2 PKIX1Implicit88 {iso(1) identified-organization(3) dod(6) internet(1)
3 security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit-88(2)}
5 DEFINITIONS IMPLICIT TAGS ::=
10 -- ISO arc for standard certificate and CRL extensions
12 id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29}
15 -- authority key identifier OID and syntax
17 id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 }
19 AuthorityKeyIdentifier ::= SEQUENCE {
20 keyIdentifier [0] KeyIdentifier OPTIONAL,
21 authorityCertIssuer [1] GeneralNames OPTIONAL,
22 authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }
23 -- authorityCertIssuer and authorityCertSerialNumber shall both
24 -- be present or both be absgent
26 KeyIdentifier ::= OCTET STRING
28 -- subject key identifier OID and syntax
30 id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 }
32 SubjectKeyIdentifier ::= KeyIdentifier
34 -- key usage extension OID and syntax
36 id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
38 KeyUsage ::= BIT STRING {
49 -- private key usage period extension OID and syntax
51 id-ce-privateKeyUsagePeriod OBJECT IDENTIFIER ::= { id-ce 16 }
53 PrivateKeyUsagePeriod ::= SEQUENCE {
54 notBefore [0] GeneralizedTime OPTIONAL,
55 notAfter [1] GeneralizedTime OPTIONAL }
56 -- either notBefore or notAfter shall be present
58 -- certificate policies extension OID and syntax
60 id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 }
62 CertificatePolicies ::= SEQUENCE SIZE (1..MAX) OF PolicyInformation
64 PolicyInformation ::= SEQUENCE {
65 policyIdentifier CertPolicyId,
66 policyQualifiers SEQUENCE SIZE (1..MAX) OF
67 PolicyQualifierInfo OPTIONAL }
69 CertPolicyId ::= OBJECT IDENTIFIER
71 PolicyQualifierInfo ::= SEQUENCE {
72 policyQualifierId PolicyQualifierId,
73 qualifier ANY DEFINED BY policyQualifierId }
75 -- Implementations that recognize additional policy qualifiers shall
76 -- augment the following definition for PolicyQualifierId
79 OBJECT IDENTIFIER -- ( id-qt-cps | id-qt-unotice )
81 -- CPS pointer qualifier
85 -- user notice qualifier
87 UserNotice ::= SEQUENCE {
88 noticeRef NoticeReference OPTIONAL,
89 explicitText DisplayText OPTIONAL}
91 NoticeReference ::= SEQUENCE {
92 organization DisplayText,
93 noticeNumbers SEQUENCE OF INTEGER }
95 DisplayText ::= CHOICE {
96 visibleString VisibleString (SIZE (1..200)),
97 bmpString BMPString (SIZE (1..200)),
98 utf8String UTF8String (SIZE (1..200)) }
100 -- policy mapping extension OID and syntax
102 id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 }
104 PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
105 issuerDomainPolicy CertPolicyId,
106 subjectDomainPolicy CertPolicyId }
108 -- subject alternative name extension OID and syntax
110 id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 }
112 SubjectAltName ::= GeneralNames
114 GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
116 GeneralName ::= CHOICE {
117 otherName [0] AnotherName,
118 rfc822Name [1] IA5String,
119 dNSName [2] IA5String,
120 x400Address [3] ORAddress,
121 directoryName [4] Name,
122 ediPartyName [5] EDIPartyName,
123 uniformResourceIdentifier [6] IA5String,
124 iPAddress [7] OCTET STRING,
125 registeredID [8] OBJECT IDENTIFIER }
127 -- AnotherName replaces OTHER-NAME ::= TYPE-IDENTIFIER, as
128 -- TYPE-IDENTIFIER is not supported in the '88 ASN.1 syntax
130 AnotherName ::= SEQUENCE {
131 type-id OBJECT IDENTIFIER,
132 value [0] EXPLICIT ANY DEFINED BY type-id }
134 EDIPartyName ::= SEQUENCE {
135 nameAssigner [0] DirectoryString OPTIONAL,
