📄 rfc2985.txt
字号:
ID pkcs-9-at-smimeCapabilities
}
SMIMECapabilities ::= SEQUENCE OF SMIMECapability
SMIMECapability ::= SEQUENCE {
algorithm ALGORITHM.&id ({SMIMEv3Algorithms}),
parameters ALGORITHM.&Type ({SMIMEv3Algorithms}{@algorithm})
}
SMIMEv3Algorithms ALGORITHM ::= {...-- See RFC 2633 --}
-- Matching rules
pkcs9CaseIgnoreMatch MATCHING-RULE ::= {
SYNTAX PKCS9String {pkcs-9-ub-match}
ID pkcs-9-mr-caseIgnoreMatch
}
signingTimeMatch MATCHING-RULE ::= {
SYNTAX SigningTime
ID pkcs-9-mr-signingTimeMatch
}
END
B. BNF schema summary This appendix provides augmented BNF [2]
definitions of the object class and most attribute types specified in
this document along with their associated syntaxes and matching
rules. The ABNF definitions have been done in accordance with [21],
in an attempt to ease integration with LDAP-accessible Directory
systems. Lines have been folded in some cases to improve
readability.
B.1 Syntaxes
This section defines all syntaxes that are used in this document.
Nystrom & Kaliski Informational [Page 30]
RFC 2985 Selected Object Classes and Attribute Types November 2000
B.1.1 PKCS9String
(
1.2.840.113549.1.9.26.1
DESC 'PKCS9String'
)
The encoding of a value in this syntax is the string value itself.
B.1.2 SigningTime
(
1.2.840.113549.1.9.26.2
DESC 'SigningTime'
)
Values in this syntax are encoded as printable strings, represented
as specified in [5]. Note that the time zone must be specified. For
example, "199412161032Z".
B.2 Object classes
B.2.1 pkcsEntity
(
1.2.840.113549.1.9.24.1
NAME 'pkcsEntity'
SUP top
AUXILIARY
MAY (
pKCS7PDU $ userPKCS12 $ pKCS15Token $ encryptedPrivateKeyInfo
)
)
B.2.2 naturalPerson
(
1.2.840.113549.1.9.24.2
NAME 'naturalPerson'
SUP top
AUXILIARY
MAY (
emailAddress $ unstructuredName $ unstructuredAddress $
dateOfBirth & placeOfBirth & gender & countryOfCitizenship &
countryOfResidence & pseudonym & serialNumber
)
)
Nystrom & Kaliski Informational [Page 31]
RFC 2985 Selected Object Classes and Attribute Types November 2000
B.3 Attribute types
B.3.1 pKCS7PDU
This attribute is to be stored and requested in binary form, as
pKCS7PDU;binary. The attribute values are BER- or DER-encoded
ContentInfo values.
(
1.2.840.113549.1.9.25.5
NAME 'pKCS7PDU'
DESC 'PKCS #7 ContentInfo PDU'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
)
B.3.2 userPKCS12
This attribute is to be stored and requested in binary form, as
userPKCS12;binary. The attribute values are PFX PDUs stored as
binary (BER- or DER-encoded) data.
(
2.16.840.1.113730.3.1.216
NAME 'userPKCS12'
DESC 'PKCS #12 PFX PDU for exchange of personal information'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
)
B.3.3 pKCS15Token
This attribute is to be stored and requested in binary form, as
pKCS15Token;binary. The attribute values are PKCS15Token PDUs stored
as binary (BER- or DER-encoded) data.
(
1.2.840.113549.1.9.25.1
NAME 'pKCS15Token'
DESC 'PKCS #15 token PDU'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
)
B.3.4 encryptedPrivateKeyInfo
This attribute is to be stored and requested in binary form, as
encryptedPrivateKeyInfo;binary. The attribute values are
EncryptedPrivateKeyInfo PDUs stored as binary (BER- or DER-encoded)
data.
