diff options
| author | Rob Austein <sra@hactrn.net> | 2007-08-02 00:17:08 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2007-08-02 00:17:08 +0000 |
| commit | eab07d8a5c316d30cc989b77a03e4ca3aaeaaf39 (patch) | |
| tree | 181a6bfcfd6976be497374751915c892d2212a8e | |
| parent | 725a41eec566141607dcac421ca13b2d75d5445e (diff) | |
Update from Peter Gutmann's web site
svn path=/pow/POW-0.7/dumpasn1.cfg; revision=815
| -rw-r--r-- | pow/POW-0.7/dumpasn1.cfg | 2218 |
1 files changed, 1632 insertions, 586 deletions
diff --git a/pow/POW-0.7/dumpasn1.cfg b/pow/POW-0.7/dumpasn1.cfg index 1aa6fedd..fb44501d 100644 --- a/pow/POW-0.7/dumpasn1.cfg +++ b/pow/POW-0.7/dumpasn1.cfg @@ -1,7 +1,7 @@ # dumpasn1 Object Identifier configuration file, available from # http://www.cs.auckland.ac.nz/~pgut001/dumpasn1.cfg. This is read by # dumpasn1.c and is used to display information on Object Identifiers found in -# ASN.1 objects. This is merely a list of things which you might conceivably +# ASN.1 objects. This is merely a list of things that you might conceivably # find in use somewhere, and should in no way be taken as a guide to which OIDs # to use - many of these will never been seen in the wild, or should be shot on # sight if encountered. @@ -16,6 +16,10 @@ # - Attributes are listed one per line. The first attribute should be an 'OID' # attribute since this is used to denote the start of a new OID description. # The other attributes may be given in any order. +# - Offical attribute names vary widely depending on who's creating them. In +# an attempt at avoiding a confusing mass of naming styles, this file aims +# for consistency by normalising the naming for attributes, however this +# means that the name used here may not entirely match the actual name. # # See the rest of this file for examples of what an OID description should look # like. @@ -233,15 +237,13 @@ OID = 06 08 02 82 06 01 0A 01 04 01 Comment = Telesec mechanism Description = reedSolomon (0 2 262 1 10 1 4 1) -#OID = 06 06 02 82 06 01 0A 02 -#Comment = Telesec -#Description = module (0 2 262 1 10 2) -# conflicts with more useful definition +OID = 06 06 02 82 06 01 0A 02 +Comment = Telesec +Description = module (0 2 262 1 10 2) -#OID = 06 07 02 82 06 01 0A 02 00 -#Comment = Telesec module -#Description = algorithms (0 2 262 1 10 2 0) -# conflicts with more useful definition +OID = 06 07 02 82 06 01 0A 02 00 +Comment = Telesec module +Description = algorithms (0 2 262 1 10 2 0) OID = 06 07 02 82 06 01 0A 02 01 Comment = Telesec module @@ -299,19 +301,17 @@ OID = 06 07 02 82 06 01 0A 02 0E Comment = Telesec module Description = telesecTtpTimeStampApplication (0 2 262 1 10 2 14) -#OID = 06 06 02 82 06 01 0A 03 -#Comment = Telesec -#Description = objectClass (0 2 262 1 10 3) -# conflicts with more useful definition +OID = 06 06 02 82 06 01 0A 03 +Comment = Telesec +Description = objectClass (0 2 262 1 10 3) OID = 06 07 02 82 06 01 0A 03 00 Comment = Telesec object class Description = telesecOtherName (0 2 262 1 10 3 0) -#OID = 06 07 02 82 06 01 0A 03 01 -#Comment = Telesec object class -#Description = directory (0 2 262 1 10 3 1) -# conflicts with more useful definition +OID = 06 07 02 82 06 01 0A 03 01 +Comment = Telesec object class +Description = directory (0 2 262 1 10 3 1) OID = 06 07 02 82 06 01 0A 03 02 Comment = Telesec object class @@ -341,19 +341,17 @@ OID = 06 06 02 82 06 01 0A 06 Comment = Telesec Description = nameBinding (0 2 262 1 10 6) -#OID = 06 06 02 82 06 01 0A 07 -#Comment = Telesec -#Description = attribute (0 2 262 1 10 7) -# conflicts with more useful definition +OID = 06 06 02 82 06 01 0A 07 +Comment = Telesec +Description = attribute (0 2 262 1 10 7) OID = 06 07 02 82 06 01 0A 07 00 Comment = Telesec attribute Description = applicationGroupIdentifier (0 2 262 1 10 7 0) -#OID = 06 07 02 82 06 01 0A 07 01 -#Comment = Telesec attribute -#Description = certificateType (0 2 262 1 10 7 1) -# conflicts with more useful definition +OID = 06 07 02 82 06 01 0A 07 01 +Comment = Telesec attribute +Description = certificateType (0 2 262 1 10 7 1) OID = 06 07 02 82 06 01 0A 07 02 Comment = Telesec attribute @@ -363,10 +361,9 @@ OID = 06 07 02 82 06 01 0A 07 03 Comment = Telesec attribute Description = certificateNumber (0 2 262 1 10 7 3) -#OID = 06 07 02 82 06 01 0A 07 04 -#Comment = Telesec attribute -#Description = certificateRevocationList (0 2 262 1 10 7 4) -# conflicts with more useful definition +OID = 06 07 02 82 06 01 0A 07 04 +Comment = Telesec attribute +Description = certificateRevocationList (0 2 262 1 10 7 4) OID = 06 07 02 82 06 01 0A 07 05 Comment = Telesec attribute @@ -461,10 +458,9 @@ OID = 06 07 02 82 06 01 0A 07 1B Comment = Telesec attribute Description = ctlFileIsArchive (0 2 262 1 10 7 27) -#OID = 06 07 02 82 06 01 0A 07 1C -#Comment = Telesec attribute -#Description = emailAddress (0 2 262 1 10 7 28) -# conflicts with more useful definition +OID = 06 07 02 82 06 01 0A 07 1C +Comment = Telesec attribute +Description = emailAddress (0 2 262 1 10 7 28) OID = 06 07 02 82 06 01 0A 07 1D Comment = Telesec attribute @@ -550,9 +546,11 @@ OID = 06 06 02 82 06 01 0A 0C Comment = Telesec Description = certAndCrlExtensionDefinitions (0 2 262 1 10 12) +# ISIS-MTT SigG-Profile: Indicates that an attribute certificate +# exists, which limits the usability of this public key certificate. OID = 06 07 02 82 06 01 0A 0C 00 Comment = Telesec cert/CRL extension -Description = certExtensionLiabilityLimitationExt (0 2 262 1 10 12 0) +Description = liabilityLimitationFlag (0 2 262 1 10 12 0) OID = 06 07 02 82 06 01 0A 0C 01 Comment = Telesec cert/CRL extension @@ -578,6 +576,176 @@ OID = 06 07 02 82 06 01 0A 0C 06 Comment = Telesec cert/CRL extension Description = telesecNamingAuthorityExt (0 2 262 1 10 12 6) +# BSI e-Pass (TR-03110/TR-03111). TA = Terminal Authentication (Passport +# PKI with monthly global cert updates), CA = Chip Authentication +# (Auth using static [EC]DH). + +OID = 06 05 04 00 7F 00 07 +Comment = BSI TR-03110/TR-03111 +Description = bsi (0 4 0 127 0 7) + +OID = 06 06 04 00 7F 00 07 01 +Comment = BSI TR-03111 +Description = bsiEcc (0 4 0 127 0 7 1) + +OID = 06 07 04 00 7F 00 07 01 01 +Comment = BSI TR-03111 +Description = bsifieldType (0 4 0 127 0 7 1 1) + +OID = 06 08 04 00 7F 00 07 01 01 01 +Comment = BSI TR-03111 +Description = bsiPrimeField (0 4 0 127 0 7 1 1 1) + +OID = 06 08 04 00 7F 00 07 01 01 02 +Comment = BSI TR-03111 +Description = bsiCharacteristicTwoField (0 4 0 127 0 7 1 1 2) + +OID = 06 09 04 00 7F 00 07 01 01 02 03 +Comment = BSI TR-03111 +Description = bsiCharacteristicTwoBasis (0 4 0 127 0 7 1 1 2 3) + +OID = 06 0A 04 00 7F 00 07 01 01 02 03 01 +Comment = BSI TR-03111 +Description = bsiGnBasis (0 4 0 127 0 7 1 1 2 3 1) + +OID = 06 09 04 00 7F 00 07 01 01 02 03 02 +Comment = BSI TR-03111 +Description = bsiTpBasis (0 4 0 127 0 7 1 1 2 3 2) + +OID = 06 09 04 00 7F 00 07 01 01 02 03 03 +Comment = BSI TR-03111 +Description = bsiPpBasis (0 4 0 127 0 7 1 1 2 3 3) + +OID = 06 07 04 00 7F 00 07 01 02 +Comment = BSI TR-03111 +Description = bsiEcKeyType (0 4 0 127 0 7 1 2) + +OID = 06 08 04 00 7F 00 07 01 02 01 +Comment = BSI TR-03111 +Description = bsiEcPublicKey (0 4 0 127 0 7 1 2 1) + +OID = 06 08 04 00 7F 00 07 01 04 01 +Comment = BSI TR-03111 +Description = bsiEcdsaSignatures (0 4 0 127 0 7 1 4 1) + +OID = 06 09 04 00 7F 00 07 01 04 01 01 +Comment = BSI TR-03111 +Description = bsiEcdsaWithSHA1 (0 4 0 127 0 7 1 4 1 1) + +OID = 06 09 04 00 7F 00 07 01 04 01 02 +Comment = BSI TR-03111 +Description = bsiEcdsaWithSHA224 (0 4 0 127 0 7 1 4 1 2) + +OID = 06 09 04 00 7F 00 07 01 04 01 03 +Comment = BSI TR-03111 +Description = bsiEcdsaWithSHA256 (0 4 0 127 0 7 1 4 1 3) + +OID = 06 09 04 00 7F 00 07 01 04 01 04 +Comment = BSI TR-03111 +Description = bsiEcdsaWithSHA384 (0 4 0 127 0 7 1 4 1 4) + +OID = 06 09 04 00 7F 00 07 01 04 01 05 +Comment = BSI TR-03111 +Description = bsiEcdsaWithSHA512 (0 4 0 127 0 7 1 4 1 5) + +OID = 06 09 04 00 7F 00 07 01 04 01 06 +Comment = BSI TR-03111 +Description = bsiEcdsaWithRIPEMD160 (0 4 0 127 0 7 1 4 1 6) + +OID = 06 08 04 00 7F 00 07 01 05 01 +Comment = BSI TR-03111 +Description = bsiKaeg (0 4 0 127 0 7 1 5 1) + +OID = 06 09 04 00 7F 00 07 01 05 01 01 +Comment = BSI TR-03111 +Description = bsiKaegWithX963KDF (0 4 0 127 0 7 1 5 1 1) + +OID = 06 09 04 00 7F 00 07 01 05 01 02 +Comment = BSI TR-03111 +Description = bsiKaegWith3DESKDF (0 4 0 127 0 7 1 5 1 2) + +OID = 06 08 04 00 7F 00 07 02 02 01 +Comment = BSI TR-03110 +Description = bsiCA (0 4 0 127 0 7 2 2 1) + +OID = 06 09 04 00 7F 00 07 02 02 01 01 +Comment = BSI TR-03110 +Description = bsiCA_DH (0 4 0 127 0 7 2 2 1 1) + +OID = 06 09 04 00 7F 00 07 02 02 01 02 +Comment = BSI TR-03110 +Description = bsiCA_ECDH (0 4 0 127 0 7 2 2 1 2) + +OID = 06 08 04 00 7F 00 07 02 02 02 +Comment = BSI TR-03110 +Description = bsiTA (0 4 0 127 0 7 2 2 2) + +OID = 06 09 04 00 7F 00 07 02 02 02 01 +Comment = BSI TR-03110 +Description = bsiTA_RSA (0 4 0 127 0 7 2 2 2 1) + +OID = 06 0A 04 00 7F 00 07 02 02 02 01 01 +Comment = BSI TR-03110 +Description = bsiTA_RSAv1_5_SHA1 (0 4 0 127 0 7 2 2 2 1 1) + +OID = 06 0A 04 00 7F 00 07 02 02 02 01 02 +Comment = BSI TR-03110 +Description = bsiTA_RSAv1_5_SHA256 (0 4 0 127 0 7 2 2 2 1 2) + +OID = 06 0A 04 00 7F 00 07 02 02 02 01 03 +Comment = BSI TR-03110 +Description = bsiTA_RSAPSS_SHA1 (0 4 0 127 0 7 2 2 2 1 3) + +OID = 06 0A 04 00 7F 00 07 02 02 02 01 04 +Comment = BSI TR-03110 +Description = bsiTA_RSAPSS_SHA256 (0 4 0 127 0 7 2 2 2 1 4) + +OID = 06 09 04 00 7F 00 07 02 02 02 02 +Comment = BSI TR-03110 +Description = bsiTA_ECDSA (0 4 0 127 0 7 2 2 2 2) + +OID = 06 0A 04 00 7F 00 07 02 02 02 02 01 +Comment = BSI TR-03110 +Description = bsiTA_ECDSA_SHA1 (0 4 0 127 0 7 2 2 2 2 1) + +OID = 06 0A 04 00 7F 00 07 02 02 02 02 02 +Comment = BSI TR-03110 +Description = bsiTA_ECDSA_SHA224 (0 4 0 127 0 7 2 2 2 2 2) + +OID = 06 0A 04 00 7F 00 07 02 02 02 02 03 +Comment = BSI TR-03110 +Description = bsiTA_ECDSA_SHA256 (0 4 0 127 0 7 2 2 2 2 3) + +OID = 06 08 04 00 7F 00 07 03 01 02 +Comment = BSI TR-03110 +Description = bsiRoleEAC (0 4 0 127 0 7 3 1 2) + +# ETSI TS 101 862 V1.3.3 (2006-01), Qualified certificate profile + +OID = 06 04 04 00 8E 46 +Comment = ETSI TS 101 862 qualified certificates +Description = etsiQcsProfile (0 4 0 1862) + +OID = 06 05 04 00 8E 46 01 +Comment = ETSI TS 101 862 qualified certificates +Description = etsiQcs (0 4 0 1862 1) + +OID = 06 06 04 00 8E 46 01 01 +Comment = ETSI TS 101 862 qualified certificates +Description = etsiQcsCompliance (0 4 0 1862 1 1) + +OID = 06 06 04 00 8E 46 01 02 +Comment = ETSI TS 101 862 qualified certificates +Description = etsiQcsLimitValue (0 4 0 1862 1 2) + +OID = 06 06 04 00 8E 46 01 03 +Comment = ETSI TS 101 862 qualified certificates +Description = etsiQcsRetentionPeriod (0 4 0 1862 1 3) + +OID = 06 06 04 00 8E 46 01 04 +Comment = ETSI TS 101 862 qualified certificates +Description = etsiQcsQcSSCD (0 4 0 1862 1 4) + # RFC 1274 (X.500 attribute collection from the UK, thus the weird OID). OID = 06 0A 09 92 26 89 93 F2 2C 64 01 01 @@ -589,13 +757,21 @@ Comment = Some oddball X.500 attribute collection Description = rfc822Mailbox (0 9 2342 19200300 100 1 3) # RFC 2247, How to Kludge an FQDN as a DN (or words to that effect), another -# fine product of the UK. +# fine product of the UK (also present in the above mentioned RFC 1274). OID = 06 0A 09 92 26 89 93 F2 2C 64 01 19 Comment = Men are from Mars, this OID is from Pluto Description = domainComponent (0 9 2342 19200300 100 1 25) -# Certificates Australia +# Australian Government + +OID = 06 06 2A 24 01 82 4D 01 +Comment = Australian Government corporate taxpayer ID +Description = australianBusinessNumber (1 2 36 1 333 1) + +# Certificates Australia (Australia use the corporate tax identifier (ABN) +# as de facto unique identifiers in OIDs, thus the bizarre fourth value. +# See also Signet and other Australian corporate OIDs). OID = 06 0A 2A 24 A4 97 A3 53 01 64 01 01 Comment = Certificates Australia CA @@ -629,11 +805,11 @@ Description = Signet policyIdentifier (1 2 36 68980861 1 1 20) # Mitsubishi -OID = 06 0B 2A 83 08 8C 1A 4B 3D 01 01 01 +OID = 06 0A 2A 83 08 8C 1A 4B 3D 01 01 01 Comment = Mitsubishi security algorithm Description = symmetric-encryption-algorithm (1 2 392 200011 61 1 1 1) -OID = 06 0C 2A 83 08 8C 9A 4B 3D 01 01 01 01 +OID = 06 0B 2A 83 08 8C 9A 4B 3D 01 01 01 01 Comment = Mitsubishi security algorithm Description = misty1-cbc (1 2 392 200011 61 1 1 1 1) @@ -665,10 +841,9 @@ Description = SEIS at-personalIdentifier (1 2 752 34 3 1) # ANSI X9.57 -#OID = 06 06 2A 86 48 CE 38 01 -#Comment = ANSI X9.57 -#Description = module (1 2 840 10040 1) -# conflicts with more useful definition +OID = 06 06 2A 86 48 CE 38 01 +Comment = ANSI X9.57 +Description = module (1 2 840 10040 1) OID = 06 07 2A 86 48 CE 38 01 01 Comment = ANSI X9.57 module @@ -694,24 +869,21 @@ OID = 06 07 2A 86 48 CE 38 02 04 Comment = ANSI X9.57 hold instruction Description = pickupToken (1 2 840 10040 2 4) -#OID = 06 06 2A 86 48 CE 38 03 -#Comment = ANSI X9.57 -#Description = attribute (1 2 840 10040 3) -# conflicts with more useful definition +OID = 06 06 2A 86 48 CE 38 03 +Comment = ANSI X9.57 +Description = attribute (1 2 840 10040 3) -#OID = 06 06 2A 86 48 CE 38 03 01 -#Comment = ANSI X9.57 attribute -#Description = countersignature (1 2 840 10040 3 1) -# conflicts with more useful definition +OID = 06 06 2A 86 48 CE 38 03 01 +Comment = ANSI X9.57 attribute +Description = countersignature (1 2 840 10040 3 1) OID = 06 06 2A 86 48 CE 38 03 02 Comment = ANSI X9.57 attribute Description = attribute-cert (1 2 840 10040 3 2) -#OID = 06 06 2A 86 48 CE 38 04 -#Comment = ANSI X9.57 -#Description = algorithm (1 2 840 10040 4) -# conflicts with more useful definition +OID = 06 06 2A 86 48 CE 38 04 +Comment = ANSI X9.57 +Description = algorithm (1 2 840 10040 4) OID = 06 07 2A 86 48 CE 38 04 01 Comment = ANSI X9.57 algorithm @@ -727,10 +899,9 @@ Description = dsaWithSha1 (1 2 840 10040 4 3) # ANSI X9.62 -#OID = 06 06 2A 86 48 CE 3D 01 -#Comment = ANSI X9.62. This OID is also assigned as ecdsa-with-SHA1 -#Description = fieldType (1 2 840 10045 1) -# conflicts with more useful definition +OID = 06 06 2A 86 48 CE 3D 01 +Comment = ANSI X9.62. This OID is also assigned as ecdsa-with-SHA1 +Description = fieldType (1 2 840 10045 1) OID = 06 07 2A 86 48 CE 3D 01 01 Comment = ANSI X9.62 field type @@ -740,19 +911,19 @@ OID = 06 07 2A 86 48 CE 3D 01 02 Comment = ANSI X9.62 field type Description = characteristic-two-field (1 2 840 10045 1 2) -OID = 06 09 2A 86 48 CE 3D 01 02 03 +OID = 06 08 2A 86 48 CE 3D 