diff options
Diffstat (limited to 'security/nss/lib/pki1/oids.txt')
-rw-r--r-- | security/nss/lib/pki1/oids.txt | 2115 |
1 files changed, 2115 insertions, 0 deletions
diff --git a/security/nss/lib/pki1/oids.txt b/security/nss/lib/pki1/oids.txt new file mode 100644 index 000000000..df7b3ab28 --- /dev/null +++ b/security/nss/lib/pki1/oids.txt @@ -0,0 +1,2115 @@ +# +# The contents of this file are subject to the Mozilla Public +# License Version 1.1 (the "License"); you may not use this file +# except in compliance with the License. You may obtain a copy of +# the License at http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS +# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or +# implied. See the License for the specific language governing +# rights and limitations under the License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1994-2000 Netscape Communications Corporation. All +# Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the +# terms of the GNU General Public License Version 2 or later (the +# "GPL"), in which case the provisions of the GPL are applicable +# instead of those above. If you wish to allow use of your +# version of this file only under the terms of the GPL and not to +# allow others to use your version of this file under the MPL, +# indicate your decision by deleting the provisions above and +# replace them with the notice and other provisions required by +# the GPL. If you do not delete the provisions above, a recipient +# may use your version of this file under either the MPL or the +# GPL. +# +CVS_ID "@(#) $RCSfile$ $Revision$ $Date$ $Name$" + +# Fields +# OID -- the OID data itself, in dotted-number format +# TAG -- the unofficial but common name. e.g., when written like +# { joint-iso-ccitt(2) country(16) US(840) company(1) netscape(113730) } +# those words ("joint-iso-ccitt," "country," etc.) are the tags. +# EXPL -- a textual explanation, that should stand by itself +# NAME -- the name we use in our code. If no NAME is given, it won't be included +# +# Additionally, some sets of OIDs map to some other spaces.. +# additional fields capture that data: +# +# CKM -- the corresponding Cryptoki Mechanism, if any +# CKK -- the corresponding Cryptoki Key type, if any +# ATTR -- the UTF-8 attribute type encoding, if applicable +# it should be in the standard presentation style (e.g., lowercase), +# already-escaped a la RFC 2253 if necessary (which would only +# be necessary if some idiot defined an attribute with, say, +# an equals sign in it) +# CERT_EXTENSION -- SUPPORTED or UNSUPPORTED certificate extension, if applicable + +# Top of the OID tree -- see http://www.alvestrand.no/objectid/top.html +# +OID 0 +TAG ccitt # ITU-T used to be called CCITT +EXPL "ITU-T" + +# See X.208 Annex C for an explanation of the OIDs below ccitt/itu-t + +OID 0.0 +TAG recommendation +EXPL "ITU-T Recommendation" + +OID 0.1 +TAG question +EXPL "ITU-T Question" + +OID 0.2 +TAG administration +EXPL "ITU-T Administration" + +OID 0.3 +TAG network-operator +EXPL "ITU-T Network Operator" + +OID 0.4 +TAG identified-organization +EXPL "ITU-T Identified Organization" + +OID 0.9 # used in some RFCs (unofficial!) +TAG data +EXPL "RFC Data" + +OID 0.9.2342 +TAG pss +EXPL "PSS British Telecom X.25 Network" + +OID 0.9.2342.19200300 +TAG ucl +EXPL "RFC 1274 UCL Data networks" + +OID 0.9.2342.19200300.100 +TAG pilot +EXPL "RFC 1274 pilot" + +OID 0.9.2342.19200300.100.1 +TAG attributeType +EXPL "RFC 1274 Attribute Type" + +OID 0.9.2342.19200300.100.1.1 +TAG uid +EXPL "RFC 1274 User Id" +NAME NSS_OID_RFC1274_UID +ATTR "uid" + +OID 0.9.2342.19200300.100.1.3 +TAG mail +EXPL "RFC 1274 E-mail Addres" +NAME NSS_OID_RFC1274_EMAIL +ATTR "mail" # XXX fgmr + +OID 0.9.2342.19200300.100.1.25 +TAG dc +EXPL "RFC 2247 Domain Component" +NAME NSS_OID_RFC2247_DC +ATTR "dc" + +OID 0.9.2342.19200300.100.3 +TAG attributeSyntax +EXPL "RFC 1274 Attribute Syntax" + +OID 0.9.2342.19200300.100.3.4 +TAG iA5StringSyntax +EXPL "RFC 1274 IA5 String Attribute Syntax" + +OID 0.9.2342.19200300.100.3.5 +TAG caseIgnoreIA5StringSyntax +EXPL "RFC 1274 Case-Ignore IA5 String Attribute Syntax" + +OID 0.9.2342.19200300.100.4 +TAG objectClass +EXPL "RFC 1274 Object Class" + +OID 0.9.2342.19200300.100.10 +TAG groups +EXPL "RFC 1274 Groups" + +OID 0.9.2342.234219200300 +TAG ucl +EXPL "RFC 1327 ucl" + +OID 1 +TAG iso +EXPL "ISO" + +# See X.208 Annex B for an explanation of the OIDs below iso + +OID 1.0 +TAG standard +EXPL "ISO Standard" + +OID 1.1 +TAG registration-authority +EXPL "ISO Registration Authority" + +OID 1.2 +TAG member-body +EXPL "ISO Member Body" + +OID 1.2.36 +TAG australia +EXPL "Australia (ISO)" + +OID 1.2.158 +TAG taiwan +EXPL "Taiwan (ISO)" + +OID 1.2.372 +TAG ireland +EXPL "Ireland (ISO)" + +OID 1.2.578 +TAG norway +EXPL "Norway (ISO)" + +OID 1.2.752 +TAG sweden +EXPL "Sweden (ISO)" + +OID 1.2.826 +TAG great-britain +EXPL "Great Britain (ISO)" + +OID 1.2.840 +TAG us +EXPL "United States (ISO)" + +OID 1.2.840.1 +TAG organization +EXPL "US (ISO) organization" + +OID 1.2.840.10003 +TAG ansi-z30-50 +EXPL "ANSI Z39.50" + +OID 1.2.840.10008 +TAG dicom +EXPL "DICOM" + +OID 1.2.840.10017 +TAG ieee-1224 +EXPL "IEEE 1224" + +OID 1.2.840.10022 +TAG ieee-802-10 +EXPL "IEEE 802.10" + +OID 1.2.840.10036 +TAG ieee-802-11 +EXPL "IEEE 802.11" + +OID 1.2.840.10040 +TAG x9-57 +EXPL "ANSI X9.57" + +# RFC 2459: +# +# holdInstruction OBJECT IDENTIFIER ::= +# {iso(1) member-body(2) us(840) x9cm(10040) 2} +# +# Note that the appendices of RFC 2459 define the (wrong) value +# of 2.2.840.10040.2 for this oid. +OID 1.2.840.10040.2 +TAG holdInstruction +EXPL "ANSI X9.57 Hold Instruction" + +# RFC 2459: +# +# id-holdinstruction-none OBJECT IDENTIFIER ::= +# {holdInstruction 1} -- deprecated +OID 1.2.840.10040.2.1 +TAG id-holdinstruction-none +EXPL "ANSI X9.57 Hold Instruction: None" + +# RFC 2459: +# +# id-holdinstruction-callissuer OBJECT IDENTIFIER ::= +# {holdInstruction 2} +OID 1.2.840.10040.2.2 +TAG id-holdinstruction-callissuer +EXPL "ANSI X9.57 Hold Instruction: Call Issuer" + +# RFC 