| -- X.509 AuthorityKeyIdentifier |
| -- rfc5280 section 4.2.1.1 |
| |
| AuthorityKeyIdentifier ::= SEQUENCE { |
| keyIdentifier [0] IMPLICIT KeyIdentifier OPTIONAL, |
| authorityCertIssuer [1] IMPLICIT GeneralNames OPTIONAL, |
| authorityCertSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL |
| } |
| |
| KeyIdentifier ::= OCTET STRING ({ x509_akid_note_kid }) |
| |
| CertificateSerialNumber ::= INTEGER ({ x509_akid_note_serial }) |
| |
| GeneralNames ::= SEQUENCE OF GeneralName |
| |
| GeneralName ::= CHOICE { |
| otherName [0] ANY, |
| rfc822Name [1] IA5String, |
| dNSName [2] IA5String, |
| x400Address [3] ANY, |
| directoryName [4] Name ({ x509_akid_note_name }), |
| ediPartyName [5] ANY, |
| uniformResourceIdentifier [6] IA5String, |
| iPAddress [7] OCTET STRING, |
| registeredID [8] OBJECT IDENTIFIER |
| } |
| |
| Name ::= SEQUENCE OF RelativeDistinguishedName |
| |
| RelativeDistinguishedName ::= SET OF AttributeValueAssertion |
| |
| AttributeValueAssertion ::= SEQUENCE { |
| attributeType OBJECT IDENTIFIER ({ x509_note_OID }), |
| attributeValue ANY ({ x509_extract_name_segment }) |
| } |