01 02 03 Comment = ANSI X9.62 field type Description = characteristic-two-basis (1 2 840 10045 1 2 3) -OID = 06 0A 2A 86 48 CE 3D 01 02 03 01 +OID = 06 09 2A 86 48 CE 3D 01 02 03 01 Comment = ANSI X9.62 field basis Description = onBasis (1 2 840 10045 1 2 3 1) -OID = 06 0A 2A 86 48 CE 3D 01 02 03 02 +OID = 06 09 2A 86 48 CE 3D 01 02 03 02 Comment = ANSI X9.62 field basis Description = tpBasis (1 2 840 10045 1 2 3 2) -OID = 06 0A 2A 86 48 CE 3D 01 02 03 03 +OID = 06 09 2A 86 48 CE 3D 01 02 03 03 Comment = ANSI X9.62 field basis Description = ppBasis (1 2 840 10045 1 2 3 3) @@ -768,6 +939,126 @@ OID = 06 07 2A 86 48 CE 3D 02 01 Comment = ANSI X9.62 public key type Description = ecPublicKey (1 2 840 10045 2 1) +OID = 06 08 2A 86 48 CE 3D 03 00 01 +Comment = ANSI X9.62 named elliptic curve +Description = c2pnb163v1 (1 2 840 10045 3 0 1) + +OID = 06 08 2A 86 48 CE 3D 03 00 02 +Comment = ANSI X9.62 named elliptic curve +Description = c2pnb163v2 (1 2 840 10045 3 0 2) + +OID = 06 08 2A 86 48 CE 3D 03 00 03 +Comment = ANSI X9.62 named elliptic curve +Description = c2pnb163v3 (1 2 840 10045 3 0 3) + +OID = 06 08 2A 86 48 CE 3D 03 00 05 +Comment = ANSI X9.62 named elliptic curve +Description = c2tnb191v1 (1 2 840 10045 3 0 5) + +OID = 06 08 2A 86 48 CE 3D 03 00 06 +Comment = ANSI X9.62 named elliptic curve +Description = c2tnb191v2 (1 2 840 10045 3 0 6) + +OID = 06 08 2A 86 48 CE 3D 03 00 07 +Comment = ANSI X9.62 named elliptic curve +Description = c2tnb191v3 (1 2 840 10045 3 0 7) + +OID = 06 08 2A 86 48 CE 3D 03 00 0A +Comment = ANSI X9.62 named elliptic curve +Description = c2pnb208w1 (1 2 840 10045 3 0 10) + +OID = 06 08 2A 86 48 CE 3D 03 00 0B +Comment = ANSI X9.62 named elliptic curve +Description = c2tnb239v1 (1 2 840 10045 3 0 11) + +OID = 06 08 2A 86 48 CE 3D 03 00 0C +Comment = ANSI X9.62 named elliptic curve +Description = c2tnb239v2 (1 2 840 10045 3 0 12) + +OID = 06 08 2A 86 48 CE 3D 03 00 0D +Comment = ANSI X9.62 named elliptic curve +Description = c2tnb239v3 (1 2 840 10045 3 0 13) + +OID = 06 08 2A 86 48 CE 3D 03 00 10 +Comment = ANSI X9.62 named elliptic curve +Description = c2pnb272w1 (1 2 840 10045 3 0 16) + +OID = 06 08 2A 86 48 CE 3D 03 00 12 +Comment = ANSI X9.62 named elliptic curve +Description = c2tnb359v1 (1 2 840 10045 3 0 18) + +OID = 06 08 2A 86 48 CE 3D 03 00 13 +Comment = ANSI X9.62 named elliptic curve +Description = c2pnb368w1 (1 2 840 10045 3 0 19) + +OID = 06 08 2A 86 48 CE 3D 03 00 14 +Comment = ANSI X9.62 named elliptic curve +Description = c2tnb431r1 (1 2 840 10045 3 0 20) + +OID = 06 08 2A 86 48 CE 3D 03 01 01 +Comment = ANSI X9.62 named elliptic curve +Description = ansiX9p192r1 (1 2 840 10045 3 1 1) + +OID = 06 09 2A 86 48 CE 3D 03 01 01 01 +Comment = ANSI X9.62 named elliptic curve +Description = prime192v1 (1 2 840 10045 3 1 1 1) + +OID = 06 09 2A 86 48 CE 3D 03 01 01 02 +Comment = ANSI X9.62 named elliptic curve +Description = prime192v2 (1 2 840 10045 3 1 1 2) + +OID = 06 09 2A 86 48 CE 3D 03 01 01 03 +Comment = ANSI X9.62 named elliptic curve +Description = prime192v3 (1 2 840 10045 3 1 1 3) + +OID = 06 09 2A 86 48 CE 3D 03 01 01 04 +Comment = ANSI X9.62 named elliptic curve +Description = prime239v1 (1 2 840 10045 3 1 1 4) + +OID = 06 09 2A 86 48 CE 3D 03 01 01 05 +Comment = ANSI X9.62 named elliptic curve +Description = prime239v2 (1 2 840 10045 3 1 1 5) + +OID = 06 09 2A 86 48 CE 3D 03 01 01 06 +Comment = ANSI X9.62 named elliptic curve +Description = prime239v3 (1 2 840 10045 3 1 1 6) + +OID = 06 09 2A 86 48 CE 3D 03 01 01 07 +Comment = ANSI X9.62 named elliptic curve +Description = prime256v1 (1 2 840 10045 3 1 1 7) + +OID = 06 08 2A 86 48 CE 3D 03 01 07 +Comment = ANSI X9.62 named elliptic curve +Description = ansiX9p256r1 (1 2 840 10045 3 1 7) + +OID = 06 07 2A 86 48 CE 3D 04 01 +Comment = ANSI X9.62 ECDSA algorithm with SHA1 +Description = ecdsaWithSHA1 (1 2 840 10045 4 1) + +OID = 06 07 2A 86 48 CE 3D 04 02 +Comment = ANSI X9.62 ECDSA algorithm with Recommended +Description = ecdsaWithRecommended (1 2 840 10045 4 2) + +OID = 06 07 2A 86 48 CE 3D 04 03 +Comment = ANSI X9.62 ECDSA algorithm with Specified +Description = ecdsaWithSpecified (1 2 840 10045 4 3) + +OID = 06 08 2A 86 48 CE 3D 04 03 01 +Comment = ANSI X9.62 ECDSA algorithm with SHA224 +Description = ecdsaWithSHA224 (1 2 840 10045 4 3 1) + +OID = 06 08 2A 86 48 CE 3D 04 03 02 +Comment = ANSI X9.62 ECDSA algorithm with SHA256 +Description = ecdsaWithSHA256 (1 2 840 10045 4 3 2) + +OID = 06 08 2A 86 48 CE 3D 04 03 03 +Comment = ANSI X9.62 ECDSA algorithm with SHA384 +Description = ecdsaWithSHA384 (1 2 840 10045 4 3 3) + +OID = 06 08 2A 86 48 CE 3D 04 03 04 +Comment = ANSI X9.62 ECDSA algorithm with SHA512 +Description = ecdsaWithSHA512 (1 2 840 10045 4 3 4) + # ANSI X9.42 OID = 06 06 2A 86 48 CE 3E 01 @@ -814,6 +1105,20 @@ OID = 06 07 2A 86 48 CE 3E 03 06 Comment = ANSI X9.42 scheme Description = mqv1 (1 2 840 10046 3 6) +# ASTM 31.20 + +OID = 06 07 2A 86 48 CE 51 02 02 +Comment = ASTM 31.20 +Description = ? (1 2 840 10065 2 2) + +OID = 06 07 2A 86 48 CE 51 02 03 +Comment = ASTM 31.20 +Description = healthcareLicense (1 2 840 10065 2 3) + +OID = 06 09 2A 86 48 CE 51 02 03 01 01 +Comment = ASTM 31.20 healthcare license type +Description = license? (1 2 840 10065 2 3 1 1) + # Nortel Secure Networks/Entrust OID = 06 07 2A 86 48 86 F6 7D 07 @@ -823,48 +1128,48 @@ OID = 06 08 2A 86 48 86 F6 7D 07 41 Description = nsn-ce (1 2 840 113533 7 65) OID = 06 09 2A 86 48 86 F6 7D 07 41 00 -Comment = Nortel Secure Networks ce (1 2 840 113533 7 65) +Comment = Nortel Secure Networks ce Description = entrustVersInfo (1 2 840 113533 7 65 0) OID = 06 08 2A 86 48 86 F6 7D 07 42 Description = nsn-alg (1 2 840 113533 7 66) OID = 06 09 2A 86 48 86 F6 7D 07 42 03 -Comment = Nortel Secure Networks alg (1 2 840 113533 7 66) +Comment = Nortel Secure Networks alg Description = cast3CBC (1 2 840 113533 7 66 3) OID = 06 09 2A 86 48 86 F6 7D 07 42 0A -Comment = Nortel Secure Networks alg (1 2 840 113533 7 66) +Comment = Nortel Secure Networks alg Description = cast5CBC (1 2 840 113533 7 66 10) OID = 06 09 2A 86 48 86 F6 7D 07 42 0B -Comment = Nortel Secure Networks alg (1 2 840 113533 7 66) +Comment = Nortel Secure Networks alg Description = cast5MAC (1 2 840 113533 7 66 11) OID = 06 09 2A 86 48 86 F6 7D 07 42 0C -Comment = Nortel Secure Networks alg (1 2 840 113533 7 66) +Comment = Nortel Secure Networks alg Description = pbeWithMD5AndCAST5-CBC (1 2 840 113533 7 66 12) OID = 06 09 2A 86 48 86 F6 7D 07 42 0D -Comment = Nortel Secure Networks alg (1 2 840 113533 7 66) +Comment = Nortel Secure Networks alg Description = passwordBasedMac (1 2 840 113533 7 66 13) OID = 06 08 2A 86 48 86 F6 7D 07 43 Description = nsn-oc (1 2 840 113533 7 67) OID = 06 09 2A 86 48 86 F6 7D 07 43 0C -Comment = Nortel Secure Networks oc (1 2 840 113533 7 67) +Comment = Nortel Secure Networks oc Description = entrustUser (1 2 840 113533 7 67 0) OID = 06 08 2A 86 48 86 F6 7D 07 44 Description = nsn-at (1 2 840 113533 7 68) OID = 06 09 2A 86 48 86 F6 7D 07 44 00 -Comment = Nortel Secure Networks at (1 2 840 113533 7 68) +Comment = Nortel Secure Networks at Description = entrustCAInfo (1 2 840 113533 7 68 0) OID = 06 09 2A 86 48 86 F6 7D 07 44 0A -Comment = Nortel Secure Networks at (1 2 840 113533 7 68) +Comment = Nortel Secure Networks at Description = attributeCertificate (1 2 840 113533 7 68 10) # PKCS #1 @@ -892,14 +1197,41 @@ OID = 06 09 2A 86 48 86 F7 0D 01 01 05 Comment = PKCS #1 Description = sha1withRSAEncryption (1 2 840 113549 1 1 5) +OID = 06 09 2A 86 48 86 F7 0D 01 01 07 +Comment = PKCS #1 +Description = rsaOAEP (1 2 840 113549 1 1 7) + +OID = 06 09 2A 86 48 86 F7 0D 01 01 08 +Comment = PKCS #1 +Description = rsaOAEP-MGF (1 2 840 113549 1 1 8) + +OID = 06 09 2A 86 48 86 F7 0D 01 01 09 +Comment = PKCS #1 +Description = rsaOAEP-pSpecified (1 2 840 113549 1 1 9) + +OID = 06 09 2A 86 48 86 F7 0D 01 01 0A +Comment = PKCS #1 +Description = rsaPSS (1 2 840 113549 1 1 10) + +OID = 06 09 2A 86 48 86 F7 0D 01 01 0B +Comment = PKCS #1 +Description = sha256WithRSAEncryption (1 2 840 113549 1 1 11) + +OID = 06 09 2A 86 48 86 F7 0D 01 01 0C +Comment = PKCS #1 +Description = sha384WithRSAEncryption (1 2 840 113549 1 1 12) + +OID = 06 09 2A 86 48 86 F7 0D 01 01 0D +Comment = PKCS #1 +Description = sha512WithRSAEncryption (1 2 840 113549 1 1 13) + # There is some confusion over the identity of the following OID. The OAEP # one is more recent, but independant vendors have already used the RIPEMD # one, however it's likely that SET will be a bigger hammer (at least as a # standard) so we report it as that. OID = 06 09 2A 86 48 86 F7 0D 01 01 06 Comment = PKCS #1. This OID may also be assigned as ripemd160WithRSAEncryption -#Description = rsaOAEPEncryptionSET (1 2 840 113549 1 1 6) -Description = ripemd160WithRSAEncryption (1 2 840 113549 1 1 6) +Description = rsaOAEPEncryptionSET (1 2 840 113549 1 1 6) # ripemd160WithRSAEncryption (1 2 840 113549 1 1 6) # BSAFE/PKCS #2 (obsolete) @@ -912,7 +1244,7 @@ Warning # PKCS #3 OID = 06 08 2A 86 48 86 F7 0D 01 03 -Description = pkcs-3 (1 2 840 113549 1 3) +Description = pkcs-3 OID = 06 09 2A 86 48 86 F7 0D 01 03 01 Comment = PKCS #3 @@ -920,8 +1252,8 @@ Description = dhKeyAgreement (1 2 840 113549 1 3 1) # PKCS #5 -OID = 06 09 2A 86 48 86 F7 0D 01 05 -Description = pkcs-5 (1 2 840 113549 1 5) +OID = 06 08 2A 86 48 86 F7 0D 01 05 +Description = pkcs-5 OID = 06 09 2A 86 48 86 F7 0D 01 05 01 Comment = PKCS #5 @@ -962,8 +1294,8 @@ Description = pkcs5PBMAC1 (1 2 840 113549 1 5 14) # PKCS #7 -OID = 06 09 2A 86 48 86 F7 0D 01 07 -Description = pkcs-7 (1 2 840 113549 1 7) +OID = 06 08 2A 86 48 86 F7 0D 01 07 +Description = pkcs-7 OID = 06 09 2A 86 48 86 F7 0D 01 07 01 Comment = PKCS #7 @@ -1001,411 +1333,480 @@ Warning # PKCS #9 -OID = 06 09 2A 86 48 86 F7 0D 01 09 +OID = 06 08 2A 86 48 86 F7 0D 01 09 Description = pkcs-9 (1 2 840 113549 1 9) OID = 06 09 2A 86 48 86 F7 0D 01 09 01 -Comment = PKCS #9 (1 2 840 113549 1 9). Deprecated, use an altName extension instead +Comment = PKCS #9. Deprecated, use an altName extension instead Description = emailAddress (1 2 840 113549 1 9 1) OID = 06 09 2A 86 48 86 F7 0D 01 09 02 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 Description = unstructuredName (1 2 840 113549 1 9 2) OID = 06 09 2A 86 48 86 F7 0D 01 09 03 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 Description = contentType (1 2 840 113549 1 9 3) OID = 06 09 2A 86 48 86 F7 0D 01 09 04 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 Description = messageDigest (1 2 840 113549 1 9 4) OID = 06 09 2A 86 48 86 F7 0D 01 09 05 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 Description = signingTime (1 2 840 113549 1 9 5) OID = 06 09 2A 86 48 86 F7 0D 01 09 06 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 Description = countersignature (1 2 840 113549 1 9 6) OID = 06 09 2A 86 48 86 F7 0D 01 09 07 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 Description = challengePassword (1 2 840 113549 1 9 7) OID = 06 09 2A 86 48 86 F7 0D 01 09 08 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 Description = unstructuredAddress (1 2 840 113549 1 9 8) OID = 06 09 2A 86 48 86 F7 0D 01 09 09 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 Description = extendedCertificateAttributes (1 2 840 113549 1 9 9) OID = 06 09 2A 86 48 86 F7 0D 01 09 0A -Comment = PKCS #9 (1 2 840 113549 1 9) experimental +Comment = PKCS #9 experimental Description = issuerAndSerialNumber (1 2 840 113549 1 9 10) Warning OID = 06 09 2A 86 48 86 F7 0D 01 09 0B -Comment = PKCS #9 (1 2 840 113549 1 9) experimental +Comment = PKCS #9 experimental Description = passwordCheck (1 2 840 113549 1 9 11) Warning OID = 06 09 2A 86 48 86 F7 0D 01 09 0C -Comment = PKCS #9 (1 2 840 113549 1 9) experimental +Comment = PKCS #9 experimental Description = publicKey (1 2 840 113549 1 9 12) Warning OID = 06 09 2A 86 48 86 F7 0D 01 09 0D -Comment = PKCS #9 (1 2 840 113549 1 9) experimental +Comment = PKCS #9 Description = signingDescription (1 2 840 113549 1 9 13) -Warning OID = 06 09 2A 86 48 86 F7 0D 01 09 0E -Comment = PKCS #9 (1 2 840 113549 1 9) experimental -Description = extensionReq (1 2 840 113549 1 9 14) +Comment = PKCS #9 via CRMF +Description = extensionRequest (1 2 840 113549 1 9 14) # PKCS #9 for use with S/MIME OID = 06 09 2A 86 48 86 F7 0D 01 09 0F -Comment = PKCS #9 (1 2 840 113549 1 9). This OID was formerly assigned as symmetricCapabilities, then reassigned as SMIMECapabilities, then renamed to the current name +Comment = PKCS #9. This OID was formerly assigned as symmetricCapabilities, then reassigned as SMIMECapabilities, then renamed to the current name Description = sMIMECapabilities (1 2 840 113549 1 9 15) OID = 06 0A 2A 86 48 86 F7 0D 01 09 0F 01 -Comment = sMIMECapabilities (1 2 840 113549 1 9 15) +Comment = sMIMECapabilities Description = preferSignedData (1 2 840 113549 1 9 15 1) OID = 06 0A 2A 86 48 86 F7 0D 01 09 0F 02 -Comment = sMIMECapabilities (1 2 840 113549 1 9 15) +Comment = sMIMECapabilities Description = canNotDecryptAny (1 2 840 113549 1 9 15 2) OID = 06 0A 2A 86 48 86 F7 0D 01 09 0F 03 -Comment = sMIMECapabilities (1 2 840 113549 1 9 15). Deprecated, use (1 2 840 113549 1 9 16 2 1) instead +Comment = sMIMECapabilities. Deprecated, use (1 2 840 113549 1 9 16 2 1) instead Description = receiptRequest (1 2 840 113549 1 9 15 3) Warning OID = 06 0A 2A 86 48 86 F7 0D 01 09 0F 04 -Comment = sMIMECapabilities (1 2 840 113549 1 9 15). Deprecated, use (1 2 840 113549 1 9 16 1 1) instead +Comment = sMIMECapabilities. Deprecated, use (1 2 840 113549 1 9 16 1 1) instead Description = receipt (1 2 840 113549 1 9 15 4) Warning OID = 06 0A 2A 86 48 86 F7 0D 01 09 0F 05 -Comment = sMIMECapabilities (1 2 840 113549 1 9 15). Deprecated, use (1 2 840 113549 1 9 16 2 4) instead +Comment = sMIMECapabilities. Deprecated, use (1 2 840 113549 1 9 16 2 4) instead Description = contentHints (1 2 840 113549 1 9 15 5) Warning OID = 06 0A 2A 86 48 86 F7 0D 01 09 0F 06 -Comment = sMIMECapabilities (1 2 840 113549 1 9 15). Deprecated, use (1 2 840 113549 1 9 16 2 3) instead +Comment = sMIMECapabilities. Deprecated, use (1 2 840 113549 1 9 16 2 3) instead Description = mlExpansionHistory (1 2 840 113549 1 9 15 6) Warning OID = 06 09 2A 86 48 86 F7 0D 01 09 10 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 Description = id-sMIME (1 2 840 113549 1 9 16) OID = 06 0A 2A 86 48 86 F7 0D 01 09 10 00 -Comment = id-sMIME (1 2 840 113549 1 9 16) +Comment = id-sMIME Description = id-mod (1 2 840 113549 1 9 16 0) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 00 01 -Comment = S/MIME Modules (1 2 