X.509-1997 defines the supported algorithm attribute. There seems to be a
lot of overlap.
Russ
= = = = = = = = = =
12.2.2.8 Supported algorithms attribute
A Directory attribute is defined to support the selection of an algorithm
for use when communicating with a remote end entity using certificates as
defined in this Directory Specification. The following ASN.1 defines this
(multi-valued) attribute:
supportedAlgorithms ATTRIBUTE ::= {
WITH SYNTAX SupportedAlgorithm
EQUALITY MATCHING RULE algorithmIdentifierMatch
ID id-at-supportedAlgorithms }
SupportedAlgorithm ::= SEQUENCE {
algorithmIdentifier AlgorithmIdentifier,
intendedUsage [0] KeyUsage OPTIONAL,
intendedCertificatePolicies [1] CertificatePoliciesSyntax OPTIONAL }
Each value of the multi-valued attribute shall have a distinct
algorithmIdentifier value. The value of the intendedUsage component
provides an indication of the intended usage of the algorithm (see 12.2.2.3
for recognized uses). The value of the intendedCertificatePolicies
component identifies the certificate policies and, optionally, certificate
policy qualifiers with which the identified algorithm may be used.