NIEM Wayfarer 5.1

Disclaimer: This tool was developed by Tom Carlson Consulting LLC. It was created from the official distribution of the data model. Tom Carlson Consulting LLC makes neither claim nor warranty that this tool provides an accurate representation of the NIEM data model. For official and authoritative representations, please visit the official NIEM release website. Non-English text Powered by Google Translate.

for

mo:CertificateContentStandardExtension (mo:X509V3ExtensionType)

A set of fields that capture standard X509 V3 extensions that may be specified in the certificate.

View UML for type: mo:X509V3ExtensionType

mo:CertificateContentStandardExtension is contained within these types:
mo:CertificateContentStandardExtension can contain:
  • mo:X509V3ExtensionBasicConstraintsText
        A field that captures a multi-valued extension which indicates whether a certificate is a CA certificate. The first (mandatory) name is CA followed by TRUE or FALSE. If CA is TRUE then an optional pathlen name followed by an non-negative value can be included. Also equivalent to the object ID (OID) value of 2.5.29.19.
  • mo:X509V3ExtensionNameConstraintsText
        A field that captures a name space within which all subject names in subsequent certificates in a certification path MUST be located. Also equivalent to the object ID (OID) value of 2.5.29.30.
  • mo:X509V3ExtensionPolicyConstraintsText
        A field that captures any constraints on path validation for certificates issued to CAs. Also equivalent to the object ID (OID) value of 2.5.29.36.
  • mo:X509V3ExtensionKeyUsageText
        A field that captures a multi-valued extension consisting of a list of names of the permitted key usages. Also equivalent to the object ID (OID) value of 2.5.29.15.
  • mo:X509V3ExtensionExtendedKeyUsageText
        A field that captures a list of usages indicating purposes for which the certificate public key can be used for. Also equivalent to the object ID (OID) value of 2.5.29.37.
  • mo:X509V3ExtensionSubjectKeyID
        A field that captures the identifier that provides a means of identifying certificates that contain a particular public key. Also equivalent to the object ID (OID) value of 2.5.29.14.
  • mo:X509V3ExtensionAuthorityKeyID
        A field that captures the identifier that provides a means of identifying the public key corresponding to the private key used to sign a certificate. Also equivalent to the object ID (OID) value of 2.5.29.35.
  • mo:X509V3ExtensionSubjectAlternativeName
        A name that captures the additional identities to be bound to the subject of the certificate. Also equivalent to the object ID (OID) value of 2.5.29.17.
  • mo:X509V3ExtensionIssuerAlternativeName
        A name that captures the additional identities to be bound to the issuer of the certificate. Also equivalent to the object ID (OID) value of 2.5.29.18.
  • mo:X509V3ExtensionSubjectDirectoryAttributesText
        A field that captures the identification attributes (e.g., nationality) of the subject. Also equivalent to the object ID (OID) value of 2.5.29.9.
  • mo:X509V3ExtensionCRLDistributionPointsText
        A field that captures how CRL information is obtained. Also equivalent to the object ID (OID) value of 2.5.29.31.
  • mo:X509V3ExtensionInhibitAnyPolicyText
        A number of additional certificates that may appear in the path before anyPolicy is no longer permitted. Also equivalent to the object ID (OID) value of 2.5.29.54.
  • mo:X509V3ExtensionPrivateKeyUsagePeriod
        A field that captures the validity period for the private key, if it is different from the validity period of the certificate. Also equivalent to the object ID (OID) value of 2.5.29.16.
  • mo:X509V3ExtensionCertificatePoliciesText
        A field that captures a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. Also equivalent to the object ID (OID) value of 2.5.29.32.
  • mo:X509V3ExtensionPolicyMappingsText
        A field that captures one or more pairs of OIDs; each pair includes an issuerDomainPolicy and a subjectDomainPolicy. The pairing indicates whether the issuing CA considers its issuerDomainPolicy equivalent to the subject CA's subjectDomainPolicy. Also equivalent to the object ID (OID) value of 2.5.29.33.
mo:CertificateContentStandardExtension can be contained in any of these elements:
Everything mo:CertificateContentStandardExtension can contain:
  • via mo:X509V3ExtensionType
    • mo:X509V3ExtensionBasicConstraintsText A field that captures a multi-valued extension which indicates whether a certificate is a CA certificate. The first (mandatory) name is CA followed by TRUE or FALSE. If CA is TRUE then an optional pathlen name followed by an non-negative value can be included. Also equivalent to the object ID (OID) value of 2.5.29.19.
    • mo:X509V3ExtensionNameConstraintsText A field that captures a name space within which all subject names in subsequent certificates in a certification path MUST be located. Also equivalent to the object ID (OID) value of 2.5.29.30.
    • mo:X509V3ExtensionPolicyConstraintsText A field that captures any constraints on path validation for certificates issued to CAs. Also equivalent to the object ID (OID) value of 2.5.29.36.
    • mo:X509V3ExtensionKeyUsageText A field that captures a multi-valued extension consisting of a list of names of the permitted key usages. Also equivalent to the object ID (OID) value of 2.5.29.15.
    • mo:X509V3ExtensionExtendedKeyUsageText A field that captures a list of usages indicating purposes for which the certificate public key can be used for. Also equivalent to the object ID (OID) value of 2.5.29.37.
    • mo:X509V3ExtensionSubjectKeyID A field that captures the identifier that provides a means of identifying certificates that contain a particular public key. Also equivalent to the object ID (OID) value of 2.5.29.14.
    • mo:X509V3ExtensionAuthorityKeyID A field that captures the identifier that provides a means of identifying the public key corresponding to the private key used to sign a certificate. Also equivalent to the object ID (OID) value of 2.5.29.35.
    • mo:X509V3ExtensionSubjectAlternativeName A name that captures the additional identities to be bound to the subject of the certificate. Also equivalent to the object ID (OID) value of 2.5.29.17.
    • mo:X509V3ExtensionIssuerAlternativeName A name that captures the additional identities to be bound to the issuer of the certificate. Also equivalent to the object ID (OID) value of 2.5.29.18.
    • mo:X509V3ExtensionSubjectDirectoryAttributesText A field that captures the identification attributes (e.g., nationality) of the subject. Also equivalent to the object ID (OID) value of 2.5.29.9.
    • mo:X509V3ExtensionCRLDistributionPointsText A field that captures how CRL information is obtained. Also equivalent to the object ID (OID) value of 2.5.29.31.
    • mo:X509V3ExtensionInhibitAnyPolicyText A number of additional certificates that may appear in the path before anyPolicy is no longer permitted. Also equivalent to the object ID (OID) value of 2.5.29.54.
    • mo:X509V3ExtensionPrivateKeyUsagePeriod A field that captures the validity period for the private key, if it is different from the validity period of the certificate. Also equivalent to the object ID (OID) value of 2.5.29.16.
    • mo:X509V3ExtensionCertificatePoliciesText A field that captures a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. Also equivalent to the object ID (OID) value of 2.5.29.32.
    • mo:X509V3ExtensionPolicyMappingsText A field that captures one or more pairs of OIDs; each pair includes an issuerDomainPolicy and a subjectDomainPolicy. The pairing indicates whether the issuing CA considers its issuerDomainPolicy equivalent to the subject CA's subjectDomainPolicy. Also equivalent to the object ID (OID) value of 2.5.29.33.
  • via structures:ObjectType
    • Nothing