2459: +# +# id-holdinstruction-reject OBJECT IDENTIFIER ::= +# {holdInstruction 3} +OID 1.2.840.10040.2.3 +TAG id-holdinstruction-reject +EXPL "ANSI X9.57 Hold Instruction: Reject" + +OID 1.2.840.10040.4 +TAG x9algorithm +EXPL "ANSI X9.57 Algorithm" + +# RFC 2459: +# +# id-dsa OBJECT IDENTIFIER ::= { +# iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 1 } +OID 1.2.840.10040.4.1 +TAG id-dsa +EXPL "ANSI X9.57 DSA Signature" +NAME NSS_OID_ANSIX9_DSA_SIGNATURE +CKM CKM_DSA +CKK CKK_DSA + +# RFC 2459: +# +# id-dsa-with-sha1 OBJECT IDENTIFIER ::= { +# iso(1) member-body(2) us(840) x9-57 (10040) x9algorithm(4) 3 } +OID 1.2.840.10040.4.3 +TAG id-dsa-with-sha1 +EXPL "ANSI X9.57 Algorithm DSA Signature with SHA-1 Digest" +NAME NSS_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST +CKM CKM_DSA_SHA1 + +OID 1.2.840.10046 +TAG x942 +EXPL "ANSI X9.42" + +OID 1.2.840.10046.2 +TAG algorithm +EXPL "ANSI X9.42 Algorithm" + +# RFC 2459: +# +# dhpublicnumber OBJECT IDENTIFIER ::= { +# iso(1) member-body(2) us(840) ansi-x942(10046) number-type(2) 1 } +OID 1.2.840.10046.2.1 +TAG dhpublicnumber +EXPL "Diffie-Hellman Public Key Algorithm" +NAME NSS_OID_X942_DIFFIE_HELMAN_KEY +CKM CKM_DH_PKCS_DERIVE +CKK CKK_DH + +OID 1.2.840.113533 +TAG entrust +EXPL "Entrust Technologies" + +OID 1.2.840.113549 +TAG rsadsi +EXPL "RSA Data Security Inc." + +OID 1.2.840.113549.1 +# http://www.rsa.com/rsalabs/pubs/PKCS/ +TAG pkcs +EXPL "PKCS" + +# RFC 2459: +# +# pkcs-1 OBJECT IDENTIFIER ::= { +# iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } +OID 1.2.840.113549.1.1 +# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-1.asc +TAG pkcs-1 +EXPL "PKCS #1" + +# RFC 2459: +# +# rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } +OID 1.2.840.113549.1.1.1 +TAG rsaEncryption +EXPL "PKCS #1 RSA Encryption" +NAME NSS_OID_PKCS1_RSA_ENCRYPTION +CKM CKM_RSA_PKCS +CKK CKK_RSA + +# RFC 2459: +# +# md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 } +OID 1.2.840.113549.1.1.2 +TAG md2WithRSAEncryption +EXPL "PKCS #1 MD2 With RSA Encryption" +NAME NSS_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION +CKM CKM_MD2_RSA_PKCS + +OID 1.2.840.113549.1.1.3 +TAG md4WithRSAEncryption +EXPL "PKCS #1 MD4 With RSA Encryption" +NAME NSS_OID_PKCS1_MD4_WITH_RSA_ENCRYPTION +# No CKM! + +# RFC 2459: +# +# md5WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 4 } +OID 1.2.840.113549.1.1.4 +TAG md5WithRSAEncryption +EXPL "PKCS #1 MD5 With RSA Encryption" +NAME NSS_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION +CKM CKM_MD5_RSA_PKCS + +# RFC 2459: +# +# sha1WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 5 } +OID 1.2.840.113549.1.1.5 +TAG sha1WithRSAEncryption +EXPL "PKCS #1 SHA-1 With RSA Encryption" +NAME NSS_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION +CKM CKM_SHA1_RSA_PKCS + +OID 1.2.840.113549.1.5 +# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-5.asc +TAG pkcs-5 +EXPL "PKCS #5" + +OID 1.2.840.113549.1.5.1 +TAG pbeWithMD2AndDES-CBC +EXPL "PKCS #5 Password Based Encryption With MD2 and DES-CBC" +NAME NSS_OID_PKCS5_PBE_WITH_MD2_AND_DES_CBC +CKM CKM_PBE_MD2_DES_CBC + +OID 1.2.840.113549.1.5.3 +TAG pbeWithMD5AndDES-CBC +EXPL "PKCS #5 Password Based Encryption With MD5 and DES-CBC" +NAME NSS_OID_PKCS5_PBE_WITH_MD5_AND_DES_CBC +CKM CKM_PBE_MD5_DES_CBC + +OID 1.2.840.113549.1.5.10 +TAG pbeWithSha1AndDES-CBC +EXPL "PKCS #5 Password Based Encryption With SHA-1 and DES-CBC" +NAME NSS_OID_PKCS5_PBE_WITH_SHA1_AND_DES_CBC +CKM CKM_NETSCAPE_PBE_SHA1_DES_CBC + +OID 1.2.840.113549.1.7 +# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-7.asc +TAG pkcs-7 +EXPL "PKCS #7" +NAME NSS_OID_PKCS7 + +OID 1.2.840.113549.1.7.1 +TAG data +EXPL "PKCS #7 Data" +NAME NSS_OID_PKCS7_DATA + +OID 1.2.840.113549.1.7.2 +TAG signedData +EXPL "PKCS #7 Signed Data" +NAME NSS_OID_PKCS7_SIGNED_DATA + +OID 1.2.840.113549.1.7.3 +TAG envelopedData +EXPL "PKCS #7 Enveloped Data" +NAME NSS_OID_PKCS7_ENVELOPED_DATA + +OID 1.2.840.113549.1.7.4 +TAG signedAndEnvelopedData +EXPL "PKCS #7 Signed and Enveloped Data" +NAME NSS_OID_PKCS7_SIGNED_ENVELOPED_DATA + +OID 1.2.840.113549.1.7.5 +TAG digestedData +EXPL "PKCS #7 Digested Data" +NAME NSS_OID_PKCS7_DIGESTED_DATA + +OID 1.2.840.113549.1.7.6 +TAG encryptedData +EXPL "PKCS #7 Encrypted Data" +NAME NSS_OID_PKCS7_ENCRYPTED_DATA + +# RFC 2459: +# +# pkcs-9 OBJECT IDENTIFIER ::= +# { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } +OID 1.2.840.113549.1.9 +# ftp://ftp.rsa.com/pub/pkcs/ascii/pkcs-9.asc +TAG pkcs-9 +EXPL "PKCS #9" + +# RFC 2459: +# +# emailAddress AttributeType ::= { pkcs-9 1 } +OID 1.2.840.113549.1.9.1 +TAG emailAddress +EXPL "PKCS #9 Email Address" +NAME NSS_OID_PKCS9_EMAIL_ADDRESS + +OID 1.2.840.113549.1.9.2 +TAG unstructuredName +EXPL "PKCS #9 Unstructured Name" +NAME NSS_OID_PKCS9_UNSTRUCTURED_NAME + +OID 1.2.840.113549.1.9.3 +TAG contentType +EXPL "PKCS #9 Content Type" +NAME NSS_OID_PKCS9_CONTENT_TYPE + +OID 1.2.840.113549.1.9.4 +TAG messageDigest +EXPL "PKCS #9 Message Digest" +NAME NSS_OID_PKCS9_MESSAGE_DIGEST + +OID 1.2.840.113549.1.9.5 +TAG signingTime +EXPL "PKCS #9 Signing Time" +NAME NSS_OID_PKCS9_SIGNING_TIME + +OID 1.2.840.113549.1.9.6 +TAG counterSignature +EXPL "PKCS #9 Counter Signature" +NAME NSS_OID_PKCS9_COUNTER_SIGNATURE + +OID 1.2.840.113549.1.9.7 +TAG challengePassword +EXPL "PKCS #9 Challenge Password" +NAME NSS_OID_PKCS9_CHALLENGE_PASSWORD + +OID 1.2.840.113549.1.9.8 +TAG unstructuredAddress +EXPL "PKCS #9 Unstructured Address" +NAME NSS_OID_PKCS9_UNSTRUCTURED_ADDRESS + +OID 1.2.840.113549.1.9.9 +TAG extendedCertificateAttributes +EXPL "PKCS #9 Extended Certificate Attributes" +NAME NSS_OID_PKCS9_EXTENDED_CERTIFICATE_ATTRIBUTES + +OID 1.2.840.113549.1.9.15 +TAG sMIMECapabilities +EXPL "PKCS #9 S/MIME Capabilities" +NAME NSS_OID_PKCS9_SMIME_CAPABILITIES + +OID 1.2.840.113549.1.9.20 +TAG friendlyName +EXPL "PKCS #9 Friendly Name" +NAME NSS_OID_PKCS9_FRIENDLY_NAME + +OID 1.2.840.113549.1.9.21 +TAG localKeyID +EXPL "PKCS #9 Local Key ID" +NAME NSS_OID_PKCS9_LOCAL_KEY_ID + +OID 1.2.840.113549.1.9.22 +TAG certTypes +EXPL "PKCS #9 Certificate Types" + +OID 1.2.840.113549.1.9.22.1 +TAG x509Certificate +EXPL "PKCS #9 Certificate Type = X.509" +NAME NSS_OID_PKCS9_X509_CERT + +OID 1.2.840.113549.1.9.22.2 +TAG sdsiCertificate +EXPL "PKCS #9 Certificate Type = SDSI" +NAME NSS_OID_PKCS9_SDSI_CERT + +OID 1.2.840.113549.1.9.23 +TAG crlTypes +EXPL "PKCS #9 Certificate Revocation List Types" + +OID 1.2.840.113549.1.9.23.1 +TAG x509Crl +EXPL "PKCS #9 CRL Type = X.509" +NAME NSS_OID_PKCS9_X509_CRL + +OID 1.2.840.113549.1.12 +# http://www.rsa.com/rsalabs/pubs/PKCS/html/pkcs-12.html +# NOTE -- PKCS #12 multiple contradictory +# documents exist. Somebody go figure out the canonical +# OID list, keeping in mind backwards-compatability.. +TAG pkcs-12 +EXPL "PKCS #12" +NAME NSS_OID_PKCS12 + +OID 1.2.840.113549.1.12.1 +TAG pkcs-12PbeIds +EXPL "PKCS #12 Password Based Encryption IDs" +NAME NSS_OID_PKCS12_PBE_IDS +# We called it SEC_OID_PKCS12_MODE_IDS + +OID 1.2.840.113549.1.12.1.1 +TAG pbeWithSHA1And128BitRC4 +EXPL "PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC4" +NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4 +CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4 +# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC4 + +OID 1.2.840.113549.1.12.1.2 +TAG pbeWithSHA1And40BitRC4 +EXPL "PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC4" +NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4 +CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4 +# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC4 + +OID 1.2.840.113549.1.12.1.3 +TAG pbeWithSHA1And3-KeyTripleDES-CBC +EXPL "PKCS #12 Password Based Encryption With SHA-1 and 3-key Triple DES-CBC" +NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_3_KEY_TRIPLE_DES_CBC +CKM CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC +# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_3KEY_TRIPLE_DES_CBC + +OID 1.2.840.113549.1.12.1.4 +TAG pbeWithSHA1And2-KeyTripleDES-CBC +EXPL "PKCS #12 Password Based Encryption With SHA-1 and 2-key Triple DES-CBC" +NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_2_KEY_TRIPLE_DES_CBC +CKM CKM_PBE_SHA1_DES2_EDE_CBC +# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_2KEY_TRIPLE_DES_CBC + +OID 1.2.840.113549.1.12.1.5 +TAG pbeWithSHA1And128BitRC2-CBC +EXPL "PKCS #12 Password Based Encryption With SHA-1 and 128-bit RC2-CBC" +NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC +CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC +# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC + +OID 1.2.840.113549.1.12.1.6 +TAG pbeWithSHA1And40BitRC2-CBC +EXPL "PKCS #12 Password Based Encryption With SHA-1 and 40-bit RC2-CBC" +NAME NSS_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC +CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC +# We called it SEC_OID_PKCS12_V2_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC + +OID 1.2.840.113549.1.12.2 +TAG pkcs-12EspvkIds +EXPL "PKCS #12 ESPVK IDs" +# We called it SEC_OID_PKCS12_ESPVK_IDS + +OID 1.2.840.113549.1.12.2.1 +TAG pkcs8-key-shrouding +EXPL "PKCS #12 Key Shrouding" +# We called it SEC_OID_PKCS12_PKCS8_KEY_SHROUDING + +OID 1.2.840.113549.1.12.3 +TAG draft1Pkcs-12Bag-ids +EXPL "Draft 1.0 PKCS #12 Bag IDs" +# We called it SEC_OID_PKCS12_BAG_IDS + +OID 1.2.840.113549.1.12.3.1 +TAG keyBag +EXPL "Draft 1.0 PKCS #12 Key Bag" +# We called it SEC_OID_PKCS12_KEY_BAG_ID + +OID 1.2.840.113549.1.12.3.2 +TAG certAndCRLBagId +EXPL "Draft 1.0 PKCS #12 Cert and CRL Bag ID" +# We called it SEC_OID_PKCS12_CERT_AND_CRL_BAG_ID + +OID 1.2.840.113549.1.12.3.3 +TAG secretBagId +EXPL "Draft 1.0 PKCS #12 Secret Bag ID" +# We called it SEC_OID_PKCS12_SECRET_BAG_ID + +OID 1.2.840.113549.1.12.3.4 +TAG safeContentsId +EXPL "Draft 1.0 PKCS #12 Safe Contents Bag ID" +# We called it SEC_OID_PKCS12_SAFE_CONTENTS_ID + +OID 1.2.840.113549.1.12.3.5 +TAG pkcs-8ShroudedKeyBagId +EXPL "Draft 1.0 PKCS #12 PKCS #8-shrouded Key Bag ID" +# We called it SEC_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG_ID + +OID 1.2.840.113549.1.12.4 +TAG pkcs-12CertBagIds +EXPL "PKCS #12 Certificate Bag IDs" +# We called it SEC_OID_PKCS12_CERT_BAG_IDS + +OID 1.2.840.113549.1.12.4.1 +TAG x509CertCRLBagId +EXPL "PKCS #12 X.509 Certificate and CRL Bag" +# We called it SEC_OID_PKCS12_X509_CERT_CRL_BAG + +OID 1.2.840.113549.1.12.4.2 +TAG SDSICertBagID +EXPL "PKCS #12 SDSI Certificate Bag" +# We called it SEC_OID_PKCS12_SDSI_CERT_BAG + +OID 1.2.840.113549.1.12.5 +TAG pkcs-12Oids +EXPL "PKCS #12 OIDs (XXX)" +# We called it SEC_OID_PKCS12_OIDS + +OID 1.2.840.113549.1.12.5.1 +TAG pkcs-12PbeIds +EXPL "PKCS #12 OIDs PBE IDs (XXX)" +# We called it SEC_OID_PKCS12_PBE_IDS + +OID 1.2.840.113549.1.12.5.1.1 +TAG pbeWithSha1And128BitRC4 +EXPL "PKCS #12 OIDs PBE with SHA-1 and 128-bit RC4 (XXX)" +CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC4 +# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC4 + +OID 1.2.840.113549.1.12.5.1.2 +TAG pbeWithSha1And40BitRC4 +EXPL "PKCS #12 OIDs PBE with SHA-1 and 40-bit RC4 (XXX)" +CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC4 +# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC4 + +OID 1.2.840.113549.1.12.5.1.3 +TAG pbeWithSha1AndTripleDES-CBC +EXPL "PKCS #12 OIDs PBE with SHA-1 and Triple DES-CBC (XXX)" +CKM CKM_NETSCAPE_PBE_SHA1_TRIPLE_DES_CBC +# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_TRIPLE_DES_CBC + +OID 1.2.840.113549.1.12.5.1.4 +TAG pbeWithSha1And128BitRC2-CBC +EXPL "PKCS #12 OIDs PBE with SHA-1 and 128-bit RC2-CBC (XXX)" +CKM CKM_NETSCAPE_PBE_SHA1_128_BIT_RC2_CBC +# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_128_BIT_RC2_CBC + +OID 1.2.840.113549.1.12.5.1.5 +TAG pbeWithSha1And40BitRC2-CBC +EXPL "PKCS #12 OIDs PBE with SHA-1 and 40-bit RC2-CBC (XXX)" +CKM CKM_NETSCAPE_PBE_SHA1_40_BIT_RC2_CBC +# We called it SEC_OID_PKCS12_PBE_WITH_SHA1_AND_40_BIT_RC2_CBC + +OID 1.2.840.113549.1.12.5.2 +TAG pkcs-12EnvelopingIds +EXPL "PKCS #12 OIDs Enveloping IDs (XXX)" +# We called it SEC_OID_PKCS12_ENVELOPING_IDS + +OID 1.2.840.113549.1.12.5.2.1 +TAG rsaEncryptionWith128BitRC4 +EXPL "PKCS #12 OIDs Enveloping RSA Encryption with 128-bit RC4" +# We called it SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_128_BIT_RC4 + +OID 1.2.840.113549.1.12.5.2.2 +TAG rsaEncryptionWith40BitRC4 +EXPL "PKCS #12 OIDs Enveloping RSA Encryption with 40-bit RC4" +# We called it SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_40_BIT_RC4 + +OID 1.2.840.113549.1.12.5.2.3 +TAG rsaEncryptionWithTripleDES +EXPL "PKCS #12 OIDs Enveloping RSA Encryption with Triple DES" +# We called it SEC_OID_PKCS12_RSA_ENCRYPTION_WITH_TRIPLE_DES + +OID 1.2.840.113549.1.12.5.3 +TAG pkcs-12SignatureIds +EXPL "PKCS #12 OIDs Signature IDs (XXX)" +# We called it SEC_OID_PKCS12_SIGNATURE_IDS + +OID 1.2.840.113549.1.12.5.3.1 +TAG rsaSignatureWithSHA1Digest +EXPL "PKCS #12 OIDs RSA Signature with SHA-1 Digest" +# We called it SEC_OID_PKCS12_RSA_SIGNATURE_WITH_SHA1_DIGEST + +OID 1.2.840.113549.1.12.10 +TAG pkcs-12Version1 +EXPL "PKCS #12 Version 1" + +OID 1.2.840.113549.1.12.10.1 +TAG pkcs-12BagIds +EXPL "PKCS #12 Bag IDs" + +OID 1.2.840.113549.1.12.10.1.1 +TAG keyBag +EXPL "PKCS #12 Key Bag" +NAME NSS_OID_PKCS12_KEY_BAG +# We called it SEC_OID_PKCS12_V1_KEY_BAG_ID + +OID 1.2.840.113549.1.12.10.1.2 +TAG pkcs-8ShroudedKeyBag +EXPL "PKCS #12 PKCS #8-shrouded Key Bag" +NAME NSS_OID_PKCS12_PKCS8_SHROUDED_KEY_BAG +# We called it SEC_OID_PKCS12_V1_PKCS8_SHROUDED_KEY_BAG_ID + +OID 1.2.840.113549.1.12.10.1.3 +TAG certBag +EXPL "PKCS #12 Certificate Bag" +NAME NSS_OID_PKCS12_CERT_BAG +# We called it SEC_OID_PKCS12_V1_CERT_BAG_ID + +OID 1.2.840.113549.1.12.10.1.4 +TAG crlBag +EXPL "PKCS #12 CRL Bag" +NAME NSS_OID_PKCS12_CRL_BAG +# We called it SEC_OID_PKCS12_V1_CRL_BAG_ID + +OID 1.2.840.113549.1.12.10.1.5 +TAG secretBag +EXPL "PKCS #12 Secret Bag" +NAME NSS_OID_PKCS12_SECRET_BAG +# We called it SEC_OID_PKCS12_V1_SECRET_BAG_ID + +OID 1.2.840.113549.1.12.10.1.6 +TAG safeContentsBag +EXPL "PKCS #12 Safe Contents Bag" +NAME NSS_OID_PKCS12_SAFE_CONTENTS_BAG +# We called it SEC_OID_PKCS12_V1_SAFE_CONTENTS_BAG_ID + +OID 1.2.840.113549.2 +TAG digest +EXPL "RSA digest algorithm" + +OID 1.2.840.113549.2.2 +TAG md2 +EXPL "MD2" +NAME NSS_OID_MD2 +CKM CKM_MD2 + +OID 1.2.840.113549.2.4 +TAG md4 +EXPL "MD4" +NAME NSS_OID_MD4 +# No CKM + +OID 1.2.840.113549.2.5 +TAG md5 +EXPL "MD5" +NAME NSS_OID_MD5 +CKM CKM_MD5 + +OID 1.2.840.113549.3 +TAG cipher +EXPL "RSA cipher algorithm" + +OID 1.2.840.113549.3.2 +TAG rc2cbc +EXPL "RC2-CBC" +NAME NSS_OID_RC2_CBC +CKM_RC2_CBC + +OID 1.2.840.113549.3.4 +TAG rc4 +EXPL "RC4" +NAME NSS_OID_RC4 +CKM CKM_RC4 + +OID 1.2.840.113549.3.7 +TAG desede3cbc +EXPL "DES-EDE3-CBC" +NAME NSS_OID_DES_EDE3_CBC +CKM CKM_DES3_CBC + +OID 1.2.840.113549.3.9 +TAG rc5cbcpad +EXPL "RC5-CBCPad" +NAME NSS_OID_RC5_CBC_PAD +CKM CKM_RC5_CBC + +OID 1.2.840.113556 +TAG microsoft +EXPL "Microsoft" + +OID 1.2.840.113560 +TAG columbia-university +EXPL "Columbia University" + +OID 1.2.840.113572 +TAG unisys +EXPL "Unisys" + +OID 1.2.840.113658 +TAG xapia +EXPL "XAPIA" + +OID 1.2.840.113699 +TAG wordperfect +EXPL "WordPerfect" + +OID 1.3 +TAG identified-organization +EXPL "ISO identified organizations" + +OID 1.3.6 +TAG us-dod +EXPL "United States Department of Defense" + +OID 1.3.6.1 +TAG internet # See RFC 1065 +EXPL "The Internet" + +OID 1.3.6.1.1 +TAG directory +EXPL "Internet: Directory" + +OID 1.3.6.1.2 +TAG management +EXPL "Internet: Management" + +OID 1.3.6.1.3 +TAG experimental +EXPL "Internet: Experimental" + +OID 1.3.6.1.4 +TAG private +EXPL "Internet: Private" + +OID 1.3.6.1.5 +TAG security +EXPL "Internet: Security" + +OID 1.3.6.1.5.5 + +# RFC 2459: +# +# id-pkix OBJECT IDENTIFIER ::= +# { iso(1) identified-organization(3) dod(6) internet(1) +# security(5) mechanisms(5) pkix(7) } +OID 1.3.6.1.5.5.7 +TAG id-pkix +EXPL "Public Key Infrastructure" + +# RFC 2459: +# +# PKIX1Explicit88 {iso(1) identified-organization(3) dod(6) internet(1) +# security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-88(1)} +OID 1.3.6.1.5.5.7.0.1 +TAG PKIX1Explicit88 +EXPL "RFC 2459 Explicitly Tagged Module, 1988 Syntax" + +# RFC 2459: +# +# PKIX1Implicit88 {iso(1) identified-organization(3) dod(6) internet(1) +# security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit-88(2)} +OID 1.3.6.1.5.5.7.0.2 +TAG PKIXImplicit88 +EXPL "RFC 2459 Implicitly Tagged Module, 1988 Syntax" + +# RFC 2459: +# +# PKIX1Explicit93 {iso(1) identified-organization(3) dod(6) internet(1) +# security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-93(3)} +OID 1.3.6.1.5.5.7.0.3 +TAG PKIXExplicit93 +EXPL "RFC 2459 Explicitly Tagged Module, 1993 Syntax" + +# RFC 2459: +# +# id-pe OBJECT IDENTIFIER ::= { id-pkix 1 } +# -- arc for private certificate extensions +OID 1.3.6.1.5.5.7.1 +TAG id-pe +EXPL "PKIX Private Certificate Extensions" + +# RFC 2459: +# +# id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 } +OID 1.3.6.1.5.5.7.1.1 +TAG id-pe-authorityInfoAccess +EXPL "Certificate Authority Information Access" +NAME NSS_OID_X509_AUTH_INFO_ACCESS +CERT_EXTENSION SUPPORTED + +# RFC 2459: +# +# id-qt OBJECT IDENTIFIER ::= { id-pkix 2 } +# -- arc for policy qualifier types +OID 1.3.6.1.5.5.7.2 +TAG id-qt +EXPL "PKIX Policy Qualifier Types" + +# RFC 2459: +# +# id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 } +# -- OID for CPS qualifier +OID 1.3.6.1.5.5.7.2.1 +TAG id-qt-cps +EXPL "PKIX CPS Pointer Qualifier" +NAME NSS_OID_PKIX_CPS_POINTER_QUALIFIER + +# RFC 2459: +# +# id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 } +# -- OID for user notice qualifier +OID 1.3.6.1.5.5.7.2.2 +TAG id-qt-unotice +EXPL "PKIX User Notice Qualifier" +NAME NSS_OID_PKIX_USER_NOTICE_QUALIFIER + +# RFC 2459: +# +# id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } +# -- arc for extended key purpose OIDS +OID 1.3.6.1.5.5.7.3 +TAG id-kp +EXPL "PKIX Key Purpose" + +# RFC 2459: +# +# id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } +OID 1.3.6.1.5.5.7.3.1 +TAG id-kp-serverAuth +EXPL "TLS Web Server Authentication Certificate" +NAME NSS_OID_EXT_KEY_USAGE_SERVER_AUTH + +# RFC 2459: +# +# id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } +OID 1.3.6.1.5.5.7.3.2 +TAG id-kp-clientAuth +EXPL "TLS Web Client Authentication Certificate" +NAME NSS_OID_EXT_KEY_USAGE_CLIENT_AUTH + +# RFC 2459: +# +# id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } +OID 1.3.6.1.5.5.7.3.3 +TAG id-kp-codeSigning +EXPL "Code Signing Certificate" +NAME NSS_OID_EXT_KEY_USAGE_CODE_SIGN + +# RFC 2459: +# +# id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } +OID 1.3.6.1.5.5.7.3.4 +TAG id-kp-emailProtection +EXPL "E-Mail Protection Certificate" +NAME NSS_OID_EXT_KEY_USAGE_EMAIL_PROTECTION + +# RFC 2459: +# +# id-kp-ipsecEndSystem OBJECT IDENTIFIER ::= { id-kp 5 } +OID 1.3.6.1.5.5.7.3.5 +TAG id-kp-ipsecEndSystem +EXPL "IPSEC End System Certificate" +NAME NSS_OID_EXT_KEY_USAGE_IPSEC_END_SYSTEM + +# RFC 2459: +# +# id-kp-ipsecTunnel OBJECT IDENTIFIER ::= { id-kp 6 } +OID 1.3.6.1.5.5.7.3.6 +TAG id-kp-ipsecTunnel +EXPL "IPSEC Tunnel Certificate" +NAME NSS_OID_EXT_KEY_USAGE_IPSEC_TUNNEL + +# RFC 2459: +# +# id-kp-ipsecUser OBJECT IDENTIFIER ::= { id-kp 7 } +OID 1.3.6.1.5.5.7.3.7 +TAG id-kp-ipsecUser +EXPL "IPSEC User Certificate" +NAME NSS_OID_EXT_KEY_USAGE_IPSEC_USER + +# RFC 2459: +# +# id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } +OID 1.3.6.1.5.5.7.3.8 +TAG id-kp-timeStamping +EXPL "Time Stamping Certificate" +NAME NSS_OID_EXT_KEY_USAGE_TIME_STAMP + +OID 1.3.6.1.5.5.7.3.9 +TAG ocsp-responder +EXPL "OCSP Responder Certificate" +NAME NSS_OID_OCSP_RESPONDER + +OID 1.3.6.1.5.5.7.7 +TAG pkix-id-pkix + +OID 1.3.6.1.5.5.7.7.5 +TAG pkix-id-pkip + +OID 1.3.6.1.5.5.7.7.5.1 +TAG pkix-id-regctrl +EXPL "CRMF Registration Control" + +OID 1.3.6.1.5.5.7.7.5.1.1 +TAG regtoken +EXPL "CRMF Registration Control, Registration Token" +NAME NSS_OID_PKIX_REGCTRL_REGTOKEN + +OID 1.3.6.1.5.5.7.7.5.1.2 +TAG authenticator +EXPL "CRMF Registration Control, Registration Authenticator" +NAME NSS_OID_PKIX_REGCTRL_AUTHENTICATOR + +OID 1.3.6.1.5.5.7.7.5.1.3 +TAG pkipubinfo +EXPL "CRMF Registration Control, PKI Publication Info" +NAME NSS_OID_PKIX_REGCTRL_PKIPUBINFO + +OID 1.3.6.1.5.5.7.7.5.1.4 +TAG pki-arch-options +EXPL "CRMF Registration Control, PKI Archive Options" +NAME NSS_OID_PKIX_REGCTRL_PKI_ARCH_OPTIONS + +OID 1.3.6.1.5.5.7.7.5.1.5 +TAG old-cert-id +EXPL "CRMF Registration Control, Old Certificate ID" +NAME NSS_OID_PKIX_REGCTRL_OLD_CERT_ID + +OID 1.3.6.1.5.5.7.7.5.1.6 +TAG protocol-encryption-key +EXPL "CRMF Registration Control, Protocol Encryption Key" +NAME NSS_OID_PKIX_REGCTRL_PROTOCOL_ENC_KEY + +OID 1.3.6.1.5.5.7.7.5.2 +TAG pkix-id-reginfo +EXPL "CRMF Registration Info" + +OID 1.3.6.1.5.5.7.7.5.2.1 +TAG utf8-pairs +EXPL "CRMF Registration Info, UTF8 Pairs" +NAME NSS_OID_PKIX_REGINFO_UTF8_PAIRS + +OID 1.3.6.1.5.5.7.7.5.2.2 +TAG cert-request +EXPL "CRMF Registration Info, Certificate Request" +NAME NSS_OID_PKIX_REGINFO_CERT_REQUEST + +# RFC 2549: +# +# id-ad OBJECT IDENTIFIER ::= { id-pkix 48 } +# -- arc for access descriptors +OID 1.3.6.1.5.5.7.48 +TAG id-ad +EXPL "PKIX Access Descriptors" + +# RFC 2549: +# +# id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 } +OID 1.3.6.1.5.5.7.48.1 +TAG id-ad-ocsp +EXPL "PKIX Online Certificate Status Protocol" +NAME NSS_OID_OID_PKIX_OCSP + +OID 1.3.6.1.5.5.7.48.1.1 +TAG basic-response +EXPL "OCSP Basic Response" +NAME NSS_OID_PKIX_OCSP_BASIC_RESPONSE + +OID 1.3.6.1.5.5.7.48.1.2 +TAG nonce-extension +EXPL "OCSP Nonce Extension" +NAME NSS_OID_PKIX_OCSP_NONCE + +OID 1.3.6.1.5.5.7.48.1.3 +TAG response +EXPL "OCSP Response Types Extension" +NAME NSS_OID_PKIX_OCSP_RESPONSE + +OID 1.3.6.1.5.5.7.48.1.4 +TAG crl +EXPL "OCSP CRL Reference Extension" +NAME NSS_OID_PKIX_OCSP_CRL + +OID 1.3.6.1.5.5.7.48.1.5 +TAG no-check +EXPL "OCSP No Check Extension" +NAME NSS_OID_X509_OCSP_NO_CHECK # X509_... ? + +OID 1.3.6.1.5.5.7.48.1.6 +TAG archive-cutoff +EXPL "OCSP Archive Cutoff Extension" +NAME NSS_OID_PKIX_OCSP_ARCHIVE_CUTOFF + +OID 1.3.6.1.5.5.7.48.1.7 +TAG service-locator +EXPL "OCSP Service Locator Extension" +NAME NSS_OID_PKIX_OCSP_SERVICE_LOCATOR + +# RFC 2549: +# +# id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 } +OID 1.3.6.1.5.5.7.48.2 +TAG id-ad-caIssuers +EXPL "Certificate Authority Issuers" + +OID 1.3.6.1.6 +TAG snmpv2 +EXPL "Internet: SNMPv2" + +OID 1.3.6.1.7 +TAG mail +EXPL "Internet: mail" + +OID 1.3.6.1.7.1 +TAG mime-mhs +EXPL "Internet: mail MIME mhs" + +OID 1.3.12 +TAG ecma +EXPL "European Computers Manufacturing Association" + +OID 1.3.14 +TAG oiw +EXPL "Open Systems Implementors Workshop" + +OID 1.3.14.3 secsig +TAG secsig +EXPL "Open Systems Implementors Workshop Security Special Interest Group" + +OID 1.3.14.3.1 +TAG oIWSECSIGAlgorithmObjectIdentifiers +EXPL "OIW SECSIG Algorithm OIDs" + +OID 1.3.14.3.2 +TAG algorithm +EXPL "OIW SECSIG Algorithm" + +OID 1.3.14.3.2.6 +TAG desecb +EXPL "DES-ECB" +NAME NSS_OID_DES_ECB +CKM CKM_DES_ECB + +OID 1.3.14.3.2.7 +TAG descbc +EXPL "DES-CBC" +NAME NSS_OID_DES_CBC +CKM CKM_DES_CBC + +OID 1.3.14.3.2.8 +TAG desofb +EXPL "DES-OFB" +NAME NSS_OID_DES_OFB +# No CKM.. + +OID 1.3.14.3.2.9 +TAG descfb +EXPL "DES-CFB" +NAME NSS_OID_DES_CFB +# No CKM.. + +OID 1.3.14.3.2.10 +TAG desmac +EXPL "DES-MAC" +NAME NSS_OID_DES_MAC +CKM CKM_DES_MAC + +OID 1.3.14.3.2.15 +TAG isoSHAWithRSASignature +EXPL "ISO SHA with RSA Signature" +NAME NSS_OID_ISO_SHA_WITH_RSA_SIGNATURE +# No CKM.. + +OID 1.3.14.3.2.17 +TAG desede +EXPL "DES-EDE" +NAME NSS_OID_DES_EDE +# No CKM.. + +OID 1.3.14.3.2.26 +TAG sha1 +EXPL "SHA-1" +NAME NSS_OID_SHA1 +CKM CKM_SHA_1 + +OID 1.3.14.3.2.27 +TAG bogusDSASignatureWithSHA1Digest +EXPL "Forgezza DSA Signature with SHA-1 Digest" +NAME NSS_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST +CKM CKM_DSA_SHA1 + +OID 1.3.14.3.3 +TAG authentication-mechanism +EXPL "OIW SECSIG Authentication Mechanisms" + +OID 1.3.14.3.4 +TAG security-attribute +EXPL "OIW SECSIG Security Attributes" + +OID 1.3.14.3.5 +TAG document-definition +EXPL "OIW SECSIG Document Definitions used in security" + +OID 1.3.14.7 +TAG directory-services-sig +EXPL "OIW directory services sig" + +OID 1.3.16 +TAG ewos +EXPL "European Workshop on Open Systems" + +OID 1.3.22 +TAG osf +EXPL "Open Software Foundation" + +OID 1.3.23 +TAG nordunet +EXPL "Nordunet" + +OID 1.3.26 +TAG nato-id-org +EXPL "NATO identified organisation" + +OID 1.3.36 +TAG teletrust +EXPL "Teletrust" + +OID 1.3.52 +TAG smpte +EXPL "Society of Motion Picture and Television Engineers" + +OID 1.3.69 +TAG sita +EXPL "Societe Internationale de Telecommunications Aeronautiques" + +OID 1.3.90 +TAG iana +EXPL "Internet Assigned Numbers Authority" + +OID 1.3.101 +TAG thawte +EXPL "Thawte" + +OID 2 +TAG joint-iso-ccitt +EXPL "Joint ISO/ITU-T assignment" + +OID 2.0 +TAG presentation +EXPL "Joint ISO/ITU-T Presentation" + +OID 2.1 +TAG asn-1 +EXPL "Abstract Syntax Notation One" + +OID 2.2 +TAG acse +EXPL "Association Control" + +OID 2.3 +TAG rtse +EXPL "Reliable Transfer" + +OID 2.4 +TAG rose +EXPL "Remote Operations" + +OID 2.5 +TAG x500 +EXPL "Directory" + +OID 2.5.1 +TAG modules +EXPL "X.500 modules" + +OID 2.5.2 +TAG service-environment +EXPL "X.500 service environment" + +OID 2.5.3 +TAG application-context +EXPL "X.500 application context" + +# RFC 2459: +# +# id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} +OID 2.5.4 +TAG id-at +EXPL "X.520 attribute types" + +# RFC 2459: +# +# id-at-commonName AttributeType ::= {id-at 3} +OID 2.5.4.3 +TAG id-at-commonName +EXPL "X.520 Common Name" +NAME NSS_OID_X520_COMMON_NAME +ATTR "cn" + +# RFC 2459: +# +# id-at-surname AttributeType ::= {id-at 4} +OID 2.5.4.4 +TAG id-at-surname +EXPL "X.520 Surname" +NAME NSS_OID_X520_SURNAME +ATTR "sn" + +# RFC 2459: +# +# id-at-countryName AttributeType ::= {id-at 6} +OID 2.5.4.6 +TAG id-at-countryName +EXPL "X.520 Country Name" +NAME NSS_OID_X520_COUNTRY_NAME +ATTR "c" + +# RFC 2459: +# +# id-at-localityName AttributeType ::= {id-at 7} +OID 2.5.4.7 +TAG id-at-localityName +EXPL "X.520 Locality Name" +NAME NSS_OID_X520_LOCALITY_NAME +ATTR "l" + +# RFC 2459: +# +# id-at-stateOrProvinceName AttributeType ::= {id-at 8} +OID 2.5.4.8 +TAG id-at-stateOrProvinceName +EXPL "X.520 State or Province Name" +NAME NSS_OID_X520_STATE_OR_PROVINCE_NAME +ATTR "s" + +# RFC 2459: +# +# id-at-organizationName AttributeType ::= {id-at 10} +OID 2.5.4.10 +TAG id-at-organizationName +EXPL "X.520 Organization Name" +NAME NSS_OID_X520_ORGANIZATION_NAME +ATTR "o" + +# RFC 2459: +# +# id-at-organizationalUnitName AttributeType ::= {id-at 11} +OID 2.5.4.11 +TAG id-at-organizationalUnitName +EXPL "X.520 Organizational Unit Name" +NAME NSS_OID_X520_ORGANIZATIONAL_UNIT_NAME +ATTR "ou" + +# RFC 2459: +# +# id-at-title AttributeType ::= {id-at 12} +OID 2.5.4.12 +TAG id-at-title +EXPL "X.520 Title" +NAME NSS_OID_X520_TITLE +ATTR "title" + +# RFC 2459: +# +# id-at-name AttributeType ::= {id-at 41} +OID 2.5.4.41 +TAG id-at-name +EXPL "X.520 Name" +NAME NSS_OID_X520_NAME +ATTR "name" + +# RFC 2459: +# +# id-at-givenName AttributeType ::= {id-at 42} +OID 2.5.4.42 +TAG id-at-givenName +EXPL "X.520 Given Name" +NAME NSS_OID_X520_GIVEN_NAME +ATTR "givenName" + +# RFC 2459: +# +# id-at-initials AttributeType ::= {id-at 43} +OID 2.5.4.43 +TAG id-at-initials +EXPL "X.520 Initials" +NAME NSS_OID_X520_INITIALS +ATTR "initials" + +# RFC 2459: +# +# id-at-generationQualifier AttributeType ::= {id-at 44} +OID 2.5.4.44 +TAG id-at-generationQualifier +EXPL "X.520 Generation Qualifier" +NAME NSS_OID_X520_GENERATION_QUALIFIER +ATTR "generationQualifier" + +# RFC 2459: +# +# id-at-dnQualifier AttributeType ::= {id-at 46} +OID 2.5.4.46 +TAG id-at-dnQualifier +EXPL "X.520 DN Qualifier" +NAME NSS_OID_X520_DN_QUALIFIER +ATTR "dnQualifier" + +OID 2.5.5 +TAG attribute-syntax +EXPL "X.500 attribute syntaxes" + +OID 2.5.6 +TAG object-classes +EXPL "X.500 standard object classes" + +OID 2.5.7 +TAG attribute-set +EXPL "X.500 attribute sets" + +OID 2.5.8 +TAG algorithms +EXPL "X.500-defined algorithms" + +OID 2.5.8.1 +TAG encryption +EXPL "X.500-defined encryption algorithms" + +OID 2.5.8.1.1 +TAG rsa +EXPL "RSA Encryption Algorithm" +NAME NSS_OID_X500_RSA_ENCRYPTION +CKM CKM_RSA_X_509 + +OID 2.5.9 +TAG abstract-syntax +EXPL "X.500 abstract syntaxes" + +OID 2.5.12 +TAG operational-attribute +EXPL "DSA Operational Attributes" + +OID 2.5.13 +TAG matching-rule +EXPL "Matching Rule" + +OID 2.5.14 +TAG knowledge-matching-rule +EXPL "X.500 knowledge Matching Rules" + +OID 2.5.15 +TAG name-form +EXPL "X.500 name forms" + +OID 2.5.16 +TAG group +EXPL "X.500 groups" + +OID 2.5.17 +TAG subentry +EXPL "X.500 subentry" + +OID 2.5.18 +TAG operational-attribute-type +EXPL "X.500 operational attribute type" + +OID 2.5.19 +TAG operational-binding +EXPL "X.500 operational binding" + +OID 2.5.20 +TAG schema-object-class +EXPL "X.500 schema Object class" + +OID 2.5.21 +TAG schema-operational-attribute +EXPL "X.500 schema operational attributes" + +OID 2.5.23 +TAG administrative-role +EXPL "X.500 administrative roles" + +OID 2.5.24 +TAG access-control-attribute +EXPL "X.500 access control attribute" + +OID 2.5.25 +TAG ros +EXPL "X.500 ros object" + +OID 2.5.26 +TAG contract +EXPL "X.500 contract" + +OID 2.5.27 +TAG package +EXPL "X.500 package" + +OID 2.5.28 +TAG access-control-schema +EXPL "X.500 access control schema" + +# RFC 2459: +# +# id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} +OID 2.5.29 +TAG id-ce +EXPL "X.500 Certificate Extension" + +OID 2.5.29.5 +TAG subject-directory-attributes +EXPL "Certificate Subject Directory Attributes" +NAME NSS_OID_X509_SUBJECT_DIRECTORY_ATTR +CERT_EXTENSION UNSUPPORTED + +# RFC 2459: +# +# id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } +OID 2.5.29.9 +TAG id-ce-subjectDirectoryAttributes +EXPL "Certificate Subject Directory Attributes" +NAME NSS_OID_X509_SUBJECT_DIRECTORY_ATTRIBUTES +CERT_EXTENSION UNSUPPORTED + +# RFC 2459: +# +# id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } +OID 2.5.29.14 +TAG id-ce-subjectKeyIdentifier +EXPL "Certificate Subject Key ID" +NAME NSS_OID_X509_SUBJECT_KEY_ID +CERT_EXTENSION SUPPORTED + +# RFC 2459: +# +# id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } +OID 2.5.29.15 +TAG id-ce-keyUsage +EXPL "Certificate Key Usage" +NAME NSS_OID_X509_KEY_USAGE +CERT_EXTENSION SUPPORTED +# We called it PKCS12_KEY_USAGE + +# RFC 2459: +# +# id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= { id-ce 16 } +OID 2.5.29.16 +TAG id-ce-privateKeyUsagePeriod +EXPL "Certificate Private Key Usage Period" +NAME NSS_OID_X509_PRIVATE_KEY_USAGE_PERIOD +CERT_EXTENSION UNSUPPORTED + +# RFC 2459: +# +# id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } +OID 2.5.29.17 +TAG id-ce-subjectAltName +EXPL "Certificate Subject Alternate Name" +NAME NSS_OID_X509_SUBJECT_ALT_NAME +CERT_EXTENSION SUPPORTED + +# RFC 2459: +# +# id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } +OID 2.5.29.18 +TAG id-ce-issuerAltName +EXPL "Certificate Issuer Alternate Name" +NAME NSS_OID_X509_ISSUER_ALT_NAME +CERT_EXTENSION UNSUPPORTED + +# RFC 2459: +# +# id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } +OID 2.5.29.19 +TAG id-ce-basicConstraints +EXPL "Certificate Basic Constraints" +NAME NSS_OID_X509_BASIC_CONSTRAINTS +CERT_EXTENSION SUPPORTED + +# RFC 2459: +# +# id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } +OID 2.5.29.20 +TAG id-ce-cRLNumber +EXPL "CRL Number" +NAME NSS_OID_X509_CRL_NUMBER +CERT_EXTENSION SUPPORTED + +# RFC 2459: +# +# id-ce-cRLReasons OBJECT IDENTIFIER ::= { id-ce 21 } +OID 2.5.29.21 +TAG id-ce-cRLReasons +EXPL "CRL Reason Code" +NAME NSS_OID_X509_REASON_CODE +CERT_EXTENSION SUPPORTED + +# RFC 2459: +# +# id-ce-holdInstructionCode OBJECT IDENTIFIER ::= { id-ce 23 } +OID 2.5.29.23 +TAG id-ce-holdInstructionCode +EXPL "Hold Instruction Code" +NAME NSS_OID_X509_HOLD_INSTRUCTION_CODE +CERT_EXTENSION UNSUPPORTED + +# RFC 2459: +# +# id-ce-invalidityDate OBJECT IDENTIFIER ::= { id-ce 24 } +OID 2.5.29.24 +TAG id-ce-invalidityDate +EXPL "Invalid Date" +NAME NSS_OID_X509_INVALID_DATE +CERT_EXTENSION SUPPORTED + +# RFC 2459: +# +# id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= { id-ce 27 } +OID 2.5.29.27 +TAG id-ce-deltaCRLIndicator +EXPL "Delta CRL Indicator" +NAME NSS_OID_X509_DELTA_CRL_INDICATOR +CERT_EXTENSION UNSUPPORTED + +# RFC 2459: +# +# id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= { id-ce 28 } +OID 2.5.29.28 +TAG id-ce-issuingDistributionPoint +EXPL "Issuing Distribution Point" +NAME NSS_OID_X509_ISSUING_DISTRIBUTION_POINT +CERT_EXTENSION UNSUPPORTED + +# RFC 2459: +# +# id-ce-certificateIssuer OBJECT IDENTIFIER ::= { id-ce 29 } +OID 2.5.29.29 +TAG id-ce-certificateIssuer +EXPL "Certificate Issuer" +NAME NSS_OID_X509_CERTIFICATE_ISSUER +CERT_EXTENSION UNSUPPORTED + +# RFC 2459: +# +# id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } +OID 2.5.29.30 +TAG id-ce-nameConstraints +EXPL "Certificate Name Constraints" +NAME NSS_OID_X509_NAME_CONSTRAINTS +CERT_EXTENSION SUPPORTED + +# RFC 2459: +# +# id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31} +OID 2.5.29.31 +TAG id-ce-cRLDistributionPoints +EXPL "CRL Distribution Points" +NAME NSS_OID_X509_CRL_DIST_POINTS +CERT_EXTENSION UNSUPPORTED + +# RFC 2459: +# +# id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } +OID 2.5.29.32 +TAG id-ce-certificatePolicies +EXPL "Certificate Policies" +NAME NSS_OID_X509_CERTIFICATE_POLICIES +CERT_EXTENSION UNSUPPORTED + +# RFC 2459: +# +# id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } +OID 2.5.29.33 +TAG id-ce-policyMappings +EXPL "Certificate Policy Mappings" +NAME NSS_OID_X509_POLICY_MAPPINGS +CERT_EXTENSION UNSUPPORTED + +OID 2.5.29.34 +TAG policy-constraints +EXPL "Certificate Policy Constraints (old)" +CERT_EXTENSION UNSUPPORTED + +# RFC 2459: +# +# id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } +OID 2.5.29.35 +TAG id-ce-authorityKeyIdentifier +EXPL "Certificate Authority Key Identifier" +NAME NSS_OID_X509_AUTH_KEY_ID +CERT_EXTENSION SUPPORTED + +# RFC 2459: +# +# id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } +OID 2.5.29.36 +TAG id-ce-policyConstraints +EXPL "Certificate Policy Constraints" +NAME NSS_OID_X509_POLICY_CONSTRAINTS +CERT_EXTENSION SUPPORTED + +# RFC 2459: +# +# id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37} +OID 2.5.29.37 +TAG id-ce-extKeyUsage +EXPL "Extended Key Usage" +NAME NSS_OID_X509_EXT_KEY_USAGE +CERT_EXTENSION SUPPORTED + +OID 2.5.30 +TAG id-mgt +EXPL "X.500 Management Object" + +OID 2.6 +TAG x400 +EXPL "X.400 MHS" + +OID 2.7 +TAG ccr +EXPL "Committment, Concurrency and Recovery" + +OID 2.8 +TAG oda +EXPL "Office Document Architecture" + +OID 2.9 +TAG osi-management +EXPL "OSI management" + +OID 2.10 +TAG tp +EXPL "Transaction Processing" + +OID 2.11 +TAG dor +EXPL "Distinguished Object Reference" + +OID 2.12 +TAG rdt +EXPL "Referenced Data Transfer" + +OID 2.13 +TAG nlm +EXPL "Network Layer Management" + +OID 2.14 +TAG tlm +EXPL "Transport Layer Management" + +OID 2.15 +TAG llm +EXPL "Link Layer Management" + +OID 2.16 +TAG country +EXPL "Country Assignments" + +OID 2.16.124 +TAG canada +EXPL "Canada" + +OID 2.16.158 +TAG taiwan +EXPL "Taiwan" + +OID 2.16.578 +TAG norway +EXPL "Norway" + +OID 2.16.756 +TAG switzerland +EXPL "Switzerland" + +OID 2.16.840 +TAG us +EXPL "United States" + +OID 2.16.840.1 +TAG us-company +EXPL "United States Company" + +OID 2.16.840.1.101 +TAG us-government +EXPL "United States Government (1.101)" + +OID 2.16.840.1.101.2 +TAG us-dod +EXPL "United States Department of Defense" + +OID 2.16.840.1.101.2.1 +TAG id-infosec +EXPL "US DOD Infosec" + +OID 2.16.840.1.101.2.1.0 +TAG id-modules +EXPL "US DOD Infosec modules" + +OID 2.16.840.1.101.2.1.1 +TAG id-algorithms +EXPL "US DOD Infosec algorithms (MISSI)" + +OID 2.16.840.1.101.2.1.1.2 +TAG old-dss +EXPL "MISSI DSS Algorithm (Old)" +NAME NSS_OID_MISSI_DSS_OLD + +# This is labeled as "### mwelch temporary" +# Is it official?? XXX fgmr +OID 2.16.840.1.101.2.1.1.4 +TAG skipjack-cbc-64 +EXPL "Skipjack CBC64" +NAME NSS_OID_FORTEZZA_SKIPJACK +CKM CKM_SKIPJACK_CBC64 + +OID 2.16.840.1.101.2.1.1.10 +TAG kea +EXPL "MISSI KEA Algorithm" +NAME NSS_OID_MISSI_KEA + +OID 2.16.840.1.101.2.1.1.12 +TAG old-kea-dss +EXPL "MISSI KEA and DSS Algorithm (Old)" +NAME NSS_OID_MISSI_KEA_DSS_OLD + +OID 2.16.840.1.101.2.1.1.19 +TAG dss +EXPL "MISSI DSS Algorithm" +NAME NSS_OID_MISSI_DSS + +OID 2.16.840.1.101.2.1.1.20 +TAG kea-dss +EXPL "MISSI KEA and DSS Algorithm" +NAME NSS_OID_MISSI_KEA_DSS + +OID 2.16.840.1.101.2.1.1.22 +TAG alt-kea +EXPL "MISSI Alternate KEA Algorithm" +NAME NSS_OID_MISSI_ALT_KEY + +OID 2.16.840.1.101.2.1.2 +TAG id-formats +EXPL "US DOD Infosec formats" + +OID 2.16.840.1.101.2.1.3 +TAG id-policy +EXPL "US DOD Infosec policy" + +OID 2.16.840.1.101.2.1.4 +TAG id-object-classes +EXPL "US DOD Infosec object classes" + +OID 2.16.840.1.101.2.1.5 +TAG id-attributes +EXPL "US DOD Infosec attributes" + +OID 2.16.840.1.101.2.1.6 +TAG id-attribute-syntax +EXPL "US DOD Infosec attribute syntax" + +OID 2.16.840.1.113730 +# The Netscape OID space +TAG netscape +EXPL "Netscape Communications Corp." + +OID 2.16.840.1.113730.1 +TAG cert-ext +EXPL "Netscape Cert Extensions" + +OID 2.16.840.1.113730.1.1 +TAG cert-type +EXPL "Certificate Type" +NAME NSS_OID_NS_CERT_EXT_CERT_TYPE +CERT_EXTENSION SUPPORTED + +OID 2.16.840.1.113730.1.2 +TAG base-url +EXPL "Certificate Extension Base URL" +NAME NSS_OID_NS_CERT_EXT_BASE_URL +CERT_EXTENSION SUPPORTED + +OID 2.16.840.1.113730.1.3 +TAG revocation-url +EXPL "Certificate Revocation URL" +NAME NSS_OID_NS_CERT_EXT_REVOCATION_URL +CERT_EXTENSION SUPPORTED + +OID 2.16.840.1.113730.1.4 +TAG ca-revocation-url +EXPL "Certificate Authority Revocation URL" +NAME NSS_OID_NS_CERT_EXT_CA_REVOCATION_URL +CERT_EXTENSION SUPPORTED + +OID 2.16.840.1.113730.1.5 +TAG ca-crl-download-url +EXPL "Certificate Authority CRL Download URL" +NAME NSS_OID_NS_CERT_EXT_CA_CRL_URL +CERT_EXTENSION UNSUPPORTED + +OID 2.16.840.1.113730.1.6 +TAG ca-cert-url +EXPL "Certificate Authority Certificate Download URL" +NAME NSS_OID_NS_CERT_EXT_CA_CERT_URL +CERT_EXTENSION UNSUPPORTED + +OID 2.16.840.1.113730.1.7 +TAG renewal-url +EXPL "Certificate Renewal URL" +NAME NSS_OID_NS_CERT_EXT_CERT_RENEWAL_URL +CERT_EXTENSION SUPPORTED + +OID 2.16.840.1.113730.1.8 +TAG ca-policy-url +EXPL "Certificate Authority Policy URL" +NAME NSS_OID_NS_CERT_EXT_CA_POLICY_URL +CERT_EXTENSION SUPPORTED + +OID 2.16.840.1.113730.1.9 +TAG homepage-url +EXPL "Certificate Homepage URL" +NAME NSS_OID_NS_CERT_EXT_HOMEPAGE_URL +CERT_EXTENSION UNSUPPORTED + +OID 2.16.840.1.113730.1.10 +TAG entity-logo +EXPL "Certificate Entity Logo" +NAME NSS_OID_NS_CERT_EXT_ENTITY_LOGO +CERT_EXTENSION UNSUPPORTED + +OID 2.16.840.1.113730.1.11 +TAG user-picture +EXPL "Certificate User Picture" +NAME NSS_OID_NS_CERT_EXT_USER_PICTURE +CERT_EXTENSION UNSUPPORTED + +OID 2.16.840.1.113730.1.12 +TAG ssl-server-name +EXPL "Certificate SSL Server Name" +NAME NSS_OID_NS_CERT_EXT_SSL_SERVER_NAME +CERT_EXTENSION SUPPORTED + +OID 2.16.840.1.113730.1.13 +TAG comment +EXPL "Certificate Comment" +NAME NSS_OID_NS_CERT_EXT_COMMENT +CERT_EXTENSION SUPPORTED + +OID 2.16.840.1.113730.1.14 +TAG thayes +EXPL "" +NAME NSS_OID_NS_CERT_EXT_THAYES +CERT_EXTENSION SUPPORTED + +OID 2.16.840.1.113730.2 +TAG data-type +EXPL "Netscape Data Types" + +OID 2.16.840.1.113730.2.1 +TAG gif +EXPL "image/gif" +NAME NSS_OID_NS_TYPE_GIF + +OID 2.16.840.1.113730.2.2 +TAG jpeg +EXPL "image/jpeg" +NAME NSS_OID_NS_TYPE_JPEG + +OID 2.16.840.1.113730.2.3 +TAG url +EXPL "URL" +NAME NSS_OID_NS_TYPE_URL + +OID 2.16.840.1.113730.2.4 +TAG html +EXPL "text/html" +NAME NSS_OID_NS_TYPE_HTML + +OID 2.16.840.1.113730.2.5 +TAG cert-sequence +EXPL "Certificate Sequence" +NAME NSS_OID_NS_TYPE_CERT_SEQUENCE + +OID 2.16.840.1.113730.3 +# The Netscape Directory OID space +TAG directory +EXPL "Netscape Directory" + +OID 2.16.840.1.113730.4 +TAG policy +EXPL "Netscape Policy Type OIDs" + +OID 2.16.840.1.113730.4.1 +TAG export-approved +EXPL "Strong Crypto Export Approved" +NAME NSS_OID_NS_KEY_USAGE_GOVT_APPROVED +CERT_EXTENSION UNSUPPORTED + +OID 2.16.840.1.113730.5 +TAG cert-server +EXPL "Netscape Certificate Server" + +OID 2.16.840.1.113730.5.1 + +OID 2.16.840.1.113730.5.1.1 +TAG recovery-request +EXPL "Netscape Cert Server Recovery Request" +NAME NSS_OID_NETSCAPE_RECOVERY_REQUEST + +OID 2.16.840.1.113730.6 +TAG algs +EXPL "Netscape algorithm OIDs" + +OID 2.16.840.1.113730.6.1 +TAG smime-kea +EXPL "Netscape S/MIME KEA" +NAME NSS_OID_NETSCAPE_SMIME_KEA + +OID 2.16.840.1.113730.7 +TAG name-components +EXPL "Netscape Name Components" + +OID 2.16.840.1.113730.7.1 +TAG nickname +EXPL "Netscape Nickname" +NAME NSS_OID_NETSCAPE_NICKNAME + +OID 2.16.840.1.113733 +TAG verisign +EXPL "Verisign" + +OID 2.16.840.1.113733.1 + +OID 2.16.840.1.113733.1.7 + +OID 2.16.840.1.113733.1.7.1 + +OID 2.16.840.1.113733.1.7.1.1 +TAG verisign-user-notices +EXPL "Verisign User Notices" +NAME NSS_OID_VERISIGN_USER_NOTICES + +OID 2.16.840.101 +TAG us-government +EXPL "US Government (101)" + +OID 2.16.840.102 +TAG us-government2 +EXPL "US Government (102)" + +OID 2.16.840.11370 +TAG old-netscape +EXPL "Netscape Communications Corp. (Old)" + +OID 2.16.840.11370.1 +TAG ns-cert-ext +EXPL "Netscape Cert Extensions (Old NS)" + +OID 2.16.840.11370.1.1 +TAG netscape-ok +EXPL "Netscape says this cert is ok (Old NS)" +NAME NSS_OID_NS_CERT_EXT_NETSCAPE_OK +CERT_EXTENSION UNSUPPORTED + +OID 2.16.840.11370.1.2 +TAG issuer-logo +EXPL "Certificate Issuer Logo (Old NS)" +NAME NSS_OID_NS_CERT_EXT_ISSUER_LOGO +CERT_EXTENSION UNSUPPORTED + +OID 2.16.840.11370.1.3 +TAG subject-logo +EXPL "Certificate Subject Logo (Old NS)" +NAME NSS_OID_NS_CERT_EXT_SUBJECT_LOGO +CERT_EXTENSION UNSUPPORTED + +OID 2.16.840.11370.2 +TAG ns-file-type +EXPL "Netscape File Type" + +OID 2.16.840.11370.3 +TAG ns-image-type +EXPL "Netscape Image Type" + +OID 2.17 +TAG registration-procedures +EXPL "Registration procedures" + +OID 2.18 +TAG physical-layer-management +EXPL "Physical layer Management" + +OID 2.19 +TAG mheg +EXPL "MHEG" + +OID 2.20 +TAG guls +EXPL "Generic Upper Layer Security" + +OID 2.21 +TAG tls +EXPL "Transport Layer Security Protocol" + +OID 2.22 +TAG nls +EXPL "Network Layer Security Protocol" + +OID 2.23 +TAG organization +EXPL "International organizations" |