1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Software
  5. NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN
  6. Manual

Authoritykeyidentifier Rule - Netscape MANAGEMENT SYSTEM 4.5 - PLUG-IN Manual

Hide thumbs
Table of Contents

Advertisement

Table 7-1
Default CRL extension modules
Plug-in module name
AuthorityKeyIdentifier
CRLNumber
CRLReason
HoldInstruction
InvalidityDate
IssuerAlternativeName
IssuingDistributionPoint

AuthorityKeyIdentifier Rule

The
AuthorityKeyIdentifier
to set the Authority Key Identifier Extension defined in X.509 and PKIX standard RFC
2459 (see
used to identify the public key that corresponds to the private key used by a CA to
sign CRLs.
The PKIX standard recommends that the CA must include this extension in all
CRLs it issues. Therefore, you should consider adding this extension to all CRLs
issued by the Certificate Manager. The reason for this is that in certain situations, a
CA's public key may change (for example, when the key gets updated) or the CA
may have multiple signing keys (either because of multiple concurrent key pairs or
because of key changeover). In these cases, the CA ends up with more than one key
pair. When verifying a signature on a certificate, other applications need to know
which key was used in the signature. The extension, if present in a certificate,
enables applications (those that can use the extension) to identify the correct key to
use in situations when multiple keys exist; the extension specifies the public key to
be used to verify the signature on the CRL.
Function
Sets the Authority Key Identifier extension in CRLs. For details, see
"AuthorityKeyIdentifier Rule" on page 283.
Sets the CRL Number extension in CRLs. For details, see "CRLNumber
Rule" on page 285.
Sets the Reason Code extension in CRL entries. For details, see
"CRLReason Rule" on page 286.
Sets the Hold Instruction Code extension in CRL entries. For details, see
"HoldInstruction Rule" on page 288.
Sets the Invalidity Date extension in CRL entries. For details, see
"InvalidityDate Rule" on page 289.
Sets the Issuer Alternative Name extension in CRLs. For details, see
"IssuerAlternativeName Rule" on page 291.
Sets the Issuing Distribution Point extension in CRLs. For details, see
"IssuingDistributionPoint Rule" on page 295.
http://www.ietf.org/rfc/rfc2459.txt
rule enables you to configure a Certificate Manager
) in CRLs. The extension is
Chapter 7
AuthorityKeyIdentifier Rule
CRL Extension Plug-in Modules
283

Advertisement

Table of Contents
loading

Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN

Related Content for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN

This manual is also suitable for:

Netscape management system 4.5

Table of Contents