Table of Contents
Advertisement
Defaults Reference
Policy Mappers Extension Default
This default populates a policy mappings extension in the certificate request. The
extension lists one or more pairs of OIDs, each pair identifying two policy
statements of two CAs. The pairing indicates that the corresponding policies of one
CA are equivalent to policies of another CA. The extension may be useful in the
context of cross-certification. If supported, the extension is to be included in CA
certificates only. The default allows you to map policy statements of one CA to that
of another by pairing the OIDs assigned to their policy statements
Each pair is defined by two parameters,
subjectDomainPolicy
issuerDomainPolicy
The issuing CA's users may accept an
applications. The policy mapping tells these users which policies associated with
the subject CA are equivalent to the policy they accept.
For general information about this extension, see "policyMappings" on page 765.
You can define the following constraints with this default:
•
Extension Constraint, see "Extension Constraint," on page 473.
•
No Constraints, see "No Constraint," on page 475.
Table 10-13 Policy Mappings Extension Default Configuration Parameters
Parameter
critical
IssuerDomainPolicy_<n>
SubjectDomainPolicy_<n>
464
Netscape Certificate Management System Administrator's Guide • June 2003
issuerDomainPolicy
. The pairing indicates that the issuing CA considers the
equivalent to the
subjectDomainPolicy
issuerDomainPolicy
Description
Select true to mark this extension critical; select false to
mark the extension noncritical.
Specifies the OID assigned to the policy statement of
the issuing CA that you want to map with the policy
statement of another CA.
Example: 1.2.3.4.5
Specifies the OID assigned to the policy statement of
the subject CA that corresponds to the policy
statement of the issuing CA.
Example: 6.7.8.9.10
and
of the subject CA.
for certain
Advertisement
Table of Contents
