rfc2985.txt

中、英文RFC文档大全打包下载完全版 .

  B.2.2 naturalPerson

   (
           1.2.840.113549.1.9.24.2
           NAME 'naturalPerson'
           SUP top
           AUXILIARY
           MAY (
           emailAddress $ unstructuredName $ unstructuredAddress $
           dateOfBirth & placeOfBirth & gender & countryOfCitizenship &
           countryOfResidence & pseudonym & serialNumber
           )
   )




Nystrom & Kaliski            Informational                     [Page 31]

RFC 2985      Selected Object Classes and Attribute Types  November 2000


 B.3 Attribute types

  B.3.1 pKCS7PDU

   This attribute is to be stored and requested in binary form, as
   pKCS7PDU;binary.  The attribute values are BER- or DER-encoded
   ContentInfo values.

   (
           1.2.840.113549.1.9.25.5
           NAME 'pKCS7PDU'
           DESC 'PKCS #7 ContentInfo PDU'
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
   )

  B.3.2 userPKCS12

   This attribute is to be stored and requested in binary form, as
   userPKCS12;binary.  The attribute values are PFX PDUs stored as
   binary (BER- or DER-encoded) data.

   (
           2.16.840.1.113730.3.1.216
           NAME 'userPKCS12'
           DESC 'PKCS #12 PFX PDU for exchange of personal information'
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
   )

  B.3.3 pKCS15Token

   This attribute is to be stored and requested in binary form, as
   pKCS15Token;binary.  The attribute values are PKCS15Token PDUs stored
   as binary (BER- or DER-encoded) data.

   (
           1.2.840.113549.1.9.25.1
           NAME 'pKCS15Token'
           DESC 'PKCS #15 token PDU'
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
   )

  B.3.4 encryptedPrivateKeyInfo

   This attribute is to be stored and requested in binary form, as
   encryptedPrivateKeyInfo;binary.  The attribute values are
   EncryptedPrivateKeyInfo PDUs stored as binary (BER- or DER-encoded)
   data.




Nystrom & Kaliski            Informational                     [Page 32]

RFC 2985      Selected Object Classes and Attribute Types  November 2000


   (
           1.2.840.113549.1.9.25.2
           NAME 'encryptedPrivateKeyInfo'
           DESC 'PKCS #8 encrypted private key info'
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
   )

  B.3.5 emailAddress

   (
           1.2.840.113549.1.9.1
           NAME 'emailAddress'
           DESC 'Email address'
           EQUALITY pkcs9CaseIgnoreMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
   )

  B.3.6 unstructuredName

   (
           1.2.840.113549.1.9.2
           NAME 'unstructuredName'
           DESC 'PKCS #9 unstructured name'
           EQUALITY pkcs9CaseIgnoreMatch
           SYNTAX 1.2.840.113549.1.9.26.1
   )

  B.3.7 unstructuredAddress

   (
           1.2.840.113549.1.9.8
           NAME 'unstructuredAddress'
           DESC 'PKCS #9 unstructured address'
           EQUALITY caseIgnoreMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
   )

  B.3.8 dateOfBirth

   (
           1.3.6.1.5.5.7.9.1
           NAME 'dateOfBirth'
           DESC 'Date of birth'
           EQUALITY generalizedTimeMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
           SINGLE-VALUE
   )




Nystrom & Kaliski            Informational                     [Page 33]

RFC 2985      Selected Object Classes and Attribute Types  November 2000


  B.3.9 placeOfBirth

   (
           1.3.6.1.5.5.7.9.2
           NAME 'placeOfBirth'
           DESC 'Place of birth'
           EQUALITY caseExactMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
           SINGLE-VALUE
   )

  B.3.10 gender

   (
           1.3.6.1.5.5.7.9.3
           NAME 'gender'
           DESC 'Gender'
           EQUALITY caseIgnoreMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
           SINGLE-VALUE
   )

  B.3.11 countryOfCitizenship

   (
           1.3.6.1.5.5.7.9.4
           NAME 'countryOfCitizenship'
           DESC 'Country of citizenship'
           EQUALITY caseIgnoreMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
   )

  B.3.12 countryOfResidence

   (
           1.3.6.1.5.5.7.9.5
           NAME 'countryOfResidence'
           DESC 'Country of residence'
           EQUALITY caseIgnoreMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
   )










Nystrom & Kaliski            Informational                     [Page 34]

RFC 2985      Selected Object Classes and Attribute Types  November 2000


  B.3.13 pseudonym

   (
           2.5.4.65
           NAME 'pseudonym'
           DESC 'Pseudonym'
           EQUALITY caseExactMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
   )

  B.3.14 contentType

   In the (highly unlikely) event of this attribute being stored in a
   Directory it is to be stored and requested in binary form, as
   contentType;binary.  Attribute values shall be OCTET STRINGs stored
   as binary (BER- or DER-encoded) data.

