertificateSerialNumber,
212 signature AlgorithmIdentifier,
213 issuer Name,
214 validity Validity,
215 subject Name,
216 subjectPublicKeyInfo SubjectPublicKeyInfo,
217 issuerUniqueID [1] IMPLICIT BIT STRING -- UniqueIdentifier -- OPTIONAL,
218 -- If present, version shall be v2 or v3
219 subjectUniqueID [2] IMPLICIT BIT STRING -- UniqueIdentifier -- OPTIONAL,
220 -- If present, version shall be v2 or v3
221 extensions [3] EXPLICIT Extensions OPTIONAL
222 -- If present, version shall be v3
223}
224
225Certificate ::= SEQUENCE {
226 tbsCertificate TBSCertificate,
227 signatureAlgorithm AlgorithmIdentifier,
228 signatureValue BIT STRING
229}
230
231Certificates ::= SEQUENCE OF Certificate
232
233ValidationParms ::= SEQUENCE {
234 seed BIT STRING,
235 pgenCounter INTEGER
236}
237
238DomainParameters ::= SEQUENCE {
239 p INTEGER, -- odd prime, p=jq +1
240 g INTEGER, -- generator, g
241 q INTEGER, -- factor of p-1
242 j INTEGER OPTIONAL, -- subgroup factor
243 validationParms ValidationParms OPTIONAL -- ValidationParms
244}
245
246DHPublicKey ::= INTEGER
247
248OtherName ::= SEQUENCE {
249 type-id OBJECT IDENTIFIER,
250 value [0] EXPLICIT heim_any
251}
252
253GeneralName ::= CHOICE {
254 otherName [0] IMPLICIT -- OtherName -- SEQUENCE {
255 type-id OBJECT IDENTIFIER,
256 value [0] EXPLICIT heim_any
257 },
258 rfc822Name [1] IMPLICIT IA5String,
259 dNSName [2] IMPLICIT IA5String,
260-- x400Address [3] IMPLICIT ORAddress,--
261 directoryName [4] IMPLICIT -- Name -- CHOICE {
262 rdnSequence RDNSequence
263 },
264-- ediPartyName [5] IMPLICIT EDIPartyName, --
265 uniformResourceIdentifier [6] IMPLICIT IA5String,
266 iPAddress [7] IMPLICIT OCTET STRING,
267 registeredID [8] IMPLICIT OBJECT IDENTIFIER
268}
269
270GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
271
272id-x509-ce-keyUsage OBJECT IDENTIFIER ::= { id-x509-ce 15 }
273
274KeyUsage ::= BIT STRING {
275 digitalSignature (0),
276 nonRepudiation (1),
277 keyEncipherment (2),
278 dataEncipherment (3),
279 keyAgreement (4),
280 keyCertSign (5),
281 cRLSign (6),
282 encipherOnly (7),
283 decipherOnly (8)
284}
285
286id-x509-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-x509-ce 35 }
287
288KeyIdentifier ::= OCTET STRING
289
290AuthorityKeyIdentifier ::= SEQUENCE {
291 keyIdentifier [0] IMPLICIT OCTET STRING OPTIONAL,
292 authorityCertIssuer [1] IMPLICIT -- GeneralName --
293 SEQUENCE -- SIZE (1..MAX) -- OF GeneralName OPTIONAL,
294 authorityCertSerialNumber [2] IMPLICIT INTEGER OPTIONAL
295}
296
297id-x509-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-x509-ce 14 }
298
299SubjectKeyIdentifier ::= KeyIdentifier
300
301id-x509-ce-basicConstraints OBJECT IDENTIFIER ::= { id-x509-ce 19 }
302
303BasicConstraints ::= SEQUENCE {
304 cA BOOLEAN OPTIONAL -- DEFAULT FALSE --,
305 pathLenConstraint INTEGER (0..4294967295) OPTIONAL
306}
307
308id-x509-ce-nameConstraints OBJECT IDENTIFIER ::= { id-x509-ce 30 }
309
310BaseDistance ::= INTEGER -- (0..MAX) --
311
312GeneralSubtree ::= SEQUENCE {
313 base GeneralName,
314 minimum [0] IMPLICIT -- BaseDistance -- INTEGER OPTIONAL -- DEFAULT 0 --,
315 maximum [1] IMPLICIT -- BaseDistance -- INTEGER OPTIONAL
316}
317
318GeneralSubtrees ::= SEQUENCE -- SIZE (1..MAX) -- OF GeneralSubtree
319
320NameConstraints ::= SEQUENCE {
321 permittedSubtrees [0] IMPLICIT -- GeneralSubtrees -- SEQUENCE OF GeneralSubtree OPTIONAL,
322 excludedSubtrees [1] IMPLICIT -- GeneralSubtrees -- SEQUENCE OF GeneralSubtree OPTIONAL
323}
324
325id-x509-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= { id-x509-ce 16 }
