Home

Results 61 - 70 of 251,630 for identifying. Search took 11.65 seconds.  
Sort by date/Sort by relevance
. -- public-key certificate and CRL extensions -- authorityKeyIdentifier EXTENSION ::= { SYNTAX AuthorityKeyIdentifier IDENTIFIED BY id-ce-authorityKeyIdentifier } AuthorityKeyIdentifier ::= SEQUENCE { keyIdentifier [0] KeyIdentifier OPTIONAL, authorityCertIssuer [1] GeneralNames OPTIONAL, authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL } ( WITH COMPONENTS {..., authorityCertIssuer PRESENT, authorityCertSerialNumber PRESENT} | WITH COMPONENTS {..., authorityCertIssuer ABSENT, authorityCertSerialNumber ABSENT} ) KeyIdentifier ::= OCTET STRING subjectKeyIdentifier EXTENSION ::= { SYNTAX SubjectKeyIdentifier IDENTIFIED BY id-ce-subjectKeyIdentifier } SubjectKeyIdentifier ::= KeyIdentifier keyUsage EXTENSION ::= { SYNTAX KeyUsage IDENTIFIED BY id-ce-keyUsage } KeyUsage ::= BIT STRING { digitalSignature (0), contentCommitment (1), keyEncipherment (2), dataEncipherment (3), keyAgreement (4), keyCertSign (5), cRLSign (6), encipherOnly (7), decipherOnly (8) } extKeyUsage EXTENSION ::= { SYNTAX SEQUENCE SIZE (1..MAX) OF KeyPurposeId IDENTIFIED BY id-ce-extKeyUsage } KeyPurposeId ::= OBJECT IDENTIFIER privateKeyUsagePeriod EXTENSION ::= { SYNTAX PrivateKeyUsagePeriod IDENTIFIED BY id-ce-privateKeyUsagePeriod } PrivateKeyUsagePeriod ::= SEQUENCE { notBefore [0] GeneralizedTime OPTIONAL, notAfter [1] GeneralizedTime OPTIONAL } ( WITH COMPONENTS {..., notBefore PRESENT} | WITH COMPONENTS {..., notAfter PRESENT} ) certificatePolicies EXTENSION ::= { SYNTAX CertificatePoliciesSyntax IDENTIFIED BY id-ce-certificatePolicies } CertificatePoliciesSyntax ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation PolicyInformation ::= SEQUENCE { policyIdentifier CertPolicyId, policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL } CertPolicyId ::= OBJECT IDENTIFIER PolicyQualifierInfo ::= SEQUENCE { policyQualifierId CERT-POLICY-QUALIFIER. (...) &Qualifier ({SupportedPolicyQualifiers}{@policyQualifierId}) OPTIONAL } SupportedPolicyQualifiers CERT-POLICY-QUALIFIER ::= { ... } anyPolicy OBJECT IDENTIFIER ::= { 2 5 29 32 0 } CERT-POLICY-QUALIFIER ::= CLASS { &id OBJECT IDENTIFIER UNIQUE, &Qualifier OPTIONAL } WITH SYNTAX { POLICY-QUALIFIER-ID &id [QUALIFIER-TYPE &Qualifier] } policyMappings EXTENSION ::= { SYNTAX PolicyMappingsSyntax IDENTIFIED BY id-ce-policyMappings } PolicyMappingsSyntax ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE { issuerDomainPolicy CertPolicyId, subjectDomainPolicy CertPolicyId } subjectAltName EXTENSION ::= { SYNTAX GeneralNames IDENTIFIED BY id-ce-subjectAltName } GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName GeneralName ::= CHOICE { otherName [0] INSTANCE OF OTHER-NAME, rfc822Name [1] IA5String, dNSName [2] IA5String, x400Address [3] ORAddress, directoryName [4] Name, ediPartyName [5] EDIPartyName, uniformResourceIdentifier [6] IA5String, iPAddress [7] OCTET STRING, registeredID [8] OBJECT IDENTIFIER } OTHER-NAME ::= TYPE-IDENTIFIER EDIPartyName ::= SEQUENCE { nameAssigner [0] UnboundedDirectoryString OPTIONAL, partyName [1] UnboundedDirectoryString } issuerAltName EXTENSION ::= { SYNTAX GeneralNames IDENTIFIED BY id-ce-issuerAltName } subjectDirectoryAttributes EXTENSION ::= { SYNTAX AttributesSyntax IDENTIFIED BY id-ce-subjectDirectoryAttributes } AttributesSyntax ::= SEQUENCE SIZE (1..MAX) OF Attribute{{SupportedAttributes}} basicConstraints EXTENSION ::= { SYNTAX BasicConstraintsSyntax IDENTIFIED BY id-ce-basicConstraints } BasicConstraintsSyntax ::= SEQUENCE { cA BOOLEAN DEFAULT FALSE, pathLenConstraint INTEGER (0..MAX) OPTIONAL } nameConstraints EXTENSION ::= { SYNTAX NameConstraintsSyntax IDENTIFIED BY id-ce-nameConstraints } NameConstraintsSyntax ::= SEQUENCE { permittedSubtrees [0] GeneralSubtrees OPTIONAL, excludedSubtrees [1] GeneralSubtrees OPTIONAL } (ALL EXCEPT ({ -- none; at least one component shall be present -- })) GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree GeneralSubtree ::= SEQUENCE { base GeneralName, minimum [0] BaseDistance DEFAULT 0, maximum [1] BaseDistance OPTIONAL } BaseDistance ::= INTEGER (0..MAX) policyConstraints EXTENSION ::= { SYNTAX PolicyConstraintsSyntax IDENTIFIED BY id-ce-policyConstraints } PolicyConstraintsSyntax ::= SEQUENCE { requireExplicitPolicy [0] SkipCerts OPTIONAL, inhibitPolicyMapping [1] SkipCerts OPTIONAL, ... } (WITH COMPONENTS {..., requireExplicitPolicy PRESENT } | WITH COMPONENTS {..., inhibitPolicyMapping PRESENT } ) -- At least one of the requireExplicitPolicy and inhibitPolicyMapping components shall be present. SkipCerts ::= INTEGER (0..MAX) inhibitAnyPolicy EXTENSION ::= { SYNTAX SkipCerts IDENTIFIED BY id-ce-inhibitAnyPolicy } cRLNumber EXTENSION ::= { SYNTAX CRLNumber IDENTIFIED BY id-ce-cRLNumber } CRLNumber ::= INTEGER (0..MAX) reasonCode EXTENSION ::= { SYNTAX CRLReason IDENTIFIED BY id-ce-reasonCode } CRLReason ::= ENUMERATED { unspecified (0), keyCompromise (1), cACompromise (2), affiliationChanged (3), superseded (4), cessationOfOperation (5), certificateHold (6), removeFromCRL (8), privilegeWithdrawn (9), aaCompromise (10) } holdInstructionCode EXTENSION ::= { SYNTAX HoldInstruction IDENTIFIED BY id-ce-instructionCode } HoldInstruction ::= OBJECT IDENTIFIER invalidityDate EXTENSION ::= { SYNTAX GeneralizedTime IDENTIFIED BY id-ce-invalidityDate } crlScope EXTENSION ::= { SYNTAX CRLScopeSyntax IDENTIFIED BY id-ce-cRLScope } CRLScopeSyntax ::= SEQUENCE SIZE (1..MAX) OF PerAuthorityScope PerAuthorityScope ::= SEQUENCE { authorityName [0] GeneralName OPTIONAL, distributionPoint [1] DistributionPointName OPTIONAL, onlyContains [2] OnlyCertificateTypes OPTIONAL, onlySomeReasons [4] ReasonFlags OPTIONAL, serialNumberRange [5] NumberRange OPTIONAL, subjectKeyIdRange [6] NumberRange OPTIONAL, nameSubtrees [7] GeneralNames OPTIONAL, baseRevocationInfo [9] BaseRevocationInfo OPTIONAL } OnlyCertificateTypes ::= BIT STRING { user (0), authority (1), attribute (2) } NumberRange ::= SEQUENCE { startingNumber [0] INTEGER OPTIONAL, endingNumber [1] INTEGER OPTIONAL, modulus INTEGER OPTIONAL } BaseRevocationInfo ::= SEQUENCE { cRLStreamIdentifier [0] CRLStreamIdentifier OPTIONAL, cRLNumber [1] CRLNumber, baseThisUpdate [2] GeneralizedTime } statusReferrals EXTENSION ::= { SYNTAX StatusReferrals IDENTIFIED BY id-ce-statusReferrals } StatusReferrals ::= SEQUENCE SIZE (1..MAX) OF StatusReferral StatusReferral ::= CHOICE { cRLReferral [0] CRLReferral, otherReferral [1] INSTANCE OF OTHER-REFERRAL } CRLReferral ::= SEQUENCE { issuer [0] GeneralName OPTIONAL, location [1] GeneralName OPTIONAL, deltaRefInfo [2] DeltaRefInfo OPTIONAL, cRLScope CRLScopeSyntax, lastUpdate [3] GeneralizedTime OPTIONAL, lastChangedCRL [4] GeneralizedTime OPTIONAL} DeltaRefInfo ::= SEQUENCE { deltaLocation GeneralName, lastDelta GeneralizedTime OPTIONAL } OTHER-REFERRAL ::= TYPE-IDENTIFIER cRLStreamIdentifier EXTENSION ::= { SYNTAX CRLStreamIdentifier IDENTIFIED BY id-ce-cRLStreamIdentifier } CRLStreamIdentifier ::= INTEGER (0..MAX) orderedList EXTENSION ::= { SYNTAX OrderedListSyntax IDENTIFIED BY id-ce-orderedList } OrderedListSyntax ::= ENUMERATED { ascSerialNum (0), ascRevDate (1) } deltaInfo EXTENSION ::= { SYNTAX DeltaInformation IDENTIFIED BY id-ce-deltaInfo } DeltaInformation ::= SEQUENCE { deltaLocation GeneralName, nextDelta GeneralizedTime OPTIONAL } toBeRevoked EXTENSION ::= { SYNTAX ToBeRevokedSyntax IDENTIFIED BY id-ce-toBeRevoked } ToBeRevokedSyntax ::= SEQUENCE SIZE(1..MAX) OF ToBeRevokedGroup ToBeRevokedGroup ::= SEQUENCE { certificateIssuer [0] GeneralName OPTIONAL, reasonInfo [1] ReasonInfo OPTIONAL, revocationTime GeneralizedTime, certificateGroup CertificateGroup } ReasonInfo ::= SEQUENCE { reasonCode CRLReason, holdInstructionCode HoldInstruction OPTIONAL } CertificateGroup ::= CHOICE { serialNumbers [0] CertificateSerialNumbers, serialNumberRange [1] CertificateGroupNumberRange, nameSubtree [2] GeneralName } CertificateGroupNumberRange ::= SEQUENCE { startingNumber [0] INTEGER, endingNumber [1] INTEGER } CertificateSerialNumbers ::= SEQUENCE SIZE(1..MAX) OF CertificateSerialNumber revokedGroups EXTENSION ::= { SYNTAX RevokedGroupsSyntax IDENTIFIED BY id-ce-RevokedGroups } RevokedGroupsSyntax ::= SEQUENCE SIZE (1..MAX) OF RevokedGroup RevokedGroup ::= SEQUENCE { certificateIssuer [0] GeneralName OPTIONAL, reasonInfo [1] ReasonInfo OPTIONAL, invalidityDate [2] GeneralizedTime OPTIONAL, revokedcertificateGroup [3] RevokedCertificateGroup } RevokedCertificateGroup ::= CHOICE { serialNumberRange NumberRange, nameSubtree GeneralName } expiredCertsOnCRL EXTENSION ::= { SYNTAX ExpiredCertsOnCRL IDENTIFIED BY id-ce-expiredCertsOnCRL } ExpiredCertsOnCRL ::= GeneralizedTime cRLDistributionPoints EXTENSION ::= { SYNTAX CRLDistPointsSyntax IDENTIFIED BY id-ce-cRLDistributionPoints } CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint DistributionPoint ::= SEQUENCE { distributionPoint [0] DistributionPointName OPTIONAL, reasons [1] ReasonFlags OPTIONAL, cRLIssuer [2] GeneralNames OPTIONAL } DistributionPointName ::= CHOICE { fullName [0] GeneralNames, nameRelativeToCRLIssuer [1] RelativeDistinguishedName } ReasonFlags ::= BIT STRING { unused (0), keyCompromise (1), cACompromise (2), affiliationChanged (3), superseded (4), cessationOfOperation (5), certificateHold (6), privilegeWithdrawn (7), aACompromise (8) } issuingDistributionPoint EXTENSION ::= { SYNTAX IssuingDistPointSyntax IDENTIFIED BY id-ce-issuingDistributionPoint } IssuingDistPointSyntax ::= SEQUENCE { -- If onlyContainsUserPublicKeyCerts and onlyContainsCACerts are both FALSE, -- the CRL covers both certificate types distributionPoint [0] DistributionPointName OPTIONAL, onlyContainsUserPublicKeyCerts [1] BOOLEAN DEFAULT FALSE, onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE, onlySomeReasons [3] ReasonFlags OPTIONAL, indirectCRL [4] BOOLEAN DEFAULT FALSE } certificateIssuer EXTENSION ::= { SYNTAX GeneralNames IDENTIFIED BY id-ce-certificateIssuer } deltaCRLIndicator EXTENSION ::= { SYNTAX BaseCRLNumber IDENTIFIED BY id-ce-deltaCRLIndicator } BaseCRLNumber ::= CRLNumber baseUpdateTime EXTENSION ::= { SYNTAX GeneralizedTime IDENTIFIED BY id-ce-baseUpdateTime } freshestCRL EXTENSION ::= { SYNTAX CRLDistPointsSyntax IDENTIFIED BY id-ce-freshestCRL } aAissuingDistributionPoint EXTENSION ::= { SYNTAX AAIssuingDistPointSyntax IDENTIFIED BY id-ce-aAissuingDistributionPoint } AAIssuingDistPointSyntax ::= SEQUENCE { distributionPoint [0] DistributionPointName OPTIONAL, onlySomeReasons [1] ReasonFlags OPTIONAL, indirectCRL [2] BOOLEAN DEFAULT FALSE, containsUserAttributeCerts [3] BOOLEAN DEFAULT TRUE, containsAACerts [4] BOOLEAN DEFAULT TRUE, containsSOAPublicKeyCerts [5] BOOLEAN DEFAULT TRUE } -- PKI matching rules -- certificateExactMatch MATCHING-RULE ::= { SYNTAX CertificateExactAssertion ID id-mr-certificateExactMatch } CertificateExactAssertion ::= SEQUENCE { serialNumber CertificateSerialNumber, issuer Name } certificateMatch MATCHING-RULE ::= { SYNTAX CertificateAssertion