136 partyName [1] DirectoryString }
138 -- issuer alternative name extension OID and syntax
140 id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 }
142 IssuerAltName ::= GeneralNames
144 id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 }
146 SubjectDirectoryAttributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
148 -- basic constraints extension OID and syntax
150 id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 }
152 BasicConstraints ::= SEQUENCE {
153 cA BOOLEAN DEFAULT FALSE,
154 pathLenConstraint INTEGER (0..MAX) OPTIONAL }
156 -- name constraints extension OID and syntax
158 id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 }
160 NameConstraints ::= SEQUENCE {
161 permittedSubtrees [0] GeneralSubtrees OPTIONAL,
162 excludedSubtrees [1] GeneralSubtrees OPTIONAL }
164 GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
166 GeneralSubtree ::= SEQUENCE {
168 minimum [0] BaseDistance DEFAULT 0,
169 maximum [1] BaseDistance OPTIONAL }
171 BaseDistance ::= INTEGER (0..MAX)
173 -- policy constraints extension OID and syntax
175 id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 }
177 PolicyConstraints ::= SEQUENCE {
178 requireExplicitPolicy [0] SkipCerts OPTIONAL,
179 inhibitPolicyMapping [1] SkipCerts OPTIONAL }
181 SkipCerts ::= INTEGER (0..MAX)
183 -- CRL distribution points extension OID and syntax
185 id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= {id-ce 31}
187 CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
189 DistributionPoint ::= SEQUENCE {
190 distributionPoint [0] DistributionPointName OPTIONAL,
191 reasons [1] ReasonFlags OPTIONAL,
192 cRLIssuer [2] GeneralNames OPTIONAL }
194 DistributionPointName ::= CHOICE {
195 fullName [0] GeneralNames,
196 nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
200 ReasonFlags ::= BIT STRING {
204 affiliationChanged (3),
206 cessationOfOperation (5),
207 certificateHold (6) }
209 -- extended key usage extension OID and syntax
211 id-ce-extKeyUsage OBJECT IDENTIFIER ::= {id-ce 37}
213 ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
215 KeyPurposeId ::= OBJECT IDENTIFIER
217 -- extended key purpose OIDs
218 id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 }
219 id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 }
220 id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 }
221 id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 }
222 id-kp-ipsecEndSystem OBJECT IDENTIFIER ::= { id-kp 5 }
223 id-kp-ipsecTunnel OBJECT IDENTIFIER ::= { id-kp 6 }
224 id-kp-ipsecUser OBJECT IDENTIFIER ::= { id-kp 7 }
225 id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 }
227 -- authority info access
229 id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 }
231 AuthorityInfoAccessSyntax ::=
232 SEQUENCE SIZE (1..MAX) OF AccessDescription
234 AccessDescription ::= SEQUENCE {
235 accessMethod OBJECT IDENTIFIER,
236 accessLocation GeneralName }
238 -- CRL number extension OID and syntax
240 id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 }
242 CRLNumber ::= INTEGER (0..MAX)
244 -- issuing distribution point extension OID and syntax
246 id-ce-issuingDistributionPoint OBJECT IDENTIFIER ::= { id-ce 28 }
248 IssuingDistributionPoint ::= SEQUENCE {
249 distributionPoint [0] DistributionPointName OPTIONAL,
250 onlyContainsUserCerts [1] BOOLEAN DEFAULT FALSE,
251 onlyContainsCACerts [2] BOOLEAN DEFAULT FALSE,
252 onlySomeReasons [3] ReasonFlags OPTIONAL,
253 indirectCRL [4] BOOLEAN DEFAULT FALSE }
256 id-ce-deltaCRLIndicator OBJECT IDENTIFIER ::= { id-ce 27 }
258 -- deltaCRLIndicator ::= BaseCRLNumber
260 BaseCRLNumber ::= CRLNumber
262 -- CRL reasons extension OID and syntax
264 id-ce-cRLReasons OBJECT IDENTIFIER ::= { id-ce 21 }
266 CRLReason ::= ENUMERATED {
270 affiliationChanged (3),
272 cessationOfOperation (5),
276 -- certificate issuer CRL entry extension OID and syntax
278 id-ce-certificateIssuer OBJECT IDENTIFIER ::= { id-ce 29 }
280 CertificateIssuer ::= GeneralNames
282 -- hold instruction extension OID and syntax
284 id-ce-holdInstructionCode OBJECT IDENTIFIER ::= { id-ce 23 }
286 HoldInstructionCode ::= OBJECT IDENTIFIER
288 -- ANSI x9 holdinstructions
290 -- ANSI x9 arc holdinstruction arc
291 holdInstruction OBJECT IDENTIFIER ::=
292 {joint-iso-itu-t(2) member-body(2) us(840) x9cm(10040) 2}
294 -- ANSI X9 holdinstructions referenced by this standard
295 id-holdinstruction-none OBJECT IDENTIFIER ::=
296 {holdInstruction 1} -- deprecated
297 id-holdinstruction-callissuer OBJECT IDENTIFIER ::=
299 id-holdinstruction-reject OBJECT IDENTIFIER ::=
302 -- invalidity date CRL entry extension OID and syntax
304 id-ce-invalidityDate OBJECT IDENTIFIER ::= { id-ce 24 }
306 InvalidityDate ::= GeneralizedTime
309 -- --------------------------------------
311 -- --------------------------------------
313 -- UNIVERSAL Types defined in '93 and '98 ASN.1
314 -- but required by this specification
316 VisibleString ::= [UNIVERSAL 26] IMPLICIT OCTET STRING
318 NumericString ::= [UNIVERSAL 18] IMPLICIT OCTET STRING
320 IA5String ::= [UNIVERSAL 22] IMPLICIT OCTET STRING
322 TeletexString ::= [UNIVERSAL 20] IMPLICIT OCTET STRING
324 PrintableString ::= [UNIVERSAL 19] IMPLICIT OCTET STRING
326 UniversalString ::= [UNIVERSAL 28] IMPLICIT OCTET STRING
327 -- UniversalString is defined in ASN.1:1993
329 BMPString ::= [UNIVERSAL 30] IMPLICIT OCTET STRING
330 -- BMPString is the subtype of UniversalString and models
331 -- the Basic Multilingual Plane of ISO/IEC/ITU 10646-1
333 UTF8String ::= [UNIVERSAL 12] IMPLICIT OCTET STRING
334 -- The content of this type conforms to RFC 2279.
337 -- PKIX specific OIDs
339 id-pkix OBJECT IDENTIFIER ::=
340 { iso(1) identified-organization(3) dod(6) internet(1)
341 security(5) mechanisms(5) pkix(7) }
345 id-pe OBJECT IDENTIFIER ::= { id-pkix 1 }
346 -- arc for private certificate extensions
347 id-qt OBJECT IDENTIFIER ::= { id-pkix 2 }
348 -- arc for policy qualifier types
349 id-kp OBJECT IDENTIFIER ::= { id-pkix 3 }
350 -- arc for extended key purpose OIDS
351 id-ad OBJECT IDENTIFIER ::= { id-pkix 48 }
352 -- arc for access descriptors
354 -- policyQualifierIds for Internet policy qualifiers
356 id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 }
357 -- OID for CPS qualifier
358 id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 }
359 -- OID for user notice qualifier
361 -- access descriptor definitions
363 id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 }
364 id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 }
366 -- attribute data types --
368 Attribute ::= SEQUENCE {
370 values SET OF AttributeValue
371 -- at least one value is required --
374 AttributeType ::= OBJECT IDENTIFIER
376 AttributeValue ::= ANY
378 AttributeTypeAndValue ::= SEQUENCE {
380 value AttributeValue }
382 -- suggested naming attributes: Definition of the following
383 -- information object set may be augmented to meet local
384 -- requirements. Note that deleting members of the set may
385 -- prevent interoperability with conforming implementations.
386 -- presented in pairs: the AttributeType followed by the
387 -- type definition for the corresponding AttributeValue
389 -- Arc for standard naming attributes
390 id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4}
392 -- Attributes of type NameDirectoryString
393 id-at-name AttributeType ::= {id-at 41}
394 id-at-surname AttributeType ::= {id-at 4}
395 id-at-givenName AttributeType ::= {id-at 42}
396 id-at-initials AttributeType ::= {id-at 43}
397 id-at-generationQualifier AttributeType ::= {id-at 44}
399 X520name ::= CHOICE {
400 teletexString TeletexString (SIZE (1..ub-name)),
401 printableString PrintableString (SIZE (1..ub-name)),
402 universalString UniversalString (SIZE (1..ub-name)),
403 utf8String UTF8String (SIZE (1..ub-name)),
404 bmpString BMPString (SIZE(1..ub-name)) }
408 id-at-commonName AttributeType ::= {id-at 3}
410 X520CommonName ::= CHOICE {
411 teletexString TeletexString (SIZE (1..ub-common-name)),
412 printableString PrintableString (SIZE (1..ub-common-name)),
413 universalString UniversalString (SIZE (1..ub-common-name)),
414 utf8String UTF8String (SIZE (1..ub-common-name)),
415 bmpString BMPString (SIZE(1..ub-common-name)) }
419 id-at-localityName AttributeType ::= {id-at 7}
421 X520LocalityName ::= CHOICE {
422 teletexString TeletexString (SIZE (1..ub-locality-name)),
423 printableString PrintableString (SIZE (1..ub-locality-name)),
424 universalString UniversalString (SIZE (1..ub-locality-name)),
425 utf8String UTF8String (SIZE (1..ub-locality-name)),
426 bmpString BMPString (SIZE(1..ub-locality-name)) }
430 id-at-stateOrProvinceName AttributeType ::= {id-at 8}
432 X520StateOrProvinceName ::= CHOICE {
433 teletexString TeletexString (SIZE (1..ub-state-name)),
434 printableString PrintableString (SIZE (1..ub-state-name)),
435 universalString UniversalString (SIZE (1..ub-state-name)),
436 utf8String UTF8String (SIZE (1..ub-state-name)),
437 bmpString BMPString (SIZE(1..ub-state-name)) }
441 id-at-organizationName AttributeType ::= {id-at 10}
443 X520OrganizationName ::= CHOICE {
444 teletexString TeletexString (SIZE (1..ub-organization-name)),
445 printableString PrintableString (SIZE (1..ub-organization-name)),
446 universalString UniversalString (SIZE (1..ub-organization-name)),
447 utf8String UTF8String (SIZE (1..ub-organization-name)),
448 bmpString BMPString (SIZE(1..ub-organization-name)) }
452 id-at-organizationalUnitName AttributeType ::= {id-at 11}
454 X520OrganizationalUnitName ::= CHOICE {
455 teletexString TeletexString (SIZE (1..ub-organizational-unit-name)),
456 printableString PrintableString
457 (SIZE (1..ub-organizational-unit-name)),
458 universalString UniversalString
459 (SIZE (1..ub-organizational-unit-name)),
460 utf8String UTF8String (SIZE (1..ub-organizational-unit-name)),
461 bmpString BMPString (SIZE(1..ub-organizational-unit-name)) }
465 id-at-title AttributeType ::= {id-at 12}
467 X520Title ::= CHOICE {
468 teletexString TeletexString (SIZE (1..ub-title)),
469 printableString PrintableString (SIZE (1..ub-title)),
470 universalString UniversalString (SIZE (1..ub-title)),
471 utf8String UTF8String (SIZE (1..ub-title)),
472 bmpString BMPString (SIZE(1..ub-title)) }
476 id-at-dnQualifier AttributeType ::= {id-at 46}
477 X520dnQualifier ::= PrintableString
479 id-at-countryName AttributeType ::= {id-at 6}
480 X520countryName ::= PrintableString (SIZE (2)) -- IS 3166 codes
484 pkcs-9 OBJECT IDENTIFIER ::=
485 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 }
487 emailAddress AttributeType ::= { pkcs-9 1 }
489 Pkcs9email ::= IA5String (SIZE (1..ub-emailaddress-length))
491 -- naming data types --
493 Name ::= CHOICE { -- only one possibility for now --
494 rdnSequence RDNSequence }
496 RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
498 DistinguishedName ::= RDNSequence
500 RelativeDistinguishedName ::=
501 SET SIZE (1 .. MAX) OF AttributeTypeAndValue
503 -- Directory string type --
505 DirectoryString ::= CHOICE {
506 teletexString TeletexString (SIZE (1..MAX)),
507 printableString PrintableString (SIZE (1..MAX)),
508 universalString UniversalString (SIZE (1..MAX)),
509 utf8String UTF8String (SIZE (1..MAX)),
510 bmpString BMPString (SIZE(1..MAX)) }
513 -- --------------------------------------------------------
514 -- certificate and CRL specific structures begin here
515 -- --------------------------------------------------------
517 Certificate ::= SEQUENCE {
518 tbsCertificate TBSCertificate,
519 signatureAlgorithm AlgorithmIdentifier,
520 signature BIT STRING }
522 TBSCertificate ::= SEQUENCE {
523 version [0] EXPLICIT Version DEFAULT v1,
524 serialNumber CertificateSerialNumber,
525 signature AlgorithmIdentifier,
529 subjectPublicKeyInfo SubjectPublicKeyInfo,
530 issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL,
531 -- If present, version shall be v2 or v3
532 subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL,
533 -- If present, version shall be v2 or v3
534 extensions [3] EXPLICIT Extensions OPTIONAL
535 -- If present, version shall be v3 --
538 Version ::= INTEGER { v1(0), v2(1), v3(2) }
540 CertificateSerialNumber ::= INTEGER
542 Validity ::= SEQUENCE {
548 generalTime GeneralizedTime }
550 UniqueIdentifier ::= BIT STRING
552 SubjectPublicKeyInfo ::= SEQUENCE {
553 algorithm AlgorithmIdentifier,
554 subjectPublicKey BIT STRING }
556 Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
558 Extension ::= SEQUENCE {
559 extnID OBJECT IDENTIFIER,
560 critical BOOLEAN DEFAULT FALSE,
561 extnValue OCTET STRING }
564 -- ------------------------------------------
566 -- ------------------------------------------
568 CertificateList ::= SEQUENCE {
569 tbsCertList TBSCertList,
570 signatureAlgorithm AlgorithmIdentifier,
571 signature BIT STRING }
573 TBSCertList ::= SEQUENCE {
574 version Version OPTIONAL,
575 -- if present, shall be v2
576 signature AlgorithmIdentifier,
579 nextUpdate Time OPTIONAL,
580 revokedCertificates SEQUENCE OF SEQUENCE {
581 userCertificate CertificateSerialNumber,
583 crlEntryExtensions Extensions OPTIONAL
584 -- if present, shall be v2
586 crlExtensions [0] EXPLICIT Extensions OPTIONAL
587 -- if present, shall be v2 --
590 -- Version, Time, CertificateSerialNumber, and Extensions were
591 -- defined earlier for use in the certificate structure
593 AlgorithmIdentifier ::= SEQUENCE {
594 algorithm OBJECT IDENTIFIER,
595 parameters ANY DEFINED BY algorithm OPTIONAL }
596 -- contains a value of the type
597 -- registered for use with the
598 -- algorithm object identifier value
600 -- Algorithm OIDs and parameter structures
602 pkcs-1 OBJECT IDENTIFIER ::= {
603 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 }
605 rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 }
607 md2WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 2 }
609 md5WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 4 }
611 sha1WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 5 }
613 id-dsa-with-sha1 OBJECT IDENTIFIER ::= {
614 iso(1) member-body(2) us(840) x9-57 (10040) x9algorithm(4) 3 }
616 Dss-Sig-Value ::= SEQUENCE {
620 dhpublicnumber OBJECT IDENTIFIER ::= {
621 iso(1) member-body(2) us(840) ansi-x942(10046) number-type(2) 1 }
623 DomainParameters ::= SEQUENCE {
624 p INTEGER, -- odd prime, p=jq +1
625 g INTEGER, -- generator, g
626 q INTEGER, -- factor of p-1
627 j INTEGER OPTIONAL, -- subgroup factor, j>= 2
628 validationParms ValidationParms OPTIONAL }
630 ValidationParms ::= SEQUENCE {
632 pgenCounter INTEGER }
634 id-dsa OBJECT IDENTIFIER ::= {
635 iso(1) member-body(2) us(840) x9-57(10040) x9algorithm(4) 1 }
637 Dss-Parms ::= SEQUENCE {
642 -- x400 address syntax starts here
645 ORAddress ::= SEQUENCE {
646 built-in-standard-attributes BuiltInStandardAttributes,
647 built-in-domain-defined-attributes
648 BuiltInDomainDefinedAttributes OPTIONAL,
649 -- see also teletex-domain-defined-attributes
650 extension-attributes ExtensionAttributes OPTIONAL }
651 -- The OR-address is semantically absent from the OR-name if the
652 -- built-in-standard-attribute sequence is empty and the
653 -- built-in-domain-defined-attributes and extension-attributes are
656 -- Built-in Standard Attributes
658 BuiltInStandardAttributes ::= SEQUENCE {
659 country-name CountryName OPTIONAL,
660 administration-domain-name AdministrationDomainName OPTIONAL,
661 network-address [0] EXPLICIT NetworkAddress OPTIONAL,
662 -- see also extended-network-address
663 terminal-identifier [1] EXPLICIT TerminalIdentifier OPTIONAL,
664 private-domain-name [2] EXPLICIT PrivateDomainName OPTIONAL,
665 organization-name [3] EXPLICIT OrganizationName OPTIONAL,
666 -- see also teletex-organization-name
667 numeric-user-identifier [4] EXPLICIT NumericUserIdentifier OPTIONAL,
668 personal-name [5] EXPLICIT PersonalName OPTIONAL,
669 -- see also teletex-personal-name
670 organizational-unit-names [6] EXPLICIT OrganizationalUnitNames OPTIONAL
671 -- see also teletex-organizational-unit-names --
674 CountryName ::= [APPLICATION 1] CHOICE {
675 x121-dcc-code NumericString
676 (SIZE (ub-country-name-numeric-length)),
677 iso-3166-alpha2-code PrintableString
678 (SIZE (ub-country-name-alpha-length)) }
680 AdministrationDomainName ::= [APPLICATION 2] EXPLICIT CHOICE {
681 numeric NumericString (SIZE (0..ub-domain-name-length)),
682 printable PrintableString (SIZE (0..ub-domain-name-length)) }
684 NetworkAddress ::= X121Address -- see also extended-network-address
686 X121Address ::= NumericString (SIZE (1..ub-x121-address-length))
688 TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length))
690 PrivateDomainName ::= CHOICE {
691 numeric NumericString (SIZE (1..ub-domain-name-length)),
692 printable PrintableString (SIZE (1..ub-domain-name-length)) }
694 OrganizationName ::= PrintableString
695 (SIZE (1..ub-organization-name-length))
696 -- see also teletex-organization-name
698 NumericUserIdentifier ::= NumericString
699 (SIZE (1..ub-numeric-user-id-length))
701 PersonalName ::= SET {
702 surname [0] PrintableString (SIZE (1..ub-surname-length)),
703 given-name [1] PrintableString
704 (SIZE (1..ub-given-name-length)) OPTIONAL,
705 initials [2] PrintableString (SIZE (1..ub-initials-length)) OPTIONAL,
706 generation-qualifier [3] PrintableString
707 (SIZE (1..ub-generation-qualifier-length)) OPTIONAL }
708 -- see also teletex-personal-name
710 OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units)
711 OF OrganizationalUnitName
712 -- see also teletex-organizational-unit-names
714 OrganizationalUnitName ::= PrintableString (SIZE
715 (1..ub-organizational-unit-name-length))
717 -- Built-in Domain-defined Attributes
719 BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE
720 (1..ub-domain-defined-attributes) OF
721 BuiltInDomainDefinedAttribute
723 BuiltInDomainDefinedAttribute ::= SEQUENCE {
724 type PrintableString (SIZE
725 (1..ub-domain-defined-attribute-type-length)),
726 value PrintableString (SIZE
727 (1..ub-domain-defined-attribute-value-length))}
729 -- Extension Attributes
731 ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF
734 ExtensionAttribute ::= SEQUENCE {
735 extension-attribute-type [0] EXPLICIT INTEGER (0..ub-extension-attributes),
736 extension-attribute-value [1] EXPLICIT
737 ANY DEFINED BY extension-attribute-type }
739 -- Extension types and attribute values
742 common-name INTEGER ::= 1
744 CommonName ::= PrintableString (SIZE (1..ub-common-name-length))
746 teletex-common-name INTEGER ::= 2
748 TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length))
750 teletex-organization-name INTEGER ::= 3
752 TeletexOrganizationName ::=
753 TeletexString (SIZE (1..ub-organization-name-length))
755 teletex-personal-name INTEGER ::= 4
757 TeletexPersonalName ::= SET {
758 surname [0] EXPLICIT TeletexString (SIZE (1..ub-surname-length)),
759 given-name [1] EXPLICIT TeletexString
760 (SIZE (1..ub-given-name-length)) OPTIONAL,
761 initials [2] EXPLICIT TeletexString (SIZE (1..ub-initials-length)) OPTIONAL,
762 generation-qualifier [3] EXPLICIT TeletexString (SIZE
763 (1..ub-generation-qualifier-length)) OPTIONAL }
765 teletex-organizational-unit-names INTEGER ::= 5
767 TeletexOrganizationalUnitNames ::= SEQUENCE SIZE
768 (1..ub-organizational-units) OF TeletexOrganizationalUnitName
770 TeletexOrganizationalUnitName ::= TeletexString
771 (SIZE (1..ub-organizational-unit-name-length))
773 pds-name INTEGER ::= 7
775 PDSName ::= PrintableString (SIZE (1..ub-pds-name-length))
777 physical-delivery-country-name INTEGER ::= 8
779 PhysicalDeliveryCountryName ::= CHOICE {
780 x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)),
781 iso-3166-alpha2-code PrintableString
782 (SIZE (ub-country-name-alpha-length)) }
784 postal-code INTEGER ::= 9
786 PostalCode ::= CHOICE {
787 numeric-code NumericString (SIZE (1..ub-postal-code-length)),
788 printable-code PrintableString (SIZE (1..ub-postal-code-length)) }
790 physical-delivery-office-name INTEGER ::= 10
792 PhysicalDeliveryOfficeName ::= PDSParameter
794 physical-delivery-office-number INTEGER ::= 11
796 PhysicalDeliveryOfficeNumber ::= PDSParameter
798 extension-OR-address-components INTEGER ::= 12
800 ExtensionORAddressComponents ::= PDSParameter
802 physical-delivery-personal-name INTEGER ::= 13
804 PhysicalDeliveryPersonalName ::= PDSParameter
806 physical-delivery-organization-name INTEGER ::= 14
808 PhysicalDeliveryOrganizationName ::= PDSParameter
810 extension-physical-delivery-address-components INTEGER ::= 15
812 ExtensionPhysicalDeliveryAddressComponents ::= PDSParameter
814 unformatted-postal-address INTEGER ::= 16
816 UnformattedPostalAddress ::= SET {
817 printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) OF
818 PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL,
819 teletex-string TeletexString
820 (SIZE (1..ub-unformatted-address-length)) OPTIONAL }
822 street-address INTEGER ::= 17
824 StreetAddress ::= PDSParameter
826 post-office-box-address INTEGER ::= 18
828 PostOfficeBoxAddress ::= PDSParameter
830 poste-restante-address INTEGER ::= 19
832 PosteRestanteAddress ::= PDSParameter
834 unique-postal-name INTEGER ::= 20