840 113549 1 9 16 0) +Comment = S/MIME Modules Description = id-mod-cms (1 2 840 113549 1 9 16 0 1) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 00 02 -Comment = S/MIME Modules (1 2 840 113549 1 9 16 0) +Comment = S/MIME Modules Description = id-mod-ess (1 2 840 113549 1 9 16 0 2) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 00 03 -Comment = S/MIME Modules (1 2 840 113549 1 9 16 0) +Comment = S/MIME Modules Description = id-mod-oid (1 2 840 113549 1 9 16 0 3) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 00 04 -Comment = S/MIME Modules (1 2 840 113549 1 9 16 0) +Comment = S/MIME Modules Description = id-mod-msg-v3 (1 2 840 113549 1 9 16 0 4) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 00 05 -Comment = S/MIME Modules (1 2 840 113549 1 9 16 0) +Comment = S/MIME Modules Description = id-mod-ets-eSignature-88 (1 2 840 113549 1 9 16 0 5) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 00 06 -Comment = S/MIME Modules (1 2 840 113549 1 9 16 0) +Comment = S/MIME Modules Description = id-mod-ets-eSignature-97 (1 2 840 113549 1 9 16 0 6) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 00 07 -Comment = S/MIME Modules (1 2 840 113549 1 9 16 0) +Comment = S/MIME Modules Description = id-mod-ets-eSigPolicy-88 (1 2 840 113549 1 9 16 0 7) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 00 08 -Comment = S/MIME Modules (1 2 840 113549 1 9 16 0) -Description = id-mod-ets-eSigPolicy-97 (1 2 840 113549 1 9 16 0 8) +Comment = S/MIME Modules +Description = id-mod-ets-eSigPolicy-88 (1 2 840 113549 1 9 16 0 8) OID = 06 0A 2A 86 48 86 F7 0D 01 09 10 01 -Comment = id-sMIME (1 2 840 113549 1 9 16) -Description = id-ct (1 2 840 113549 1 9 16 1) +Comment = S/MIME +Description = contentType (1 2 840 113549 1 9 16 1) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 01 01 -Comment = S/MIME Content Types (1 2 840 113549 1 9 16 1) -Description = id-ct-receipt (1 2 840 113549 1 9 16 1 1) +Comment = S/MIME Content Types +Description = receipt (1 2 840 113549 1 9 16 1 1) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 01 02 -Comment = S/MIME Content Types (1 2 840 113549 1 9 16 1) -Description = id-ct-authData (1 2 840 113549 1 9 16 1 2) +Comment = S/MIME Content Types +Description = authData (1 2 840 113549 1 9 16 1 2) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 01 03 -Comment = S/MIME Content Types (1 2 840 113549 1 9 16 1) -Description = id-ct-publishCert (1 2 840 113549 1 9 16 1 3) +Comment = S/MIME Content Types +Description = publishCert (1 2 840 113549 1 9 16 1 3) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 01 04 -Comment = S/MIME Content Types (1 2 840 113549 1 9 16 1) -Description = id-ct-TSTInfo (1 2 840 113549 1 9 16 1 4) +Comment = S/MIME Content Types +Description = tSTInfo (1 2 840 113549 1 9 16 1 4) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 01 05 -Comment = S/MIME Content Types (1 2 840 113549 1 9 16 1) -Description = id-ct-TDTInfo (1 2 840 113549 1 9 16 1 5) +Comment = S/MIME Content Types +Description = tDTInfo (1 2 840 113549 1 9 16 1 5) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 01 06 -Comment = S/MIME Content Types (1 2 840 113549 1 9 16 1) -Description = id-ct-contentInfo (1 2 840 113549 1 9 16 1 6) +Comment = S/MIME Content Types +Description = contentInfo (1 2 840 113549 1 9 16 1 6) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 01 07 -Comment = S/MIME Content Types (1 2 840 113549 1 9 16 1) -Description = id-ct-DVCSRequestData (1 2 840 113549 1 9 16 1 7) +Comment = S/MIME Content Types +Description = dVCSRequestData (1 2 840 113549 1 9 16 1 7) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 01 08 -Comment = S/MIME Content Types (1 2 840 113549 1 9 16 1) -Description = id-ct-DVCSResponseData (1 2 840 113549 1 9 16 1 8) +Comment = S/MIME Content Types +Description = dVCSResponseData (1 2 840 113549 1 9 16 1 8) -OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 01 07 -Comment = S/MIME Content Types (1 2 840 113549 1 9 16 1) -Description = id-ct-compressedData (1 2 840 113549 1 9 16 1 9) +OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 01 09 +Comment = S/MIME Content Types +Description = compressedData (1 2 840 113549 1 9 16 1 9) OID = 06 0A 2A 86 48 86 F7 0D 01 09 10 02 -Comment = id-sMIME (1 2 840 113549 1 9 16) -Description = id-aa (1 2 840 113549 1 9 16 2) +Comment = S/MIME +Description = authenticatedAttributes (1 2 840 113549 1 9 16 2) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 01 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-receiptRequest (1 2 840 113549 1 9 16 2 1) +Comment = S/MIME Authenticated Attributes +Description = receiptRequest (1 2 840 113549 1 9 16 2 1) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 02 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-securityLabel (1 2 840 113549 1 9 16 2 2) +Comment = S/MIME Authenticated Attributes +Description = securityLabel (1 2 840 113549 1 9 16 2 2) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 03 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-mlExpandHistory (1 2 840 113549 1 9 16 2 3) +Comment = S/MIME Authenticated Attributes +Description = mlExpandHistory (1 2 840 113549 1 9 16 2 3) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 04 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-contentHint (1 2 840 113549 1 9 16 2 4) +Comment = S/MIME Authenticated Attributes +Description = contentHint (1 2 840 113549 1 9 16 2 4) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 05 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-msgSigDigest (1 2 840 113549 1 9 16 2 5) +Comment = S/MIME Authenticated Attributes +Description = msgSigDigest (1 2 840 113549 1 9 16 2 5) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 06 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2). Obsolete -Description = id-aa-encapContentType (1 2 840 113549 1 9 16 2 6) +Comment = S/MIME Authenticated Attributes. Obsolete +Description = encapContentType (1 2 840 113549 1 9 16 2 6) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 07 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-contentIdentifier (1 2 840 113549 1 9 16 2 7) +Comment = S/MIME Authenticated Attributes +Description = contentIdentifier (1 2 840 113549 1 9 16 2 7) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 08 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2). Obsolete -Description = id-aa-macValue (1 2 840 113549 1 9 16 2 8) +Comment = S/MIME Authenticated Attributes. Obsolete +Description = macValue (1 2 840 113549 1 9 16 2 8) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 09 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-equivalentLabels (1 2 840 113549 1 9 16 2 9) +Comment = S/MIME Authenticated Attributes +Description = equivalentLabels (1 2 840 113549 1 9 16 2 9) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 0A -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-contentReference (1 2 840 113549 1 9 16 2 10) +Comment = S/MIME Authenticated Attributes +Description = contentReference (1 2 840 113549 1 9 16 2 10) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 0B -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-encrypKeyPref (1 2 840 113549 1 9 16 2 11) +Comment = S/MIME Authenticated Attributes +Description = encrypKeyPref (1 2 840 113549 1 9 16 2 11) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 0C -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-signingCertificate (1 2 840 113549 1 9 16 2 12) +Comment = S/MIME Authenticated Attributes +Description = signingCertificate (1 2 840 113549 1 9 16 2 12) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 0D -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-smimeEncryptCerts (1 2 840 113549 1 9 16 2 13) +Comment = S/MIME Authenticated Attributes +Description = smimeEncryptCerts (1 2 840 113549 1 9 16 2 13) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 0E -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-timeStampToken (1 2 840 113549 1 9 16 2 14) +Comment = S/MIME Authenticated Attributes +Description = timeStampToken (1 2 840 113549 1 9 16 2 14) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 0F -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-ets-sigPolicyId (1 2 840 113549 1 9 16 2 15) +Comment = S/MIME Authenticated Attributes +Description = sigPolicyId (1 2 840 113549 1 9 16 2 15) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 10 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-ets-commitmentType (1 2 840 113549 1 9 16 2 16) +Comment = S/MIME Authenticated Attributes +Description = commitmentType (1 2 840 113549 1 9 16 2 16) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 11 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-ets-signerLocation (1 2 840 113549 1 9 16 2 17) +Comment = S/MIME Authenticated Attributes +Description = signerLocation (1 2 840 113549 1 9 16 2 17) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 12 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-ets-signerAttr (1 2 840 113549 1 9 16 2 18) +Comment = S/MIME Authenticated Attributes +Description = signerAttr (1 2 840 113549 1 9 16 2 18) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 13 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-ets-otherSigCert (1 2 840 113549 1 9 16 2 19) +Comment = S/MIME Authenticated Attributes +Description = otherSigCert (1 2 840 113549 1 9 16 2 19) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 14 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-ets-contentTimestamp (1 2 840 113549 1 9 16 2 20) +Comment = S/MIME Authenticated Attributes +Description = contentTimestamp (1 2 840 113549 1 9 16 2 20) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 15 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-ets-CertificateRefs (1 2 840 113549 1 9 16 2 21) +Comment = S/MIME Authenticated Attributes +Description = certificateRefs (1 2 840 113549 1 9 16 2 21) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 16 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-ets-RevocationRefs (1 2 840 113549 1 9 16 2 22) +Comment = S/MIME Authenticated Attributes +Description = revocationRefs (1 2 840 113549 1 9 16 2 22) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 17 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-ets-certValues (1 2 840 113549 1 9 16 2 23) +Comment = S/MIME Authenticated Attributes +Description = certValues (1 2 840 113549 1 9 16 2 23) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 18 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-ets-revocationValues (1 2 840 113549 1 9 16 2 24) +Comment = S/MIME Authenticated Attributes +Description = revocationValues (1 2 840 113549 1 9 16 2 24) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 19 -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-ets-escTimeStamp (1 2 840 113549 1 9 16 2 25) +Comment = S/MIME Authenticated Attributes +Description = escTimeStamp (1 2 840 113549 1 9 16 2 25) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 1A -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-ets-certCRLTimestamp (1 2 840 113549 1 9 16 2 26) +Comment = S/MIME Authenticated Attributes +Description = certCRLTimestamp (1 2 840 113549 1 9 16 2 26) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 1B -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-ets-archiveTimeStamp (1 2 840 113549 1 9 16 2 27) +Comment = S/MIME Authenticated Attributes +Description = archiveTimeStamp (1 2 840 113549 1 9 16 2 27) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 1C -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-signatureType (1 2 840 113549 1 9 16 2 28) +Comment = S/MIME Authenticated Attributes +Description = signatureType (1 2 840 113549 1 9 16 2 28) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 02 1D -Comment = S/MIME Authenticated Attributes (1 2 840 113549 1 9 16 2) -Description = id-aa-dvcs-dvc (1 2 840 113549 1 9 16 2 29) +Comment = S/MIME Authenticated Attributes +Description = dvcs-dvc (1 2 840 113549 1 9 16 2 29) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 03 01 -Comment = S/MIME Algorithms (1 2 840 113549 1 9 16 3). Obsolete -Description = id-alg-ESDHwith3DES (1 2 840 113549 1 9 16 3 1) +Comment = S/MIME Algorithms. Obsolete +Description = algESDHwith3DES (1 2 840 113549 1 9 16 3 1) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 03 02 -Comment = S/MIME Algorithms (1 2 840 113549 1 9 16 3). Obsolete -Description = id-alg-ESDHwithRC2 (1 2 840 113549 1 9 16 3 2) +Comment = S/MIME Algorithms. Obsolete +Description = algESDHwithRC2 (1 2 840 113549 1 9 16 3 2) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 03 03 -Comment = S/MIME Algorithms (1 2 840 113549 1 9 16 3). Obsolete -Description = id-alg-3DESwrap (1 2 840 113549 1 9 16 3 3) +Comment = S/MIME Algorithms. Obsolete +Description = alg3DESwrap (1 2 840 113549 1 9 16 3 3) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 03 04 -Comment = S/MIME Algorithms (1 2 840 113549 1 9 16 3). Obsolete -Description = id-alg-RC2wrap (1 2 840 113549 1 9 16 3 4) +Comment = S/MIME Algorithms. Obsolete +Description = algRC2wrap (1 2 840 113549 1 9 16 3 4) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 03 05 -Comment = S/MIME Algorithms (1 2 840 113549 1 9 16 3) -Description = id-alg-ESDH (1 2 840 113549 1 9 16 3 5) +Comment = S/MIME Algorithms +Description = esDH (1 2 840 113549 1 9 16 3 5) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 03 06 -Comment = S/MIME Algorithms (1 2 840 113549 1 9 16 3) -Description = id-alg-CMS3DESwrap (1 2 840 113549 1 9 16 3 6) +Comment = S/MIME Algorithms +Description = cms3DESwrap (1 2 840 113549 1 9 16 3 6) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 03 07 -Comment = S/MIME Algorithms (1 2 840 113549 1 9 16 3) -Description = id-alg-CMSRC2wrap (1 2 840 113549 1 9 16 3 7) +Comment = S/MIME Algorithms +Description = cmsRC2wrap (1 2 840 113549 1 9 16 3 7) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 03 08 -Comment = S/MIME Algorithms (1 2 840 113549 1 9 16 3) -Description = id-alg-zlib (1 2 840 113549 1 9 16 3 8) +Comment = S/MIME Algorithms +Description = zlib (1 2 840 113549 1 9 16 3 8) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 03 09 -Comment = S/MIME Algorithms (1 2 840 113549 1 9 16 3) -Description = id-alg-PWRI-KEK (1 2 840 113549 1 9 16 3 9) +Comment = S/MIME Algorithms +Description = pwri-KEK (1 2 840 113549 1 9 16 3 9) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 04 01 -Comment = S/MIME Certificate Distribution (1 2 840 113549 1 9 16 4) -Description = id-cd-ldap (1 2 840 113549 1 9 16 4 1) +Comment = S/MIME Certificate Distribution +Description = certDist-ldap (1 2 840 113549 1 9 16 4 1) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 05 01 -Comment = S/MIME Signature Policy Qualifier (1 2 840 113549 1 9 16 5) -Description = id-spq-ets-sqt-uri (1 2 840 113549 1 9 16 5 1) +Comment = S/MIME Signature Policy Qualifier +Description = sigPolicyQualifier-spuri (1 2 840 113549 1 9 16 5 1) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 05 02 -Comment = S/MIME Signature Policy Qualifier (1 2 840 113549 1 9 16 5) -Description = id-spq-ets-sqt-unotice (1 2 840 113549 1 9 16 5 2) +Comment = S/MIME Signature Policy Qualifier +Description = sigPolicyQualifier-spUserNotice (1 2 840 113549 1 9 16 5 2) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 06 01 -Comment = S/MIME Signature Policy Qualifier (1 2 840 113549 1 9 16 6) -Description = id-cti-ets-proofOfOrigin (1 2 840 113549 1 9 16 6 1) +Comment = S/MIME +Description = proofOfOrigin (1 2 840 113549 1 9 16 6 1) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 06 02 -Comment = S/MIME Signature Policy Qualifier (1 2 840 113549 1 9 16 6) -Description = id-cti-ets-proofOfReceipt (1 2 840 113549 1 9 16 6 2) +Comment = S/MIME +Description = proofOfReceipt (1 2 840 113549 1 9 16 6 2) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 06 03 -Comment = S/MIME Signature Policy Qualifier (1 2 840 113549 1 9 16 6) -Description = id-cti-ets-proofOfDelivery (1 2 840 113549 1 9 16 6 3) +Comment = S/MIME +Description = proofOfDelivery (1 2 840 113549 1 9 16 6 3) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 06 04 -Comment = S/MIME Signature Policy Qualifier (1 2 840 113549 1 9 16 6) -Description = id-cti-ets-proofOfSender (1 2 840 113549 1 9 16 6 4) +Comment = S/MIME +Description = proofOfSender (1 2 840 113549 1 9 16 6 4) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 06 05 -Comment = S/MIME Signature Policy Qualifier (1 2 840 113549 1 9 16 6) -Description = id-cti-ets-proofOfApproval (1 2 840 113549 1 9 16 6 5) +Comment = S/MIME +Description = proofOfApproval (1 2 840 113549 1 9 16 6 5) OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 06 06 -Comment = S/MIME Signature Policy Qualifier (1 2 840 113549 1 9 16 6) -Description = id-cti-ets-proofOfCreation (1 2 840 113549 1 9 16 6 6) +Comment = S/MIME +Description = proofOfCreation (1 2 840 113549 1 9 16 6 6) + +OID = 06 09 2A 86 48 86 F7 0D 01 09 0F +Comment = PKCS #9. This OID was formerly assigned as symmetricCapabilities, then reassigned as SMIMECapabilities, then renamed to the current name +Description = sMIMECapabilities (1 2 840 113549 1 9 15) + +OID = 06 0A 2A 86 48 86 F7 0D 01 09 10 09 +Comment = S/MIME +Description = signatureTypeIdentifier (1 2 840 113549 1 9 16 9) + +OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 09 01 +Comment = S/MIME Signature Type Identifier +Description = originatorSig (1 2 840 113549 1 9 16 9 1) + +OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 09 02 +Comment = S/MIME Signature Type Identifier +Description = domainSig (1 2 840 113549 1 9 16 9 2) + +OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 09 03 +Comment = S/MIME Signature Type Identifier +Description = additionalAttributesSig (1 2 840 113549 1 9 16 9 3) + +OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 09 04 +Comment = S/MIME Signature Type Identifier +Description = reviewSig (1 2 840 113549 1 9 16 9 4) + +OID = 06 0A 2A 86 48 86 F7 0D 01 09 10 0B +Comment = S/MIME +Description = capabilities (1 2 840 113549 1 9 16 11) + +OID = 06 0B 2A 86 48 86 F7 0D 01 09 10 0B 01 +Comment = S/MIME Capability +Description = preferBinaryInside (1 2 840 113549 1 9 16 11 1) # PKCS #9 for use with PKCS #12 OID = 06 09 2A 86 48 86 F7 0D 01 09 14 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 via PKCS #12 Description = friendlyName (for PKCS #12) (1 2 840 113549 1 9 20) OID = 06 09 2A 86 48 86 F7 0D 01 09 15 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 via PKCS #12 Description = localKeyID (for PKCS #12) (1 2 840 113549 1 9 21) OID = 06 09 2A 86 48 86 F7 0D 01 09 16 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 via PKCS #12 Description = certTypes (for PKCS #12) (1 2 840 113549 1 9 22) OID = 06 0A 2A 86 48 86 F7 0D 01 09 16 01 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 via PKCS #12 Description = x509Certificate (for PKCS #12) (1 2 840 113549 1 9 22 1) OID = 06 0A 2A 86 48 86 F7 0D 01 09 16 02 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 via PKCS #12 Description = sdsiCertificate (for PKCS #12) (1 2 840 113549 1 9 22 2) OID = 06 09 2A 86 48 86 F7 0D 01 09 17 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 via PKCS #12 Description = crlTypes (for PKCS #12) (1 2 840 113549 1 9 23) OID = 06 0A 2A 86 48 86 F7 0D 01 09 17 01 -Comment = PKCS #9 (1 2 840 113549 1 9) +Comment = PKCS #9 via PKCS #12 Description = x509Crl (for PKCS #12) (1 2 840 113549 1 9 23 1) +# PKCS #9, another set of branches used for accumulating further cruft + +OID = 06 09 2A 86 48 86 F7 0D 01 09 18 +Comment = PKCS #9/RFC 2985 +Description = pkcs9objectClass (1 2 840 113549 1 9 24) + +OID = 06 09 2A 86 48 86 F7 0D 01 09 19 +Comment = PKCS #9/RFC 2985 +Description = pkcs9attributes (1 2 840 113549 1 9 25) + +OID = 06 0A 2A 86 48 86 F7 0D 01 09 19 01 +Comment = PKCS #9/RFC 2985 attribute +Description = pkcs15Token (1 2 840 113549 1 9 25 1) + +OID = 06 0A 2A 86 48 86 F7 0D 01 09 19 02 +Comment = PKCS #9/RFC 2985 attribute +Description = encryptedPrivateKeyInfo (1 2 840 113549 1 9 25 2) + +OID = 06 0A 2A 86 48 86 F7 0D 01 09 19 03 +Comment = PKCS #9/RFC 2985 attribute +Description = randomNonce (1 2 840 113549 1 9 25 3) + +OID = 06 0A 2A 86 48 86 F7 0D 01 09 19 04 +Comment = PKCS #9/RFC 2985 attribute +Description = sequenceNumber (1 2 840 113549 1 9 25 4) + +OID = 06 0A 2A 86 48 86 F7 0D 01 09 19 05 +Comment = PKCS #9/RFC 2985 attribute +Description = pkcs7PDU (1 2 840 113549 1 9 25 5) + +OID = 06 09 2A 86 48 86 F7 0D 01 09 1A +Comment = PKCS #9/RFC 2985 +Description = pkcs9syntax (1 2 840 113549 1 9 1A) + +OID = 06 09 2A 86 48 86 F7 0D 01 09 1B +Comment = PKCS #9/RFC 2985 +Description = pkcs9matchingRules (1 2 840 113549 1 9 1B) + # PKCS #12. Note that current PKCS #12 implementations tend to be strange and # peculiar, with implementors misusing OIDs or basing their work on earlier PFX # drafts or defining their own odd OIDs. In addition the PFX/PKCS #12 spec @@ -1421,27 +1822,27 @@ Comment = This OID was formerly assigned as PKCS #12 modeID Description = pkcs-12-PbeIds (1 2 840 113549 1 12 1) OID = 06 0A 2A 86 48 86 F7 0D 01 0C 01 01 -Comment = PKCS #12 PbeIds (1 2 840 113549 1 12 1). This OID was formerly assigned as pkcs-12-OfflineTransportMode +Comment = PKCS #12 PbeIds. This OID was formerly assigned as pkcs-12-OfflineTransportMode Description = pbeWithSHAAnd128BitRC4 (1 2 840 113549 1 12 1 1) OID = 06 0A 2A 86 48 86 F7 0D 01 0C 01 02 -Comment = PKCS #12 PbeIds (1 2 840 113549 1 12 2). This OID was formerly assigned as pkcs-12-OnlineTransportMode +Comment = PKCS #12 PbeIds. This OID was formerly assigned as pkcs-12-OnlineTransportMode Description = pbeWithSHAAnd40BitRC4 (1 2 840 113549 1 12 1 2) OID = 06 0A 2A 86 48 86 F7 0D 01 0C 01 03 -Comment = PKCS #12 PbeIds (1 2 840 113549 1 12 3) +Comment = PKCS #12 PbeIds Description = pbeWithSHAAnd3-KeyTripleDES-CBC (1 2 840 113549 1 12 1 3) OID = 06 0A 2A 86 48 86 F7 0D 01 0C 01 04 -Comment = PKCS #12 PbeIds (1 2 840 113549 1 12 3) +Comment = PKCS #12 PbeIds Description = pbeWithSHAAnd2-KeyTripleDES-CBC (1 2 840 113549 1 12 1 4) OID = 06 0A 2A 86 48 86 F7 0D 01 0C 01 05 -Comment = PKCS #12 PbeIds (1 2 840 113549 1 12 3) +Comment = PKCS #12 PbeIds Description = pbeWithSHAAnd128BitRC2-CBC (1 2 840 113549 1 12 1 5) OID = 06 0A 2A 86 48 86 F7 0D 01 0C 01 06 -Comment = PKCS #12 PbeIds (1 2 840 113549 1 12 3) +Comment = PKCS #12 PbeIds Description = pbeWithSHAAnd40BitRC2-CBC (1 2 840 113549 1 12 1 6) OID = 06 09 2A 86 48 86 F7 0D 01 0C 02 @@ -1450,7 +1851,7 @@ Description = pkcs-12-ESPVKID (1 2 840 113549 1 12 2) Warning OID = 06 0A 2A 86 48 86 F7 0D 01 0C 02 01 -Comment = PKCS #12 ESPVKID (1 2 840 113549 1 12 2). Deprecated, use (1 2 840 113549 1 12 3 5) instead +Comment = PKCS #12 ESPVKID. Deprecated, use (1 2 840 113549 1 12 3 5) instead Description = pkcs-12-PKCS8KeyShrouding (1 2 840 113549 1 12 2 1) Warning @@ -1460,23 +1861,23 @@ OID = 06 09 2A 86 48 86 F7 0D 01 0C 03 Description = pkcs-12-BagIds (1 2 840 113549 1 12 3) OID = 06 0A 2A 86 48 86 F7 0D 01 0C 03 01 -Comment = PKCS #12 BagIds (1 2 840 113549 1 12 3) +Comment = PKCS #12 BagIds Description = pkcs-12-keyBagId (1 2 840 113549 1 12 3 1) OID = 06 0A 2A 86 48 86 F7 0D 01 0C 03 02 -Comment = PKCS #12 BagIds (1 2 840 113549 1 12 3) +Comment = PKCS #12 BagIds Description = pkcs-12-certAndCRLBagId (1 2 840 113549 1 12 3 2) OID = 06 0A 2A 86 48 86 F7 0D 01 0C 03 03 -Comment = PKCS #12 BagIds (1 2 840 113549 1 12 3) +Comment = PKCS #12 BagIds Description = pkcs-12-secretBagId (1 2 840 113549 1 12 3 3) OID = 06 0A 2A 86 48 86 F7 0D 01 0C 03 04 -Comment = PKCS #12 BagIds (1 2 840 113549 1 12 3) +Comment = PKCS #12 BagIds Description = pkcs-12-safeContentsId (1 2 840 113549 1 12 3 4) OID = 06 0A 2A 86 48 86 F7 0D 01 0C 03 05 -Comment = PKCS #12 BagIds (1 2 840 113549 1 12 3) +Comment = PKCS #12 BagIds Description = pkcs-12-pkcs-8ShroudedKeyBagId (1 2 840 113549 1 12 3 5) OID = 06 09 2A 86 48 86 F7 0D 01 0C 04 @@ -1485,117 +1886,117 @@ Description = pkcs-12-CertBagID (1 2 840 113549 1 12 4) Warning OID = 06 0A 2A 86 48 86 F7 0D 01 0C 04 01 -Comment = PKCS #12 CertBagID (1 2 840 113549 1 12 4). This OID was formerly assigned as pkcs-12-X509CertCRLBag +Comment = PKCS #12 CertBagID. This OID was formerly assigned as pkcs-12-X509CertCRLBag Description = pkcs-12-X509CertCRLBagID (1 2 840 113549 1 12 4 1) OID = 06 0A 2A 86 48 86 F7 0D 01 0C 04 02 -Comment = PKCS #12 CertBagID (1 2 840 113549 1 12 4). This OID was formerly assigned as pkcs-12-SDSICertBag +Comment = PKCS #12 CertBagID. This OID was formerly assigned as pkcs-12-SDSICertBag Description = pkcs-12-SDSICertBagID (1 2 840 113549 1 12 4 2) # The following are from PFX. The ... 5 1 values have been reassigned to OIDs # with incompatible algorithms at ... 1, the 5 2 values seem to have vanished. OID = 06 09 2A 86 48 86 F7 0D 01 0C 05 -Description = pkcs-12-OID (1 2 840 113549 1 12 5) +Description = pkcs-12-OID Warning OID = 06 0A 2A 86 48 86 F7 0D 01 0C 05 01 -Comment = PKCS #12 OID (1 2 840 113549 1 12 5). Deprecated, use the partially compatible (1 2 840 113549 1 12 1) OIDs instead +Comment = PKCS #12 OID. Deprecated, use the partially compatible (1 2 840 113549 1 12 1) OIDs instead Description = pkcs-12-PBEID (1 2 840 113549 1 12 5 1) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 0C 05 01 01 -Comment = PKCS #12 OID PBEID (1 2 840 113549 1 12 5 1). Deprecated, use (1 2 840 113549 1 12 1 1) instead +Comment = PKCS #12 OID PBEID. Deprecated, use (1 2 840 113549 1 12 1 1) instead Description = pkcs-12-PBEWithSha1And128BitRC4 (1 2 840 113549 1 12 5 1 1) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 0C 05 01 02 -Comment = PKCS #12 OID PBEID (1 2 840 113549 1 12 5 1). Deprecated, use (1 2 840 113549 1 12 1 2) instead +Comment = PKCS #12 OID PBEID. Deprecated, use (1 2 840 113549 1 12 1 2) instead Description = pkcs-12-PBEWithSha1And40BitRC4 (1 2 840 113549 1 12 5 1 2) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 0C 05 01 03 -Comment = PKCS #12 OID PBEID (1 2 840 113549 1 12 5 1). Deprecated, use the incompatible but similar (1 2 840 113549 1 12 1 3) or (1 2 840 113549 1 12 1 4) instead +Comment = PKCS #12 OID PBEID. Deprecated, use the incompatible but similar (1 2 840 113549 1 12 1 3) or (1 2 840 113549 1 12 1 4) instead Description = pkcs-12-PBEWithSha1AndTripleDESCBC (1 2 840 113549 1 12 5 1 3) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 0C 05 01 04 -Comment = PKCS #12 OID PBEID (1 2 840 113549 1 12 5 1). Deprecated, use (1 2 840 113549 1 12 1 5) instead +Comment = PKCS #12 OID PBEID. Deprecated, use (1 2 840 113549 1 12 1 5) instead Description = pkcs-12-PBEWithSha1And128BitRC2CBC (1 2 840 113549 1 12 5 1 4) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 0C 05 01 05 -Comment = PKCS #12 OID PBEID (1 2 840 113549 1 12 5 1). Deprecated, use (1 2 840 113549 1 12 1 6) instead +Comment = PKCS #12 OID PBEID. Deprecated, use (1 2 840 113549 1 12 1 6) instead Description = pkcs-12-PBEWithSha1And40BitRC2CBC (1 2 840 113549 1 12 5 1 5) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 0C 05 01 06 -Comment = PKCS #12 OID PBEID (1 2 840 113549 1 12 5 1). Deprecated, use the incompatible but similar (1 2 840 113549 1 12 1 1) or (1 2 840 113549 1 12 1 2) instead +Comment = PKCS #12 OID PBEID. Deprecated, use the incompatible but similar (1 2 840 113549 1 12 1 1) or (1 2 840 113549 1 12 1 2) instead Description = pkcs-12-PBEWithSha1AndRC4 (1 2 840 113549 1 12 5 1 6) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 0C 05 01 07 -Comment = PKCS #12 OID PBEID (1 2 840 113549 1 12 5 1). Deprecated, use the incompatible but similar (1 2 840 113549 1 12 1 5) or (1 2 840 113549 1 12 1 6) instead +Comment = PKCS #12 OID PBEID. Deprecated, use the incompatible but similar (1 2 840 113549 1 12 1 5) or (1 2 840 113549 1 12 1 6) instead Description = pkcs-12-PBEWithSha1AndRC2CBC (1 2 840 113549 1 12 5 1 7) Warning OID = 06 0A 2A 86 48 86 F7 0D 01 0C 05 02 -Description = pkcs-12-EnvelopingID (1 2 840 113549 1 12 5 2). Deprecated, use the conventional PKCS #1 OIDs instead +Description = pkcs-12-EnvelopingID. Deprecated, use the conventional PKCS #1 OIDs instead Warning OID = 06 0B 2A 86 48 86 F7 0D 01 0C 05 02 01 -Comment = PKCS #12 OID EnvelopingID (1 2 840 113549 1 12 5 2). Deprecated, use the conventional PKCS #1 OIDs instead +Comment = PKCS #12 OID EnvelopingID. Deprecated, use the conventional PKCS #1 OIDs instead Description = pkcs-12-RSAEncryptionWith128BitRC4 (1 2 840 113549 1 12 5 2 1) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 0C 05 02 02 -Comment = PKCS #12 OID EnvelopingID (1 2 840 113549 1 12 5 2). Deprecated, use the conventional PKCS #1 OIDs instead +Comment = PKCS #12 OID EnvelopingID. Deprecated, use the conventional PKCS #1 OIDs instead Description = pkcs-12-RSAEncryptionWith40BitRC4 (1 2 840 113549 1 12 5 2 2) Warning OID = 06 0B 2A 86 48 86 F7 0D 01 0C 05 02 03 -Comment = PKCS #12 OID EnvelopingID (1 2 840 113549 1 12 5 2). Deprecated, use the conventional PKCS #1 OIDs instead +Comment = PKCS #12 OID EnvelopingID. Deprecated, use the conventional PKCS #1 OIDs instead Description = pkcs-12-RSAEncryptionWithTripleDES (1 2 840 113549 1 12 5 2 3) Warning OID = 06 0A 2A 86 48 86 F7 0D 01 0C 05 03 -Description = pkcs-12-SignatureID (1 2 840 113549 1 12 5 3). Deprecated, use the conventional PKCS #1 OIDs instead +Description = pkcs-12-SignatureID. Deprecated, use the conventional PKCS #1 OIDs instead Warning OID = 06 0B 2A 86 48 86 F7 0D 01 0C 05 03 01 -Comment = PKCS #12 OID SignatureID (1 2 840 113549 1 12 5 3). Deprecated, use the conventional PKCS #1 OIDs instead +Comment = PKCS #12 OID SignatureID. Deprecated, use the conventional PKCS #1 OIDs instead Description = pkcs-12-RSASignatureWithSHA1Digest (1 2 840 113549 1 12 5 3 1) Warning # Yet *another* redefinition of the PKCS #12 "bag" ID's, now in a different # order than the last redefinition at ... 