[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: New Microsoft cert extension?
The red, underlined text below is ambiguous. When generating a new key, the
Key Index is set to match the new Cert Index.
Read my recent mail for further details.
> -----Original Message-----
> From: Trevor Freeman
> Sent: Wednesday, September 01, 1999 11:08 AM
> To: ietf-pkix@imc.org
> Cc: '?@0fHq'
> Subject: RE: New Microsoft cert extension?
>
> This extension in a Win2K CA certificate is a counter as to how many
> certificate/keys the CA has.
> If you renew a win2K CA's certificate and re-certify the current key we
> increment the certificate index. If renew a win2K CA's certificate and
> certify a new key we increment the certificate and key indexes. We treat
> the
> integer as a DWORD, taking the low 16 bits as the cert index and the high
> 16
> bits as the key index. so in our UI we represent it as cert index.key
> index.
> This extension is used by us when a Win2K CA is restored, as a hint to
> rebuild the certificate\key lists. It has no other purpose.
>
> -----Original Message-----
> From: ¿À°æÈñ [mailto:khoh@kisa.or.kr]
> Sent: Tuesday, August 31, 1999 6:11 PM
> To: ietf-pkix@imc.org
> Subject: Re: New Microsoft cert extension?
>
>
> PRIVATE ENTERPRISE NUMBERS
> SMI Network Management Private Enterprise Codes:
> Prefix: iso.org.dod.internet.private.enterprise (1.3.6.1.4.1)
>
> This file is
> ftp://ftp.isi.edu/in-notes/iana/assignments/enterprise-numbers
>
> Decimal Name References
> ------- ---- ----------
> 311 Microsoft John M. Ballard jballard@microsoft.com
>
>
> Try to mail to the address above.
>
> If you get the answer, please let me know.
>
>
>
> Marc Branchaud wrote:
>
> > Found an extension with this OID in a Win2K cert: 1.3.6.1.4.1.311.21.1.
> > Here's what it looks like from Peter Gutmann's dumpasn1:
> >
> > 576 30 16: SEQUENCE {
> > 578 06 9: OBJECT IDENTIFIER '1 3 6 1 4 1 311 21 1'
> > 589 04 3: OCTET STRING, encapsulates {
> > 591 02 1: INTEGER 0
> > : }
> > : }
> >
> > I believe that 1.3.6.1.4.1.311 belongs to Microsoft, but does anyone
> > know what this extension is?
> >
> > Marc