Nystrom & Kaliski Informational [Page 32]
RFC 2985 Selected Object Classes and Attribute Types November 2000
(
1.2.840.113549.1.9.25.2
NAME 'encryptedPrivateKeyInfo'
DESC 'PKCS #8 encrypted private key info'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
)
B.3.5 emailAddress
(
1.2.840.113549.1.9.1
NAME 'emailAddress'
DESC 'Email address'
EQUALITY pkcs9CaseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
)
B.3.6 unstructuredName
(
1.2.840.113549.1.9.2
NAME 'unstructuredName'
DESC 'PKCS #9 unstructured name'
EQUALITY pkcs9CaseIgnoreMatch
SYNTAX 1.2.840.113549.1.9.26.1
)
B.3.7 unstructuredAddress
(
1.2.840.113549.1.9.8
NAME 'unstructuredAddress'
DESC 'PKCS #9 unstructured address'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
)
B.3.8 dateOfBirth
(
1.3.6.1.5.5.7.9.1
NAME 'dateOfBirth'
DESC 'Date of birth'
EQUALITY generalizedTimeMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
SINGLE-VALUE
)
Nystrom & Kaliski Informational [Page 33]
RFC 2985 Selected Object Classes and Attribute Types November 2000
B.3.9 placeOfBirth
(
1.3.6.1.5.5.7.9.2
NAME 'placeOfBirth'
DESC 'Place of birth'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
)
B.3.10 gender
(
1.3.6.1.5.5.7.9.3
NAME 'gender'
DESC 'Gender'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
SINGLE-VALUE
)
B.3.11 countryOfCitizenship
(
1.3.6.1.5.5.7.9.4
NAME 'countryOfCitizenship'
DESC 'Country of citizenship'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
)
B.3.12 countryOfResidence
(
1.3.6.1.5.5.7.9.5
NAME 'countryOfResidence'
DESC 'Country of residence'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
)
Nystrom & Kaliski Informational [Page 34]
RFC 2985 Selected Object Classes and Attribute Types November 2000
B.3.13 pseudonym
(
2.5.4.65
NAME 'pseudonym'
DESC 'Pseudonym'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
)
B.3.14 contentType
In the (highly unlikely) event of this attribute being stored in a
Directory it is to be stored and requested in binary form, as
contentType;binary. Attribute values shall be OCTET STRINGs stored
as binary (BER- or DER-encoded) data.
(
1.2.840.113549.1.9.3
NAME 'contentType'
DESC 'PKCS #7 content type attribute'
EQUALITY objectIdentifierMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
SINGLE-VALUE
)
B.3.15 messageDigest
In the (highly unlikely) event of this attribute being stored in a
Directory it is to be stored and requested in binary form, as
messageDigest;binary. Attribute values shall be OCTET STRINGs stored
as binary (BER- or DER-encoded) data.
(
1.2.840.113549.1.9.4
NAME 'messageDigest'
DESC 'PKCS #7 mesage digest attribute'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
SINGLE-VALUE
)
Nystrom & Kaliski Informational [Page 35]
RFC 2985 Selected Object Classes and Attribute Types November 2000
B.3.16 signingTime
(
1.2.840.113549.1.9.5
NAME 'signingTime'
DESC 'PKCS #7 signing time'
EQUALITY signingTimeMatch
SYNTAX 1.2.840.113549.1.9.26.2
SINGLE-VALUE
)
B.3.17 counterSignature
In the (highly unlikely) event that this attribute is to be stored in
a directory, it is to be stored and requested in binary form, as
counterSignature;binary. Attribute values shall be stored as binary
(BER- or DER-encoded) data.
(
1.2.840.113549.1.9.6
NAME 'counterSignature'
DESC 'PKCS #7 countersignature'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
)
B.3.18 challengePassword
(
1.2.840.113549.1.9.7
NAME 'challengePassword'
DESC 'Challenge password for certificate revocations'
EQUALITY caseExactMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
SINGLE-VALUE
)
Note - It is not recommended to store unprotected values of this
attribute in a directory.
B.4 Matching rules
B.4.1 pkcs9CaseIgnoreMatch
(
1.2.840.113549.1.9.27.1
NAME 'pkcs9CaseIgnoreMatch'
SYNTAX 1.2.840.113549.1.9.26.1
)
Nystrom & Kaliski Informational [Page 36]
RFC 2985 Selected Object Classes and Attribute Types November 2000
B.4.2 signingTimeMatch
(
1.2.840.113549.1.9.27.3
NAME 'signingTimeMatch'
SYNTAX 1.2.840.113549.1.9.26.2
)
C. Intellectual property considerations
RSA Security makes no patent claims on the general constructions
described in this document, although specific underlying techniques
may be covered.
License to copy this document is granted provided that it is
identified as "RSA Security Inc. Public-Key Cryptography Standards
(PKCS)" in all material mentioning or referencing this document.
RSA Security makes no representations regarding intellectual property
claims by other parties. Such determination is the responsibility of
the user.
D. Revision history
Version 1.0
Version 1.0 was part of the June 3, 1991 initial public release of
PKCS. Version 1.0 was also published as NIST/OS⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -