1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Software
  5. NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN
  6. Manual

Introduction To Crl Extensions; Structure Of Crl Extensions - Netscape MANAGEMENT SYSTEM 4.5 - PLUG-IN Manual

Hide thumbs
Table of Contents

Advertisement

Microsoft Recommendation
Microsoft recommends this extension for all certificates.

Introduction to CRL Extensions

Since its initial publication, the X.509 standard for CRL formats has been amended
to include additional information within a CRL. Version 2, the latest version,
allows you to add information as CRL extensions.
The extensions defined by ANSI X9 and ISO/IEC/ITU for X.509 v2 CRLs [X.509]
[X9.55] enable you to associate additional attributes with CRLs. The Internet X.509
Public Key Infrastructure Certificate and CRL Profile (see
http://www.ietf.org/rfc/rfc2459.txt
used in CRLs. These extensions are called standard CRL extensions.
The standard also suggests that you can define your own extensions and include
them in CRLs you issue. These extensions are called private, proprietary, or custom
CRL extensions and they carry information unique to your organization or
business. Keep in mind that applications may not able to validate CRLs that
contain private, critical extensions, thus preventing the use of these CRLs in a
general context.
NOTE

Structure of CRL Extensions

A CRL extension consists of the following:
The object identifier (OID) for the extension; see Appendix B, "Object
Identifiers."
This identifier uniquely identifies the extension. It also determines the ASN.1
type of value in the value field and how the value is interpreted. That is, when
an extension appears in a CRL, the OID appears as the extension ID field
(
of the octet string (
Extensions" on page 333.
Some explanations in this chapter make reference to Abstract
Syntax Notation One (ASN.1) and Distinguished Encoding Rules
(DER). These are specified in the CCITT Recommendations X.208
and X.209. For a quick summary of ASN.1 and DER, see A Layman's
Guide to a Subset of ASN.1, BER, and DER, which is available at RSA
Laboratories' web site (
) and the corresponding ASN.1 encoded structure appears as the value
extnID
extnValue
) recommends a set of extensions to be
http://www.rsa.com
); see the examples in "Sample Certificate
Appendix C
Introduction to CRL Extensions
).
Certificate and CRL Extensions
359

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN and is the answer not in the manual?

Questions and answers

Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN

Related Content for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN

This manual is also suitable for:

Netscape management system 4.5

Table of Contents