ID id-mr-certificateMatch } CertificateAssertion ::= SEQUENCE { serialNumber [0] CertificateSerialNumber OPTIONAL, issuer [1] Name OPTIONAL, subjectKeyIdentifier [2] SubjectKeyIdentifier OPTIONAL, authorityKeyIdentifier [3] AuthorityKeyIdentifier OPTIONAL, certificateValid [4] Time OPTIONAL, privateKeyValid [5] GeneralizedTime OPTIONAL, subjectPublicKeyAlgID [6] OBJECT IDENTIFIER OPTIONAL, keyUsage [7] KeyUsage OPTIONAL, subjectAltName [8] AltNameType OPTIONAL, policy [9] CertPolicySet OPTIONAL, pathToName [10] Name OPTIONAL, subject [11] Name OPTIONAL, nameConstraints [12] NameConstraintsSyntax OPTIONAL } AltNameType ::= CHOICE { builtinNameForm ENUMERATED { rfc822Name (1), dNSName (2), x400Address (3), directoryName (4), ediPartyName (5), uniformResourceIdentifier (6), iPAddress (7), registeredId (8) }, otherNameForm OBJECT IDENTIFIER } CertPolicySet ::= SEQUENCE SIZE (1..MAX) OF CertPolicyId certificatePairExactMatch MATCHING-RULE ::= { SYNTAX CertificatePairExactAssertion ID id-mr-certificatePairExactMatch } CertificatePairExactAssertion ::= SEQUENCE { issuedToThisCAAssertion [0] CertificateExactAssertion OPTIONAL, issuedByThisCAAssertion [1] CertificateExactAssertion OPTIONAL } ( WITH COMPONENTS {..., issuedToThisCAAssertion PRESENT} | WITH COMPONENTS {..., issuedByThisCAAssertion PRESENT} ) certificatePairMatch MATCHING-RULE ::= { SYNTAX CertificatePairAssertion ID id-mr-certificatePairMatch } CertificatePairAssertion ::= SEQUENCE { issuedToThisCAAssertion [0] CertificateAssertion OPTIONAL, issuedByThisCAAssertion [1] CertificateAssertion OPTIONAL } ( WITH COMPONENTS {..., issuedToThisCAAssertion PRESENT} | WITH COMPONENTS {..., issuedByThisCAAssertion PRESENT} ) certificateListExactMatch MATCHING-RULE ::= { SYNTAX CertificateListExactAssertion ID id-mr-certificateListExactMatch } CertificateListExactAssertion ::= SEQUENCE { issuer Name, thisUpdate Time, distributionPoint DistributionPointName OPTIONAL } certificateListMatch MATCHING-RULE ::= { SYNTAX CertificateListAssertion ID id-mr-certificateListMatch } CertificateListAssertion ::= SEQUENCE { issuer Name OPTIONAL, minCRLNumber [0] CRLNumber OPTIONAL, maxCRLNumber [1] CRLNumber OPTIONAL, reasonFlags ReasonFlags OPTIONAL, dateAndTime Time OPTIONAL, distributionPoint [2] DistributionPointName OPTIONAL, authorityKeyIdentifier [3] AuthorityKeyIdentifier OPTIONAL } algorithmIdentifierMatch MATCHING-RULE ::= { SYNTAX AlgorithmIdentifier{{SupportedAlgorithms}} ID id-mr-algorithmIdentifierMatch } policyMatch MATCHING-RULE ::= { SYNTAX PolicyID ID id-mr-policyMatch } pkiPathMatch MATCHING-RULE ::= { SYNTAX PkiPathMatchSyntax ID id-mr-pkiPathMatch } PkiPathMatchSyntax ::= SEQUENCE { firstIssuer Name, lastSubject Name } enhancedCertificateMatch MATCHING-RULE ::= { SYNTAX EnhancedCertificateAssertion ID id-mr-enhancedCertificateMatch } EnhancedCertificateAssertion ::= SEQUENCE { serialNumber [0] CertificateSerialNumber OPTIONAL, issuer [1] Name OPTIONAL, subjectKeyIdentifier [2] SubjectKeyIdentifier OPTIONAL, authorityKeyIdentifier [3] AuthorityKeyIdentifier OPTIONAL, certificateValid [4] Time OPTIONAL, privateKeyValid [5] GeneralizedTime OPTIONAL, subjectPublicKeyAlgID [6] OBJECT IDENTIFIER OPTIONAL, keyUsage [7] KeyUsage OPTIONAL, subjectAltName [8] AltName OPTIONAL, policy [9] CertPolicySet OPTIONAL, pathToName [10] GeneralNames OPTIONAL, subject [11] Name OPTIONAL, nameConstraints [12] NameConstraintsSyntax OPTIONAL } (ALL EXCEPT ({ -- none; at least one component shall be present -- })) AltName ::= SEQUENCE { altnameType AltNameType, altNameValue GeneralName OPTIONAL } -- Object identifier assignments -- id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= {id-ce 9} id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 14} id-ce-keyUsage OBJECT IDENTIFIER ::= {id-ce 15} id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= {id-ce 16} id-ce-subjectAltName OBJECT IDENTIFIER ::= {id-ce 17} id-ce-issuerAltName OBJECT IDENTIFIER ::= {id-ce 18} id-ce-basicConstraints OBJECT IDENTIFIER ::= {id-ce 19} id-ce-cRLNumber OBJECT IDENTIFIER ::= {id-ce 20} id-ce-reasonCode OBJECT IDENTIFIER ::= {id-ce 21} id-ce-instructionCode OBJECT IDENTIFIER ::= {id-ce 23} id-ce-invalidityDate OBJECT IDENTIFIER ::= {id-ce 24} id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= {id-ce 27} id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= {id-ce 28} id-ce-certificateIssuer OBJECT IDENTIFIER ::= {id-ce 29} id-ce-nameConstraints OBJECT IDENTIFIER ::= {id-ce 30} id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31} id-ce-certificatePolicies OBJECT IDENTIFIER ::= {id-ce 32} id-ce-policyMappings OBJECT IDENTIFIER ::= {id-ce 33} -- deprecated OBJECT IDENTIFIER ::= {id-ce 34} id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 35} id-ce-policyConstraints OBJECT IDENTIFIER ::= {id-ce 36} id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37} id-ce-cRLStreamIdentifier OBJECT IDENTIFIER ::= {id-ce 40} id-ce-cRLScope OBJECT IDENTIFIER ::= {id-ce 44} id-ce-statusReferrals OBJECT IDENTIFIER ::= {id-ce 45} id-ce-freshestCRL OBJECT IDENTIFIER ::= {id-ce 46} id-ce-orderedList OBJECT IDENTIFIER ::= {id-ce 47} id-ce-baseUpdateTime OBJECT IDENTIFIER ::= {id-ce 51} id-ce-deltaInfo OBJECT IDENTIFIER ::= {id-ce 53} id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= {id-ce 54} id-ce-toBeRevoked OBJECT IDENTIFIER ::= {id-ce 58} id-ce-RevokedGroups OBJECT IDENTIFIER ::= {id-ce 59} id-ce-expiredCertsOnCRL OBJECT IDENTIFIER ::= {id-ce 60} id-ce-aAissuingDistributionPoint OBJECT IDENTIFIER ::= {id-ce 63} -- matching rule OIDs -- id-mr-certificateExactMatch OBJECT IDENTIFIER ::= {id-mr 34} id-mr-certificateMatch OBJECT IDENTIFIER ::= {id-mr 35} id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= {id-mr 36} id-mr-certificatePairMatch OBJECT IDENTIFIER ::= {id-mr 37} id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= {id-mr 38} id-mr-certificateListMatch OBJECT IDENTIFIER ::= {id-mr 39} id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 40} id-mr-policyMatch OBJECT IDENTIFIER ::= {id-mr 60} id-mr-pkiPathMatch OBJECT IDENTIFIER ::= {id-mr 62} id-mr-enhancedCertificateMatch OBJECT IDENTIFIER ::= {id-mr 65} -- The following OBJECT IDENTIFIERS are not used by this Specification: -- {id-ce 2}, {id-ce 3}, {id-ce 4}, {id-ce 5}, {id-ce 6}, {id-ce 7}, -- {id-ce 8}, {id-ce 10}, {id-ce 11}, {id-ce 12}, {id-ce 13}, -- {id-ce 22}, {id-ce 25}, {id-ce 26} END -- CertificateExtensions
Language:English
Score: 394722.17 - https://www.itu.int/wftp3/Publ...2008/CertificateExtensions.asn
Data Source: un
. -- public-key certificate and CRL extensions authorityKeyIdentifier EXTENSION ::= { SYNTAX AuthorityKeyIdentifier IDENTIFIED BY id-ce-authorityKeyIdentifier } AuthorityKeyIdentifier ::= SEQUENCE { keyIdentifier [0] KeyIdentifier OPTIONAL, authorityCertIssuer [1] GeneralNames OPTIONAL, authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL, ... } (WITH COMPONENTS {..., authorityCertIssuer PRESENT, authorityCertSerialNumber PRESENT } | WITH COMPONENTS {..., authorityCertIssuer ABSENT, authorityCertSerialNumber ABSENT } ) KeyIdentifier ::= OCTET STRING subjectKeyIdentifier EXTENSION ::= { SYNTAX SubjectKeyIdentifier IDENTIFIED BY id-ce-subjectKeyIdentifier } SubjectKeyIdentifier ::= KeyIdentifier keyUsage EXTENSION ::= { SYNTAX KeyUsage IDENTIFIED BY id-ce-keyUsage } KeyUsage ::= BIT STRING { digitalSignature (0), contentCommitment (1), keyEncipherment (2), dataEncipherment (3), keyAgreement (4), keyCertSign (5), cRLSign (6), encipherOnly (7), decipherOnly (8) } extKeyUsage EXTENSION ::= { SYNTAX SEQUENCE SIZE (1..MAX) OF KeyPurposeId IDENTIFIED BY id-ce-extKeyUsage } KeyPurposeId ::= OBJECT IDENTIFIER privateKeyUsagePeriod EXTENSION ::= { SYNTAX PrivateKeyUsagePeriod IDENTIFIED BY id-ce-privateKeyUsagePeriod } PrivateKeyUsagePeriod ::= SEQUENCE { notBefore [0] GeneralizedTime OPTIONAL, notAfter [1] GeneralizedTime OPTIONAL, ... } (WITH COMPONENTS {..., notBefore PRESENT } | WITH COMPONENTS {..., notAfter PRESENT } ) certificatePolicies EXTENSION ::= { SYNTAX CertificatePoliciesSyntax IDENTIFIED BY id-ce-certificatePolicies } CertificatePoliciesSyntax ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation PolicyInformation ::= SEQUENCE { policyIdentifier CertPolicyId, policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL, ... } CertPolicyId ::= OBJECT IDENTIFIER PolicyQualifierInfo ::= SEQUENCE { policyQualifierId CERT-POLICY-QUALIFIER. (...) &Qualifier ({SupportedPolicyQualifiers}{@policyQualifierId}) OPTIONAL, ... } SupportedPolicyQualifiers CERT-POLICY-QUALIFIER ::= {...} anyPolicy OBJECT IDENTIFIER ::= {id-ce-certificatePolicies 0} CERT-POLICY-QUALIFIER ::= CLASS { &id OBJECT IDENTIFIER UNIQUE, &Qualifier OPTIONAL } WITH SYNTAX { POLICY-QUALIFIER-ID &id [QUALIFIER-TYPE &Qualifier] } policyMappings EXTENSION ::= { SYNTAX PolicyMappingsSyntax IDENTIFIED BY id-ce-policyMappings } PolicyMappingsSyntax ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE { issuerDomainPolicy CertPolicyId, subjectDomainPolicy CertPolicyId, ... } subjectAltName EXTENSION ::= { SYNTAX GeneralNames IDENTIFIED BY id-ce-subjectAltName } GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName GeneralName ::= CHOICE { otherName [0] INSTANCE OF OTHER-NAME, rfc822Name [1] IA5String, dNSName [2] IA5String, x400Address [3] ORAddress, directoryName [4] Name, ediPartyName [5] EDIPartyName, uniformResourceIdentifier [6] IA5String, iPAddress [7] OCTET STRING, registeredID [8] OBJECT IDENTIFIER, ... } OTHER-NAME ::= TYPE-IDENTIFIER EDIPartyName ::= SEQUENCE { nameAssigner [0] UnboundedDirectoryString OPTIONAL, partyName [1] UnboundedDirectoryString, ... } issuerAltName EXTENSION ::= { SYNTAX GeneralNames IDENTIFIED BY id-ce-issuerAltName } subjectDirectoryAttributes EXTENSION ::= { SYNTAX AttributesSyntax IDENTIFIED BY id-ce-subjectDirectoryAttributes } AttributesSyntax ::= SEQUENCE SIZE (1..MAX) OF Attribute{{SupportedAttributes}} basicConstraints EXTENSION ::= { SYNTAX BasicConstraintsSyntax IDENTIFIED BY id-ce-basicConstraints } BasicConstraintsSyntax ::= SEQUENCE { cA BOOLEAN DEFAULT FALSE, pathLenConstraint INTEGER(0..MAX) OPTIONAL, ... } nameConstraints EXTENSION ::= { SYNTAX NameConstraintsSyntax IDENTIFIED BY id-ce-nameConstraints } NameConstraintsSyntax ::= SEQUENCE { permittedSubtrees [0] GeneralSubtrees OPTIONAL, excludedSubtrees [1] GeneralSubtrees OPTIONAL, ... } (WITH COMPONENTS {..., permittedSubtrees PRESENT } | WITH COMPONENTS {..., excludedSubtrees PRESENT } ) GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree GeneralSubtree ::= SEQUENCE { base GeneralName, minimum [0] BaseDistance DEFAULT 0, maximum [1] BaseDistance OPTIONAL, ... } BaseDistance ::= INTEGER(0..MAX) policyConstraints EXTENSION ::= { SYNTAX PolicyConstraintsSyntax IDENTIFIED BY id-ce-policyConstraints } PolicyConstraintsSyntax ::= SEQUENCE { requireExplicitPolicy [0] SkipCerts OPTIONAL, inhibitPolicyMapping [1] SkipCerts OPTIONAL, ... } (WITH COMPONENTS {..., requireExplicitPolicy PRESENT } | WITH COMPONENTS {..., inhibitPolicyMapping PRESENT } ) SkipCerts ::= INTEGER(0..MAX) inhibitAnyPolicy EXTENSION ::= { SYNTAX SkipCerts IDENTIFIED BY id-ce-inhibitAnyPolicy } cRLNumber EXTENSION ::= { SYNTAX CRLNumber IDENTIFIED BY id-ce-cRLNumber } CRLNumber ::= INTEGER(0..MAX) crlScope EXTENSION ::= { SYNTAX CRLScopeSyntax IDENTIFIED BY id-ce-cRLScope } CRLScopeSyntax ::= SEQUENCE SIZE (1..MAX) OF PerAuthorityScope PerAuthorityScope ::= SEQUENCE { authorityName [0] GeneralName OPTIONAL, distributionPoint [1] DistributionPointName OPTIONAL, onlyContains [2] OnlyCertificateTypes OPTIONAL, onlySomeReasons [4] ReasonFlags OPTIONAL, serialNumberRange [5] NumberRange OPTIONAL, subjectKeyIdRange [6] NumberRange OPTIONAL, nameSubtrees [7] GeneralNames OPTIONAL, baseRevocationInfo [9] BaseRevocationInfo OPTIONAL, ... } OnlyCertificateTypes ::= BIT STRING { user (0), authority (1), attribute (2)} NumberRange ::= SEQUENCE { startingNumber [0] INTEGER OPTIONAL, endingNumber [1] INTEGER OPTIONAL, modulus INTEGER OPTIONAL, ... } BaseRevocationInfo ::= SEQUENCE { cRLStreamIdentifier [0] CRLStreamIdentifier OPTIONAL, cRLNumber [1] CRLNumber, baseThisUpdate [2] GeneralizedTime, ... } statusReferrals EXTENSION ::= { SYNTAX StatusReferrals IDENTIFIED BY id-ce-statusReferrals } StatusReferrals ::= SEQUENCE SIZE (1..MAX) OF StatusReferral StatusReferral ::= CHOICE { cRLReferral [0] CRLReferral, otherReferral [1] INSTANCE OF OTHER-REFERRAL, ... } CRLReferral ::= SEQUENCE { issuer [0] GeneralName OPTIONAL, location [1] GeneralName OPTIONAL, deltaRefInfo [2] DeltaRefInfo OPTIONAL, cRLScope CRLScopeSyntax, lastUpdate [3] GeneralizedTime OPTIONAL, lastChangedCRL [4] GeneralizedTime OPTIONAL, ... } DeltaRefInfo ::= SEQUENCE { deltaLocation GeneralName, lastDelta GeneralizedTime OPTIONAL, ... } OTHER-REFERRAL ::= TYPE-IDENTIFIER cRLStreamIdentifier EXTENSION ::= { SYNTAX CRLStreamIdentifier IDENTIFIED BY id-ce-cRLStreamIdentifier } CRLStreamIdentifier ::= INTEGER (0..MAX) orderedList EXTENSION ::= { SYNTAX OrderedListSyntax IDENTIFIED BY id-ce-orderedList } OrderedListSyntax ::= ENUMERATED { ascSerialNum (0), ascRevDate (1), ...} deltaInfo EXTENSION ::= { SYNTAX DeltaInformation IDENTIFIED BY id-ce-deltaInfo } DeltaInformation ::= SEQUENCE { deltaLocation GeneralName, nextDelta GeneralizedTime OPTIONAL, ... } toBeRevoked EXTENSION ::= { SYNTAX ToBeRevokedSyntax IDENTIFIED BY id-ce-toBeRevoked } ToBeRevokedSyntax ::= SEQUENCE SIZE (1..MAX) OF ToBeRevokedGroup ToBeRevokedGroup ::= SEQUENCE { certificateIssuer [0] GeneralName OPTIONAL, reasonInfo [1] ReasonInfo OPTIONAL, revocationTime GeneralizedTime, certificateGroup CertificateGroup, ... } ReasonInfo ::= SEQUENCE { reasonCode CRLReason, holdInstructionCode HoldInstruction OPTIONAL, ... } CertificateGroup ::= CHOICE { serialNumbers [0] CertificateSerialNumbers, serialNumberRange [1] CertificateGroupNumberRange, nameSubtree [2] GeneralName, ... } CertificateGroupNumberRange ::= SEQUENCE { startingNumber [0] INTEGER, endingNumber [1] INTEGER, ... } CertificateSerialNumbers ::= SEQUENCE SIZE (1..MAX) OF CertificateSerialNumber revokedGroups EXTENSION ::= { SYNTAX RevokedGroupsSyntax IDENTIFIED BY id-ce-RevokedGroups } RevokedGroupsSyntax ::= SEQUENCE SIZE (1..MAX) OF RevokedGroup RevokedGroup ::= SEQUENCE { certificateIssuer [0] GeneralName OPTIONAL, reasonInfo [1] ReasonInfo OPTIONAL, invalidityDate [2] GeneralizedTime OPTIONAL, revokedcertificateGroup [3] RevokedCertificateGroup, ... } RevokedCertificateGroup ::= CHOICE { serialNumberRange NumberRange, nameSubtree GeneralName } expiredCertsOnCRL EXTENSION ::= { SYNTAX ExpiredCertsOnCRL IDENTIFIED BY id-ce-expiredCertsOnCRL } ExpiredCertsOnCRL ::= GeneralizedTime reasonCode EXTENSION ::= { SYNTAX CRLReason IDENTIFIED BY id-ce-reasonCode } CRLReason ::= ENUMERATED { unspecified (0), keyCompromise (1), cACompromise (2), affiliationChanged (3), superseded (4), cessationOfOperation (5), certificateHold (6), removeFromCRL (8), privilegeWithdrawn (9), aACompromise (10), ... , weakAlgorithmOrKey (11) } holdInstructionCode EXTENSION ::= { SYNTAX HoldInstruction IDENTIFIED BY id-ce-instructionCode } HoldInstruction ::= OBJECT IDENTIFIER invalidityDate EXTENSION ::= { SYNTAX GeneralizedTime IDENTIFIED BY id-ce-invalidityDate } cRLDistributionPoints EXTENSION ::= { SYNTAX CRLDistPointsSyntax IDENTIFIED BY id-ce-cRLDistributionPoints } CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint DistributionPoint ::= SEQUENCE { distributionPoint [0] DistributionPointName OPTIONAL, reasons [1] ReasonFlags OPTIONAL, cRLIssuer [2] GeneralNames OPTIONAL, ... } DistributionPointName ::= CHOICE { fullName [0] GeneralNames, nameRelativeToCRLIssuer [1] RelativeDistinguishedName, ... } ReasonFlags ::= BIT STRING { unused (0), keyCompromise (1), cACompromise (2), affiliationChanged (3), superseded (4), cessationOfOperation (5), certificateHold (6), privilegeWithdrawn (7), aACompromise (8), weakAlgorithmOrKey (9) }(SIZE(0..9,...,10)) issuingDistributionPoint EXTENSION ::= { SYNTAX IssuingDistPointSyntax IDENTIFIED BY id-ce-issuingDistributionPoint } IssuingDistPointSyntax ::= SEQUENCE { -- If onlyContainsUserPublicKeyCerts and onlyContainsCACerts are both FALSE, -- the CRL covers both certificate types distributionPoint [0] DistributionPointName OPTIONAL, onlyContainsUserPublicKeyCerts [1] BOOLEAN DEFAULT FALSE, onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE, onlySomeReasons [3] ReasonFlags OPTIONAL, indirectCRL [4] BOOLEAN DEFAULT FALSE, ... } certificateIssuer EXTENSION ::= { SYNTAX GeneralNames IDENTIFIED BY id-ce-certificateIssuer } deltaCRLIndicator EXTENSION ::= { SYNTAX BaseCRLNumber IDENTIFIED BY id-ce-deltaCRLIndicator } BaseCRLNumber ::= CRLNumber baseUpdateTime EXTENSION ::= { SYNTAX GeneralizedTime IDENTIFIED BY id-ce-baseUpdateTime } freshestCRL EXTENSION ::= { SYNTAX CRLDistPointsSyntax IDENTIFIED BY id-ce-freshestCRL } aAissuingDistributionPoint EXTENSION ::= { SYNTAX AAIssuingDistPointSyntax IDENTIFIED BY id-ce-aAissuingDistributionPoint } AAIssuingDistPointSyntax ::= SEQUENCE { distributionPoint [0] DistributionPointName OPTIONAL, onlySomeReasons [1] ReasonFlags OPTIONAL, indirectCRL [2] BOOLEAN DEFAULT FALSE, containsUserAttributeCerts [3] BOOLEAN DEFAULT TRUE, containsAACerts [4] BOOLEAN DEFAULT TRUE, containsSOAPublicKeyCerts [5] BOOLEAN DEFAULT TRUE, ... } -- PKI matching rules certificateExactMatch MATCHING-RULE ::= { SYNTAX CertificateExactAssertion LDAP-SYNTAX certExactAssertion. (...) &id LDAP-NAME {"algorithmIdentifierMatch"} LDAP-DESC "X.509 Algorithm Identifier Match" ID id-mr-algorithmIdentifierMatch } policyMatch MATCHING-RULE ::= { SYNTAX PolicyID ID id-mr-policyMatch } pkiPathMatch MATCHING-RULE ::= { SYNTAX PkiPathMatchSyntax ID id-mr-pkiPathMatch } PkiPathMatchSyntax ::= SEQUENCE { firstIssuer Name, lastSubject Name, ... } enhancedCertificateMatch MATCHING-RULE ::= { SYNTAX EnhancedCertificateAssertion ID id-mr-enhancedCertificateMatch } EnhancedCertificateAssertion ::= SEQUENCE { serialNumber [0] CertificateSerialNumber OPTIONAL, issuer [1] Name OPTIONAL, subjectKeyIdentifier [2] SubjectKeyIdentifier OPTIONAL, authorityKeyIdentifier [3] AuthorityKeyIdentifier OPTIONAL, certificateValid [4] Time OPTIONAL, privateKeyValid [5] GeneralizedTime OPTIONAL, subjectPublicKeyAlgID [6] OBJECT IDENTIFIER OPTIONAL, keyUsage [7] KeyUsage OPTIONAL, subjectAltName [8] AltName OPTIONAL, policy [9] CertPolicySet OPTIONAL, pathToName [10] GeneralNames OPTIONAL, subject [11] Name OPTIONAL, nameConstraints [12] NameConstraintsSyntax OPTIONAL, ... } (ALL EXCEPT ({ -- none; at least one component shall be present --})) AltName ::= SEQUENCE { altnameType AltNameType, altNameValue GeneralName OPTIONAL } certExactAssertion SYNTAX-NAME ::= { LDAP-DESC "X.509 Certificate Exact Assertion" DIRECTORY SYNTAX CertificateExactAssertion ID id-ldx-certExactAssertion } certAssertion SYNTAX-NAME ::= { LDAP-DESC "X.509 Certificate Assertion" DIRECTORY SYNTAX CertificateAssertion ID id-ldx-certAssertion } certPairExactAssertion SYNTAX-NAME ::= { LDAP-DESC "X.509 Certificate Pair Exact Assertion" DIRECTORY SYNTAX CertificatePairExactAssertion ID id-ldx-certPairExactAssertion } certPairAssertion SYNTAX-NAME ::= { LDAP-DESC "X.509 Certificate Pair Assertion" DIRECTORY SYNTAX CertificatePairAssertion ID id-ldx-certPairAssertion } certListExactAssertion SYNTAX-NAME ::= { LDAP-DESC "X.509 Certificate List Exact Assertion" DIRECTORY SYNTAX CertificateListExactAssertion ID id-ldx-certListExactAssertion } certListAssertion SYNTAX-NAME ::= { LDAP-DESC "X.509 Certificate List Assertion" DIRECTORY SYNTAX CertificateListAssertion ID id-ldx-certListAssertion } algorithmIdentifier SYNTAX-NAME ::= { LDAP-DESC "X.509 Algorithm Identifier" DIRECTORY SYNTAX AlgorithmIdentifier{{SupportedAlgorithms}} ID id-ldx-algorithmIdentifier } -- Object identifier assignments id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= {id-ce 9} id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 14} id-ce-keyUsage OBJECT IDENTIFIER ::= {id-ce 15} id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= {id-ce 16} id-ce-subjectAltName OBJECT IDENTIFIER ::= {id-ce 17} id-ce-issuerAltName OBJECT IDENTIFIER ::= {id-ce 18} id-ce-basicConstraints OBJECT IDENTIFIER ::= {id-ce 19} id-ce-cRLNumber OBJECT IDENTIFIER ::= {id-ce 20} id-ce-reasonCode OBJECT IDENTIFIER ::= {id-ce 21} id-ce-instructionCode OBJECT IDENTIFIER ::= {id-ce 23} id-ce-invalidityDate OBJECT IDENTIFIER ::= {id-ce 24} id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= {id-ce 27} id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= {id-ce 28} id-ce-certificateIssuer OBJECT IDENTIFIER ::= {id-ce 29} id-ce-nameConstraints OBJECT IDENTIFIER ::= {id-ce 30} id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31} id-ce-certificatePolicies OBJECT IDENTIFIER ::= {id-ce 32} id-ce-policyMappings OBJECT IDENTIFIER ::= {id-ce 33} -- deprecated OBJECT IDENTIFIER ::= {id-ce 34} id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 35} id-ce-policyConstraints OBJECT IDENTIFIER ::= {id-ce 36} id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37} id-ce-cRLStreamIdentifier OBJECT IDENTIFIER ::= {id-ce 40} id-ce-cRLScope OBJECT IDENTIFIER ::= {id-ce 44} id-ce-statusReferrals OBJECT IDENTIFIER ::= {id-ce 45} id-ce-freshestCRL OBJECT IDENTIFIER ::= {id-ce 46} id-ce-orderedList OBJECT IDENTIFIER ::= {id-ce 47} id-ce-baseUpdateTime OBJECT IDENTIFIER ::= {id-ce 51} id-ce-deltaInfo OBJECT IDENTIFIER ::= {id-ce 53} id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= {id-ce 54} id-ce-toBeRevoked OBJECT IDENTIFIER ::= {id-ce 58} id-ce-RevokedGroups OBJECT IDENTIFIER ::= {id-ce 59} id-ce-expiredCertsOnCRL OBJECT IDENTIFIER ::= {id-ce 60} id-ce-aAissuingDistributionPoint OBJECT IDENTIFIER ::= {id-ce 63} -- matching rule OIDs id-mr-certificateExactMatch OBJECT IDENTIFIER ::= {id-mr 34} id-mr-certificateMatch OBJECT IDENTIFIER ::= {id-mr 35} id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= {id-mr 36} id-mr-certificatePairMatch OBJECT IDENTIFIER ::= {id-mr 37} id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= {id-mr 38} id-mr-certificateListMatch OBJECT IDENTIFIER ::= {id-mr 39} id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 40} id-mr-policyMatch OBJECT IDENTIFIER ::= {id-mr 60} id-mr-pkiPathMatch OBJECT IDENTIFIER ::= {id-mr 62} id-mr-enhancedCertificateMatch OBJECT IDENTIFIER ::= {id-mr 65} -- Object identifiers for LDAP X.509 assertion syntaxes id-ldx-certExactAssertion OBJECT IDENTIFIER ::= {id-ldx 1} id-ldx-certAssertion OBJECT IDENTIFIER ::= {id-ldx 2} id-ldx-certPairExactAssertion OBJECT IDENTIFIER ::= {id-ldx 3} id-ldx-certPairAssertion OBJECT IDENTIFIER ::= {id-ldx 4} id-ldx-certListExactAssertion OBJECT IDENTIFIER ::= {id-ldx 5} id-ldx-certListAssertion OBJECT IDENTIFIER ::= {id-ldx 6} id-ldx-algorithmIdentifier OBJECT IDENTIFIER ::= {id-ldx 7} -- The following OBJECT IDENTIFIERS are not used by this Specification: -- {id-ce 2}, {id-ce 3}, {id-ce 4}, {id-ce 5}, {id-ce 6}, {id-ce 7}, -- {id-ce 8}, {id-ce 10}, {id-ce 11}, {id-ce 12}, {id-ce 13}, -- {id-ce 22}, {id-ce 25}, {id-ce 26} END -- CertificateExtensions
Language:English
Score: 394625.51 - https://www.itu.int/wftp3/Publ...2012/CertificateExtensions.asn
Data Source: un
-- Module DLM (X.282:06/1999) DLM {joint-iso-itu-t datalink-layer(15) management(0) asn1Module(2) 0} DEFINITIONS IMPLICIT TAGS ::= BEGIN IMPORTS GroupObjects, ObservedValue, PerceivedSeverity FROM Attribute-ASN1Module {joint-iso-itu-t ms(9) smi(3) part2(2) asn1Module(2) 1} SetInfoStatus, AttributeId, ObjectInstance FROM CMIP-1 {joint-iso-itu-t ms(9) cmip(1) modules(0) protocol(3)}; -- "infrastructure" object identifier definitions datalink-layer OBJECT IDENTIFIER ::= {joint-iso-itu-t datalink-layer(15)} dloi OBJECT IDENTIFIER ::= {datalink-layer management(0)} sseoi OBJECT IDENTIFIER ::= {dloi standardSpecificExtension(0)} moi OBJECT IDENTIFIER ::= {dloi objectClass(3)} poi OBJECT IDENTIFIER ::= {dloi package(4)} proi OBJECT IDENTIFIER ::= {dloi parameter(5)} nboi OBJECT IDENTIFIER ::= {dloi nameBinding(6)} aoi OBJECT IDENTIFIER ::= {dloi attribute(7)} agoi OBJECT IDENTIFIER ::= {dloi attributeGroup(8)} acoi OBJECT IDENTIFIER ::= {dloi action(9)} noi OBJECT IDENTIFIER ::= {dloi notification(10)} k OBJECT IDENTIFIER ::= {aoi 19} n1 OBJECT IDENTIFIER ::= {aoi 20} n2 OBJECT IDENTIFIER ::= {aoi 21} sequenceModulus OBJECT IDENTIFIER ::= {aoi 24} t1Timer OBJECT IDENTIFIER ::= {aoi 25} t2Timer OBJECT IDENTIFIER ::= {aoi 26} t3Timer OBJECT IDENTIFIER ::= {aoi 27} t4Timer OBJECT IDENTIFIER ::= {aoi 28} -- -- value assignments for Data Link layer specificProblems -- fRMRReceived OBJECT IDENTIFIER ::= {sseoi specificProblems(11) fRMRReceived(5)} fRMRReasons OBJECT IDENTIFIER ::= {sseoi specificProblems(11) fRMRReasons(6)} fRMRReasonsControlFieldUndefinedOrUnimplemented OBJECT IDENTIFIER ::= {sseoi specificProblems(11) fRMRReasons(6) controlFieldUndefinedOrUnimplemented(1)} fRMRReasonsFormatError OBJECT IDENTIFIER ::= {sseoi specificProblems(11) fRMRReasons(6) formatError(2)} fRMRReasonsInfoFieldLengthGreaterThanMaximum OBJECT IDENTIFIER ::= {sseoi specificProblems(11) fRMRReasons(6) infoFieldLengthGreaterThanMaximum(3)} fRMRReasonsInvalidNR OBJECT IDENTIFIER ::= {sseoi specificProblems(11) fRMRReasons(6) invalidNR(4)} fRMRReasonsNonSpecific OBJECT IDENTIFIER ::= {sseoi specificProblems(11) fRMRReasons(6) nonSpecific(5)} -- -- value assignments for Data Link layer specific errorIds for activate action processingFailure -- errors. -- activateFailure OBJECT IDENTIFIER ::= {sseoi action(9) activate(1) errors(1) processingFailure(1)} activateFailureInsufficientResources OBJECT IDENTIFIER ::= {activateFailure insufficientResources(1)} activateFailureProviderDoesNotExist OBJECT IDENTIFIER ::= {activateFailure providerDoesNotExist(2)} activateFailureProviderNotAvailable OBJECT IDENTIFIER ::= {activateFailure providerNotAvailable(3)} activateFailureRequiredServiceNotAvailable OBJECT IDENTIFIER ::= {activateFailure requiredServiceNotAvailable(4)} activateFailureSystemSpecific OBJECT IDENTIFIER ::= {activateFailure systemSpecific(5)} -- -- other definitions -- datalinkSubsystemId-Value GraphicString ::= "datalinkSubsystem" FRMRSyntax ::= OCTET STRING NamingString ::= GraphicString Integer ::= INTEGER InterfaceType ::= ENUMERATED {dTE(0), dCE(1)} interfaceTypeDefault InterfaceType ::= dTE MaximumIFrameSize ::= INTEGER -- in bits, 1080 (135 octets) minimum MW ::= SEQUENCE { mWSend [0] IMPLICIT INTEGER(0..4095), mWReceive [1] IMPLICIT INTEGER(0..4095) } MX ::= SEQUENCE { mXSend [0] IMPLICIT INTEGER(0..4095), mXReceive [1] IMPLICIT INTEGER(0..4095) } Octet ::= OCTET STRING(SIZE (1)) OctetString ::= OCTET STRING SequenceModulus ::= Integer SLPProtocolState ::= ENUMERATED { disconnectedPhase(0), linkdisconnection-phase(1), link-set-up-phase(2), information-Transfer-phase(3), frame-Reject-condition(4), busy-condition(5), sent-Reject-condition(6), system-Parameters-and-error-recovery(7)} WindowSize ::= CHOICE { modulo8ws [0] INTEGER(1..7), -- for modulo 8 modulo128ws [1] INTEGER(1..127) } -- for modulo 128 END -- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
Language:English
Score: 394601 - https://www.itu.int/wftp3/Publ...t/fl/itu-t/x/x282/1999/DLM.asn
Data Source: un
MAX ) OF KeyPurposeId IDENTIFIED BY id-ce-extKeyUsage } anyExtendedKeyUsage OBJECT IDENTIFIER ::= {2 5 29 37 0} KeyPurposeId ::= OBJECT IDENTIFIER privateKeyUsagePeriod EXTENSION ::= { SYNTAX PrivateKeyUsagePeriod IDENTIFIED BY id-ce-privateKeyUsagePeriod } PrivateKeyUsagePeriod ::= SEQUENCE { notBefore [0] GeneralizedTime OPTIONAL , notAfter [1] GeneralizedTime OPTIONAL } ( WITH COMPONENTS { ..., notBefore PRESENT } | WITH COMPONENTS { ..., notAfter PRESENT }) certificatePolicies EXTENSION ::= { SYNTAX CertificatePoliciesSyntax IDENTIFIED BY id-ce-certificatePolicies } CertificatePoliciesSyntax ::= SEQUENCE SIZE (1.. (...) MAX ) reasonCode EXTENSION ::= { SYNTAX CRLReason IDENTIFIED BY id-ce-reasonCode } CRLReason ::= ENUMERATED { unspecified(0), keyCompromise(1), cACompromise(2), affiliationChanged(3), superseded(4), cessationOfOperation(5), certificateHold(6), removeFromCRL(8), privilegeWithdrawn(9), aaCompromise(10)} holdInstructionCode EXTENSION ::= { SYNTAX HoldInstruction IDENTIFIED BY id-ce-instructionCode } HoldInstruction ::= OBJECT IDENTIFIER invalidityDate EXTENSION ::= { SYNTAX GeneralizedTime IDENTIFIED BY id-ce-invalidityDate } crlScope EXTENSION ::= { SYNTAX CRLScopeSyntax IDENTIFIED BY id-ce-cRLScope } CRLScopeSyntax ::= SEQUENCE SIZE (1.. (...) MAX ) OF CertPolicyId certificatePairExactMatch MATCHING-RULE ::= { SYNTAX CertificatePairExactAssertion ID id-mr-certificatePairExactMatch } CertificatePairExactAssertion ::= SEQUENCE { issuedToThisCAAssertion [0] CertificateExactAssertion OPTIONAL , issuedByThisCAAssertion [1] CertificateExactAssertion OPTIONAL } ( WITH COMPONENTS { ..., issuedToThisCAAssertion PRESENT } | WITH COMPONENTS { ..., issuedByThisCAAssertion PRESENT }) certificatePairMatch MATCHING-RULE ::= { SYNTAX CertificatePairAssertion ID id-mr-certificatePairMatch } CertificatePairAssertion ::= SEQUENCE { issuedToThisCAAssertion [0] CertificateAssertion OPTIONAL , issuedByThisCAAssertion [1] CertificateAssertion OPTIONAL } ( WITH COMPONENTS { ..., issuedToThisCAAssertion PRESENT } | WITH COMPONENTS { ..., issuedByThisCAAssertion PRESENT }) certificateListExactMatch MATCHING-RULE ::= { SYNTAX CertificateListExactAssertion ID id-mr-certificateListExactMatch } CertificateListExactAssertion ::= SEQUENCE { issuer Name , thisUpdate Time , distributionPoint DistributionPointName OPTIONAL } certificateListMatch MATCHING-RULE ::= { SYNTAX CertificateListAssertion ID id-mr-certificateListMatch } CertificateListAssertion ::= SEQUENCE { issuer Name OPTIONAL , minCRLNumber [0] CRLNumber OPTIONAL , maxCRLNumber [1] CRLNumber OPTIONAL , reasonFlags ReasonFlags OPTIONAL , dateAndTime Time OPTIONAL , distributionPoint [2] DistributionPointName OPTIONAL , authorityKeyIdentifier [3] AuthorityKeyIdentifier OPTIONAL } algorithmIdentifierMatch MATCHING-RULE ::= { SYNTAX AlgorithmIdentifier ID id-mr-algorithmIdentifierMatch } policyMatch MATCHING-RULE ::= {SYNTAX PolicyID ID id-mr-policyMatch } pkiPathMatch MATCHING-RULE ::= { SYNTAX PkiPathMatchSyntax ID id-mr-pkiPathMatch } PkiPathMatchSyntax ::= SEQUENCE {firstIssuer Name , lastSubject Name } -- Object identifier assignments id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9} id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14} id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15} id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= { id-ce 16} id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17} id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18} id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19} id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20} id-ce-reasonCode OBJECT IDENTIFIER ::= { id-ce 21} id-ce-instructionCode OBJECT IDENTIFIER ::= { id-ce 23} id-ce-invalidityDate OBJECT IDENTIFIER ::= { id-ce 24} id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= { id-ce 27} id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= { id-ce 28} id-ce-certificateIssuer OBJECT IDENTIFIER ::= { id-ce 29} id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30} id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31} id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32} id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33} -- deprecated OBJECT IDENTIFIER ::= {id-ce 34} id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35} id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36} id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37} id-ce-cRLStreamIdentifier OBJECT IDENTIFIER ::= { id-ce 40} id-ce-cRLScope OBJECT IDENTIFIER ::= { id-ce 44} id-ce-statusReferrals OBJECT IDENTIFIER ::= { id-ce 45} id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46} id-ce-orderedList OBJECT IDENTIFIER ::= { id-ce 47} id-ce-baseUpdateTime OBJECT IDENTIFIER ::= { id-ce 51} id-ce-deltaInfo OBJECT IDENTIFIER ::= { id-ce 53} id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54} id-ce-AAissuingDistributionPoint OBJECT IDENTIFIER ::= { id-ce 55} -- matching rule OIDs id-mr-certificateExactMatch OBJECT IDENTIFIER ::= { id-mr 34} id-mr-certificateMatch OBJECT IDENTIFIER ::= { id-mr 35} id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= { id-mr 36} id-mr-certificatePairMatch OBJECT IDENTIFIER ::= { id-mr 37} id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= { id-mr 38} id-mr-certificateListMatch OBJECT IDENTIFIER ::= { id-mr 39} id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= { id-mr 40} id-mr-policyMatch OBJECT IDENTIFIER ::= { id-mr 60} id-mr-pkiPathMatch OBJECT IDENTIFIER ::= { id-mr 62} -- The following OBJECT IDENTIFIERS are not used by this Specification: -- {id-ce 2}, {id-ce 3}, {id-ce 4}, {id-ce 5}, {id-ce 6}, {id-ce 7}, -- {id-ce 8}, {id-ce 10}, {id-ce 11}, {id-ce 12}, {id-ce 13}, -- {id-ce 22}, {id-ce 25}, {id-ce 26} END -- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
Language:English
Score: 394600.27 - https://www.itu.int/wftp3/Publ...000/CertificateExtensions.html
Data Source: un
. -- public-key certificate and CRL extensions aAissuingDistributionPoint EXTENSION ::= { SYNTAX AAIssuingDistPointSyntax IDENTIFIED BY id-ce-AAissuingDistributionPoint } AAIssuingDistPointSyntax ::= SEQUENCE { distributionPoint [0] DistributionPointName OPTIONAL, onlySomeReasons [1] ReasonFlags OPTIONAL, indirectCRL [2] BOOLEAN DEFAULT FALSE, containsUserAttributeCerts [3] BOOLEAN DEFAULT TRUE, containsAACerts [4] BOOLEAN DEFAULT TRUE, containsSOAPublicKeyCerts [5] BOOLEAN DEFAULT TRUE } authorityKeyIdentifier EXTENSION ::= { SYNTAX AuthorityKeyIdentifier IDENTIFIED BY id-ce-authorityKeyIdentifier } AuthorityKeyIdentifier ::= SEQUENCE { keyIdentifier [0] KeyIdentifier OPTIONAL, authorityCertIssuer [1] GeneralNames OPTIONAL, authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL } (WITH COMPONENTS { ..., authorityCertIssuer PRESENT, authorityCertSerialNumber PRESENT } | WITH COMPONENTS { ..., authorityCertIssuer ABSENT, authorityCertSerialNumber ABSENT }) KeyIdentifier ::= OCTET STRING subjectKeyIdentifier EXTENSION ::= { SYNTAX SubjectKeyIdentifier IDENTIFIED BY id-ce-subjectKeyIdentifier } SubjectKeyIdentifier ::= KeyIdentifier keyUsage EXTENSION ::= {SYNTAX KeyUsage IDENTIFIED BY id-ce-keyUsage } KeyUsage ::= BIT STRING { digitalSignature(0), contentCommitment(1), keyEncipherment(2), dataEncipherment(3), keyAgreement(4), keyCertSign(5), cRLSign(6), encipherOnly(7), decipherOnly(8)} extKeyUsage EXTENSION ::= { SYNTAX SEQUENCE SIZE (1..MAX) OF KeyPurposeId IDENTIFIED BY id-ce-extKeyUsage } anyExtendedKeyUsage OBJECT IDENTIFIER ::= {2 5 29 37 0} KeyPurposeId ::= OBJECT IDENTIFIER privateKeyUsagePeriod EXTENSION ::= { SYNTAX PrivateKeyUsagePeriod IDENTIFIED BY id-ce-privateKeyUsagePeriod } PrivateKeyUsagePeriod ::= SEQUENCE { notBefore [0] GeneralizedTime OPTIONAL, notAfter [1] GeneralizedTime OPTIONAL } (WITH COMPONENTS { ..., notBefore PRESENT } | WITH COMPONENTS { ..., notAfter PRESENT }) certificatePolicies EXTENSION ::= { SYNTAX CertificatePoliciesSyntax IDENTIFIED BY id-ce-certificatePolicies } CertificatePoliciesSyntax ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation PolicyInformation ::= SEQUENCE { policyIdentifier CertPolicyId, policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL } CertPolicyId ::= OBJECT IDENTIFIER PolicyQualifierInfo ::= SEQUENCE { policyQualifierId CERT-POLICY-QUALIFIER. (...) &Qualifier ({SupportedPolicyQualifiers}{@policyQualifierId}) OPTIONAL } SupportedPolicyQualifiers CERT-POLICY-QUALIFIER ::= {...} anyPolicy OBJECT IDENTIFIER ::= {2 5 29 32 0} CERT-POLICY-QUALIFIER ::= CLASS { &id OBJECT IDENTIFIER UNIQUE, &Qualifier OPTIONAL }WITH SYNTAX {POLICY-QUALIFIER-ID &id [QUALIFIER-TYPE &Qualifier] } policyMappings EXTENSION ::= { SYNTAX PolicyMappingsSyntax IDENTIFIED BY id-ce-policyMappings } PolicyMappingsSyntax ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {issuerDomainPolicy CertPolicyId, subjectDomainPolicy CertPolicyId} subjectAltName EXTENSION ::= { SYNTAX GeneralNames IDENTIFIED BY id-ce-subjectAltName } GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName GeneralName ::= CHOICE { otherName [0] INSTANCE OF OTHER-NAME, rfc822Name [1] IA5String, dNSName [2] IA5String, x400Address [3] ORAddress, directoryName [4] Name, ediPartyName [5] EDIPartyName, uniformResourceIdentifier [6] IA5String, iPAddress [7] OCTET STRING, registeredID [8] OBJECT IDENTIFIER } OTHER-NAME ::= TYPE-IDENTIFIER EDIPartyName ::= SEQUENCE { nameAssigner [0] DirectoryString{ub-name} OPTIONAL, partyName [1] DirectoryString{ub-name} } issuerAltName EXTENSION ::= { SYNTAX GeneralNames IDENTIFIED BY id-ce-issuerAltName } subjectDirectoryAttributes EXTENSION ::= { SYNTAX AttributesSyntax IDENTIFIED BY id-ce-subjectDirectoryAttributes } AttributesSyntax ::= SEQUENCE SIZE (1..MAX) OF Attribute basicConstraints EXTENSION ::= { SYNTAX BasicConstraintsSyntax IDENTIFIED BY id-ce-basicConstraints } BasicConstraintsSyntax ::= SEQUENCE { cA BOOLEAN DEFAULT FALSE, pathLenConstraint INTEGER(0..MAX) OPTIONAL } nameConstraints EXTENSION ::= { SYNTAX NameConstraintsSyntax IDENTIFIED BY id-ce-nameConstraints } NameConstraintsSyntax ::= SEQUENCE { permittedSubtrees [0] GeneralSubtrees OPTIONAL, excludedSubtrees [1] GeneralSubtrees OPTIONAL }(ALL EXCEPT ({ --none; at least one component shall be present--})) GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree GeneralSubtree ::= SEQUENCE { base GeneralName, minimum [0] BaseDistance DEFAULT 0, maximum [1] BaseDistance OPTIONAL } BaseDistance ::= INTEGER(0..MAX) policyConstraints EXTENSION ::= { SYNTAX PolicyConstraintsSyntax IDENTIFIED BY id-ce-policyConstraints } PolicyConstraintsSyntax ::= SEQUENCE { requireExplicitPolicy [0] SkipCerts OPTIONAL, inhibitPolicyMapping [1] SkipCerts OPTIONAL } SkipCerts ::= INTEGER(0..MAX) cRLNumber EXTENSION ::= { SYNTAX CRLNumber IDENTIFIED BY id-ce-cRLNumber } CRLNumber ::= INTEGER(0..MAX) reasonCode EXTENSION ::= { SYNTAX CRLReason IDENTIFIED BY id-ce-reasonCode } CRLReason ::= ENUMERATED { unspecified(0), keyCompromise(1), cACompromise(2), affiliationChanged(3), superseded(4), cessationOfOperation(5), certificateHold(6), removeFromCRL(8), privilegeWithdrawn(9), aaCompromise(10)} holdInstructionCode EXTENSION ::= { SYNTAX HoldInstruction IDENTIFIED BY id-ce-instructionCode } HoldInstruction ::= OBJECT IDENTIFIER invalidityDate EXTENSION ::= { SYNTAX GeneralizedTime IDENTIFIED BY id-ce-invalidityDate } crlScope EXTENSION ::= { SYNTAX CRLScopeSyntax IDENTIFIED BY id-ce-cRLScope } CRLScopeSyntax ::= SEQUENCE SIZE (1..MAX) OF PerAuthorityScope PerAuthorityScope ::= SEQUENCE { authorityName [0] GeneralName OPTIONAL, distributionPoint [1] DistributionPointName OPTIONAL, onlyContains [2] OnlyCertificateTypes OPTIONAL, onlySomeReasons [4] ReasonFlags OPTIONAL, serialNumberRange [5] NumberRange OPTIONAL, subjectKeyIdRange [6] NumberRange OPTIONAL, nameSubtrees [7] GeneralNames OPTIONAL, baseRevocationInfo [9] BaseRevocationInfo OPTIONAL } OnlyCertificateTypes ::= BIT STRING {user(0), authority(1), attribute(2)} NumberRange ::= SEQUENCE { startingNumber [0] INTEGER OPTIONAL, endingNumber [1] INTEGER OPTIONAL, modulus INTEGER OPTIONAL } BaseRevocationInfo ::= SEQUENCE { cRLStreamIdentifier [0] CRLStreamIdentifier OPTIONAL, cRLNumber [1] CRLNumber, baseThisUpdate [2] GeneralizedTime } statusReferrals EXTENSION ::= { SYNTAX StatusReferrals IDENTIFIED BY id-ce-statusReferrals } StatusReferrals ::= SEQUENCE SIZE (1..MAX) OF StatusReferral StatusReferral ::= CHOICE { cRLReferral [0] CRLReferral, otherReferral [1] INSTANCE OF OTHER-REFERRAL } CRLReferral ::= SEQUENCE { issuer [0] GeneralName OPTIONAL, location [1] GeneralName OPTIONAL, deltaRefInfo [2] DeltaRefInfo OPTIONAL, cRLScope CRLScopeSyntax, lastUpdate [3] GeneralizedTime OPTIONAL, lastChangedCRL [4] GeneralizedTime OPTIONAL } DeltaRefInfo ::= SEQUENCE { deltaLocation GeneralName, lastDelta GeneralizedTime OPTIONAL } OTHER-REFERRAL ::= TYPE-IDENTIFIER cRLStreamIdentifier EXTENSION ::= { SYNTAX CRLStreamIdentifier IDENTIFIED BY id-ce-cRLStreamIdentifier } CRLStreamIdentifier ::= INTEGER(0..MAX) orderedList EXTENSION ::= { SYNTAX OrderedListSyntax IDENTIFIED BY id-ce-orderedList } OrderedListSyntax ::= ENUMERATED {ascSerialNum(0), ascRevDate(1)} deltaInfo EXTENSION ::= { SYNTAX DeltaInformation IDENTIFIED BY id-ce-deltaInfo } DeltaInformation ::= SEQUENCE { deltaLocation GeneralName, nextDelta GeneralizedTime OPTIONAL } cRLDistributionPoints EXTENSION ::= { SYNTAX CRLDistPointsSyntax IDENTIFIED BY id-ce-cRLDistributionPoints } CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint DistributionPoint ::= SEQUENCE { distributionPoint [0] DistributionPointName OPTIONAL, reasons [1] ReasonFlags OPTIONAL, cRLIssuer [2] GeneralNames OPTIONAL } DistributionPointName ::= CHOICE { fullName [0] GeneralNames, nameRelativeToCRLIssuer [1] RelativeDistinguishedName } ReasonFlags ::= BIT STRING { unused(0), keyCompromise(1), cACompromise(2), affiliationChanged(3), superseded(4), cessationOfOperation(5), certificateHold(6), privilegeWithdrawn(7), aACompromise(8)} issuingDistributionPoint EXTENSION ::= { SYNTAX IssuingDistPointSyntax IDENTIFIED BY id-ce-issuingDistributionPoint } IssuingDistPointSyntax ::= SEQUENCE { distributionPoint [0] DistributionPointName OPTIONAL, onlyContainsUserPublicKeyCerts [1] BOOLEAN DEFAULT FALSE, onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE, onlySomeReasons [3] ReasonFlags OPTIONAL, indirectCRL [4] BOOLEAN DEFAULT FALSE } certificateIssuer EXTENSION ::= { SYNTAX GeneralNames IDENTIFIED BY id-ce-certificateIssuer } deltaCRLIndicator EXTENSION ::= { SYNTAX BaseCRLNumber IDENTIFIED BY id-ce-deltaCRLIndicator } BaseCRLNumber ::= CRLNumber baseUpdateTime EXTENSION ::= { SYNTAX GeneralizedTime IDENTIFIED BY id-ce-baseUpdateTime } freshestCRL EXTENSION ::= { SYNTAX CRLDistPointsSyntax IDENTIFIED BY id-ce-freshestCRL } inhibitAnyPolicy EXTENSION ::= { SYNTAX SkipCerts IDENTIFIED BY id-ce-inhibitAnyPolicy } -- PKI matching rules certificateExactMatch MATCHING-RULE ::= { SYNTAX CertificateExactAssertion ID id-mr-certificateExactMatch } CertificateExactAssertion ::= SEQUENCE { serialNumber CertificateSerialNumber, issuer Name } certificateMatch MATCHING-RULE ::= { SYNTAX CertificateAssertion ID id-mr-certificateMatch } CertificateAssertion ::= SEQUENCE { serialNumber [0] CertificateSerialNumber OPTIONAL, issuer [1] Name OPTIONAL, subjectKeyIdentifier [2] SubjectKeyIdentifier OPTIONAL, authorityKeyIdentifier [3] AuthorityKeyIdentifier OPTIONAL, certificateValid [4] Time OPTIONAL, privateKeyValid [5] GeneralizedTime OPTIONAL, subjectPublicKeyAlgID [6] OBJECT IDENTIFIER OPTIONAL, keyUsage [7] KeyUsage OPTIONAL, subjectAltName [8] AltNameType OPTIONAL, policy [9] CertPolicySet OPTIONAL, pathToName [10] Name OPTIONAL, subject [11] Name OPTIONAL, nameConstraints [12] NameConstraintsSyntax OPTIONAL } AltNameType ::= CHOICE { builtinNameForm ENUMERATED {rfc822Name(1), dNSName(2), x400Address(3), directoryName(4), ediPartyName(5), uniformResourceIdentifier(6), iPAddress(7), registeredId(8)}, otherNameForm OBJECT IDENTIFIER } CertPolicySet ::= SEQUENCE SIZE (1..MAX) OF CertPolicyId certificatePairExactMatch MATCHING-RULE ::= { SYNTAX CertificatePairExactAssertion ID id-mr-certificatePairExactMatch } CertificatePairExactAssertion ::= SEQUENCE { issuedToThisCAAssertion [0] CertificateExactAssertion OPTIONAL, issuedByThisCAAssertion [1] CertificateExactAssertion OPTIONAL } (WITH COMPONENTS { ..., issuedToThisCAAssertion PRESENT } | WITH COMPONENTS { ..., issuedByThisCAAssertion PRESENT }) certificatePairMatch MATCHING-RULE ::= { SYNTAX CertificatePairAssertion ID id-mr-certificatePairMatch } CertificatePairAssertion ::= SEQUENCE { issuedToThisCAAssertion [0] CertificateAssertion OPTIONAL, issuedByThisCAAssertion [1] CertificateAssertion OPTIONAL } (WITH COMPONENTS { ..., issuedToThisCAAssertion PRESENT } | WITH COMPONENTS { ..., issuedByThisCAAssertion PRESENT }) certificateListExactMatch MATCHING-RULE ::= { SYNTAX CertificateListExactAssertion ID id-mr-certificateListExactMatch } CertificateListExactAssertion ::= SEQUENCE { issuer Name, thisUpdate Time, distributionPoint DistributionPointName OPTIONAL } certificateListMatch MATCHING-RULE ::= { SYNTAX CertificateListAssertion ID id-mr-certificateListMatch } CertificateListAssertion ::= SEQUENCE { issuer Name OPTIONAL, minCRLNumber [0] CRLNumber OPTIONAL, maxCRLNumber [1] CRLNumber OPTIONAL, reasonFlags ReasonFlags OPTIONAL, dateAndTime Time OPTIONAL, distributionPoint [2] DistributionPointName OPTIONAL, authorityKeyIdentifier [3] AuthorityKeyIdentifier OPTIONAL } algorithmIdentifierMatch MATCHING-RULE ::= { SYNTAX AlgorithmIdentifier ID id-mr-algorithmIdentifierMatch } policyMatch MATCHING-RULE ::= {SYNTAX PolicyID ID id-mr-policyMatch } pkiPathMatch MATCHING-RULE ::= { SYNTAX PkiPathMatchSyntax ID id-mr-pkiPathMatch } PkiPathMatchSyntax ::= SEQUENCE {firstIssuer Name, lastSubject Name } -- Object identifier assignments id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= {id-ce 9} id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 14} id-ce-keyUsage OBJECT IDENTIFIER ::= {id-ce 15} id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= {id-ce 16} id-ce-subjectAltName OBJECT IDENTIFIER ::= {id-ce 17} id-ce-issuerAltName OBJECT IDENTIFIER ::= {id-ce 18} id-ce-basicConstraints OBJECT IDENTIFIER ::= {id-ce 19} id-ce-cRLNumber OBJECT IDENTIFIER ::= {id-ce 20} id-ce-reasonCode OBJECT IDENTIFIER ::= {id-ce 21} id-ce-instructionCode OBJECT IDENTIFIER ::= {id-ce 23} id-ce-invalidityDate OBJECT IDENTIFIER ::= {id-ce 24} id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= {id-ce 27} id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= {id-ce 28} id-ce-certificateIssuer OBJECT IDENTIFIER ::= {id-ce 29} id-ce-nameConstraints OBJECT IDENTIFIER ::= {id-ce 30} id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31} id-ce-certificatePolicies OBJECT IDENTIFIER ::= {id-ce 32} id-ce-policyMappings OBJECT IDENTIFIER ::= {id-ce 33} -- deprecated OBJECT IDENTIFIER ::= {id-ce 34} id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 35} id-ce-policyConstraints OBJECT IDENTIFIER ::= {id-ce 36} id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37} id-ce-cRLStreamIdentifier OBJECT IDENTIFIER ::= {id-ce 40} id-ce-cRLScope OBJECT IDENTIFIER ::= {id-ce 44} id-ce-statusReferrals OBJECT IDENTIFIER ::= {id-ce 45} id-ce-freshestCRL OBJECT IDENTIFIER ::= {id-ce 46} id-ce-orderedList OBJECT IDENTIFIER ::= {id-ce 47} id-ce-baseUpdateTime OBJECT IDENTIFIER ::= {id-ce 51} id-ce-deltaInfo OBJECT IDENTIFIER ::= {id-ce 53} id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= {id-ce 54} id-ce-AAissuingDistributionPoint OBJECT IDENTIFIER ::= {id-ce 55} -- matching rule OIDs id-mr-certificateExactMatch OBJECT IDENTIFIER ::= {id-mr 34} id-mr-certificateMatch OBJECT IDENTIFIER ::= {id-mr 35} id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= {id-mr 36} id-mr-certificatePairMatch OBJECT IDENTIFIER ::= {id-mr 37} id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= {id-mr 38} id-mr-certificateListMatch OBJECT IDENTIFIER ::= {id-mr 39} id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 40} id-mr-policyMatch OBJECT IDENTIFIER ::= {id-mr 60} id-mr-pkiPathMatch OBJECT IDENTIFIER ::= {id-mr 62} -- The following OBJECT IDENTIFIERS are not used by this Specification: -- {id-ce 2}, {id-ce 3}, {id-ce 4}, {id-ce 5}, {id-ce 6}, {id-ce 7}, -- {id-ce 8}, {id-ce 10}, {id-ce 11}, {id-ce 12}, {id-ce 13}, -- {id-ce 22}, {id-ce 25}, {id-ce 26} END -- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
Language:English
Score: 394600.27 - https://www.itu.int/wftp3/Publ...2000/CertificateExtensions.asn
Data Source: un
MAX ) OF KeyPurposeId IDENTIFIED BY id-ce-extKeyUsage } KeyPurposeId ::= OBJECT IDENTIFIER privateKeyUsagePeriod EXTENSION ::= { SYNTAX PrivateKeyUsagePeriod IDENTIFIED BY id-ce-privateKeyUsagePeriod } PrivateKeyUsagePeriod ::= SEQUENCE { notBefore [0] GeneralizedTime OPTIONAL , notAfter [1] GeneralizedTime OPTIONAL , ... } ( WITH COMPONENTS { ..., notBefore PRESENT } | WITH COMPONENTS { ..., notAfter PRESENT }) certificatePolicies EXTENSION ::= { SYNTAX CertificatePoliciesSyntax IDENTIFIED BY id-ce-certificatePolicies } CertificatePoliciesSyntax ::= SEQUENCE SIZE (1.. (...) MAX ) inhibitAnyPolicy EXTENSION ::= { SYNTAX SkipCerts IDENTIFIED BY id-ce-inhibitAnyPolicy } cRLNumber EXTENSION ::= { SYNTAX CRLNumber IDENTIFIED BY id-ce-cRLNumber } CRLNumber ::= INTEGER (0.. (...) &id LDAP-NAME {"algorithmIdentifierMatch"} LDAP-DESC "X.509 Algorithm Identifier Match" ID id-mr-algorithmIdentifierMatch } policyMatch MATCHING-RULE ::= {SYNTAX PolicyID ID id-mr-policyMatch } pkiPathMatch MATCHING-RULE ::= { SYNTAX PkiPathMatchSyntax ID id-mr-pkiPathMatch } PkiPathMatchSyntax ::= SEQUENCE {firstIssuer Name , lastSubject Name , ... } enhancedCertificateMatch MATCHING-RULE ::= { SYNTAX EnhancedCertificateAssertion ID id-mr-enhancedCertificateMatch } EnhancedCertificateAssertion ::= SEQUENCE { serialNumber [0] CertificateSerialNumber OPTIONAL , issuer [1] Name OPTIONAL , subjectKeyIdentifier [2] SubjectKeyIdentifier OPTIONAL , authorityKeyIdentifier [3] AuthorityKeyIdentifier OPTIONAL , certificateValid [4] Time OPTIONAL , privateKeyValid [5] GeneralizedTime OPTIONAL , subjectPublicKeyAlgID [6] OBJECT IDENTIFIER OPTIONAL , keyUsage [7] KeyUsage OPTIONAL , subjectAltName [8] AltName OPTIONAL , policy [9] CertPolicySet OPTIONAL , pathToName [10] GeneralNames OPTIONAL , subject [11] Name OPTIONAL , nameConstraints [12] NameConstraintsSyntax OPTIONAL , ... } ( ALL EXCEPT ({ -- none; at least one component shall be present -- })) AltName ::= SEQUENCE { altnameType AltNameType , altNameValue GeneralName OPTIONAL } certExactAssertion SYNTAX-NAME ::= { LDAP-DESC "X.509 Certificate Exact Assertion" DIRECTORY SYNTAX CertificateExactAssertion ID id-ldx-certExactAssertion } certAssertion SYNTAX-NAME ::= { LDAP-DESC "X.509 Certificate Assertion" DIRECTORY SYNTAX CertificateAssertion ID id-ldx-certAssertion } certPairExactAssertion SYNTAX-NAME ::= { LDAP-DESC "X.509 Certificate Pair Exact Assertion" DIRECTORY SYNTAX CertificatePairExactAssertion ID id-ldx-certPairExactAssertion } certPairAssertion SYNTAX-NAME ::= { LDAP-DESC "X.509 Certificate Pair Assertion" DIRECTORY SYNTAX CertificatePairAssertion ID id-ldx-certPairAssertion } certListExactAssertion SYNTAX-NAME ::= { LDAP-DESC "X.509 Certificate List Exact Assertion" DIRECTORY SYNTAX CertificateListExactAssertion ID id-ldx-certListExactAssertion } certListAssertion SYNTAX-NAME ::= { LDAP-DESC "X.509 Certificate List Assertion" DIRECTORY SYNTAX CertificateListAssertion ID id-ldx-certListAssertion } algorithmIdentifier SYNTAX-NAME ::= { LDAP-DESC "X.509 Algorithm Identifier" DIRECTORY SYNTAX AlgorithmIdentifier {{ SupportedAlgorithms }} ID id-ldx-algorithmIdentifier } -- Object identifier assignments id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9} id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14} id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15} id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= { id-ce 16} id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17} id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18} id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19} id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20} id-ce-reasonCode OBJECT IDENTIFIER ::= { id-ce 21} id-ce-instructionCode OBJECT IDENTIFIER ::= { id-ce 23} id-ce-invalidityDate OBJECT IDENTIFIER ::= { id-ce 24} id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= { id-ce 27} id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= { id-ce 28} id-ce-certificateIssuer OBJECT IDENTIFIER ::= { id-ce 29} id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30} id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31} id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32} id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33} -- deprecated OBJECT IDENTIFIER ::= {id-ce 34} id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35} id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36} id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37} id-ce-cRLStreamIdentifier OBJECT IDENTIFIER ::= { id-ce 40} id-ce-cRLScope OBJECT IDENTIFIER ::= { id-ce 44} id-ce-statusReferrals OBJECT IDENTIFIER ::= { id-ce 45} id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46} id-ce-orderedList OBJECT IDENTIFIER ::= { id-ce 47} id-ce-baseUpdateTime OBJECT IDENTIFIER ::= { id-ce 51} id-ce-deltaInfo OBJECT IDENTIFIER ::= { id-ce 53} id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54} id-ce-toBeRevoked OBJECT IDENTIFIER ::= { id-ce 58} id-ce-RevokedGroups OBJECT IDENTIFIER ::= { id-ce 59} id-ce-expiredCertsOnCRL OBJECT IDENTIFIER ::= { id-ce 60} id-ce-aAissuingDistributionPoint OBJECT IDENTIFIER ::= { id-ce 63} -- matching rule OIDs id-mr-certificateExactMatch OBJECT IDENTIFIER ::= { id-mr 34} id-mr-certificateMatch OBJECT IDENTIFIER ::= { id-mr 35} id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= { id-mr 36} id-mr-certificatePairMatch OBJECT IDENTIFIER ::= { id-mr 37} id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= { id-mr 38} id-mr-certificateListMatch OBJECT IDENTIFIER ::= { id-mr 39} id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= { id-mr 40} id-mr-policyMatch OBJECT IDENTIFIER ::= { id-mr 60} id-mr-pkiPathMatch OBJECT IDENTIFIER ::= { id-mr 62} id-mr-enhancedCertificateMatch OBJECT IDENTIFIER ::= { id-mr 65} -- Object identifiers for LDAP X.509 assertion syntaxes id-ldx-certExactAssertion OBJECT IDENTIFIER ::= { id-ldx 1} id-ldx-certAssertion OBJECT IDENTIFIER ::= { id-ldx 2} id-ldx-certPairExactAssertion OBJECT IDENTIFIER ::= { id-ldx 3} id-ldx-certPairAssertion OBJECT IDENTIFIER ::= { id-ldx 4} id-ldx-certListExactAssertion OBJECT IDENTIFIER ::= { id-ldx 5} id-ldx-certListAssertion OBJECT IDENTIFIER ::= { id-ldx 6} id-ldx-algorithmIdentifier OBJECT IDENTIFIER ::= { id-ldx 7} -- The following OBJECT IDENTIFIERS are not used by this Specification: -- {id-ce 2}, {id-ce 3}, {id-ce 4}, {id-ce 5}, {id-ce 6}, {id-ce 7}, -- {id-ce 8}, {id-ce 10}, {id-ce 11}, {id-ce 12}, {id-ce 13}, -- {id-ce 22}, {id-ce 25}, {id-ce 26} END -- CertificateExtensions-- -- Generated by Asnp , the ASN.1 pretty-printer of France Telecom R&D
Language:English
Score: 394549.07 - https://www.itu.int/wftp3/Publ...012/CertificateExtensions.html
Data Source: un
Note 2: When the identifier type is coded as Session, a Session identifier shall be coded in the Identifier value field of the octet group. The maximum length is 20 octets. Note 3: When the identifier type is coded as Resource, a Resource identifier shall be coded in the Identifier value field of the octet group. (...) Identifier value: Value of an identifier coded according to the Recommendation or the Standard identified in octet 5. 1.9 General Procedures This Subclause specifies general DSS2 procedures for using the Generic identifier transport information element.
