Table of Contents
Advertisement
Extension-Specific Policy Module Reference
Table 11-31 Netscape certificate type extension bits and designated purposes (Continued)
Bit
Purpose
1
SSL Server
2
S/MIME
3
Object Signing
4
Reserved
5
SSL CA
6
S/MIME CA
7
Object Signing CA
The Netscape certificate type extension policy has been implemented in such a way
that it enables you to set the appropriate certificate-type bits for certificates being
issued by CMS. This way, you can restrict the purposes for which a certificate
should be used by adding the extension, with the appropriate bits set, to the
certificate at the time of issuance. For example, if you want to restrict a certificate to
be used for SSL client authentication only, when issuing the certificate you would
add the Netscape certificate type extension to the certificate with
0) set. For general guidelines on setting the Netscape certificate type extension, see
"netscape-cert-type" on page 775.
In the current implementation, you can specify whether to add the extension to
certificates on the server side and which bits in the extension are to be set on the
client side—you specify whether to add the extension by enabling the Netscape
certificate type extension policy and which bits are to be set by adding the
appropriate HTTP variables to the enrollment forms.
Bits set in the Netscape certificate type extension are formed from pre-defined
input variables that you can embed as hidden values in the default enrollment
forms. Table 11-32 lists the HTTP input variables that correspond to Netscape
certificate type extension bits.
548
Netscape Certificate Management System Administrator's Guide • June 2003
Description
Specifies that the certificate can be used by servers for authentication
during SSL connections.
Specifies that the certificate can be used to send secure email
messages.
Specifies that the certificate can be used for signing objects such as
Java applets and plug-ins.
This bit is reserved for future use.
Specifies that the certificate can be used by a CA to issue certificates
for SSL connections.
Specifies that the certificate can be used by a CA to issue certificates
for secure email.
Specifies that the certificate can be used by a CA to issue certificates
for object signing.
(bit
ssl_client
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN