Netscape MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR Administrator's Manual page 726

Standard X.509 v3 Certificate Extensions
Criticality
This extension may be critical or noncritical.
Discussion
The Certificate Policies extension defines one or more policies, each of which
consists of an OID and optional qualifiers. The extension can include a URI to the
issuer's Certificate Practice Statement or can embed issuer policy information, such
as a user notice in text form. This information can be used by certificate-enabled
applications.
If this extension is present, PKIX Part 1 recommends that policies be identified with
an OID only, or if necessary only certain recommended qualifiers.
CMS Version Support
Supported since CMS 4.2. Refer to "CertificatePoliciesExt" on page 516.
CRLDistributionPoints
OID
2.5.29.31
Criticality
PKIX recommends that this extension be marked noncritical and that it be
supported for all certificates.
Discussion
This extension defines how CRL information for this certificate is to be obtained. It
should be used if the system is configured to use CRL issuing points.
If the extension contains a
assumed to be a pointer to the current CRL for the associated reasons and will be
issued by the associated
defined for the
reasons, the CRL must include revocations for all reasons. If the
distributionPoint
issued the certificate.
PKIX recommends that this extension be supported by CAs and applications.
CMS Version Support
Supported since CMS 4.1. Refer to "CRLDistributionPointsExt" on page 522.
726 Netscape Certificate Management System Administrator's Guide • February 2003
DistributionPointName
. The expected values for the URI are those
cRLIssuer
extension. If the
subjectAltName
omits
cRLIssuer
of type URI, the URI is
distributionPoint
, the CRL must be issued by the CA that
omits