Netscape-Defined Certificate Extensions; Netscape-Cert-Type; Netscape-Comment - Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION Administration Manual
Hide thumbs
Also See for CERTIFICATE SYSTEM 7.3 - ADMINISTRATION:
- Manual (98 pages) ,
- Release note (24 pages) ,
- Manual (92 pages)
Table of Contents
Advertisement
Appendix A. Certificate and CRL Extensions
A.5.2.4.3. Parameters
Parameter
enable
critical
Table A.12. CRLReason Configuration Parameters
A.6. Netscape-Defined Certificate Extensions
Netscape defined certain certificate extensions for its products. Some of the extensions are now
obsolete, and others have been superseded by the extensions defined in the X.509 proposed
standard. All Netscape extensions should be tagged as noncritical, so that their presence in a
certificate does not make that certificate incompatible with other clients.
A.6.1. netscape-cert-type
A.6.1.1. OID
2.16.840.1.113730.1
A.6.1.2. Discussion
The Netscape Certificate Type extension can be used to limit the purposes for which a certificate
can be used. It has been replaced by the X.509 v3 extensions
Section A.3.3,
"basicConstraints".
If the extension exists in a certificate, it limits the certificate to the uses specified in it. If the extension
is not present, the certificate can be used for all applications.
The value is a bit-string, where the individual bit positions, when set, certify the certificate for particular
uses as follows:
• bit 0: SSL Client certificate
• bit 1: SSL Server certificate
• bit 2: S/MIME certificate
• bit 5: SSL CA certificate
• bit 6: S/MIME CA certificate
A.6.2. netscape-comment
A.6.2.1. OID
2.16.840.1.113730.13
482
Section A.3.6, "extKeyUsage"
and
Advertisement
Table of Contents
Need help?
Do you have a question about the CERTIFICATE SYSTEM 7.3 - ADMINISTRATION and is the answer not in the manual?
Questions and answers