Language:English
Score: 394507.7 - https://www.itu.int/wftp3/av-a...997-2000/9702_Bos/AVC-1105.mw6
Data Source: un
-- Module AccountingDefinedTypesModule (Q.751.3:09/1997) AccountingDefinedTypesModule {itu-t(0) recommendation(0) q(17) omap(751) accounting(3) informationModel(0) asn1Modules(2) accountingDefinedTypesModule(0)} DEFINITIONS IMPLICIT TAGS ::= BEGIN IMPORTS ObjectInstance, ControlStatus FROM Attribute-ASN1Module {joint-iso-itu-t ms(9) smi(3) part2(2) asn1Module(2) 1} PointerOrNull FROM ASN1DefinedTypesModule {itu-t recommendation m gnm(3100) informationModel(0) asn1Modules(2) asn1DefinedTypesModule(0)} AdditionalName FROM MTPDefinedTypesModule {itu-t(0) recommendation q(17) omap(751) mtp(1) informationModel(0) asn1Modules(2) mtpDefinedTypesModule(0)}; -- ASN.1 type definitions DataProblem ::= ENUMERATED { noProblem(0), intervalNotComplete(1), configurationChanged(2), notReliable(3) } EndOfMeasurementTime ::= GeneralizedTime MeasurementControlStatus ::= SET OF INTEGER {suspended(3)} maxNumberReferencesInSelectionGroupSet INTEGER ::= 8 -- h this number is only for compilability SelectionGroup ::= SEQUENCE { selectionItem [0] ObjectInstance, optionalSelectionItem [1] ObjectInstance OPTIONAL } SelectionGroupSet ::= SET SIZE (0..maxNumberReferencesInSelectionGroupSet) OF SelectionGroup -- ASN.1 OBJECT IDENTIFIER definitions ss7AccountingInformationModel OBJECT IDENTIFIER ::= {itu-t recommendation(0) q(17) omap(751) accounting(3)} accountingAction OBJECT IDENTIFIER ::= {ss7AccountingInformationModel action(9)} accountingAttribute OBJECT IDENTIFIER ::= {ss7AccountingInformationModel attribute(7)} accountingAttributeGroup OBJECT IDENTIFIER ::= {ss7AccountingInformationModel attributeGroup(8)} accountingNameBinding OBJECT IDENTIFIER ::= {ss7AccountingInformationModel nameBinding(6)} accountingNotification OBJECT IDENTIFIER ::= {ss7AccountingInformationModel notification(10)} accountingObjectClass OBJECT IDENTIFIER ::= {ss7AccountingInformationModel managedObjectClass(3)} accountingPackage OBJECT IDENTIFIER ::= {ss7AccountingInformationModel package(4)} accountingParameter OBJECT IDENTIFIER ::= {ss7AccountingInformationModel parameter(5)} accountingOrVerification-AOi OBJECT IDENTIFIER ::= {accountingAttribute accountingOrVerification(0)} endOfMeasurementTime-AOi OBJECT IDENTIFIER ::= {accountingAttribute endOfMeasurementTime(7)} controlPointer-AOi OBJECT IDENTIFIER ::= {accountingAttribute controlPointer(1)} controlPointerPackage-POi OBJECT IDENTIFIER ::= {accountingPackage controlPointerPackage(1)} measurementControlStatus-AOi OBJECT IDENTIFIER ::= {accountingAttribute measurementControlStatus(6)} measurementControlStatusPackage-POi OBJECT IDENTIFIER ::= {accountingPackage measurementControlStatusPackage(2)} operatorName-AOi OBJECT IDENTIFIER ::= {accountingAttribute operatorName(3)} selectionGroupSetForAccounting-AOi OBJECT IDENTIFIER ::= {accountingAttribute selectionGroupSetForAccounting(4)} selectionGroupSetForVerification-AOi OBJECT IDENTIFIER ::= {accountingAttribute selectionGroupSetForVerification(5)} ss7AccountingAndVerificationControlPackage-POi OBJECT IDENTIFIER ::= {accountingPackage ss7AccountingAndVerificationControlPackage(3)} ss7AccountingAndVerificationControl-OOi OBJECT IDENTIFIER ::= {accountingObjectClass ss7AccountingAndVerificationControl(0)} ss7AccountingAndVerificationControl-managedElement-NBOI OBJECT IDENTIFIER ::= {accountingNameBinding ss7AccountingAndVerificationControl-managedElement(0)} ss7AccountingAndVerificationControl-managedSwitchingElement-NBOI OBJECT IDENTIFIER ::= {accountingNameBinding ss7AccountingAndVerificationControl-managedSwitchingElement(1)} ss7AccountingLogRecord-OOi OBJECT IDENTIFIER ::= {accountingObjectClass ss7AccountingLogRecord(1)} ss7AccountingLogRecordPackage-POi OBJECT IDENTIFIER ::= {accountingPackage ss7AccountingLogRecordPackage(1)} ss7Accounting-NOI OBJECT IDENTIFIER ::= {accountingNotification ss7Accounting(0)} -- ASN.1 OBJECT IDENTIFIER definitions for specific errors objectStillReferencedError-OID OBJECT IDENTIFIER ::= {accountingParameter objectStillReferencedError(1)} END -- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
Language:English
Score: 394375.3 - https://www.itu.int/wftp3/Publ...countingDefinedTypesModule.asn
Data Source: un
MAX ) OF KeyPurposeId IDENTIFIED BY id-ce-extKeyUsage } KeyPurposeId ::= OBJECT IDENTIFIER privateKeyUsagePeriod EXTENSION ::= { SYNTAX PrivateKeyUsagePeriod IDENTIFIED BY id-ce-privateKeyUsagePeriod } PrivateKeyUsagePeriod ::= SEQUENCE { notBefore [0] GeneralizedTime OPTIONAL , notAfter [1] GeneralizedTime OPTIONAL } ( WITH COMPONENTS { ..., notBefore PRESENT } | WITH COMPONENTS { ..., notAfter PRESENT }) certificatePolicies EXTENSION ::= { SYNTAX CertificatePoliciesSyntax IDENTIFIED BY id-ce-certificatePolicies } CertificatePoliciesSyntax ::= SEQUENCE SIZE (1.. (...) MAX ) reasonCode EXTENSION ::= { SYNTAX CRLReason IDENTIFIED BY id-ce-reasonCode } CRLReason ::= ENUMERATED { unspecified(0), keyCompromise(1), cACompromise(2), affiliationChanged(3), superseded(4), cessationOfOperation(5), certificateHold(6), removeFromCRL(8) } instructionCode EXTENSION ::= { SYNTAX HoldInstruction IDENTIFIED BY id-ce-instructionCode } HoldInstruction ::= OBJECT IDENTIFIER invalidityDate EXTENSION ::= { SYNTAX GeneralizedTime IDENTIFIED BY id-ce-invalidityDate } -- CRL distribution points and delta-CRL extensions cRLDistributionPoints EXTENSION ::= { SYNTAX CRLDistPointsSyntax IDENTIFIED BY id-ce-cRLDistributionPoints } CRLDistPointsSyntax ::= SEQUENCE SIZE (1.. MAX ) OF DistributionPoint DistributionPoint ::= SEQUENCE { distributionPoint [0] DistributionPointName OPTIONAL , reasons [1] ReasonFlags OPTIONAL , cRLIssuer [2] GeneralNames OPTIONAL } DistributionPointName ::= CHOICE { fullName [0] GeneralNames , nameRelativeToCRLIssuer [1] RelativeDistinguishedName } ReasonFlags ::= BIT STRING { unused(0), keyCompromise(1), caCompromise(2), affiliationChanged(3), superseded(4), cessationOfOperation(5), certificateHold(6)} issuingDistributionPoint EXTENSION ::= { SYNTAX IssuingDistPointSyntax IDENTIFIED BY id-ce-issuingDistributionPoint } IssuingDistPointSyntax ::= SEQUENCE { distributionPoint [0] DistributionPointName OPTIONAL , onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE , onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE , onlySomeReasons [3] ReasonFlags OPTIONAL , indirectCRL [4] BOOLEAN DEFAULT FALSE } certificateIssuer EXTENSION ::= { SYNTAX GeneralNames IDENTIFIED BY id-ce-certificateIssuer } deltaCRLIndicator EXTENSION ::= { SYNTAX BaseCRLNumber IDENTIFIED BY id-ce-deltaCRLIndicator } BaseCRLNumber ::= CRLNumber deltaRevocationList ATTRIBUTE ::= { WITH SYNTAX CertificateList EQUALITY MATCHING RULE certificateListExactMatch ID id-at-deltaRevocationList } -- Matching rules certificateExactMatch MATCHING-RULE ::= { SYNTAX CertificateExactAssertion ID id-mr-certificateExactMatch } CertificateExactAssertion ::= SEQUENCE { serialNumber CertificateSerialNumber , issuer Name } certificateMatch MATCHING-RULE ::= { SYNTAX CertificateAssertion ID id-mr-certificateMatch } CertificateAssertion ::= SEQUENCE { serialNumber [0] CertificateSerialNumber OPTIONAL , issuer [1] Name OPTIONAL , subjectKeyIdentifier [2] SubjectKeyIdentifier OPTIONAL , authorityKeyIdentifier [3] AuthorityKeyIdentifier OPTIONAL , certificateValid [4] Time OPTIONAL , privateKeyValid [5] GeneralizedTime OPTIONAL , subjectPublicKeyAlgID [6] OBJECT IDENTIFIER OPTIONAL , keyUsage [7] KeyUsage OPTIONAL , subjectAltName [8] AltNameType OPTIONAL , policy [9] CertPolicySet OPTIONAL , pathToName [10] Name OPTIONAL } AltNameType ::= CHOICE { builtinNameForm ENUMERATED {rfc822Name(1), dNSName(2), x400Address(3), directoryName(4), ediPartyName(5), uniformResourceIdentifier(6), iPAddress(7), registeredId(8)}, otherNameForm OBJECT IDENTIFIER } certificatePairExactMatch MATCHING-RULE ::= { SYNTAX CertificatePairExactAssertion ID id-mr-certificatePairExactMatch } CertificatePairExactAssertion ::= SEQUENCE { forwardAssertion [0] CertificateExactAssertion OPTIONAL , reverseAssertion [1] CertificateExactAssertion OPTIONAL } ( WITH COMPONENTS { ..., forwardAssertion PRESENT } | WITH COMPONENTS { ..., reverseAssertion PRESENT }) certificatePairMatch MATCHING-RULE ::= { SYNTAX CertificatePairAssertion ID id-mr-certificatePairMatch } CertificatePairAssertion ::= SEQUENCE { forwardAssertion [0] CertificateAssertion OPTIONAL , reverseAssertion [1] CertificateAssertion OPTIONAL } ( WITH COMPONENTS { ..., forwardAssertion PRESENT } | WITH COMPONENTS { ..., reverseAssertion PRESENT }) certificateListExactMatch MATCHING-RULE ::= { SYNTAX CertificateListExactAssertion ID id-mr-certificateListExactMatch } CertificateListExactAssertion ::= SEQUENCE { issuer Name , thisUpdate Time , distributionPoint DistributionPointName OPTIONAL } certificateListMatch MATCHING-RULE ::= { SYNTAX CertificateListAssertion ID id-mr-certificateListMatch } CertificateListAssertion ::= SEQUENCE { issuer Name OPTIONAL , minCRLNumber [0] CRLNumber OPTIONAL , maxCRLNumber [1] CRLNumber OPTIONAL , reasonFlags ReasonFlags OPTIONAL , dateAndTime Time OPTIONAL , distributionPoint [2] DistributionPointName OPTIONAL } algorithmIdentifierMatch MATCHING-RULE ::= { SYNTAX AlgorithmIdentifier ID id-mr-algorithmIdentifierMatch } -- Object identifier assignments id-at-supportedAlgorithms OBJECT IDENTIFIER ::= { id-at 52} id-at-deltaRevocationList OBJECT IDENTIFIER ::= { id-at 53} id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9} id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14} id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15} id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= { id-ce 16} id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17} id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18} id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19} id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20} id-ce-reasonCode OBJECT IDENTIFIER ::= { id-ce 21} id-ce-instructionCode OBJECT IDENTIFIER ::= { id-ce 23} id-ce-invalidityDate OBJECT IDENTIFIER ::= { id-ce 24} id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= { id-ce 27} id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= { id-ce 28} id-ce-certificateIssuer OBJECT IDENTIFIER ::= { id-ce 29} id-ce-nameConstraint OBJECT IDENTIFIER ::= { id-ce 30 1} id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31} id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32} id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33} -- deprecated OBJECT IDENTIFIER ::= {id-ce 34} id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35} id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36} id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37} id-mr-certificateExactMatch OBJECT IDENTIFIER ::= { id-mr 34} id-mr-certificateMatch OBJECT IDENTIFIER ::= { id-mr 35} id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= { id-mr 36} id-mr-certificatePairMatch OBJECT IDENTIFIER ::= { id-mr 37} id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= { id-mr 38} id-mr-certificateListMatch OBJECT IDENTIFIER ::= { id-mr 39} id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= { id-mr 40} id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54} -- The following OBJECT IDENTIFIERS are not used by this Specification: -- {id-ce 2}, {id-ce 3}, {id-ce 4}, {id-ce 5}, {id-ce 6}, {id-ce 7}, -- {id-ce 8}, {id-ce 10}, {id-ce 11}, {id-ce 12}, {id-ce 13}, -- {id-ce 22}, {id-ce 25}, {id-ce 26}, {id-ce 30} END -- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
Language:English
Score: 394323.7 - https://www.itu.int/wftp3/Publ...997/CertificateExtensions.html
Data Source: un