   (
           1.2.840.113549.1.9.3
           NAME 'contentType'
           DESC 'PKCS #7 content type attribute'
           EQUALITY objectIdentifierMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
           SINGLE-VALUE
   )

  B.3.15 messageDigest

   In the (highly unlikely) event of this attribute being stored in a
   Directory it is to be stored and requested in binary form, as
   messageDigest;binary.  Attribute values shall be OCTET STRINGs stored
   as binary (BER- or DER-encoded) data.

   (
           1.2.840.113549.1.9.4
           NAME 'messageDigest'
           DESC 'PKCS #7 mesage digest attribute'
           EQUALITY octetStringMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
           SINGLE-VALUE
   )










Nystrom & Kaliski            Informational                     [Page 35]

RFC 2985      Selected Object Classes and Attribute Types  November 2000


  B.3.16 signingTime

   (
           1.2.840.113549.1.9.5
           NAME 'signingTime'
           DESC 'PKCS #7 signing time'
           EQUALITY signingTimeMatch
           SYNTAX 1.2.840.113549.1.9.26.2
           SINGLE-VALUE
   )

  B.3.17 counterSignature

   In the (highly unlikely) event that this attribute is to be stored in
   a directory, it is to be stored and requested in binary form, as
   counterSignature;binary.  Attribute values shall be stored as binary
   (BER- or DER-encoded) data.

   (
           1.2.840.113549.1.9.6
           NAME 'counterSignature'
           DESC 'PKCS #7 countersignature'
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.5
   )

  B.3.18 challengePassword

   (
           1.2.840.113549.1.9.7
           NAME 'challengePassword'
           DESC 'Challenge password for certificate revocations'
           EQUALITY caseExactMatch
           SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
           SINGLE-VALUE
   )

   Note - It is not recommended to store unprotected values of this
   attribute in a directory.

 B.4 Matching rules

  B.4.1 pkcs9CaseIgnoreMatch

   (
           1.2.840.113549.1.9.27.1
           NAME 'pkcs9CaseIgnoreMatch'
           SYNTAX 1.2.840.113549.1.9.26.1
   )



Nystrom & Kaliski            Informational                     [Page 36]

RFC 2985      Selected Object Classes and Attribute Types  November 2000


  B.4.2 signingTimeMatch

   (
           1.2.840.113549.1.9.27.3
           NAME 'signingTimeMatch'
           SYNTAX 1.2.840.113549.1.9.26.2
   )

C. Intellectual property considerations

   RSA Security makes no patent claims on the general constructions
   described in this document, although specific underlying techniques
   may be covered.

   License to copy this document is granted provided that it is
   identified as "RSA Security Inc.  Public-Key Cryptography Standards
   (PKCS)" in all material mentioning or referencing this document.

   RSA Security makes no representations regarding intellectual property
   claims by other parties.  Such determination is the responsibility of
   the user.

D. Revision history

   Version 1.0

      Version 1.0 was part of the June 3, 1991 initial public release of
      PKCS.  Version 1.0 was also published as NIST/OSI Implementors'
      Workshop document SEC-SIG-91-24.

      Version 1.1

      Version 1.1 incorporated several editorial changes, including
      updates to the references and the addition of a revision history.
      The following substantive changes were made:

      - Section 6: challengePassword, unstructuredAddress, and
        extendedCertificateAttributes attribute types were added
      - Section 7: challengePassword, unstructuredAddress, and
        extendedCertificateAttributes object identifiers were added











Nystrom & Kaliski            Informational                     [Page 37]

RFC 2985      Selected Object Classes and Attribute Types  November 2000


   Version 2.0

   Version 2.0 incorporates several editorial changes as well.  In
   addition, the following substantive changes have been made:

      - Addition of a Section defining two new auxiliary object classes,
        pkcsEntity and naturalPerson
      - Addition of several new attribute types and matching rules for
        use in conjunction with these object classes and elsewhere
      - Update of all ASN.1 to be in line with the 1997 version of this
        syntax
      - Addition a "compilable" ASN.1 module
      - Addition, in accordance with [21], an ABNF description of all
        attributes and object classes
      - Addition of an intellectual property considerations section




































Nystrom & Kaliski            Informational                     [Page 38]

RFC 2985      Selected Object Classes and Attribute Types  November 2000


E. References

   [1]  Bradner, S., "Key words for use in RFCs to Indicate Requirement
        Levels", BCP 14, RFC 2119, March 1997.

   [2]  Crocker, D. and P. Overell, "Augmented BNF for Syntax
        Specifications: ABNF", RFC 2234, November 1997.

   [3]  Housley, R., "Cryptographic Message Syntax CMS", RFC 2630, June
        1999.

   [4]  ISO/IEC 3166-1:Codes for the representation of names of
        countries and their subdivisions - Part 1: Country codes. 19