@@ -192,7 +192,7 @@ The DCD extension is identified with the following object identifier:
192192
193193(TODO : replace this temporary OID)
194194~~~
195- id-ce-delta-certificate-descriptor ::= OBJECT IDENTIFIER {
195+ id-ce-deltaCertificateDescriptor ::= OBJECT IDENTIFIER {
196196 joint-iso-itu-t(2) country(16) us(840) organization(1)
197197 entrust(114027) 80 6 1
198198}
@@ -328,7 +328,7 @@ The attribute is identified with the following object identifier:
328328(TODO : replace this temporary OID)
329329
330330~~~
331- id-at-delta-certificate-request ::= OBJECT IDENTIFIER {
331+ id-at-deltaCertificateRequest ::= OBJECT IDENTIFIER {
332332 joint-iso-itu-t(2) country(16) us(840) organization(1)
333333 entrust(114027) 80 6 2
334334}
@@ -347,7 +347,7 @@ DeltaCertificateRequest ::= SEQUENCE {
347347deltaCertificateRequest ATTRIBUTE ::= {
348348 WITH SYNTAX DeltaCertificateRequest
349349 SINGLE VALUE TRUE
350- ID id-at-delta-certificate-request
350+ ID id-at-deltaCertificateRequest
351351}
352352~~~
353353
@@ -362,7 +362,7 @@ This attribute is identified with the following object identifier:
362362(TODO : replace this temporary OID)
363363
364364~~~
365- id-at-delta-certificate-request-signature ::= OBJECT IDENTIFIER {
365+ id-at-deltaCertificateRequestSignature ::= OBJECT IDENTIFIER {
366366 joint-iso-itu-t(2) country(16) us(840) organization(1)
367367 entrust(114027) 80 6 3
368368}
@@ -376,7 +376,7 @@ DeltaCertificateRequestSignature ::= BIT STRING
376376deltaCertificateRequestSignature ATTRIBUTE ::= {
377377 WITH SYNTAX DeltaCertificateRequestSignature
378378 SINGLE VALUE TRUE
379- ID id-at-delta-certificate-request-signature
379+ ID id-at-deltaCertificateRequestSignature
380380}
381381~~~
382382
@@ -449,13 +449,103 @@ Signature attributes as defined in {{dcr-attribute}}, IANA
449449is requested to create a new registry under SMI Security Codes and
450450assign two object identifiers (OID).
451451
452- For the ASN.1 Module for the extension and attributes defined in this
453- document , IANA is requested to assign an object identifier (OID). The
454- OID for the module should be allocated in the
452+ For the ASN.1 Module for the extension and attributes defined in
453+ {{asn1-module}} , IANA is requested to assign an object identifier (OID).
454+ The OID for the module should be allocated in the
455455" SMI Security for PKIX Module Identifier" registry (1.3.6.1.5.5.7.0).
456456
457457--- back
458458
459+ # Appendix A. ASN.1 Module {#asn1-module}
460+
461+ The following ASN.1 {{X.860}} module provides the complete definition of the extensions, attributes, and
462+ associated identifiers specified in this document.
463+
464+ ~~~
465+
466+ DeltaCertificateDescriptor { iso(1) identified-organization(3) dod(6) internet(1)
467+ security(5) mechanisms(5) pkix(7) id-mod(0)
468+ id-mod-deltaCertificateDescriptor(TBD) }
469+
470+ DEFINITIONS IMPLICIT TAGS ::=
471+
472+ BEGIN
473+
474+ IMPORTS
475+ EXTENSION, ATTRIBUTE
476+ FROM PKIX-CommonTypes-2009 -- RFC 5912
477+ { iso(1) identified-organization(3) dod(6) internet(1)
478+ security(5) mechanisms(5) pkix(7) id-mod(0)
479+ id-mod-pkixCommon-02(57) }
480+
481+ CertificateSerialNumber, AlgorithmIdentifier, Name, Validity, SubjectPublicKeyInfo, Extensions
482+ FROM PKIX1Implicit-2009 -- RFC 5912
483+ { iso(1) identified-organization(3) dod(6) internet(1) security(5)
484+ mechanisms(5) pkix(7) id-mod(0) id-mod-pkix1-implicit-02(59) }
485+
486+ -- EXPORTS ALL
487+
488+ -- Extension --
489+
490+ id-ce-deltaCertificateDescriptor ::= OBJECT IDENTIFIER {
491+ joint-iso-itu-t(2) country(16) us(840) organization(1)
492+ entrust(114027) 80 6 1
493+ }
494+
495+ DeltaCertificateDescriptor ::= SEQUENCE {
496+ serialNumber CertificateSerialNumber,
497+ signature [0] IMPLICIT AlgorithmIdentifier OPTIONAL,
498+ issuer [1] IMPLICIT Name OPTIONAL,
499+ validity [2] IMPLICIT Validity OPTIONAL,
500+ subject [3] IMPLICIT Name OPTIONAL,
501+ subjectPublicKeyInfo SubjectPublicKeyInfo,
502+ extensions [4] IMPLICIT Extensions OPTIONAL,
503+ signatureValue BIT STRING
504+ }
505+
506+ ext-deltaCertificateDescriptor EXTENSION ::= {
507+ SYNTAX DeltaCertificateDescriptor
508+ IDENTIFIED BY id-ce-deltaCertificateDescriptor
509+ CRITICALITY { FALSE }
510+ }
511+
512+ -- Request Attributes --
513+
514+ id-at-deltaCertificateRequest ::= OBJECT IDENTIFIER {
515+ joint-iso-itu-t(2) country(16) us(840) organization(1)
516+ entrust(114027) 80 6 2
517+ }
518+
519+ DeltaCertificateRequest ::= SEQUENCE {
520+ subject [0] IMPLICIT Name OPTIONAL,
521+ subjectPKInfo SubjectPublicKeyInfo,
522+ extensions [1] IMPLICIT Extensions OPTIONAL,
523+ signatureAlgorithm [2] IMPLICIT AlgorithmIdentifier OPTIONAL,
524+ }
525+
526+ deltaCertificateRequest ATTRIBUTE ::= {
527+ WITH SYNTAX DeltaCertificateRequest
528+ SINGLE VALUE TRUE
529+ ID id-at-deltaCertificateRequest
530+ }
531+
532+ id-at-deltaCertificateRequestSignature ::= OBJECT IDENTIFIER {
533+ joint-iso-itu-t(2) country(16) us(840) organization(1)
534+ entrust(114027) 80 6 3
535+ }
536+
537+ DeltaCertificateRequestSignature ::= BIT STRING
538+
539+ deltaCertificateRequestSignature ATTRIBUTE ::= {
540+ WITH SYNTAX DeltaCertificateRequestSignature
541+ SINGLE VALUE TRUE
542+ ID id-at-deltaCertificateRequestSignature
543+ }
544+
545+ END
546+
547+ ~~~
548+
459549# Acknowledgments
460550{:numbered="false"}
461551
0 commit comments