Internet X. 509 Public Key Infrastructure : Qualified Certificates Profile

By Santesson, S.

Book Id: WPLBN0000693714
Format Type: PDF eBook:
File Size: 0.1 MB
Reproduction Date: 2005

Title:	Internet X. 509 Public Key Infrastructure : Qualified Certificates Profile
Author:	Santesson, S.
Volume:
Language:	English
Subject:	Sociolinguistics, Sociology, Language
Collections:	Technical eBooks and Manuals Collection, Technical eBooks Collection
Historic Publication Date:
Publisher:


Citation APA MLA Chicago Santesson, B. S. (n.d.). Internet X. 509 Public Key Infrastructure : Qualified Certificates Profile. Retrieved from http://gutenberg.cc/

Description
Technical Reference Publication

Excerpt
Introduction: This specification is one part of a family of standards for the X.509 Public Key Infrastructure (PKI) for the Internet. It is based on [X.509] and [RFC 3280], which defines underlying certificate formats and semantics needed for a full implementation of this standard. This profile includes specific mechanisms intended for use with Qualified Certificates. The term Qualified Certificates and the assumptions that affect the scope of this document are discussed in Section 2.

Table of Contents
Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Changes since RFC 3039 . . . . . . . . . . . . . . . . . 3 1.2. Definitions. . . . . . . . . . . . . . . . . . . . . . . 4 2. Requirements and Assumptions . . . . . . . . . . . . . . . . . 4 2.1. Properties . . . . . . . . . . . . . . . . . . . . . . . 5 2.2. Statement of Purpose . . . . . . . . . . . . . . . . . . 5 2.3. Policy Issues. . . . . . . . . . . . . . . . . . . . . . 5 2.4. Uniqueness of Names. . . . . . . . . . . . . . . . . . . 6 3. Certificate and Certificate Extensions Profile . . . . . . . . 6 3.1. Basic Certificate Fields . . . . . . . . . . . . . . . . 6 3.1.1. Issuer . . . . . . . . . . . . . . . . . . . . . 6 3.1.2. Subject. . . . . . . . . . . . . . . . . . . . . 7 3.2. Certificate Extensions . . . . . . . . . . . . . . . . . 9 3.2.1. Subject Alternative Name . . . . . . . . . . . . 9 3.2.2. Subject Directory Attributes . . . . . . . . . . 9 3.2.3. Certificate Policies . . . . . . . . . . . . . . 11 3.2.4. Key Usage. . . . . . . . . . . . . . . . . . . . 11 3.2.5. Biometric Information. . . . . . . . . . . . . . 11 3.2.6. Qualified Certificate Statements . . . . . . . . 13 4. Security Considerations. . . . . . . . . . . . . . . . . . . . 15 A. ASN.1 Definitions. . . . . . . . . . . . . . . . . . . . . . . 17 A.1. 1988 ASN.1 Module (Normative). . . . . . . . . . . . . . 17 A.2. 1997 ASN.1 Module (Informative). . . . . . . . . . . . . 19 B. A Note on Attributes . . . . . . . . . . . . . . . . . . . . . 23 C. Example Certificate. . . . . . . . . . . . . . . . . . . . . . 23 C.1. ASN.1 Structure. . . . . . . . . . . . . . . . . . . . . 24 C.1.1. Extensions . . . . . . . . . . . . . . . . . . . 24 C.1.2. The Certificate. . . . . . . . . . . . . . . . . 25 C.2. ASN.1 Dump . . . . . . . . . . . . . . . . . . . . . . . 27 C.3. DER-encoding . . . . . . . . . . . . . . . . . . . . . . 30 C.4. CA's Public Key. . . . . . . . . . . . . . . . . . . . . 31 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 33 Full Copyright Statement . . . . . . . . . . . . . . . . . . . . . 34