AuthenticationFramework {joint-iso-itu-t ds(5) module(1) authenticationFramework(7) 4} DEFINITIONS ::= BEGIN -- based on RFC 3280 and X.509 Certificate ::= SEQUENCE { tbsCertificate TBSCertificate, signatureAlgorithm AlgorithmIdentifier, signature BIT STRING } TBSCertificate ::= SEQUENCE { version [0] Version DEFAULT v1, serialNumber CertificateSerialNumber, signature AlgorithmIdentifier, issuer Name, validity Validity, subject Name, subjectPublicKeyInfo SubjectPublicKeyInfo, issuerUniqueIdentifier [1] IMPLICIT UniqueIdentifier OPTIONAL, -- if present, version shall be v2 or v3 subjectUniqueIdentifier [2] IMPLICIT UniqueIdentifier OPTIONAL, -- if present, version shall be v2 or v3 extensions [3] Extensions OPTIONAL -- If present, version shall be v3 -- } Version ::= INTEGER { v1(0), v2(1), v3(2) } CertificateSerialNumber ::= INTEGER AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL -- DSA, SHA-1-- } Name ::= CHOICE { rdnSequence RDNSequence } RDNSequence ::= SEQUENCE OF RelativeDistinguishedName RelativeDistinguishedName ::= SET OF AttributeTypeAndValue AttributeTypeAndValue ::= SEQUENCE { type AttributeType, value ANY DEFINED BY type} AttributeType ::= OBJECT IDENTIFIER Validity ::= SEQUENCE { notBefore Time, notAfter Time } UniqueIdentifier ::= BIT STRING SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier, subjectPublicKey BIT STRING } Time ::= CHOICE { utcTime UTCTime, generalizedTime GeneralizedTime } Extensions ::= SEQUENCE SIZE(1..MAX) OF Extension Extension ::= SEQUENCE { extnID OBJECT IDENTIFIER, -- critical BOOLEAN DEFAULT FALSE, extnValue OCTET STRING -- contains a DER encoding of a value of type &ExtnType -- for the extension object identified by extnId -- } nullOid OBJECT-TYPE SYNTAX NULL ACCESS read-write STATUS mandatory ::= { 1 2 840 113549 1 1 4 } nullOid2 OBJECT-TYPE SYNTAX NULL ACCESS read-write STATUS mandatory ::= { 1 2 840 113549 1 1 1 } printableStringOid OBJECT-TYPE SYNTAX PrintableString ACCESS read-write STATUS mandatory ::= { 2 5 4 6 } END