Netscape MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR Administrator's Manual page 732

Standard X.509 v3 Certificate Extensions
Criticality
This extension must be noncritical.
Discussion
The Policy Mappings extension is used in CA certificates only. It lists one or more
pairs of OIDs used to indicate that the corresponding policies of one CA are
equivalent to policies of another CA. It may be useful in the context of
cross-certification.
This extension may be supported by CAs and/or applications.
CMS Version Support
Supported since CMS 4.2. Refer to "PolicyMappingsExt" on page 554.
privateKeyUsagePeriod
OID
2.5.29.16
Discussion
The Private Key Usage Period extension allows the certificate issuer to specify a
different validity period for the private key than for the certificate itself. This
extension is intended for use with digital signature keys.
PKIX Part 1 recommends against the use of this extension. CAs conforming to
PKIX Part 1 must not generate certificates with this extension.
CMS Version Support
Supported since CMS 4.2. Refer to "PrivateKeyUsagePeriodExt" on page 556.
subjectAltName
OID
2.5.29.17
Criticality
If the certificate's subject field is empty, this extension must be marked critical.
Discussion
The Subject Alternative Name extension includes one or more alternative
(non-X.500) names for the identity bound by the CA to the certified public key. It
may be used in addition to the certificate's subject name or as a replacement for it.
Defined name forms include Internet electronic mail address (SMTP, as defined in
RFC-822), DNS name, IP address, and uniform resource identifier (URI).
732 Netscape Certificate Management System Administrator's Guide • February 2003