. -- Key and policy information extensions authorityKeyIdentifier EXTENSION ::= { SYNTAX AuthorityKeyIdentifier IDENTIFIED BY id-ce-authorityKeyIdentifier } AuthorityKeyIdentifier ::= SEQUENCE { keyIdentifier [0] KeyIdentifier OPTIONAL, authorityCertIssuer [1] GeneralNames OPTIONAL, authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL } (WITH COMPONENTS { ..., authorityCertIssuer PRESENT, authorityCertSerialNumber PRESENT } | WITH COMPONENTS { ..., authorityCertIssuer ABSENT, authorityCertSerialNumber ABSENT }) KeyIdentifier ::= OCTET STRING subjectKeyIdentifier EXTENSION ::= { SYNTAX SubjectKeyIdentifier IDENTIFIED BY id-ce-subjectKeyIdentifier } SubjectKeyIdentifier ::= KeyIdentifier keyUsage EXTENSION ::= {SYNTAX KeyUsage IDENTIFIED BY id-ce-keyUsage } KeyUsage ::= BIT STRING { digitalSignature(0), nonRepudiation(1), keyEncipherment(2), dataEncipherment(3), keyAgreement(4), keyCertSign(5), cRLSign(6), encipherOnly(7), decipherOnly(8)} extKeyUsage EXTENSION ::= { SYNTAX SEQUENCE SIZE (1..MAX) OF KeyPurposeId IDENTIFIED BY id-ce-extKeyUsage } KeyPurposeId ::= OBJECT IDENTIFIER privateKeyUsagePeriod EXTENSION ::= { SYNTAX PrivateKeyUsagePeriod IDENTIFIED BY id-ce-privateKeyUsagePeriod } PrivateKeyUsagePeriod ::= SEQUENCE { notBefore [0] GeneralizedTime OPTIONAL, notAfter [1] GeneralizedTime OPTIONAL } (WITH COMPONENTS { ..., notBefore PRESENT } | WITH COMPONENTS { ..., notAfter PRESENT }) certificatePolicies EXTENSION ::= { SYNTAX CertificatePoliciesSyntax IDENTIFIED BY id-ce-certificatePolicies } CertificatePoliciesSyntax ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation PolicyInformation ::= SEQUENCE { policyIdentifier CertPolicyId, policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL } CertPolicyId ::= OBJECT IDENTIFIER PolicyQualifierInfo ::= SEQUENCE { policyQualifierId CERT-POLICY-QUALIFIER. (...) CERT-POLICY-QUALIFIER ::= CLASS { &id OBJECT IDENTIFIER UNIQUE, &Qualifier OPTIONAL }WITH SYNTAX {POLICY-QUALIFIER-ID &id [QUALIFIER-TYPE &Qualifier] } policyMappings EXTENSION ::= { SYNTAX PolicyMappingsSyntax IDENTIFIED BY id-ce-policyMappings } PolicyMappingsSyntax ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {issuerDomainPolicy CertPolicyId, subjectDomainPolicy CertPolicyId} supportedAlgorithms ATTRIBUTE ::= { WITH SYNTAX SupportedAlgorithm EQUALITY MATCHING RULE algorithmIdentifierMatch ID id-at-supportedAlgorithms } SupportedAlgorithm ::= SEQUENCE { algorithmIdentifier AlgorithmIdentifier, intendedUsage [0] KeyUsage OPTIONAL, intendedCertificatePolicies [1] CertificatePoliciesSyntax OPTIONAL } -- Certificate subject and certificate issuer attributes extensions subjectAltName EXTENSION ::= { SYNTAX GeneralNames IDENTIFIED BY id-ce-subjectAltName } GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName GeneralName ::= CHOICE { otherName [0] INSTANCE OF OTHER-NAME, rfc822Name [1] IA5String, dNSName [2] IA5String, x400Address [3] ORAddress, directoryName [4] Name, ediPartyName [5] EDIPartyName, uniformResourceIdentifier [6] IA5String, iPAddress [7] OCTET STRING, registeredID [8] OBJECT IDENTIFIER } OTHER-NAME ::= TYPE-IDENTIFIER EDIPartyName ::= SEQUENCE { nameAssigner [0] DirectoryString{ub-name} OPTIONAL, partyName [1] DirectoryString{ub-name} } issuerAltName EXTENSION ::= { SYNTAX GeneralNames IDENTIFIED BY id-ce-issuerAltName } subjectDirectoryAttributes EXTENSION ::= { SYNTAX AttributesSyntax IDENTIFIED BY id-ce-subjectDirectoryAttributes } AttributesSyntax ::= SEQUENCE SIZE (1..MAX) OF Attribute -- Certification path constraints extensions basicConstraints EXTENSION ::= { SYNTAX BasicConstraintsSyntax IDENTIFIED BY id-ce-basicConstraints } BasicConstraintsSyntax ::= SEQUENCE { cA BOOLEAN DEFAULT FALSE, pathLenConstraint INTEGER(0..MAX) OPTIONAL } nameConstraints EXTENSION ::= { SYNTAX NameConstraintsSyntax IDENTIFIED BY id-ce-nameConstraint } NameConstraintsSyntax ::= SEQUENCE { permittedSubtrees [0] GeneralSubtrees OPTIONAL, excludedSubtrees [1] GeneralSubtrees OPTIONAL, requiredNameForms [2] NameForms OPTIONAL } GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree GeneralSubtree ::= SEQUENCE { base GeneralName, minimum [0] BaseDistance DEFAULT 0, maximum [1] BaseDistance OPTIONAL } BaseDistance ::= INTEGER(0..MAX) NameForms ::= SEQUENCE { basicNameForms [0] BasicNameForms OPTIONAL, otherNameForms [1] SEQUENCE SIZE (1..MAX) OF OBJECT IDENTIFIER OPTIONAL }(ALL EXCEPT ({ --none; i.e.:at least one component shall be present--})) BasicNameForms ::= BIT STRING { rfc822Name(0), dNSName(1), x400Address(2), directoryName(3), ediPartyName(4), uniformResourceIdentifier(5), iPAddress(6), registeredID(7)}(SIZE (1..MAX)) policyConstraints EXTENSION ::= { SYNTAX PolicyConstraintsSyntax IDENTIFIED BY id-ce-policyConstraints } PolicyConstraintsSyntax ::= SEQUENCE { requireExplicitPolicy [0] SkipCerts OPTIONAL, inhibitPolicyMapping [1] SkipCerts OPTIONAL } SkipCerts ::= INTEGER(0..MAX) CertPolicySet ::= SEQUENCE SIZE (1..MAX) OF CertPolicyId -- Basic CRL extensions cRLNumber EXTENSION ::= { SYNTAX CRLNumber IDENTIFIED BY id-ce-cRLNumber } CRLNumber ::= INTEGER(0..MAX) reasonCode EXTENSION ::= { SYNTAX CRLReason IDENTIFIED BY id-ce-reasonCode } CRLReason ::= ENUMERATED { unspecified(0), keyCompromise(1), cACompromise(2), affiliationChanged(3), superseded(4), cessationOfOperation(5), certificateHold(6), removeFromCRL(8) } instructionCode EXTENSION ::= { SYNTAX HoldInstruction IDENTIFIED BY id-ce-instructionCode } HoldInstruction ::= OBJECT IDENTIFIER invalidityDate EXTENSION ::= { SYNTAX GeneralizedTime IDENTIFIED BY id-ce-invalidityDate } -- CRL distribution points and delta-CRL extensions cRLDistributionPoints EXTENSION ::= { SYNTAX CRLDistPointsSyntax IDENTIFIED BY id-ce-cRLDistributionPoints } CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint DistributionPoint ::= SEQUENCE { distributionPoint [0] DistributionPointName OPTIONAL, reasons [1] ReasonFlags OPTIONAL, cRLIssuer [2] GeneralNames OPTIONAL } DistributionPointName ::= CHOICE { fullName [0] GeneralNames, nameRelativeToCRLIssuer [1] RelativeDistinguishedName } ReasonFlags ::= BIT STRING { unused(0), keyCompromise(1), caCompromise(2), affiliationChanged(3), superseded(4), cessationOfOperation(5), certificateHold(6)} issuingDistributionPoint EXTENSION ::= { SYNTAX IssuingDistPointSyntax IDENTIFIED BY id-ce-issuingDistributionPoint } IssuingDistPointSyntax ::= SEQUENCE { distributionPoint [0] DistributionPointName OPTIONAL, onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE, onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE, onlySomeReasons [3] ReasonFlags OPTIONAL, indirectCRL [4] BOOLEAN DEFAULT FALSE } certificateIssuer EXTENSION ::= { SYNTAX GeneralNames IDENTIFIED BY id-ce-certificateIssuer } deltaCRLIndicator EXTENSION ::= { SYNTAX BaseCRLNumber IDENTIFIED BY id-ce-deltaCRLIndicator } BaseCRLNumber ::= CRLNumber deltaRevocationList ATTRIBUTE ::= { WITH SYNTAX CertificateList EQUALITY MATCHING RULE certificateListExactMatch ID id-at-deltaRevocationList } -- Matching rules certificateExactMatch MATCHING-RULE ::= { SYNTAX CertificateExactAssertion ID id-mr-certificateExactMatch } CertificateExactAssertion ::= SEQUENCE { serialNumber CertificateSerialNumber, issuer Name } certificateMatch MATCHING-RULE ::= { SYNTAX CertificateAssertion ID id-mr-certificateMatch } CertificateAssertion ::= SEQUENCE { serialNumber [0] CertificateSerialNumber OPTIONAL, issuer [1] Name OPTIONAL, subjectKeyIdentifier [2] SubjectKeyIdentifier OPTIONAL, authorityKeyIdentifier [3] AuthorityKeyIdentifier OPTIONAL, certificateValid [4] Time OPTIONAL, privateKeyValid [5] GeneralizedTime OPTIONAL, subjectPublicKeyAlgID [6] OBJECT IDENTIFIER OPTIONAL, keyUsage [7] KeyUsage OPTIONAL, subjectAltName [8] AltNameType OPTIONAL, policy [9] CertPolicySet OPTIONAL, pathToName [10] Name OPTIONAL } AltNameType ::= CHOICE { builtinNameForm ENUMERATED {rfc822Name(1), dNSName(2), x400Address(3), directoryName(4), ediPartyName(5), uniformResourceIdentifier(6), iPAddress(7), registeredId(8)}, otherNameForm OBJECT IDENTIFIER } certificatePairExactMatch MATCHING-RULE ::= { SYNTAX CertificatePairExactAssertion ID id-mr-certificatePairExactMatch } CertificatePairExactAssertion ::= SEQUENCE { forwardAssertion [0] CertificateExactAssertion OPTIONAL, reverseAssertion [1] CertificateExactAssertion OPTIONAL } (WITH COMPONENTS { ..., forwardAssertion PRESENT } | WITH COMPONENTS { ..., reverseAssertion PRESENT }) certificatePairMatch MATCHING-RULE ::= { SYNTAX CertificatePairAssertion ID id-mr-certificatePairMatch } CertificatePairAssertion ::= SEQUENCE { forwardAssertion [0] CertificateAssertion OPTIONAL, reverseAssertion [1] CertificateAssertion OPTIONAL } (WITH COMPONENTS { ..., forwardAssertion PRESENT } | WITH COMPONENTS { ..., reverseAssertion PRESENT }) certificateListExactMatch MATCHING-RULE ::= { SYNTAX CertificateListExactAssertion ID id-mr-certificateListExactMatch } CertificateListExactAssertion ::= SEQUENCE { issuer Name, thisUpdate Time, distributionPoint DistributionPointName OPTIONAL } certificateListMatch MATCHING-RULE ::= { SYNTAX CertificateListAssertion ID id-mr-certificateListMatch } CertificateListAssertion ::= SEQUENCE { issuer Name OPTIONAL, minCRLNumber [0] CRLNumber OPTIONAL, maxCRLNumber [1] CRLNumber OPTIONAL, reasonFlags ReasonFlags OPTIONAL, dateAndTime Time OPTIONAL, distributionPoint [2] DistributionPointName OPTIONAL } algorithmIdentifierMatch MATCHING-RULE ::= { SYNTAX AlgorithmIdentifier ID id-mr-algorithmIdentifierMatch } -- Object identifier assignments id-at-supportedAlgorithms OBJECT IDENTIFIER ::= {id-at 52} id-at-deltaRevocationList OBJECT IDENTIFIER ::= {id-at 53} id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= {id-ce 9} id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 14} id-ce-keyUsage OBJECT IDENTIFIER ::= {id-ce 15} id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= {id-ce 16} id-ce-subjectAltName OBJECT IDENTIFIER ::= {id-ce 17} id-ce-issuerAltName OBJECT IDENTIFIER ::= {id-ce 18} id-ce-basicConstraints OBJECT IDENTIFIER ::= {id-ce 19} id-ce-cRLNumber OBJECT IDENTIFIER ::= {id-ce 20} id-ce-reasonCode OBJECT IDENTIFIER ::= {id-ce 21} id-ce-instructionCode OBJECT IDENTIFIER ::= {id-ce 23} id-ce-invalidityDate OBJECT IDENTIFIER ::= {id-ce 24} id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= {id-ce 27} id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= {id-ce 28} id-ce-certificateIssuer OBJECT IDENTIFIER ::= {id-ce 29} id-ce-nameConstraint OBJECT IDENTIFIER ::= {id-ce 30 1} id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31} id-ce-certificatePolicies OBJECT IDENTIFIER ::= {id-ce 32} id-ce-policyMappings OBJECT IDENTIFIER ::= {id-ce 33} -- deprecated OBJECT IDENTIFIER ::= {id-ce 34} id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= {id-ce 35} id-ce-policyConstraints OBJECT IDENTIFIER ::= {id-ce 36} id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37} id-mr-certificateExactMatch OBJECT IDENTIFIER ::= {id-mr 34} id-mr-certificateMatch OBJECT IDENTIFIER ::= {id-mr 35} id-mr-certificatePairExactMatch OBJECT IDENTIFIER ::= {id-mr 36} id-mr-certificatePairMatch OBJECT IDENTIFIER ::= {id-mr 37} id-mr-certificateListExactMatch OBJECT IDENTIFIER ::= {id-mr 38} id-mr-certificateListMatch OBJECT IDENTIFIER ::= {id-mr 39} id-mr-algorithmIdentifierMatch OBJECT IDENTIFIER ::= {id-mr 40} id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= {id-ce 54} -- The following OBJECT IDENTIFIERS are not used by this Specification: -- {id-ce 2}, {id-ce 3}, {id-ce 4}, {id-ce 5}, {id-ce 6}, {id-ce 7}, -- {id-ce 8}, {id-ce 10}, {id-ce 11}, {id-ce 12}, {id-ce 13}, -- {id-ce 22}, {id-ce 25}, {id-ce 26}, {id-ce 30} END -- Generated by Asnp, the ASN.1 pretty-printer of France Telecom R&D
Language:English
Score: 394323.7 - https://www.itu.int/wftp3/Publ...1997/CertificateExtensions.asn
Data Source: un