Discuss this help topic in SecureBlackbox Forum
TElBasicConstraintsExtension is a descendant of TElCustomExtension class.
Description
The basic constraints extension defines whether the
subject of the certificate is a CA and how deep the certification
path starting from this CA may be.
The following paragraph is taken from RFC 2459 (Housley, et. al.), part 4.2.1.10:
«The pathLenConstraint
field is meaningful only if CA is set to TRUE.
In this case, it gives the maximum number of CA certificates that may
follow this certificate in a certification path. A value of zero
indicates that only an end-entity certificate may follow in the path.
Where it appears, the pathLenConstraint field MUST be greater than or
equal to zero. Where pathLenConstraint does not appear, there is no
limit to the allowed length of the certification path.»
This extension MUST appear as a critical extension in all CA
certificates. This extension SHOULD NOT appear in end entity
certificates.
Inherited from TElCustomExtension .NET: