Netscape Certificate Type Extension Default; Netscape Comment Extension Default; No Default Extension; Ocsp No Check Extension Default - Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION Administration Manual

Chapter 13. Certificate Profiles

13.7.10. Netscape Certificate Type Extension Default

WARNING
This extension is obsolete. Use the Key Usage or Extended Key Usage certificate
extensions instead.
This default attaches a Netscape Certificate Type extension to the certificate. The extension identifies
the certificate type, such as CA certificate, server SSL certificate, client SSL certificate, or S/MIME
certificate. This restricts the usage of a certificate to predetermined purposes.

13.7.11. Netscape Comment Extension Default

WARNING
This extension is obsolete.
This default attaches a Netscape Comment extension to the certificate. The extension can be used
to include textual comments in certificates. Applications that are capable of interpreting the comment
display it when the certificate is used or viewed.
For general information about this extension, see
The following constraints can be defined with this default:
• Extension Constraint; see
Section 13.8.6, "No
• No Constraints; see
Parameter
critical
CommentContent
Table 13.12. Netscape Comment Extension Configuration Parameters

13.7.12. No Default Extension

This default can be used to set constraints when no defaults are being used. This default has no
settings and sets no defaults but does allow all of the constraints available to be set.

13.7.13. OCSP No Check Extension Default

This default attaches an OCSP No Check extension to the certificate. The extension, which should be
used in OCSP responder certificates only, indicates how OCSP-compliant applications can verify the
revocation status of the certificate an authorized OCSP responder uses to sign OCSP responses.
For general information about this extension, see
306
Section A.6.2,
Section 13.8.3, "Extension
Constraint".
Section A.3.10,
"netscape-comment".
Constraint".
"OCSPNocheck".