RE: [Cdsa-discuss] x509 document.

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Chris,

An excellent source of information on X.509, with references to other
relevant information, is Peter Gutmann's X.509 Style Guide, 
http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt.

Following is the X.509 V3 definition of the to-be-signed X.509 
certificate.  Note that only issuerUniqueID, subjectUniqueID, and 
Extensions fields are optional; the rest of the fields are required.

TBSCertificate ::= SEQUENCE {
    version          [ 0 ]  Version DEFAULT v1(0),
    serialNumber            CertificateSerialNumber,
    signature               AlgorithmIdentifier,
    issuer                  Name,
    validity                Validity,
    subject                 Name,
    subjectPublicKeyInfo    SubjectPublicKeyInfo,
    issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
    subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
    extensions        [ 3 ] Extensions OPTIONAL
    }

The certgen utility (cdsa_dev/signctr/src/appsr/certgen) uses an 
XML file to generate certificates. The tests provided in the
source zip (cdsa_dev/cdsa/src/test/cmdtest/utclx509) also has some
examples of usage.

Best Regards
Shafik

-----Original Message-----
From: Christopher Quinn [mailto:aj...@ht...]
Sent: Monday, October 08, 2001 8:07 AM
To: cdsa
Subject: [Cdsa-discuss] x509 document.

Hi List,

Could someone send me a pdf copy of the x509 standard?
I have a free-download customer id from ITU but has not worked and I have
yet to receive email responses from them.
As I have been twiddling my thumbs for a week because of this,
I am eager to get on, so distribution rights issues notwithstanding, will
someone oblige me?

In case X.509 is not enough, any pointers on how to proceed are appreciated:
after creating an initial language binding for the CSP and CL API's I'm at
the stage of signing a template certificate; the openssl tool does not like
the cert result so I assume I need to put in a minimum set of fields. For
that I suppose I need to know about OID value formats. I imagine some of the
C structs from the CDSA spec are directly related to forming oid values but
my initial attempts to get CDSA to accept the values I constructed for
CommonName, IssuerName etc, failed, so I am hoping the x509 standard is
going to resolve the matter for me .
Do I need to look at anything else to produce a basic certificate?

Cheers,
Chris Q.

_______________________________________________
Cdsa-discuss mailing list
Cds...@li...
https://lists.sourceforge.net/lists/listinfo/cdsa-discuss