326id-x509-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-x509-ce 32 }
327id-x509-ce-policyMappings OBJECT IDENTIFIER ::= { id-x509-ce 33 }
328id-x509-ce-subjectAltName OBJECT IDENTIFIER ::= { id-x509-ce 17 }
329id-x509-ce-issuerAltName OBJECT IDENTIFIER ::= { id-x509-ce 18 }
330id-x509-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-x509-ce 9 }
331id-x509-ce-policyConstraints OBJECT IDENTIFIER ::= { id-x509-ce 36 }
332
333id-x509-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-x509-ce 37}
334
335ExtKeyUsage ::= SEQUENCE OF OBJECT IDENTIFIER
336
337id-x509-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-x509-ce 31 }
338id-x509-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= { id-x509-ce 27 }
339id-x509-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= { id-x509-ce 28 }
340id-x509-ce-holdInstructionCode OBJECT IDENTIFIER ::= { id-x509-ce 23 }
341id-x509-ce-invalidityDate OBJECT IDENTIFIER ::= { id-x509-ce 24 }
342id-x509-ce-certificateIssuer OBJECT IDENTIFIER ::= { id-x509-ce 29 }
343id-x509-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-x509-ce 54 }
344
345DistributionPointReasonFlags ::= BIT STRING {
346 unused (0),
347 keyCompromise (1),
348 cACompromise (2),
349 affiliationChanged (3),
350 superseded (4),
351 cessationOfOperation (5),
352 certificateHold (6),
353 privilegeWithdrawn (7),
354 aACompromise (8)
355}
356
357DistributionPointName ::= CHOICE {
358 fullName [0] IMPLICIT -- GeneralNames -- SEQUENCE SIZE (1..MAX) OF GeneralName,
359 nameRelativeToCRLIssuer [1] RelativeDistinguishedName
360}
361
362DistributionPoint ::= SEQUENCE {
363 distributionPoint [0] IMPLICIT heim_any -- DistributionPointName -- OPTIONAL,
364 reasons [1] IMPLICIT heim_any -- DistributionPointReasonFlags -- OPTIONAL,
365 cRLIssuer [2] IMPLICIT heim_any -- GeneralNames -- OPTIONAL
366}
367
368CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
369
370
371-- rfc3279
372
373DSASigValue ::= SEQUENCE {
374 r INTEGER,
375 s INTEGER
376}
377
378DSAPublicKey ::= INTEGER
379
380DSAParams ::= SEQUENCE {
381 p INTEGER,
382 q INTEGER,
383 g INTEGER
384}
385
386-- draft-ietf-pkix-ecc-subpubkeyinfo-11
387
388ECPoint ::= OCTET STRING
389
390ECParameters ::= CHOICE {
391 namedCurve OBJECT IDENTIFIER
392 -- implicitCurve NULL
393 -- specifiedCurve SpecifiedECDomain
394}
395
396ECDSA-Sig-Value ::= SEQUENCE {
397 r INTEGER,
398 s INTEGER
399}
400
401-- really pkcs1
402
403RSAPublicKey ::= SEQUENCE {
404 modulus INTEGER, -- n
405 publicExponent INTEGER -- e
406}
407
408RSAPrivateKey ::= SEQUENCE {
409 version INTEGER (0..4294967295),
410 modulus INTEGER, -- n
411 publicExponent INTEGER, -- e
412 privateExponent INTEGER, -- d
413 prime1 INTEGER, -- p
414 prime2 INTEGER, -- q
415 exponent1 INTEGER, -- d mod (p-1)
416 exponent2 INTEGER, -- d mod (q-1)
417 coefficient INTEGER -- (inverse of q) mod p
418}
419
420DigestInfo ::= SEQUENCE {
421 digestAlgorithm AlgorithmIdentifier,
422 digest OCTET STRING
423}
424
425-- some ms ext
426
427-- szOID_ENROLL_CERTTYPE_EXTENSION "1.3.6.1.4.1.311.20.2" is Encoded as a
428
429-- UNICODESTRING (0x1E tag)
430
431-- szOID_CERTIFICATE_TEMPLATE "1.3.6.1.4.1.311.21.7" is Encoded as:
432
433-- TemplateVersion ::= INTEGER (0..4294967295)
434
435-- CertificateTemplate ::= SEQUENCE {
436-- templateID OBJECT IDENTIFIER,
437-- templateMajorVersion TemplateVersion,
438-- templateMinorVersion TemplateVersion OPTIONAL
439-- }
440
441
442--
443-- CRL
444--
445
446TBSCRLCertList ::= SEQUENCE {
447 version Version OPTIONAL, -- if present, MUST be v2
448 signature AlgorithmIdentifier,