836 UniquePostalName ::= PDSParameter
838 local-postal-attributes INTEGER ::= 21
840 LocalPostalAttributes ::= PDSParameter
842 PDSParameter ::= SET {
843 printable-string PrintableString
844 (SIZE(1..ub-pds-parameter-length)) OPTIONAL,
845 teletex-string TeletexString
846 (SIZE(1..ub-pds-parameter-length)) OPTIONAL }
848 extended-network-address INTEGER ::= 22
850 ExtendedNetworkAddress ::= CHOICE {
851 e163-4-address SEQUENCE {
852 number [0] EXPLICIT NumericString (SIZE (1..ub-e163-4-number-length)),
853 sub-address [1] EXPLICIT NumericString
854 (SIZE (1..ub-e163-4-sub-address-length)) OPTIONAL },
855 psap-address [0] EXPLICIT PresentationAddress }
857 PresentationAddress ::= SEQUENCE {
858 pSelector [0] EXPLICIT OCTET STRING OPTIONAL,
859 sSelector [1] EXPLICIT OCTET STRING OPTIONAL,
860 tSelector [2] EXPLICIT OCTET STRING OPTIONAL,
861 nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING }
863 terminal-type INTEGER ::= 23
865 TerminalType ::= INTEGER {
871 videotex (8) } (0..ub-integer-options)
873 -- Extension Domain-defined Attributes
875 teletex-domain-defined-attributes INTEGER ::= 6
877 TeletexDomainDefinedAttributes ::= SEQUENCE SIZE
878 (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute
880 TeletexDomainDefinedAttribute ::= SEQUENCE {
882 (SIZE (1..ub-domain-defined-attribute-type-length)),
884 (SIZE (1..ub-domain-defined-attribute-value-length)) }
886 -- specifications of Upper Bounds shall be regarded as mandatory
887 -- from Annex B of ITU-T X.411 Reference Definition of MTS Parameter
891 ub-name INTEGER ::= 32768
892 ub-common-name INTEGER ::= 64
893 ub-locality-name INTEGER ::= 128
894 ub-state-name INTEGER ::= 128
895 ub-organization-name INTEGER ::= 64
896 ub-organizational-unit-name INTEGER ::= 64
897 ub-title INTEGER ::= 64
898 ub-match INTEGER ::= 128
900 ub-emailaddress-length INTEGER ::= 128
902 ub-common-name-length INTEGER ::= 64
903 ub-country-name-alpha-length INTEGER ::= 2
904 ub-country-name-numeric-length INTEGER ::= 3
905 ub-domain-defined-attributes INTEGER ::= 4
906 ub-domain-defined-attribute-type-length INTEGER ::= 8
907 ub-domain-defined-attribute-value-length INTEGER ::= 128
908 ub-domain-name-length INTEGER ::= 16
909 ub-extension-attributes INTEGER ::= 256
910 ub-e163-4-number-length INTEGER ::= 15
911 ub-e163-4-sub-address-length INTEGER ::= 40
912 ub-generation-qualifier-length INTEGER ::= 3
913 ub-given-name-length INTEGER ::= 16
914 ub-initials-length INTEGER ::= 5
915 ub-integer-options INTEGER ::= 256
916 ub-numeric-user-id-length INTEGER ::= 32
917 ub-organization-name-length INTEGER ::= 64
918 ub-organizational-unit-name-length INTEGER ::= 32
919 ub-organizational-units INTEGER ::= 4
920 ub-pds-name-length INTEGER ::= 16
921 ub-pds-parameter-length INTEGER ::= 30
922 ub-pds-physical-address-lines INTEGER ::= 6
923 ub-postal-code-length INTEGER ::= 16
924 ub-surname-length INTEGER ::= 40
925 ub-terminal-id-length INTEGER ::= 24
926 ub-unformatted-address-length INTEGER ::= 180
927 ub-x121-address-length INTEGER ::= 16
929 -- Note - upper bounds on string types, such as TeletexString, are
930 -- measured in characters. Excepting PrintableString or IA5String, a
931 -- significantly greater number of octets will be required to hold
932 -- such a value. As a minimum, 16 octets, or twice the specified upper
933 -- bound, whichever is the larger, should be allowed for TeletexString.
934 -- For UTF8String or UniversalString at least four times the upper
935 -- bound should be allowed.