1. Manuals
  2. Brands
  3. Netscape Manuals
  4. Software
  5. NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
  6. Manual

Policyconstraintsext Rule; Policymappingsext Plug-In Module - Netscape MANAGEMENT SYSTEM 6.0 - PLUG-IN Manual

Hide thumbs
Table of Contents

Advertisement

PolicyMappingsExt Plug-in Module

PolicyConstraintsExt Rule

The policy rule named
PolicyConstraintsExt
creates this rule during installation. By default, the rule is configured as follows:
The rule is disabled; for the rule to be effective, it must be enabled and
configured appropriately.
The predicate expression is set (
that the extension gets added to CA certificates only. PKIX and Federal PKI
standards recommend that CA certificates must have this extension and
end-entity certificates should have this extension.
The extension is marked noncritical.
No subordinate CA certificates are permitted in the path before an explicit
policy is required (
The
For details on individual parameters defined in the rule, see Table 4-22 on
page 222. You need to review this rule and make the changes appropriate for your
PKI setup. For instructions, see section "Step 2. Modify Existing Policy Rules" in
Chapter 18, "Setting Up Policies" of CMS Installation and Setup Guide. For
instructions on adding additional instances, see section "Step 4. Add New Policy
Rules" in the same chapter.
PolicyMappingsExt Plug-in Module
The
PolicyMappingsExt
extension policy. This policy enables you to configure Certificate Management
System to add the Policy Mappings Extension defined in X.509 and PKIX standard
RFC 2459 (see
extension lists one or more pairs of OIDs, each pair identifying two policy
statements of two CAs. The pairing indicates that the corresponding policies of one
CA are equivalent to policies of another CA. The extension may be useful in the
context of cross-certification.
The PKIX standard suggests that the extension must be marked noncritical and
may be supported by CAs and/or applications. If supported, the extension is to be
included in CA certificates only. Before configuring the server to add the policy
mappings extension to certificates, read the general guidelines provided in
"policyMappings" on page 353.
224
Netscape Certificate Management System Plug-Ins Guide • March 2002
PolicyConstraintsExt
module. Certificate Management System automatically
reqExplicitPolicy=0
inhibitPolicyMapping
plug-in module implements the policy mappings
http://www.ietf.org/rfc/rfc2459.txt
is an instance of the
predicate=HTTP_PARAMS.certType==ca
).
field is not set in the extension.
) so
) to certificates. The

Advertisement

Table of Contents
loading

Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN

Related Content for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN

This manual is also suitable for:

Certificate management system 6.0

Table of Contents