449 issuer Name,
450 thisUpdate Time,
451 nextUpdate Time OPTIONAL,
452 revokedCertificates SEQUENCE OF SEQUENCE {
453 userCertificate CertificateSerialNumber,
454 revocationDate Time,
455 crlEntryExtensions Extensions OPTIONAL
456 -- if present, MUST be v2
457 } OPTIONAL,
458 crlExtensions [0] EXPLICIT Extensions OPTIONAL
459 -- if present, MUST be v2
460}
461
462
463CRLCertificateList ::= SEQUENCE {
464 tbsCertList TBSCRLCertList,
465 signatureAlgorithm AlgorithmIdentifier,
466 signatureValue BIT STRING
467}
468
469id-x509-ce-cRLNumber OBJECT IDENTIFIER ::= { id-x509-ce 20 }
470id-x509-ce-freshestCRL OBJECT IDENTIFIER ::= { id-x509-ce 46 }
471id-x509-ce-cRLReason OBJECT IDENTIFIER ::= { id-x509-ce 21 }
472
473CRLReason ::= ENUMERATED {
474 unspecified (0),
475 keyCompromise (1),
476 cACompromise (2),
477 affiliationChanged (3),
478 superseded (4),
479 cessationOfOperation (5),
480 certificateHold (6),
481 removeFromCRL (8),
482 privilegeWithdrawn (9),
483 aACompromise (10)
484}
485
486PKIXXmppAddr ::= UTF8String
487
488id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
489 dod(6) internet(1) security(5) mechanisms(5) pkix(7) }
490
491id-pkix-on OBJECT IDENTIFIER ::= { id-pkix 8 }
492id-pkix-on-xmppAddr OBJECT IDENTIFIER ::= { id-pkix-on 5 }
493id-pkix-on-dnsSRV OBJECT IDENTIFIER ::= { id-pkix-on 7 }
494
495id-pkix-kp OBJECT IDENTIFIER ::= { id-pkix 3 }
496id-pkix-kp-serverAuth OBJECT IDENTIFIER ::= { id-pkix-kp 1 }
497id-pkix-kp-clientAuth OBJECT IDENTIFIER ::= { id-pkix-kp 2 }
498id-pkix-kp-emailProtection OBJECT IDENTIFIER ::= { id-pkix-kp 4 }
499id-pkix-kp-timeStamping OBJECT IDENTIFIER ::= { id-pkix-kp 8 }
500id-pkix-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-pkix-kp 9 }
501
502id-pkix-pe OBJECT IDENTIFIER ::= { id-pkix 1 }
503
504id-pkix-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pkix-pe 1 }
505
506AccessDescription ::= SEQUENCE {
507 accessMethod OBJECT IDENTIFIER,
508 accessLocation GeneralName
509}
510
511AuthorityInfoAccessSyntax ::= SEQUENCE SIZE (1..MAX) OF AccessDescription
512
513-- RFC 3820 Proxy Certificate Profile
514
515id-pkix-pe-proxyCertInfo OBJECT IDENTIFIER ::= { id-pkix-pe 14 }
516
517id-pkix-ppl OBJECT IDENTIFIER ::= { id-pkix 21 }
518
519id-pkix-ppl-anyLanguage OBJECT IDENTIFIER ::= { id-pkix-ppl 0 }
520id-pkix-ppl-inheritAll OBJECT IDENTIFIER ::= { id-pkix-ppl 1 }
521id-pkix-ppl-independent OBJECT IDENTIFIER ::= { id-pkix-ppl 2 }
522
523ProxyPolicy ::= SEQUENCE {
524 policyLanguage OBJECT IDENTIFIER,
525 policy OCTET STRING OPTIONAL
526}
527
528ProxyCertInfo ::= SEQUENCE {
529 pCPathLenConstraint INTEGER (0..4294967295) OPTIONAL, -- really MAX
530 proxyPolicy ProxyPolicy
531}
532
533--- U.S. Federal PKI Common Policy Framework
534-- Card Authentication key
535id-uspkicommon-card-id OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 6 6 }
536id-uspkicommon-piv-interim OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 6 9 1 }
537
538--- Netscape extentions
539
540id-netscape OBJECT IDENTIFIER ::=
541 { joint-iso-itu-t(2) country(16) us(840) organization(1) netscape(113730) }
542id-netscape-cert-comment OBJECT IDENTIFIER ::= { id-netscape 1 13 }
543
544--- MS extentions
545
546id-ms-cert-enroll-domaincontroller OBJECT IDENTIFIER ::=
547 { 1 3 6 1 4 1 311 20 2 }
548
549id-ms-client-authentication OBJECT IDENTIFIER ::=
550 { 1 3 6 1 5 5 7 3 2 }
551
552-- DER:1e:20:00:44:00:6f:00:6d:00:61:00:69:00:6e:00:43:00:6f:00:6e:00:74:00:72:00:6f:00:6c:00:6c:00:65:00:72
553
554END
Note: See TracBrowser for help on using the repository browser.