12 3. OID = 06 09 2A 86 48 86 F7 0D 01 0C 0A -Description = pkcs-12Version1 (1 2 840 113549 1 12 10) +Description = pkcs-12Version1 OID = 06 0A 2A 86 48 86 F7 0D 01 0C 0A 01 -Description = pkcs-12BadIds (1 2 840 113549 1 12 10 1) +Description = pkcs-12BadIds OID = 06 0B 2A 86 48 86 F7 0D 01 0C 0A 01 01 -Comment = PKCS #12 BagIds (1 2 840 113549 1 12 10 1) +Comment = PKCS #12 BagIds Description = pkcs-12-keyBag (1 2 840 113549 1 12 10 1 1) OID = 06 0B 2A 86 48 86 F7 0D 01 0C 0A 01 02 -Comment = PKCS #12 BagIds (1 2 840 113549 1 12 10 1) +Comment = PKCS #12 BagIds Description = pkcs-12-pkcs-8ShroudedKeyBag (1 2 840 113549 1 12 10 1 2) OID = 06 0B 2A 86 48 86 F7 0D 01 0C 0A 01 03 -Comment = PKCS #12 BagIds (1 2 840 113549 1 12 10 1) +Comment = PKCS #12 BagIds Description = pkcs-12-certBag (1 2 840 113549 1 12 10 1 3) OID = 06 0B 2A 86 48 86 F7 0D 01 0C 0A 01 04 -Comment = PKCS #12 BagIds (1 2 840 113549 1 12 10 1) +Comment = PKCS #12 BagIds Description = pkcs-12-crlBag (1 2 840 113549 1 12 10 1 4) OID = 06 0B 2A 86 48 86 F7 0D 01 0C 0A 01 05 -Comment = PKCS #12 BagIds (1 2 840 113549 1 12 10 1) +Comment = PKCS #12 BagIds Description = pkcs-12-secretBag (1 2 840 113549 1 12 10 1 5) OID = 06 0B 2A 86 48 86 F7 0D 01 0C 0A 01 06 -Comment = PKCS #12 BagIds (1 2 840 113549 1 12 10 1) +Comment = PKCS #12 BagIds Description = pkcs-12-safeContentsBag (1 2 840 113549 1 12 10 1 6) # PKCS #15 @@ -1618,66 +2019,80 @@ Description = pkcs15content (1 2 840 113549 1 15 3 1) # RSADSI digest algorithms -OID = 06 08 2A 86 48 86 F7 0D 02 -Description = digestAlgorithm (1 2 840 113549 2) +OID = 06 07 2A 86 48 86 F7 0D 02 +Description = digestAlgorithm OID = 06 08 2A 86 48 86 F7 0D 02 02 -Comment = RSADSI digestAlgorithm (1 2 840 113549 2) +Comment = RSADSI digestAlgorithm Description = md2 (1 2 840 113549 2 2) -#OID = 06 08 2A 86 48 86 F7 0D 02 04 -#Comment = RSADSI digestAlgorithm (1 2 840 113549 2) -#Description = md4 (1 2 840 113549 2 4) -# conflicts with more useful definition +OID = 06 08 2A 86 48 86 F7 0D 02 04 +Comment = RSADSI digestAlgorithm +Description = md4 (1 2 840 113549 2 4) -#OID = 06 08 2A 86 48 86 F7 0D 02 05 -#Comment = RSADSI digestAlgorithm (1 2 840 113549 2) -#Description = md5 (1 2 840 113549 2 5) -# conflicts with more useful definition +OID = 06 08 2A 86 48 86 F7 0D 02 05 +Comment = RSADSI digestAlgorithm +Description = md5 (1 2 840 113549 2 5) OID = 06 08 2A 86 48 86 F7 0D 02 07 -Comment = RSADSI digestAlgorithm (1 2 840 113549 2) +Comment = RSADSI digestAlgorithm Description = hmacWithSHA1 (1 2 840 113549 2 7) +OID = 06 08 2A 86 48 86 F7 0D 02 07 +Comment = RSADSI digestAlgorithm +Description = hmacWithSHA224 (1 2 840 113549 2 8) + +OID = 06 08 2A 86 48 86 F7 0D 02 07 +Comment = RSADSI digestAlgorithm +Description = hmacWithSHA256 (1 2 840 113549 2 9) + +OID = 06 08 2A 86 48 86 F7 0D 02 07 +Comment = RSADSI digestAlgorithm +Description = hmacWithSHA384 (1 2 840 113549 2 10) + +OID = 06 08 2A 86 48 86 F7 0D 02 07 +Comment = RSADSI digestAlgorithm +Description = hmacWithSHA512 (1 2 840 113549 2 11) + # RSADSI encryption algorithms -OID = 06 08 2A 86 48 86 F7 0D 03 -Description = encryptionAlgorithm (1 2 840 113549 3) +OID = 06 07 2A 86 48 86 F7 0D 03 +Description = encryptionAlgorithm OID = 06 08 2A 86 48 86 F7 0D 03 02 -Comment = RSADSI encryptionAlgorithm (1 2 840 113549 3) +Comment = RSADSI encryptionAlgorithm Description = rc2CBC (1 2 840 113549 3 2) OID = 06 08 2A 86 48 86 F7 0D 03 03 -Comment = RSADSI encryptionAlgorithm (1 2 840 113549 3) +Comment = RSADSI encryptionAlgorithm Description = rc2ECB (1 2 840 113549 3 3) OID = 06 08 2A 86 48 86 F7 0D 03 04 -Comment = RSADSI encryptionAlgorithm (1 2 840 113549 3) +Comment = RSADSI encryptionAlgorithm Description = rc4 (1 2 840 113549 3 4) OID = 06 08 2A 86 48 86 F7 0D 03 05 -Comment = RSADSI encryptionAlgorithm (1 2 840 113549 3) +Comment = RSADSI encryptionAlgorithm Description = rc4WithMAC (1 2 840 113549 3 5) OID = 06 08 2A 86 48 86 F7 0D 03 06 -Comment = RSADSI encryptionAlgorithm (1 2 840 113549 3) +Comment = RSADSI encryptionAlgorithm Description = desx-CBC (1 2 840 113549 3 6) OID = 06 08 2A 86 48 86 F7 0D 03 07 -Comment = RSADSI encryptionAlgorithm (1 2 840 113549 3) +Comment = RSADSI encryptionAlgorithm Description = des-EDE3-CBC (1 2 840 113549 3 7) OID = 06 08 2A 86 48 86 F7 0D 03 08 -Comment = RSADSI encryptionAlgorithm (1 2 840 113549 3) +Comment = RSADSI encryptionAlgorithm Description = rc5CBC (1 2 840 113549 3 8) OID = 06 08 2A 86 48 86 F7 0D 03 09 -Comment = RSADSI encryptionAlgorithm (1 2 840 113549 3) +Comment = RSADSI encryptionAlgorithm Description = rc5-CBCPad (1 2 840 113549 3 9) OID = 06 08 2A 86 48 86 F7 0D 03 0A -Comment = RSADSI encryptionAlgorithm (1 2 840 113549 3). Formerly called CDMFCBCPad +Comment = RSADSI encryptionAlgorithm. Formerly called CDMFCBCPad Description = desCDMF (1 2 840 113549 3 10) # Identrus @@ -1690,33 +2105,7 @@ OID = 06 08 2A 86 48 86 FA 65 04 01 Comment = Identrus Description = identrusOCSP (1 2 840 114021 4 1) -# Ascom Systech - -OID = 06 0A 2B 06 01 04 01 81 3C 07 01 01 -Comment = Ascom Systech -Description = ascom (1 3 6 1 4 1 188 7 1 1) - -#OID = 06 0B 2B 06 01 04 01 81 3C 07 01 01 01 -#Comment = Ascom Systech -#Description = ideaECB (1 3 6 1 4 1 188 7 1 1 1) -# conflicts with more useful definition - -#OID = 06 0B 2B 06 01 04 01 81 3C 07 01 01 02 -#Comment = Ascom Systech -#Description = ideaCBC (1 3 6 1 4 1 188 7 1 1 2) -# conflicts with more useful definition - -#OID = 06 0B 2B 06 01 04 01 81 3C 07 01 01 03 -#Comment = Ascom Systech -#Description = ideaCFB (1 3 6 1 4 1 188 7 1 1 3) -# conflicts with more useful definition - -#OID = 06 0B 2B 06 01 04 01 81 3C 07 01 01 04 -#Comment = Ascom Systech -#Description = ideaOFB (1 3 6 1 4 1 188 7 1 1 4) -# conflicts with more useful definition - -# Microsoft +# Microsoft (both 1 2 840 and 1 3 6 1 4 1 arcs) OID = 06 09 2A 86 48 86 F7 14 01 03 00 Comment = Microsoft Exchange Server - object class @@ -1784,11 +2173,19 @@ Description = certReqExtensions (1 3 6 1 4 1 311 2 1 14) OID = 06 0A 2B 06 01 04 01 82 37 02 01 0F Comment = Microsoft code signing -Description = spcPelmageData (1 3 6 1 4 1 311 2 1 15) +Description = spcPEImageData (1 3 6 1 4 1 311 2 1 15) + +OID = 06 0A 2B 06 01 04 01 82 37 02 01 12 +Comment = Microsoft code signing +Description = spcRawFileData (1 3 6 1 4 1 311 2 1 18) + +OID = 06 0A 2B 06 01 04 01 82 37 02 01 13 +Comment = Microsoft code signing +Description = spcStructuredStorageData (1 3 6 1 4 1 311 2 1 19) OID = 06 0A 2B 06 01 04 01 82 37 02 01 14 -Comment = Microsoft code signing. Also known as "glue extension" -Description = spcLink (type 1) (1 3 6 1 4 1 311 2 1 20) +Comment = Microsoft code signing. Formerly "link extension" aka "glue extension" +Description = spcJavaClassData (type 1) (1 3 6 1 4 1 311 2 1 20) OID = 06 0A 2B 06 01 04 01 82 37 02 01 15 Comment = Microsoft @@ -1798,10 +2195,9 @@ OID = 06 0A 2B 06 01 04 01 82 37 02 01 16 Comment = Microsoft Description = commercialCodeSigning (1 3 6 1 4 1 311 2 1 22) -#OID = 06 0A 2B 06 01 04 01 82 37 02 01 19 -#Comment = Microsoft code signing. Also known as "glue extension" -#Description = spcLink (type 2) (1 3 6 1 4 1 311 2 1 25) -# conflicts with more useful definition +OID = 06 0A 2B 06 01 04 01 82 37 02 01 19 +Comment = Microsoft code signing. Also known as "glue extension" +Description = spcLink (type 2) (1 3 6 1 4 1 311 2 1 25) OID = 06 0A 2B 06 01 04 01 82 37 02 01 1A Comment = Microsoft code signing @@ -1811,14 +2207,13 @@ OID = 06 0A 2B 06 01 04 01 82 37 02 01 1B Comment = Microsoft code signing Description = spcFinancialCriteriaInfo (1 3 6 1 4 1 311 2 1 27) -#OID = 06 0A 2B 06 01 04 01 82 37 02 01 1C -#Comment = Microsoft code signing. Also known as "glue extension" -#Description = spcLink (type 3) (1 3 6 1 4 1 311 2 1 28) -# conflicts with more useful definition +OID = 06 0A 2B 06 01 04 01 82 37 02 01 1C +Comment = Microsoft code signing. Also known as "glue extension" +Description = spcLink (type 3) (1 3 6 1 4 1 311 2 1 28) OID = 06 0A 2B 06 01 04 01 82 37 03 02 01 Comment = Microsoft code signing -Description = timestampCountersignature (1 3 6 1 4 1 311 3 2 1) +Description = timestampRequest (1 3 6 1 4 1 311 3 2 1) OID = 06 09 2B 06 01 04 01 82 37 0A 01 Comment = Microsoft PKCS #7 contentType @@ -1836,10 +2231,9 @@ OID = 06 0A 2B 06 01 04 01 82 37 0A 03 02 Comment = Microsoft enhanced key usage Description = timeStampSigning (1 3 6 1 4 1 311 10 3 2) -#OID = 06 0A 2B 06 01 04 01 82 37 0A 03 03 -#Comment = Microsoft enhanced key usage -#Description = serverGatedCrypto (1 3 6 1 4 1 311 10 3 3) -# conflicts with more useful definition +OID = 06 0A 2B 06 01 04 01 82 37 0A 03 03 +Comment = Microsoft enhanced key usage +Description = serverGatedCrypto (1 3 6 1 4 1 311 10 3 3) OID = 06 0A 2B 06 01 04 01 82 37 0A 03 04 Comment = Microsoft enhanced key usage @@ -1862,7 +2256,7 @@ Description = osVersion (1 3 6 1 4 1 311 13 2 3) # This is just the normal issuerAndSerialNumber but with a MS-specific OID. # Apparently it's used for CryptEncode/DecodeObject, whatever that is. -OID = 06 0A 2B 06 01 04 01 82 37 10 04 +OID = 06 09 2B 06 01 04 01 82 37 10 04 Comment = Microsoft attribute Description = microsoftRecipientInfo (1 3 6 1 4 1 311 16 4) @@ -1870,17 +2264,54 @@ Description = microsoftRecipientInfo (1 3 6 1 4 1 311 16 4) # = cert index. Key index is inc'd when a CA gets a new key, cert index is # inc'd when a CA gets a new cert (ie recertifies a current key). This # extension has two purposes, as a hint to rebuild key/cert lists when a Win2K -# CA is restored, and as a poster boy for the kind of crap which people are -# shovelling into certs which has no place there +# CA is restored, and as a poster boy for the kind of crap that people are +# shovelling into certs that has no place there OID = 06 09 2B 06 01 04 01 82 37 15 01 Comment = Microsoft attribute Description = cAKeyCertIndexPair (1 3 6 1 4 1 311 21 1) +OID = 06 09 2B 06 01 04 01 82 37 14 02 +Comment = Microsoft CAPICOM certificate template, V1 +Description = enrollCerttypeExtension (1 3 6 1 4 1 311 20 2) + +OID = 06 09 2B 06 01 04 01 82 37 15 07 +Comment = Microsoft CAPICOM certificate template, V2 +Description = certificateTemplate (1 3 6 1 4 1 311 21 7) + +# This one is at least as bad as cAKeyCertIndexPair: The first part of +# the arc, 1 3 6 1 4 1 311 21 8, is fixed, then 6 32-bit values are +# randomly generated and appended to create the full semi-random OID. +# Obviously it's not possible to usefull display these things... +# Comment = Microsoft braindamage +# Description = autoEnrollEFS (1 3 6 1 4 1 311 21 8 x x x x x x) + # CAPICOM original filename (something to do with signed files?) OID = 06 0A 2B 06 01 04 01 82 37 58 02 01 Comment = Microsoft attribute Description = originalFilename (1 3 6 1 4 1 311 88 2 1) +# Ascom Systech + +OID = 06 0A 2B 06 01 04 01 81 3C 07 01 01 +Comment = Ascom Systech +Description = ascom (1 3 6 1 4 1 188 7 1 1) + +OID = 06 0B 2B 06 01 04 01 81 3C 07 01 01 01 +Comment = Ascom Systech +Description = ideaECB (1 3 6 1 4 1 188 7 1 1 1) + +OID = 06 0B 2B 06 01 04 01 81 3C 07 01 01 02 +Comment = Ascom Systech +Description = ideaCBC (1 3 6 1 4 1 188 7 1 1 2) + +OID = 06 0B 2B 06 01 04 01 81 3C 07 01 01 03 +Comment = Ascom Systech +Description = ideaCFB (1 3 6 1 4 1 188 7 1 1 3) + +OID = 06 0B 2B 06 01 04 01 81 3C 07 01 01 04 +Comment = Ascom Systech +Description = ideaOFB (1 3 6 1 4 1 188 7 1 1 4) + # UNINETT OID = 06 0A 2B 06 01 04 01 92 7C 0A 01 01 @@ -1927,17 +2358,21 @@ OID = 06 0B 2B 06 01 04 01 97 55 01 02 01 02 Comment = cryptlib public-key algorithm Description = elgamalWithRIPEMD-160 (1 3 6 1 4 1 3029 1 2 1 2) -OID = 06 09 2B 06 01 04 01 97 55 03 01 -Comment = cryptlib attribute type -Description = cryptlibPKIXFix (1 3 6 1 4 1 3029 3 1) - OID = 06 0A 2B 06 01 04 01 97 55 03 01 01 -Comment = cryptlib PKIX fix attribute +Comment = cryptlib attribute type Description = cryptlibPresenceCheck (1 3 6 1 4 1 3029 3 1 1) -OID = 06 0A 2B 06 01 04 01 97 55 04 01 01 +OID = 06 0A 2B 06 01 04 01 97 55 03 01 02 +Comment = cryptlib attribute type +Description = pkiBoot (1 3 6 1 4 1 3029 3 1 2) + +OID = 06 0A 2B 06 01 04 01 97 55 03 01 04 +Comment = cryptlib attribute type +Description = crlExtReason (1 3 6 1 4 1 3029 3 1 4) + +OID = 06 0A 2B 06 01 04 01 97 55 03 01 05 Comment = cryptlib attribute type -Description = cryptlibAttribute (1 3 6 1 4 1 3029 4 1 1) +Description = keyFeatures (1 3 6 1 4 1 3029 3 1 5) OID = 06 09 2B 06 01 04 01 97 55 04 01 Comment = cryptlib @@ -1955,6 +2390,18 @@ OID = 06 0A 2B 06 01 04 01 97 55 04 01 03 Comment = cryptlib content type Description = cryptlibUserInfo (1 3 6 1 4 1 3029 4 1 3) +OID = 06 0A 2B 06 01 04 01 97 55 04 01 04 +Comment = cryptlib content type +Description = rtcsRequest (1 3 6 1 4 1 3029 4 1 4) + +OID = 06 0A 2B 06 01 04 01 97 55 04 01 05 +Comment = cryptlib content type +Description = rtcsResponse (1 3 6 1 4 1 3029 4 1 5) + +OID = 06 0A 2B 06 01 04 01 97 55 04 01 06 +Comment = cryptlib content type +Description = rtcsResponseExt (1 3 6 1 4 1 3029 4 1 6) + OID = 06 0B 2B 06 01 04 01 97 55 2A D7 24 01 Comment = cryptlib special MPEG-of-cat OID Description = mpeg-1 (1 3 6 1 4 1 3029 42 11172 1) @@ -1963,6 +2410,46 @@ OID = 06 0C 2B 06 01 04 01 97 55 58 59 5A 5A 59 Comment = cryptlib certificate policy Description = xYZZY policyIdentifier (1 3 6 1 4 1 3029 88 89 90 90 89) +# PGP Inc. + +OID = 06 0A 2B 06 01 04 01 9A 49 08 01 01 +Comment = PGP key information +Description = pgpExtension (1 3 6 1 4 1 3401 8 1 1) + +# EDI messaging for TMN Interactive Agents + +OID = 06 08 2B 06 01 04 01 9B 78 07 +Comment = TMN EDI for Interactive Agents +Description = eciaAscX12Edi (1 3 6 1 4 1 3576 7) + +OID = 06 09 2B 06 01 04 01 9B 78 07 01 +Comment = TMN EDI for Interactive Agents +Description = plainEDImessage (1 3 6 1 4 1 3576 7 1) + +OID = 06 09 2B 06 01 04 01 9B 78 07 02 +Comment = TMN EDI for Interactive Agents +Description = signedEDImessage (1 