Cryptography Reference
In-Depth Information
Name ::= CHOICE {
RDNSequence }
RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
RelativeDistinguishedName ::=
SET OF AttributeTypeAndValue
AttributeTypeAndValue ::= SEQUENCE {
type AttributeType,
value AttributeValue }
AttributeType ::= OBJECT IDENTIFIER
AttributeValue ::= ANY DEFINED BY AttributeType
Figure 5.3:
Example of an Issuer field
A name is an
RDNSequence
, which is a
SEQUENCE OF
another type, the
RelativeDistinguishedName
. Remember earlier when
SEQUENCE
was com-
pared to a C
struct
, which may be confusing because
SEQUENCE
sounds like a
repeating fi eld? Well,
SET OF
, which
RelativeDistinguishedName
is defi ned
as, is a repeating fi eld.
What this all means is that a name is a variable-length array of
AttributeTypeAndValue
structures. The attribute type is an
OID
, and the attri-
bute value can be any type, depending on its OID. Again, you don't need to
care much about the encoding structure of OIDs; you just need to care about
their values and what they map to. As you can probably guess,
CN
,
O
,
OU
,
L
,
ST
,
and
C
each have their own OID values. They're not represented as string values
anywhere in the certifi cate. These OIDs are shown in Table 5-3.
Search WWH ::
Custom Search