1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Software
  5. NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN
  6. Manual

Subjectkeyidentifierext Plug-In Module - Netscape MANAGEMENT SYSTEM 4.5 - PLUG-IN Manual

Hide thumbs
Table of Contents

Advertisement

Table 4-27 Description of parameters defined in the SubjectDirectoryAttributesExt module (Continued)
Parameter
attribute<n>.whereT
oGetValue
attribute<n>.value

SubjectKeyIdentifierExt Plug-in Module

The
SubjectKeyIdentifierExt
identifier policy. This policy enables you to configure Certificate Management
System to add the Subject Key Identifier Extension defined in X.509 and PKIX
standard RFC 2459 (see
The extension is used to identify certificates that contain a particular public
key—that is, the extension is used to uniquely identify a certificate from among
several that have the same subject name.
Typically, the subject key identifier extension is used in CA certificates as it helps
determine which CA key is being certified in a CA certificate. To facilitate chain
building, you should consider adding this extension to conforming subordinate
CA certificates (subordinate Certificate Managers' CA signing certificates) issued
by Certificate Management System. You may also want to consider adding this
extension to other or all certificates. For example, if added to end-entity certificates,
the extension provides a means for identifying certificates containing the particular
public key used in an application. If an end entity has multiple certificates,
especially from multiple CAs, the subject key identifier provides a means to
quickly identify the set of certificates that contain a particular public key.
For general guidelines on setting the subject key identifier extension, see
"subjectKeyIdentifier" on page 358.
Description
Specifies from where to get the value for the selected directory attribute.
Permissible values: Request Attribute or Fixed Value.
• Select Request Attribute if you want the server to read the value from
the request attribute.
• Select Fixed Value if you want to specify a fixed value for the attribute.
Note that both the options require you to enter the value for the attribute in the
attribute<n>.value field. The server will set the extension with this value
in all certificates specified by the predicate parameter.
Example: Fixed Value
Specifies the value for the directory attribute to be included in the extension.
Permissible value: A string value for the attribute selected.
Example: Member of Technical Staff
http://www.ietf.org/rfc/rfc2459.txt
plug-in module implements the subject key
Chapter 4
Certificate Extension Plug-in Modules
SubjectKeyIdentifierExt Plug-in Module
) to certificates.
243

Advertisement

Table of Contents
loading

Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN

Related Content for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN

This manual is also suitable for:

Netscape management system 4.5

Table of Contents