3 6 1 4 1 3576 7 2) + +OID = 06 09 2B 06 01 04 01 9B 78 07 05 +Comment = TMN EDI for Interactive Agents +Description = integrityEDImessage (1 3 6 1 4 1 3576 7 5) + +OID = 06 09 2B 06 01 04 01 9B 78 07 41 +Comment = TMN EDI for Interactive Agents +Description = iaReceiptMessage (1 3 6 1 4 1 3576 7 65) + +OID = 06 09 2B 06 01 04 01 9B 78 07 61 +Comment = TMN EDI for Interactive Agents +Description = iaStatusMessage (1 3 6 1 4 1 3576 7 97) + +OID = 06 08 2B 06 01 04 01 9B 78 08 +Comment = TMN EDI for Interactive Agents +Description = eciaEdifact (1 3 6 1 4 1 3576 8) + +OID = 06 08 2B 06 01 04 01 9B 78 09 +Comment = TMN EDI for Interactive Agents +Description = eciaNonEdi (1 3 6 1 4 1 3576 9) + # Timeproof (www.timeproof.de) OID = 06 09 2B 06 01 04 01 AA 60 @@ -1985,6 +2472,143 @@ OID = 06 09 2B 06 01 04 01 AA 60 01 01 Comment = timeproof TSS Description = tss400 (1 3 6 1 4 1 5472 1 3) +# MEDePass + +OID = 06 09 2B 06 01 04 01 AD 0A 00 03 +Comment = MEDePass +Description = secondaryPractices (1 3 6 1 4 1 5770 0 3) + +OID = 06 09 2B 06 01 04 01 AD 0A 00 04 +Comment = MEDePass +Description = physicianIdentifiers (1 3 6 1 4 1 5770 0 4) + +# Comodo CA + +OID = 06 0C 2B 06 01 04 01 B2 31 01 02 01 03 01 +Comment = Comodo CA +Description = comodoPolicy (1 3 6 1 4 1 6449 1 2 1 3 1) + +OID = 06 0B 2B 06 01 04 01 B2 31 01 03 05 02 +Comment = Comodo CA +Description = comodoCertifiedDeliveryService (1 3 6 1 4 1 6449 1 3 5 2) + +# TU Darmstadt ValidityModel +# http://www.cdc.informatik.tu-darmstadt.de/TI/Forschung/FlexiPKI/validitymodel/index.html + +OID = 06 09 2B 06 01 04 01 C0 6D 03 05 +Comment = TU Darmstadt ValidityModel +Description = validityModel (1 3 6 1 4 1 8301 3 5) + +OID = 06 0A 2B 06 01 04 01 C0 6D 03 05 01 +Comment = TU Darmstadt ValidityModel +Description = validityModelChain (1 3 6 1 4 1 8301 3 5 1) + +OID = 06 0A 2B 06 01 04 01 C0 6D 03 05 02 +Comment = ValidityModel +Description = validityModelShell (1 3 6 1 4 1 8301 3 5 2) + +# Chilean Government + +OID = 06 08 2B 06 01 04 01 C0 27 01 +Comment = Chilean Government national unique roll number +Description = rolUnicoNacional (1 3 6 1 4 1 8231 1) + +# GNU Project + +OID = 06 07 2B 06 01 04 01 DA 47 +Comment = GNU Project (see http://www.gnupg.org/oids.html) +Description = gnu (1 3 6 1 4 1 11591) + +OID = 06 08 2B 06 01 04 01 DA 47 01 +Comment = GNU Radius +Description = gnuRadius (1 3 6 1 4 1 11591 1) + +OID = 06 08 2B 06 01 04 01 DA 47 03 +Comment = GNU Radar +Description = gnuRadar (1 3 6 1 4 1 11591 3) + +OID = 06 08 2B 06 01 04 01 DA 47 0C +Comment = GNU digest algorithm +Description = gnuDigestAlgorithm (1 3 6 1 4 1 11591 12) + +OID = 06 09 2B 06 01 04 01 DA 47 0C 02 +Comment = GNU digest algorithm +Description = tiger (1 3 6 1 4 1 11591 12 2) + +OID = 06 08 2B 06 01 04 01 DA 47 0D +Comment = GNU encryption algorithm +Description = gnuEncryptionAlgorithm (1 3 6 1 4 1 11591 13) + +OID = 06 09 2B 06 01 04 01 DA 47 0D 02 +Comment = GNU encryption algorithm +Description = serpent (1 3 6 1 4 1 11591 13 2) + +OID = 06 0A 2B 06 01 04 01 DA 47 0D 02 01 +Comment = GNU encryption algorithm +Description = serpent128_ECB (1 3 6 1 4 1 11591 13 2 1) + +OID = 06 0A 2B 06 01 04 01 DA 47 0D 02 02 +Comment = GNU encryption algorithm +Description = serpent128_CBC (1 3 6 1 4 1 11591 13 2 2) + +OID = 06 0A 2B 06 01 04 01 DA 47 0D 02 03 +Comment = GNU encryption algorithm +Description = serpent128_OFB (1 3 6 1 4 1 11591 13 2 3) + +OID = 06 0A 2B 06 01 04 01 DA 47 0D 02 04 +Comment = GNU encryption algorithm +Description = serpent128_CFB (1 3 6 1 4 1 11591 13 2 4) + +OID = 06 0A 2B 06 01 04 01 DA 47 0D 02 15 +Comment = GNU encryption algorithm +Description = serpent192_ECB (1 3 6 1 4 1 11591 13 2 21) + +OID = 06 0A 2B 06 01 04 01 DA 47 0D 02 16 +Comment = GNU encryption algorithm +Description = serpent192_CBC (1 3 6 1 4 1 11591 13 2 22) + +OID = 06 0A 2B 06 01 04 01 DA 47 0D 02 17 +Comment = GNU encryption algorithm +Description = serpent192_OFB (1 3 6 1 4 1 11591 13 2 23) + +OID = 06 0A 2B 06 01 04 01 DA 47 0D 02 18 +Comment = GNU encryption algorithm +Description = serpent192_CFB (1 3 6 1 4 1 11591 13 2 24) + +OID = 06 0A 2B 06 01 04 01 DA 47 0D 02 29 +Comment = GNU encryption algorithm +Description = serpent256_ECB (1 3 6 1 4 1 11591 13 2 41) + +OID = 06 0A 2B 06 01 04 01 DA 47 0D 02 2A +Comment = GNU encryption algorithm +Description = serpent256_CBC (1 3 6 1 4 1 11591 13 2 42) + +OID = 06 0A 2B 06 01 04 01 DA 47 0D 02 2B +Comment = GNU encryption algorithm +Description = serpent256_OFB (1 3 6 1 4 1 11591 13 2 43) + +OID = 06 0A 2B 06 01 04 01 DA 47 0D 02 2C +Comment = GNU encryption algorithm +Description = serpent256_CFB (1 3 6 1 4 1 11591 13 2 44) + +# Northrop Grumman Mission Systems + +OID = 06 0B 2B 06 01 04 01 FF 4E 83 7D 01 01 +Comment = Northrop Grumman extended key usage +Description = Northrop Grumman extKeyUsage? (1 3 6 1 4 1 16334 509 1 1) + +OID = 06 0B 2B 06 01 04 01 FF 4E 83 7D 02 01 +Comment = Northrop Grumman policy +Description = ngcClass1 (1 3 6 1 4 1 16334 509 2 1) + +OID = 06 0B 2B 06 01 04 01 FF 4E 83 7D 02 02 +Comment = Northrop Grumman policy +Description = ngcClass2 (1 3 6 1 4 1 16334 509 2 2) + +OID = 06 0B 2B 06 01 04 01 FF 4E 83 7D 02 03 +Comment = Northrop Grumman policy +Description = ngcClass3 (1 3 6 1 4 1 16334 509 2 3) + # PKIX OID = 06 06 2B 06 01 05 05 07 @@ -2002,6 +2626,14 @@ OID = 06 08 2B 06 01 05 05 07 01 01 Comment = PKIX private extension Description = authorityInfoAccess (1 3 6 1 5 5 7 1 1) +OID = 06 08 2B 06 01 05 05 07 01 02 +Comment = PKIX private extension +Description = biometricInfo (1 3 6 1 5 5 7 1 2) + +OID = 06 08 2B 06 01 05 05 07 01 03 +Comment = PKIX private extension +Description = qcStatements (1 3 6 1 5 5 7 1 3) + OID = 06 08 2B 06 01 05 05 07 01 04 Comment = PKIX private extension Description = acAuditIdentity (1 3 6 1 5 5 7 1 4) @@ -2082,10 +2714,9 @@ OID = 06 08 2B 06 01 05 05 07 03 07 Comment = PKIX key purpose Description = ipsecUser (1 3 6 1 5 5 7 3 7) -#OID = 06 08 2B 06 01 05 05 07 03 08 -#Comment = PKIX key purpose -#Description = timeStamping (1 3 6 1 5 5 7 3 8) -# conflicts with more useful definition +OID = 06 08 2B 06 01 05 05 07 03 08 +Comment = PKIX key purpose +Description = timeStamping (1 3 6 1 5 5 7 3 8) OID = 06 08 2B 06 01 05 05 07 03 09 Comment = PKIX key purpose @@ -2099,6 +2730,14 @@ OID = 06 08 2B 06 01 05 05 07 03 0B Comment = PKIX key purpose Description = sbgpCertAAServerAuth (1 3 6 1 5 5 7 3 11) +OID = 06 08 2B 06 01 05 05 07 03 0D +Comment = PKIX key purpose +Description = eapOverPPP (1 3 6 1 5 5 7 3 13) + +OID = 06 08 2B 06 01 05 05 07 03 0E +Comment = PKIX key purpose +Description = wlanSSID (1 3 6 1 5 5 7 3 14) + OID = 06 07 2B 06 01 05 05 07 04 Comment = PKIX Description = cmpInformationTypes (1 3 6 1 5 5 7 4) @@ -2247,10 +2886,9 @@ OID = 06 08 2B 06 01 05 05 07 08 02 Comment = PKIX other name Description = userGroup (1 3 6 1 5 5 7 8 2) -#OID = 06 07 2B 06 01 05 05 07 09 -#Comment = PKIX -#Description = personalData (1 3 6 1 5 5 7 9) -# conflicts with more useful definition +OID = 06 07 2B 06 01 05 05 07 09 +Comment = PKIX qualified certificates +Description = personalData (1 3 6 1 5 5 7 9) OID = 06 08 2B 06 01 05 05 07 09 01 Comment = PKIX personal data @@ -2262,19 +2900,15 @@ Description = placeOfBirth (1 3 6 1 5 5 7 9 2) OID = 06 08 2B 06 01 05 05 07 09 03 Comment = PKIX personal data -Description = pseudonym (1 3 6 1 5 5 7 9 3) +Description = gender (1 3 6 1 5 5 7 9 3) OID = 06 08 2B 06 01 05 05 07 09 04 Comment = PKIX personal data -Description = gender (1 3 6 1 5 5 7 9 4) +Description = countryOfCitizenship (1 3 6 1 5 5 7 9 4) OID = 06 08 2B 06 01 05 05 07 09 05 Comment = PKIX personal data -Description = countryOfCitizenship (1 3 6 1 5 5 7 9 5) - -OID = 06 08 2B 06 01 05 05 07 09 06 -Comment = PKIX personal data -Description = countryOfResidence (1 3 6 1 5 5 7 9 6) +Description = countryOfResidence (1 3 6 1 5 5 7 9 5) OID = 06 07 2B 06 01 05 05 07 0A Comment = PKIX @@ -2304,6 +2938,14 @@ OID = 06 08 2B 06 01 05 05 07 0A 06 Comment = PKIX attribute certificate extension Description = encAttrs (1 3 6 1 5 5 7 10 6) +OID = 06 07 2B 06 01 05 05 07 0B +Comment = PKIX qualified certificates +Description = personalData (1 3 6 1 5 5 7 11) + +OID = 06 08 2B 06 01 05 05 07 0B 01 +Comment = PKIX qualified certificates +Description = pkixQCSyntax-v1 (1 3 6 1 5 5 7 11 1) + # OCSP OID = 06 08 2B 06 01 05 05 07 30 01 @@ -2338,16 +2980,20 @@ OID = 06 09 2B 06 01 05 05 07 30 01 07 Comment = OCSP Description = ocspServiceLocator (1 3 6 1 5 5 7 48 1 7) -# AuthorityInfo types (OCSP is already listed above) +# Subject/AuthorityInfo types (OCSP is already listed above) OID = 06 08 2B 06 01 05 05 07 30 02 -Comment = PKIX authority info access descriptor +Comment = PKIX subject/authority info access descriptor Description = caIssuers (1 3 6 1 5 5 7 48 2) OID = 06 08 2B 06 01 05 05 07 30 03 -Comment = PKIX authority info access descriptor +Comment = PKIX subject/authority info access descriptor Description = timeStamping (1 3 6 1 5 5 7 48 3) +OID = 06 08 2B 06 01 05 05 07 30 05 +Comment = PKIX subject/authority info access descriptor +Description = caRepository (1 3 6 1 5 5 7 48 5) + # ISAKMP OID = 06 08 2B 06 01 05 05 08 01 01 @@ -2407,10 +3053,9 @@ Description = decDEAMAC (1 3 12 2 1011 7 3 3) # NIST Open Systems Environment (OSE) Implementor's Workshop (OIW), # specialising in oddball and partially-defunct OIDs -#OID = 06 05 2B 0E 02 1A 05 -#Comment = Unsure about this OID -#Description = sha (1 3 14 2 26 5) -# conflicts with more useful definition +OID = 06 05 2B 0E 02 1A 05 +Comment = Unsure about this OID +Description = sha (1 3 14 2 26 5) OID = 06 06 2B 0E 03 02 01 01 Comment = X.509. Unsure about this OID @@ -2457,11 +3102,10 @@ OID = 06 05 2B 0E 03 02 0B Comment = ISO 9796-2, also X9.31 Part 1 Description = rsaSignature (1 3 14 3 2 11) -#OID = 06 05 2B 0E 03 02 0C -#Comment = OIW?, supposedly from an incomplete version of SDN.701 (doesn't match final SDN.701) -#Description = dsa (1 3 14 3 2 12) -#Warning -# conflicts with more useful definition +OID = 06 05 2B 0E 03 02 0C +Comment = OIW?, supposedly from an incomplete version of SDN.701 (doesn't match final SDN.701) +Description = dsa (1 3 14 3 2 12) +Warning OID = 06 05 2B 0E 03 02 0D Comment = Oddball OIW OID. Incorrectly used by JDK 1.1 in place of (1 3 14 3 2 27) @@ -2470,9 +3114,9 @@ Comment = Oddball OIW OID. Incorrectly used by JDK 1.1 in place of (1 3 14 3 2 Description = dsaWithSHA (1 3 14 3 2 13) Warning -# The various md<x>WithRSASIsignature OIDs are for the ANSI X9.31 draft and use +# The various md<x>WithRSASignature OIDs are for the ANSI X9.31 draft and use # ISO 9796-2 padding rules. This work was derailed during the PKP brouhaha and -# is still in progress +# is still in progress (and probably will remain so) OID = 06 05 2B 0E 03 02 0E Comment = Oddball OIW OID using 9796-2 padding rules Description = mdc2WithRSASignature (1 3 14 3 2 14) @@ -2579,20 +3223,17 @@ OID = 06 04 2B 24 02 01 Comment = Teletrust sio Description = sedu (1 3 36 2 1) -#OID = 06 03 2B 24 03 -#Comment = Teletrust algorithm -#Description = algorithm (1 3 36 3) -# conflicts with more useful definition +OID = 06 03 2B 24 03 +Comment = Teletrust algorithm +Description = algorithm (1 3 36 3) -#OID = 06 04 2B 24 03 01 -#Comment = Teletrust algorithm -#Description = encryptionAlgorithm (1 3 36 3 1) -# conflicts with more useful definition +OID = 06 04 2B 24 03 01 +Comment = Teletrust algorithm +Description = encryptionAlgorithm (1 3 36 3 1) -#OID = 06 05 2B 24 03 01 01 -#Comment = Teletrust encryption algorithm -#Description = des (1 3 36 3 1 1) -# conflicts with more useful definition +OID = 06 05 2B 24 03 01 01 +Comment = Teletrust encryption algorithm +Description = des (1 3 36 3 1 1) OID = 06 06 2B 24 03 01 01 01 Comment = Teletrust encryption algorithm @@ -2630,15 +3271,13 @@ OID = 06 08 2B 24 03 01 03 02 01 01 Comment = Teletrust encryption algorithm. EDE triple DES Description = des_3CBC_ISOpad (1 3 36 3 1 3 2 1 1) -#OID = 06 05 2B 24 03 01 02 -#Comment = Teletrust encryption algorithm -#Description = idea (1 3 36 3 1 2) -# conflicts with more useful definition +OID = 06 05 2B 24 03 01 02 +Comment = Teletrust encryption algorithm +Description = idea (1 3 36 3 1 2) -#OID = 06 06 2B 24 03 01 02 01 -#Comment = Teletrust encryption algorithm -#Description = ideaECB (1 3 36 3 1 2 1) -# conflicts with more useful definition +OID = 06 06 2B 24 03 01 02 01 +Comment = Teletrust encryption algorithm +Description = ideaECB (1 3 36 3 1 2 1) OID = 06 07 2B 24 03 01 02 01 01 Comment = Teletrust encryption algorithm @@ -2648,10 +3287,9 @@ OID = 06 08 2B 24 03 01 02 01 01 01 Comment = Teletrust encryption algorithm Description = ideaECB_ISOpad (1 3 36 3 1 2 1 1 1) -#OID = 06 06 2B 24 03 01 02 02 -#Comment = Teletrust encryption algorithm -#Description = ideaCBC (1 3 36 3 1 2 2) -# conflicts with more useful definition +OID = 06 06 2B 24 03 01 02 02 +Comment = Teletrust encryption algorithm +Description = ideaCBC (1 3 36 3 1 2 2) OID = 06 07 2B 24 03 01 02 02 01 Comment = Teletrust encryption algorithm @@ -2661,20 +3299,17 @@ OID = 06 08 2B 24 03 01 02 02 01 01 Comment = Teletrust encryption algorithm Description = ideaCBC_ISOpad (1 3 36 3 1 2 2 1 1) -#OID = 06 06 2B 24 03 01 02 03 -#Comment = Teletrust encryption algorithm -#Description = ideaOFB (1 3 36 3 1 2 3) -# conflicts with more useful definition +OID = 06 06 2B 24 03 01 02 03 +Comment = Teletrust encryption algorithm +Description = ideaOFB (1 3 36 3 1 2 3) -#OID = 06 06 2B 24 03 01 02 04 -#Comment = Teletrust encryption algorithm -#Description = ideaCFB (1 3 36 3 1 2 4) -# conflicts with more useful definition +OID = 06 06 2B 24 03 01 02 04 +Comment = Teletrust encryption algorithm +Description = ideaCFB (1 3 36 3 1 2 4) -#OID = 06 05 2B 24 03 01 04 -#Comment = Teletrust encryption algorithm -#Description = rsaEncryption (1 3 36 3 1 4) -# conflicts with more useful definition +OID = 06 05 2B 24 03 01 04 +Comment = Teletrust encryption algorithm +Description = rsaEncryption (1 3 36 3 1 4) OID = 06 08 2B 24 03 01 04 84 00 11 Comment = Teletrust encryption algorithm @@ -2700,15 +3335,13 @@ OID = 06 04 2B 24 03 02 Comment = Teletrust algorithm Description = hashAlgorithm (1 3 36 3 2) -#OID = 06 05 2B 24 03 02 01 -#Comment = Teletrust hash algorithm -#Description = ripemd160 (1 3 36 3 2 1) -# conflicts with more useful definition +OID = 06 05 2B 24 03 02 01 +Comment = Teletrust hash algorithm +Description = ripemd160 (1 3 36 3 2 1) -#OID = 06 05 2B 24 03 02 02 -#Comment = Teletrust hash algorithm -#Description = ripemd128 (1 3 36 3 2 2) -# conflicts with more useful definition +OID = 06 05 2B 24 03 02 02 +Comment = Teletrust hash algorithm +Description = ripemd128 (1 3 36 3 2 2) OID = 06 05 2B 24 03 02 03 Comment = Teletrust hash algorithm @@ -2726,10 +3359,9 @@ OID = 06 04 2B 24 03 03 Comment = Teletrust algorithm Description = signatureAlgorithm (1 3 36 3 3) -#OID = 06 05 2B 24 03 03 01 -#Comment = Teletrust signature algorithm -#Description = rsaSignature (1 3 36 3 3 1) -# conflicts with more useful definition +OID = 06 05 2B 24 03 03 01 +Comment = Teletrust signature algorithm +Description = rsaSignature (1 3 36 3 3 1) OID = 06 06 2B 24 03 03 01 01 Comment = Teletrust signature algorithm @@ -2944,15 +3576,13 @@ OID = 06 06 2B 24 03 04 02 03 Comment = Teletrust signature scheme. 