rfc2985.PKCS #9 Selected Object Class and Attribute Types Version 2.0

更新时间:2023-08-03 12:24:09 阅读: 评论:0

Network Working Group                                          M. Nystrom Request for Comments: 2985                                      B. Kaliski Category: Informational                                      RSA Security                                                              November 2000          PKCS #9: Selected Object Class and Attribute Types
Version 2.0
Status of this Memo
pm是什么岗位This memo provides information for the Internet community.  It does
not specify an Internet standard of any kind.  Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2000).  All Rights Rerved. Abstract
This memo reprents a republication of PKCS #9 v2.0 from RSA
Laboratories’ Public-Key Cryptography Standards (PKCS) ries, and
change control is retained within the PKCS process.  The body of this
document, except for the curity considerations ction, is taken
directly from that specification.
This memo provides a lection of object class and attribute types
for u in conjunction with public-key cryptography and Lightweight
Directory Access Protocol (LDAP) accessible directories.  It also
includes ASN.1 syntax for all constructs.
Table of Contents
1.  Introduction (2)
2.  Definitions, notation and document convention (2)
2.1  Definitions (2)
2.2  Notation and document convention (3)
3.  Overview (4)
4.  Auxiliary object class (5)
4.1  The "pkcsEntity" auxiliary object class (5)
4.2  The "naturalPerson" auxiliary object class (6)
5.  Selected attribute types (6)
5.1  Attribute types for u with the "pkcsEntity" object class .. 6
5.2  Attribute types for u with the "naturalPerson" object class 7
5.3  Attribute types for u in PKCS #7 data (12)
5.4  Attribute types for u in PKCS #10 certificate requests (16)
Nystrom & Kaliski            Informational                      [Page 1]
5.5  Attribute types for u in PKCS #12 "PFX" PDUs or PKCS #15
tokens (17)
5.6  Attributes defined in S/MIMIE (18)
6.  Matching rules (19)
6.1  Ca ignore match (19)
6.2  Signing time match (20)cpk是什么
7.  Security Considerations (20)
8.  Authors’ Address (21)
A.  ASN.1 module (22)
B.  BNF schema summary (30)
B.1  Syntaxes (30)
B.2  Object class (31)
B.3  Attribute types (32)
B.4  Matching rules (36)
C.  Intellectual property considerations (37)
D.  Revision history (37)
E.  References (39)
F.  Contact information & About PKCS (41)
Full Copyright Statement (41)
1. Introduction
另一个自己This document defines two new auxiliary object class, pkcsEntity
and naturalPerson, and lected attribute types for u with the
class.  It also defines some attribute types for u in conjunction    with PKCS #7 [14] (and S/MIME CMS [3]) digitally signed messages,
PKCS #10 [16] certificate-signing requests, PKCS #12 [17] personal
information exchanges and PKCS #15 [18] cryptographic tokens.
Matching rules for u with the attributes are also defined,
whenever necessary.
2. Definitions, notation and document conventions
2.1 Definitions
For the purpos of this document, the following definitions apply.
ASN.1          Abstract Syntax Notation One, as defined in [5].
Attributes      An ASN.1 type that specifies a t of attributes.
Each attribute contains an attribute type (specified                    by object identifier) and one or more attribute
values.  Some attribute types are restricted in their                    definition to have a single value; others may have
multiple values.  This type is defined in [7]. Nystrom & Kaliski            Informational                      [Page 2]
CertificationRequestInfo
An ASN.1 type that specifies a subject name, a public                    key, and a t of attributes.  This type is defined
in [16].
ContentInfo    An ASN.1 type that specifies content exchanged
between entities.  The contentType field, which has
type OBJECT IDENTIFIER, specifies the content type,
and the content field, who type is defined by the
contentType field, contains the content value.  This                    type is defined in [14] and [3].
PrivateKeyInfo  A type that specifies a private key and a t of
extended attributes.  This type and the associated
EncryptedPrivateKeyInfo type are defined in [15].
SignerInfo      A type that specifies per-signer information in the
signed-data content type, including a t of
attributes authenticated by the signer, and a t of                    attributes not authenticated by the signer.  This
type is defined in [14] and [3].
DER            Distinguished Encoding Rules for ASN.1, as defined in                    [6].
UCS            Universal Multiple-Octet Coded Character Set, as
defined in [11].
UTF8String      UCS Transformation Format encoded string.  The UTF-8                  encoding is defined in [11].
2.2 Notation and document conventions
In this document, all attribute type and object class definitions are    written in the ASN.1 value notation defined in [5].  Appendix B
contains most of the definitions written in the augmented BNF
notation defined in [2] as well.  This has been done in an attempt to    simplify the task of integrating this work into LDAP [22] development    environments.
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this    document are to be interpreted as described in [1].
Nystrom & Kaliski            Informational                      [Page 3]
3. Overview
This document specifies two new auxiliary object class, pkcsEntity    and naturalPerson, and some new attribute types and matching rules.
All ASN.1 object class, attributes, matching rules and types are
exported for u in other environments.
建群怎么建Attribute types defined in this document that are uful in
conjunction with storage of PKCS-related data and the pkcsEntity
object class includes PKCS #12 PFX PDUs, PKCS #15 tokens and
encrypted private keys.不耐烦的近义词
Attribute types defined in this document that are uful in
conjunction with PKCS #10 certificate requests and the naturalPerson    object class includes electronic-mail address, pudonym,
unstructured name, and unstructured address.
Attribute types defined in this document that are uful in PKCS #7
digitally signed messages are content type, message digest, signing
网购团购
time, quence number, random nonce and countersignature.  The
attributes would be ud in the authenticatedAttributes and
unauthenticatedAttributes fields of a SignerInfo or an
AuthenticatedData ([3]) value.
Attribute types that are uful especially in PKCS #10 certification    requests are the challenge password and the extension-request
attribute.  The attributes would be ud in the attributes field of a    CertificationRequestInfo value.
Note - The attributes types (from [8]) in Table 1, and probably
veral others, might also be helpful in PKCS #10, PKCS #12 and PKCS    #15-aware applications.
Nystrom & Kaliski            Informational                      [Page 4]
businessCategory            preferredDeliveryMethod
commonName                  prentationAddress
countryName                registeredAddress
description                roleOccupant
destinationIndicator        rialNumber
facsimileTelephoneNumber    stateOrProvinceName
iSDNAddress                streetAddress
localityName                supportedApplicationContext
member                      surname
objectClass                telephoneNumber
organizationName            teletexTerminalIdentifier
physicalDeliveryOfficeName  telexNumber
postalAddress              title学习的英语怎么说
postalCode                  x121Address
postOfficeBox
Table 1: ISO/IEC 9594-6 attribute types uful in PKCS documents
4. Auxiliary object class
This document defines two new auxiliary object class: pkcsEntity
and naturalPerson.
4.1 The pkcsEntity auxiliary object class
The pkcsEntity object class is a general-purpo auxiliary object
class that is intended to hold attributes about PKCS-related
entities.  It has been designed for u within directory rvices
bad on the LDAP protocol [22] and the X.500 family of protocols,
where support for PKCS-defined attributes is considered uful.
pkcsEntity OBJECT-CLASS ::=    {
SUBCLASS OF { top }
KIND auxiliary
MAY CONTAIN { PKCSEntityAttributeSet }
ID pkcs-9-oc-pkcsEntity
}
PKCSEntityAttributeSet ATTRIBUTE ::= {
pKCS7PDU |
urPKCS12 |
pKCS15Token |
encryptedPrivateKeyInfo,
... -- For future extensions
}
Attributes in the PKCSEntityAttributeSet are defined in Section 5. Nystrom & Kaliski            Informational                      [Page 5]
4.2 The naturalPerson auxiliary object class
心灵的感悟The naturalPerson object class is a general-purpo auxiliary object    class that is intended to hold attributes about human beings.  It has    been designed for u within directory rvices bad on the LDAP
protocol [22] and the X.500 family of protocols, where support for
the attributes is considered uful.
naturalPerson OBJECT-CLASS      ::=    {
SUBCLASS OF { top }
KIND auxiliary
MAY CONTAIN { NaturalPersonAttributeSet }
ID pkcs-9-oc-naturalPerson
}
NaturalPersonAttributeSet ATTRIBUTE ::= {
emailAddress |
unstructuredName |
unstructuredAddress |
dateOfBirth |
placeOfBirth |
gender |
countryOfCitizenship |
countryOfResidence |
pudonym |
rialNumber,
... -- For future extensions
}
Attributes in the NaturalPersonAttributeSet are defined in Section 5.
5. Selected attribute types
5.1 Attribute types for u with the "pkcsEntity" object class
5.1.1 PKCS #7 PDU
PKCS #7 provides veral formats for enveloped, signed and otherwi    protected data.  When such information is stored in a directory
rvice, the pKCS7PDU attribute may be ud.
pKCS7PDU ATTRIBUTE ::= {
WITH SYNTAX ContentInfo
ID pkcs-9-at-pkcs7PDU
}
Nystrom & Kaliski            Informational                      [Page 6]

本文发布于:2023-08-03 12:24:09,感谢您对本站的认可!

本文链接:https://www.wtabcd.cn/fanwen/fan/82/1127636.html

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系,我们将在24小时内删除。

标签:网购   感悟   团购
相关文章
留言与评论(共有 0 条评论)
   
验证码:
推荐文章
排行榜
Copyright ©2019-2022 Comsenz Inc.Powered by © 专利检索| 网站地图