[Top] [All Lists]

RE: Cert Attributes in CERTDIST

1999-09-16 12:21:47
X.509-1997 defines the supported algorithm attribute. There seems to be a lot of overlap.


= = = = = = = = = =  Supported algorithms attribute

A Directory attribute is defined to support the selection of an algorithm for use when communicating with a remote end entity using certificates as defined in this Directory Specification. The following ASN.1 defines this (multi-valued) attribute:

   supportedAlgorithms ATTRIBUTE ::= {
        WITH SYNTAX SupportedAlgorithm
        EQUALITY MATCHING RULE algorithmIdentifierMatch
        ID id-at-supportedAlgorithms }

   SupportedAlgorithm ::= SEQUENCE {
        algorithmIdentifier              AlgorithmIdentifier,
        intendedUsage                [0] KeyUsage OPTIONAL,
        intendedCertificatePolicies  [1] CertificatePoliciesSyntax OPTIONAL }

Each value of the multi-valued attribute shall have a distinct algorithmIdentifier value. The value of the intendedUsage component provides an indication of the intended usage of the algorithm (see for recognized uses). The value of the intendedCertificatePolicies component identifies the certificate policies and, optionally, certificate policy qualifiers with which the identified algorithm may be used.

<Prev in Thread] Current Thread [Next in Thread>