9796-2 with random number in padding field Description = sigS_ISO9796-2Withrnd (1 3 36 3 4 2 3) -#OID = 06 03 2B 24 04 -#Comment = Teletrust attribute -#Description = attribute (1 3 36 4) -# conflicts with more useful definition +OID = 06 03 2B 24 04 +Comment = Teletrust attribute +Description = attribute (1 3 36 4) -#OID = 06 03 2B 24 05 -#Comment = Teletrust policy -#Description = policy (1 3 36 5) -# conflicts with more useful definition +OID = 06 03 2B 24 05 +Comment = Teletrust policy +Description = policy (1 3 36 5) OID = 06 03 2B 24 06 Comment = Teletrust API @@ -2992,7 +3622,7 @@ Description = encISO9796-2Withrsa (1 3 36 7 2 1) OID = 06 05 2B 24 08 01 01 Comment = Teletrust policy -Description = Teletrust SigiSigConform policyIdentifier (1 3 36 8 1 1) +Description = Teletrust SigGConform policyIdentifier (1 3 36 8 1 1) OID = 06 05 2B 24 08 02 01 Comment = Teletrust extended key usage @@ -3026,10 +3656,9 @@ OID = 06 05 2B 24 08 03 07 Comment = Teletrust attribute Description = pKReference (1 3 36 8 3 7) -#OID = 06 05 2B 24 08 03 08 -#Comment = Teletrust attribute -#Description = restriction (1 3 36 8 3 8) -# conflicts with more useful definition +OID = 06 05 2B 24 08 03 08 +Comment = Teletrust attribute +Description = restriction (1 3 36 8 3 8) OID = 06 05 2B 24 08 03 09 Comment = Teletrust attribute @@ -3039,10 +3668,94 @@ OID = 06 05 2B 24 08 03 0A Comment = Teletrust attribute Description = requestedCertificate (1 3 36 8 3 10) +# The following are left in German because there's no clear +# equivalent for many of the terms in English. Tut mir sorry. +# (Note that they actually genderise the OIDs, which is quite +# bizarre since they're simply role identifiers). OID = 06 05 2B 24 08 03 0B Comment = Teletrust attribute Description = namingAuthorities (1 3 36 8 3 11) +OID = 06 06 2B 24 08 03 0B 01 +Comment = Teletrust naming authorities +Description = rechtWirtschaftSteuern (1 3 36 8 3 11 1) + +OID = 06 07 2B 24 08 03 0B 01 01 +Comment = Teletrust ProfessionInfo +Description = rechtsanwaeltin (1 3 36 8 3 11 1) + +OID = 06 07 2B 24 08 03 0B 01 02 +Comment = Teletrust ProfessionInfo +Description = rechtsanwalt (1 3 36 8 3 11 2) + +OID = 06 07 2B 24 08 03 0B 01 03 +Comment = Teletrust ProfessionInfo +Description = rechtsbeistand (1 3 36 8 3 11 3) + +OID = 06 07 2B 24 08 03 0B 01 04 +Comment = Teletrust ProfessionInfo +Description = steuerberaterin (1 3 36 8 3 11 4) + +OID = 06 07 2B 24 08 03 0B 01 05 +Comment = Teletrust ProfessionInfo +Description = steuerberater (1 3 36 8 3 11 5) + +OID = 06 07 2B 24 08 03 0B 01 06 +Comment = Teletrust ProfessionInfo +Description = steuerbevollmaechtigte (1 3 36 8 3 11 6) + +OID = 06 07 2B 24 08 03 0B 01 07 +Comment = Teletrust ProfessionInfo +Description = steuerbevollmaechtigter (1 3 36 8 3 11 7) + +OID = 06 07 2B 24 08 03 0B 01 08 +Comment = Teletrust ProfessionInfo +Description = notarin (1 3 36 8 3 11 8) + +OID = 06 07 2B 24 08 03 0B 01 09 +Comment = Teletrust ProfessionInfo +Description = notar (1 3 36 8 3 11 9) + +OID = 06 07 2B 24 08 03 0B 01 10 +Comment = Teletrust ProfessionInfo +Description = notarvertreterin (1 3 36 8 3 11 10) + +OID = 06 07 2B 24 08 03 0B 01 11 +Comment = Teletrust ProfessionInfo +Description = notarvertreter (1 3 36 8 3 11 11) + +OID = 06 07 2B 24 08 03 0B 01 12 +Comment = Teletrust ProfessionInfo +Description = notariatsverwalterin (1 3 36 8 3 11 12) + +OID = 06 07 2B 24 08 03 0B 01 13 +Comment = Teletrust ProfessionInfo +Description = notariatsverwalter (1 3 36 8 3 11 13) + +OID = 06 07 2B 24 08 03 0B 01 14 +Comment = Teletrust ProfessionInfo +Description = wirtschaftsprueferin (1 3 36 8 3 11 14) + +OID = 06 07 2B 24 08 03 0B 01 15 +Comment = Teletrust ProfessionInfo +Description = wirtschaftspruefer (1 3 36 8 3 11 15) + +OID = 06 07 2B 24 08 03 0B 01 16 +Comment = Teletrust ProfessionInfo +Description = vereidigteBuchprueferin (1 3 36 8 3 11 16) + +OID = 06 07 2B 24 08 03 0B 01 17 +Comment = Teletrust ProfessionInfo +Description = vereidigterBuchpruefer (1 3 36 8 3 11 17) + +OID = 06 07 2B 24 08 03 0B 01 18 +Comment = Teletrust ProfessionInfo +Description = patentanwaeltin (1 3 36 8 3 11 18) + +OID = 06 07 2B 24 08 03 0B 01 19 +Comment = Teletrust ProfessionInfo +Description = patentanwalt (1 3 36 8 3 11 19) + OID = 06 05 2B 24 08 03 0C Comment = Teletrust attribute Description = certInDirSince (1 3 36 8 3 12) @@ -3051,10 +3764,17 @@ OID = 06 05 2B 24 08 03 0D Comment = Teletrust attribute Description = certHash (1 3 36 8 3 13) -#OID = 06 05 2B 24 08 04 01 -#Comment = Teletrust OtherName attribute -#Description = personalData (1 3 36 8 4 1) -# conflicts with more useful definition +OID = 06 05 2B 24 08 03 0E +Comment = Teletrust attribute +Description = nameAtBirth (1 3 36 8 3 14) + +OID = 06 05 2B 24 08 03 0F +Comment = Teletrust attribute +Description = additionalInformation (1 3 36 8 3 15) + +OID = 06 05 2B 24 08 04 01 +Comment = Teletrust OtherName attribute +Description = personalData (1 3 36 8 4 1) OID = 06 05 2B 24 08 04 08 Comment = Teletrust attribute certificate attribute @@ -3084,10 +3804,9 @@ OID = 06 07 2B 24 08 05 01 02 02 Comment = Teletrust signature algorithm Description = dsaWithRIPEMD160 (1 3 36 8 5 1 2 2) -#OID = 06 05 2B 24 08 06 01 -#Comment = Teletrust signature attributes -#Description = cert (1 3 36 8 6 1) -# conflicts with more useful definition +OID = 06 05 2B 24 08 06 01 +Comment = Teletrust signature attributes +Description = cert (1 3 36 8 6 1) OID = 06 05 2B 24 08 06 02 Comment = Teletrust signature attributes @@ -3305,6 +4024,67 @@ OID = 06 06 2B 24 08 07 01 2D Comment = Teletrust presentation types Description = ptWPGrph (1 3 36 8 7 1 45) +# Brainpool ECC Curves. Note that these fall under the Teletrust ECC +# signature algorithm arc (ecsieSign, 1 3 36 3 3 2), but they're listed +# separately here because they were standardised under the Brainpool +# initiative. + +OID = 06 09 2B 24 03 03 02 08 01 01 01 +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 1) + +OID = 06 09 2B 24 03 03 02 08 01 01 02 +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 2) + +OID = 06 09 2B 24 03 03 02 08 01 01 03 +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 3) + +OID = 06 09 2B 24 03 03 02 08 01 01 04 +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 4) + +OID = 06 09 2B 24 03 03 02 08 01 01 05 +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 5) + +OID = 06 09 2B 24 03 03 02 08 01 01 06 +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 6) + +OID = 06 09 2B 24 03 03 02 08 01 01 07 +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 7) + +OID = 06 09 2B 24 03 03 02 08 01 01 08 +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 8) + +OID = 06 09 2B 24 03 03 02 08 01 01 09 +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 9) + +OID = 06 09 2B 24 03 03 02 08 01 01 0A +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 10) + +OID = 06 09 2B 24 03 03 02 08 01 01 0B +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 11) + +OID = 06 09 2B 24 03 03 02 08 01 01 0C +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 12) + +OID = 06 09 2B 24 03 03 02 08 01 01 0D +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 13) + +OID = 06 09 2B 24 03 03 02 08 01 01 0E +Comment = ECC Brainpool Standard Curves and Curve Generation +Description = brainpoolP224r1 (1 3 36 3 3 2 8 1 1 14) + # Thawte OID = 06 04 2B 65 01 04 @@ -3315,7 +4095,137 @@ OID = 06 05 2B 65 01 04 01 Comment = Thawte certificate extension Description = strongExtranet (1 3 101 1 4 1) -# X.520 +# SECG (Standards for Efficient Cryptography Group), who are just +# Certicom "All your curves are belong to us" named elliptic curves + +OID = 06 05 2B 81 04 00 01 +Comment = SECG (Certicom) named elliptic curve +Description = sect163k1 (1 3 132 0 1) + +OID = 06 05 2B 81 04 00 02 +Comment = SECG (Certicom) named elliptic curve +Description = sect163r1 (1 3 132 0 2) + +OID = 06 05 2B 81 04 00 03 +Comment = SECG (Certicom) named elliptic curve +Description = sect239k1 (1 3 132 0 3) + +OID = 06 05 2B 81 04 00 04 +Comment = SECG (Certicom) named elliptic curve +Description = sect113r1 (1 3 132 0 4) + +OID = 06 05 2B 81 04 00 05 +Comment = SECG (Certicom) named elliptic curve +Description = sect113r2 (1 3 132 0 5) + +OID = 06 05 2B 81 04 00 06 +Comment = SECG (Certicom) named elliptic curve +Description = secp112r1 (1 3 132 0 6) + +OID = 06 05 2B 81 04 00 07 +Comment = SECG (Certicom) named elliptic curve +Description = secp112r2 (1 3 132 0 7) + +OID = 06 05 2B 81 04 00 08 +Comment = SECG (Certicom) named elliptic curve +Description = secp160r1 (1 3 132 0 8) + +OID = 06 05 2B 81 04 00 09 +Comment = SECG (Certicom) named elliptic curve +Description = secp160k1 (1 3 132 0 9) + +OID = 06 05 2B 81 04 00 0A +Comment = SECG (Certicom) named elliptic curve +Description = secp256k1 (1 3 132 0 10) + +OID = 06 05 2B 81 04 00 0F +Comment = SECG (Certicom) named elliptic curve +Description = sect163r2 (1 3 132 0 15) + +OID = 06 05 2B 81 04 00 10 +Comment = SECG (Certicom) named elliptic curve +Description = sect283k1 (1 3 132 0 16) + +OID = 06 05 2B 81 04 00 11 +Comment = SECG (Certicom) named elliptic curve +Description = sect283r1 (1 3 132 0 17) + +OID = 06 05 2B 81 04 00 16 +Comment = SECG (Certicom) named elliptic curve +Description = sect131r1 (1 3 132 0 22) + +OID = 06 05 2B 81 04 00 17 +Comment = SECG (Certicom) named elliptic curve +Description = sect131r2 (1 3 132 0 23) + +OID = 06 05 2B 81 04 00 18 +Comment = SECG (Certicom) named elliptic curve +Description = sect193r1 (1 3 132 0 24) + +OID = 06 05 2B 81 04 00 19 +Comment = SECG (Certicom) named elliptic curve +Description = sect193r2 (1 3 132 0 25) + +OID = 06 05 2B 81 04 00 1A +Comment = SECG (Certicom) named elliptic curve +Description = sect233k1 (1 3 132 0 26) + +OID = 06 05 2B 81 04 00 1B +Comment = SECG (Certicom) named elliptic curve +Description = sect233r1 (1 3 132 0 27) + +OID = 06 05 2B 81 04 00 1C +Comment = SECG (Certicom) named elliptic curve +Description = secp128r1 (1 3 132 0 28) + +OID = 06 05 2B 81 04 00 1D +Comment = SECG (Certicom) named elliptic curve +Description = secp128r2 (1 3 132 0 29) + +OID = 06 05 2B 81 04 00 1E +Comment = SECG (Certicom) named elliptic curve +Description = secp160r2 (1 3 132 0 30) + +OID = 06 05 2B 81 04 00 1F +Comment = SECG (Certicom) named elliptic curve +Description = secp192k1 (1 3 132 0 31) + +OID = 06 05 2B 81 04 00 20 +Comment = SECG (Certicom) named elliptic curve +Description = secp224k1 (1 3 132 0 32) + +OID = 06 05 2B 81 04 00 21 +Comment = SECG (Certicom) named elliptic curve +Description = secp224r1 (1 3 132 0 33) + +OID = 06 05 2B 81 04 00 22 +Comment = SECG (Certicom) named elliptic curve +Description = secp384r1 (1 3 132 0 34) + +OID = 06 05 2B 81 04 00 23 +Comment = SECG (Certicom) named elliptic curve +Description = secp521r1 (1 3 132 0 35) + +OID = 06 05 2B 81 04 00 24 +Comment = SECG (Certicom) named elliptic curve +Description = sect409k1 (1 3 132 0 36) + +OID = 06 05 2B 81 04 00 25 +Comment = SECG (Certicom) named elliptic curve +Description = sect409r1 (1 3 132 0 37) + +OID = 06 05 2B 81 04 00 26 +Comment = SECG (Certicom) named elliptic curve +Description = sect571k1 (1 3 132 0 38) + +OID = 06 05 2B 81 04 00 27 +Comment = SECG (Certicom) named elliptic curve +Description = sect571r1 (1 3 132 0 39) + +# X.520. X.500v4 added encrypted versions of most of these attributes +# at n+2 (i.e. foo = 2 4 5 1, encryptedFoo = 2 4 5 1 2), this smells +# like a horrible kludge for something and probably isn't used, so we +# don't define them all here. OID = 06 03 55 04 00 Comment = X.520 id-at (2 5 4) @@ -3591,12 +4501,83 @@ Description = deltaRevocationList (2 5 4 53) OID = 06 03 55 04 36 Comment = X.520 id-at (2 5 4) +Description = dmdName (2 5 4 54) + +OID = 06 03 55 04 37 +Comment = X.520 id-at (2 5 4) Description = clearance (2 5 4 55) -#OID = 06 03 55 04 3A -#Comment = X.520 id-at (2 5 4) -#Description = crossCertificatePair (2 5 4 58) -# conflicts with more useful definition +OID = 06 03 55 04 38 +Comment = X.520 id-at (2 5 4) +Description = defaultDirQop (2 5 4 56) + +OID = 06 03 55 04 39 +Comment = X.520 id-at (2 5 4) +Description = attributeIntegrityInfo (2 5 4 57) + +OID = 06 03 55 04 3A +Comment = X.520 id-at (2 5 4) +Description = attributeCertificate (2 5 4 58) + +OID = 06 03 55 04 3B +Comment = X.520 id-at (2 5 4) +Description = attributeCertificateRevocationList (2 5 4 59) + +OID = 06 03 55 04 3C +Comment = X.520 id-at (2 5 4) +Description = confKeyInfo (2 5 4 60) + +OID = 06 03 55 04 3D +Comment = X.520 id-at (2 5 4) +Description = aACertificate (2 5 4 61) + +OID = 06 03 55 04 3E +Comment = X.520 id-at (2 5 4) +Description = attributeDescriptorCertificate (2 5 4 62) + +OID = 06 03 55 04 3F +Comment = X.520 id-at (2 5 4) +Description = attributeAuthorityRevocationList (2 5 4 63) + +OID = 06 03 55 04 40 +Comment = X.520 id-at (2 5 4) +Description = familyInformation (2 5 4 64) + +OID = 06 03 55 04 41 +Comment = X.520 id-at (2 5 4) +Description = pseudonym (2 5 4 65) + +OID = 06 03 55 04 42 +Comment = X.520 id-at (2 5 4) +Description = communicationsService (2 5 4 66) + +OID = 06 03 55 04 43 +Comment = X.520 id-at (2 5 4) +Description = communicationsNetwork (2 5 4 67) + +OID = 06 03 55 04 44 +Comment = X.520 id-at (2 5 4) +Description = certificationPracticeStmt (2 5 4 68) + +OID = 06 03 55 04 45 +Comment = X.520 id-at (2 5 4) +Description = certificatePolicy (2 5 4 69) + +OID = 06 03 55 04 46 +Comment = X.520 id-at (2 5 4) +Description = pkiPath (2 5 4 70) + +OID = 06 03 55 04 47 +Comment = X.520 id-at (2 5 4) +Description = privPolicy (2 5 4 71) + +OID = 06 03 55 04 48 +Comment = X.520 id-at (2 5 4) +Description = role (2 5 4 72) + +OID = 06 03 55 04 49 +Comment = X.520 id-at (2 5 4) +Description = delegationPath (2 5 4 73) # X.500 object classes @@ -3688,33 +4669,30 @@ Description = X.500-Algorithms (2 5 8) OID = 06 03 55 08 01 Description = X.500-Alg-Encryption (2 5 8 1) -#OID = 06 04 55 08 01 01 -#Comment = X.500 algorithms. Ambiguous, since no padding rules specified -#Description = rsa (2 5 8 1 1) -#Warning -# conflicts with more useful definition +OID = 06 04 55 08 01 01 +Comment = X.500 algorithms. Ambiguous, since no padding rules specified +Description = rsa (2 5 8 1 1) +Warning # X.509. Some of the smaller values are from early X.509 drafts with # cross-pollination from X9.55 and are now deprecated. Alternative OIDs are # marked if these are known. In some cases there are multiple generations of # superseded OIDs -#OID = 06 03 55 1D 01 -#Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 35) instead -#Description = authorityKeyIdentifier (2 5 29 1) -#Warning -# conflicts with more useful definition +OID = 06 03 55 1D 01 +Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 35) instead +Description = authorityKeyIdentifier (2 5 29 1) +Warning OID = 06 03 55 1D 02 Comment = X.509 id-ce (2 5 29). Obsolete, use keyUsage/extKeyUsage instead Description = keyAttributes (2 5 29 2) Warning -#OID = 06 03 55 1D 03 -#Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 32) instead -#Description = certificatePolicies (2 5 29 3) -#Warning -# conflicts with more useful definition +OID = 06 03 55 1D 03 +Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 32) instead +Description = certificatePolicies (2 5 29 3) +Warning OID = 06 03 55 1D 04 Comment = X.509 id-ce (2 5 29). Obsolete, use keyUsage/extKeyUsage instead @@ -3726,51 +4704,44 @@ Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 33) instead Description = policyMapping (2 5 29 5) Warning -#OID = 06 03 55 1D 06 -#Comment = X.509 id-ce (2 5 29). Obsolete, use nameConstraints instead -#Description = subtreesConstraint (2 5 29 6) -#Warning -# conflicts with more useful definition +OID = 06 03 55 1D 06 +Comment = X.509 id-ce (2 5 29). Obsolete, use nameConstraints instead +Description = subtreesConstraint (2 5 29 6) +Warning -#OID = 06 03 55 1D 07 -#Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 17) instead -#Description = subjectAltName (2 5 29 7) -#Warning -# conflicts with more useful definition +OID = 06 03 55 1D 07 +Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 17) instead +Description = subjectAltName (2 5 29 7) +Warning -#OID = 06 03 55 1D 08 -#Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 18) instead -#Description = issuerAltName (2 5 29 8) -#Warning -# conflicts with more useful definition +OID = 06 03 55 1D 08 +Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 18) instead +Description = issuerAltName (2 5 29 8) +Warning OID = 06 03 55 1D 09 Comment = X.509 id-ce (2 5 29) Description = subjectDirectoryAttributes (2 5 29 9) -#OID = 06 03 55 1D 0A -#Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 19) instead -#Description = basicConstraints (2 5 29 10) -#Warning -# conflicts with more useful definition - -#OID = 06 03 55 1D 0B -#Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 30) instead -#Description = nameConstraints (2 5 29 11) -#Warning -# conflicts with more useful definition - -#OID = 06 03 55 1D 0C -#Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 36) instead -#Description = policyConstraints (2 5 29 12) -#Warning -# conflicts with more useful definition - -#OID = 06 03 55 1D 0D -#Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 19) instead -#Description = basicConstraints (2 5 29 13) -#Warning -# conflicts with more useful definition +OID = 06 03 55 1D 0A +Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 19) instead +Description = basicConstraints (2 5 29 10) +Warning + +OID = 06 03 55 1D 0B +Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 30) instead +Description = nameConstraints (2 5 29 11) +Warning + +OID = 06 03 55 1D 0C +Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 36) instead +Description = policyConstraints (2 5 29 12) +Warning + +OID = 06 03 55 1D 0D +Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 19) instead +Description = basicConstraints (2 5 29 13) +Warning OID = 06 03 55 1D 0E Comment = X.509 id-ce (2 5 29) @@ -3817,17 +4788,15 @@ OID = 06 03 55 1D 18 Comment = X.509 id-ce (2 5 29) Description = invalidityDate (2 5 29 24) -#OID = 06 03 55 1D 19 -#Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 31) instead -#Description = cRLDistributionPoints (2 5 29 25) -#Warning -# conflicts with more useful definition +OID = 06 03 55 1D 19 +Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 31) instead +Description = cRLDistributionPoints (2 5 29 25) +Warning -#ID = 06 03 55 1D 1A -#Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 28) instead -#Description = issuingDistributionPoint (2 5 29 26) -#Warning -# conflicts with more useful definition +OID = 06 03 55 1D 1A +Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 28) instead +Description = issuingDistributionPoint (2 5 29 26) +Warning OID = 06 03 55 1D 1B Comment = X.509 id-ce (2 5 29) @@ -3855,17 +4824,16 @@ Description = certificatePolicies (2 5 29 32) OID = 06 04 55 1D 20 00 Comment = X.509 certificatePolicies (2 5 29 32) -Description = AnyPolicy policyIdentifier (2 5 29 32 0) +Description = anyPolicy (2 5 29 32 0) OID = 06 03 55 1D 21 Comment = X.509 id-ce (2 5 29) Description = policyMappings (2 5 29 33) -#OID = 06 03 55 1D 22 -#Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 36) instead -#Description = policyConstraints (2 5 29 34) -#Warning -# conflicts with more useful definition +OID = 06 03 55 1D 22 +Comment = X.509 id-ce (2 5 29). Deprecated, use (2 5 29 36) instead +Description = policyConstraints (2 5 29 34) +Warning OID = 06 03 55 1D 23 Comment = X.509 id-ce (2 5 29) @@ -3879,6 +4847,18 @@ OID = 06 03 55 1D 25 Comment = X.509 id-ce (2 5 29) Description = extKeyUsage (2 5 29 37) +OID = 06 04 55 1D 25 00 +Comment = X.509 extended key usage +Description = anyExtendedKeyUsage (2 5 29 37 0) + +OID = 06 03 55 1D 2E +Comment = X.509 id-ce (2 5 29) +Description = freshestCRL (2 5 29 46) + +OID = 06 03 55 1D 36 +Comment = X.509 id-ce (2 5 29) +Description = inhibitAnyPolicy (2 5 29 54) + # DMS OID = 06 09 60 86 48 01 65 02 01 01 01 @@ -4290,10 +5270,9 @@ OID = 06 09 60 86 48 01 65 02 01 05 2B Comment = SDN.700 INFOSEC attributes Description = sdnsSignatureCKL (2 16 840 1 101 2 1 5 43) -#OID = 06 09 60 86 48 01 65 02 01 05 2C -#Comment = SDN.700 INFOSEC attributes -#Description = sdnsCertificateRevocationList (2 16 840 1 101 2 1 5 44) -# conflicts with more useful definition +OID = 06 09 60 86 48 01 65 02 01 05 2C +Comment = SDN.700 INFOSEC attributes +Description = sdnsCertificateRevocationList (2 16 840 1 101 2 1 5 44) OID = 06 09 60 86 48 01 65 02 01 05 2D Comment = SDN.700 INFOSEC attributes (superseded) @@ -4494,11 +5473,10 @@ Comment = CSOR GAK Description = slabel (2 16 840 1 101 3 1) Warning -#OID = 06 07 60 86 48 01 65 03 02 -#Comment = CSOR GAK -#Description = pki (2 16 840 1 101 3 2) -#Warning -# conflicts with more useful definition +OID = 06 07 60 86 48 01 65 03 02 +Comment = CSOR GAK +Description = pki (2 16 840 1 101 3 2) +Warning OID = 06 08 60 86 48 01 65 03 02 01 Comment = CSOR GAK policy @@ -4624,6 +5602,36 @@ OID = 06 09 60 86 48 01 65 03 04 01 2C Comment = NIST Algorithm Description = aes256-CFB (2 16 840 1 101 3 4 1 44) +OID = 06 08 60 86 48 01 65 03 04 02 +Comment = NIST Algorithm +Description = hashAlgos (2 16 840 1 101 3 4 2) + +OID = 06 09 60 86 48 01 65 03 04 02 01 +Comment = NIST Algorithm +Description = sha-256 (2 16 840 1 101 3 4 2 1) + +OID = 06 09 60 86 48 01 65 03 04 02 02 +Comment = NIST Algorithm +Description = sha-384 (2 16 840 1 101 3 4 2 2) + +OID = 06 09 60 86 48 01 65 03 04 02 03 +Comment = NIST Algorithm +Description = sha-512 (2 16 840 1 101 3 4 2 3) + +OID = 06 09 60 86 48 01 65 03 04 02 04 +Comment = NIST Algorithm +Description = sha-224 (2 16 840 1 101 3 4 2 4) + +# The spec for these is incorrect, listing both as ... 1. Presumably one +# of them is meant to be ...2. +OID = 06 09 60 86 48 01 65 03 04 03 01 +Comment = NIST Algorithm +Description = dsaWithSha224 (2 16 840 1 101 3 4 3 1) + +OID = 06 09 60 86 48 01 65 03 04 03 02 +Comment = NIST Algorithm +Description = dsaWithSha256 (2 16 840 1 101 3 4 3 2) + # Novell OID = 06 0A 60 86 48 01 86 F8 37 01 02 08 @@ -4853,46 +5861,90 @@ Description = serverGatedCrypto (2 16 840 1 113730 4 1) # Country, zip, date of birth (age), and gender of cert owner (CZAG) in # obfuscated form OID = 06 0A 60 86 48 01 86 F8 45 01 06 03 -Comment = Verisign +Comment = Verisign extension Description = verisignCZAG (2 16 840 1 113733 1 6 3) # Text string used in certs issued to Netscape InBox customers OID = 06 0A 60 86 48 01 86 F8 45 01 06 06 -Comment = Verisign +Comment = Verisign extension Description = verisignInBox (2 16 840 1 113733 1 6 6) -#OID = 06 0A 60 86 48 01 86 F8 45 01 06 0B -#Comment = Verisign -#Description = Unknown Verisign VPN extension (2 16 840 1 113733 1 6 11) -# conflicts with more useful definition +OID = 06 0A 60 86 48 01 86 F8 45 01 06 0B +Comment = Verisign extension +Description = Unknown Verisign VPN extension (2 16 840 1 113733 1 6 11) OID = 06 0A 60 86 48 01 86 F8 45 01 06 0D -Comment = Verisign +Comment = Verisign extension Description = Unknown Verisign VPN extension (2 16 840 1 113733 1 6 13) +# Contains DUN, among other things +OID = 06 0A 60 86 48 01 86 F8 45 01 06 0F +Comment = Verisign extension +Description = Verisign serverID (2 16 840 1 113733 1 6 15) + OID = 06 0B 60 86 48 01 86 F8 45 01 07 01 01 -Comment = Verisign +Comment = Verisign policy Description = Verisign policyIdentifier (2 16 840 1 113733 1 7 1 1) OID = 06 0C 60 86 48 01 86 F8 45 01 07 01 01 01 -Comment = Verisign (obsolete) +Comment = Verisign policy (obsolete) Description = verisignCPSv1notice (2 16 840 1 113733 1 7 1 1 1) # DN contains non-verified subscriber information OID = 06 0C 60 86 48 01 86 F8 45 01 07 01 01 02 -Comment = Verisign (obsolete) +Comment = Verisign policy (obsolete) Description = verisignCPSv1nsi (2 16 840 1 113733 1 7 1 1 2) OID = 06 0A 60 86 48 01 86 F8 45 01 08 01 Comment = Verisign Description = Verisign SGC CA? (2 16 840 1 113733 1 8 1) +# SCEP + +OID = 06 08 60 86 48 01 86 F8 45 01 +Comment = Verisign extension +Description = pki (2 16 840 1 113733 1) + +OID = 06 09 60 86 48 01 86 F8 45 01 09 +Comment = Verisign PKI extension +Description = pkcs7Attribute (2 16 840 1 113733 1 9) + +OID = 06 0A 60 86 48 01 86 F8 45 01 09 02 +Comment = Verisign PKCS #7 attribute +Description = messageType (2 16 840 1 113733 1 9 2) + +OID = 06 0A 60 86 48 01 86 F8 45 01 09 03 +Comment = Verisign PKCS #7 attribute +Description = pkiStatus (2 16 840 1 113733 1 9 3) + +OID = 06 0A 60 86 48 01 86 F8 45 01 09 04 +Comment = Verisign PKCS #7 attribute +Description = failInfo (2 16 840 1 113733 1 9 4) + +OID = 06 0A 60 86 48 01 86 F8 45 01 09 05 +Comment = Verisign PKCS #7 attribute +Description = senderNonce (2 16 840 1 113733 1 9 5) + +OID = 06 0A 60 86 48 01 86 F8 45 01 09 06 +Comment = Verisign PKCS #7 attribute +Description = recipientNonce (2 16 840 1 113733 1 9 6) + +OID = 06 0A 60 86 48 01 86 F8 45 01 09 07 +Comment = Verisign PKCS #7 attribute +Description = transID (2 16 840 1 113733 1 9 7) + +# Supposedly the attribute for X.509v3 extensions in PKCS #10 requests, +# but everyone seems to use the RSA OID instead +OID = 06 0A 60 86 48 01 86 F8 45 01 09 08 +Comment = Verisign PKCS #7 attribute. Use PKCS #9 extensionRequest instead +Description = extensionReq (2 16 840 1 113733 1 9 8) +Warning + # SET -#OID = 06 03 67 2A 00 -#Comment = SET -#Description = contentType (2 23 42 0) -# conflicts with more useful definition +OID = 06 03 67 2A 00 +Comment = SET +Description = contentType (2 23 42 0) OID = 06 04 67 2A 00 00 Comment = SET contentType @@ -4906,7 +5958,7 @@ OID = 06 04 67 2A 00 02 Comment = SET contentType Description = PANOnly (2 23 42 0 2) -# And on and on and on for another 80-odd OIDs which I'm not going to type in +# And on and on and on for another 80-odd OIDs that I'm not going to type in OID = 06 03 67 2A 01 Comment = SET @@ -4920,10 +5972,9 @@ OID = 06 04 67 2A 02 00 Comment = SET field Description = fullName (2 23 42 2 0) -#OID = 06 04 67 2A 02 01 -#Comment = SET field -#Description = givenName (2 23 42 2 1) -# conflicts with more useful definition +OID = 06 04 67 2A 02 01 +Comment = SET field +Description = givenName (2 23 42 2 1) OID = 06 04 67 2A 02 02 Comment = SET field @@ -5232,45 +6283,40 @@ Description = Japan (2 23 42 10 392) # Draft SET. These were invented for testing in pre-1.0 drafts, but have # been used nonetheless by implementors -#OID = 06 04 86 8D 6F 02 -#Comment = SET. Deprecated, use (2 23 42 7 0) instead -#Description = hashedRootKey (2 54 1775 2) -#Warning -# conflicts with more useful definition - -#OID = 06 04 86 8D 6F 03 -#Comment = SET. Deprecated, use (2 23 42 7 0) instead -#Description = certificateType (2 54 1775 3) -#Warning -# conflicts with more useful definition - -#OID = 06 04 86 8D 6F 04 -#Comment = SET. Deprecated, use (2 23 42 7 0) instead -#Description = merchantData (2 54 1775 4) -#Warning -# conflicts with more useful definition - -#OID = 06 04 86 8D 6F 05 -#Comment = SET. Deprecated, use (2 23 42 7 0) instead -#Description = cardCertRequired (2 54 1775 5) -#Warning -# conflicts with more useful definition - -#OID = 06 04 86 8D 6F 06 -#Comment = SET. Deprecated, use (2 23 42 7 0) instead -#Description = tunneling (2 54 1775 6) -#Warning -# conflicts with more useful definition - -#OID = 06 04 86 8D 6F 07 -#Comment = SET. Deprecated, use (2 23 42 7 0) instead -#Description = setQualifier (2 54 1775 7) -#Warning -# conflicts with more useful definition +OID = 06 04 86 8D 6F 02 +Comment = SET. Deprecated, use (2 23 42 7 0) instead +Description = hashedRootKey (2 54 1775 2) +Warning + +OID = 06 04 86 8D 6F 03 +Comment = SET. Deprecated, use (2 23 42 7 0) instead +Description = certificateType (2 54 1775 3) +Warning + +OID = 06 04 86 8D 6F 04 +Comment = SET. Deprecated, use (2 23 42 7 0) instead +Description = merchantData (2 54 1775 4) +Warning + +OID = 06 04 86 8D 6F 05 +Comment = SET. Deprecated, use (2 23 42 7 0) instead +Description = cardCertRequired (2 54 1775 5) +Warning + +OID = 06 04 86 8D 6F 06 +Comment = SET. Deprecated, use (2 23 42 7 0) instead +Description = tunneling (2 54 1775 6) +Warning + +OID = 06 04 86 8D 6F 07 +Comment = SET. Deprecated, use (2 23 42 7 0) instead +Description = setQualifier (2 54 1775 7) +Warning OID = 06 04 86 8D 6F 63 Comment = SET. Deprecated, use (2 23 42 7 0) instead -Description = set-data (2 54 1775 99) +Description = setData (2 54 1775 99) Warning # End of Fahnenstange + |