Discuss this help topic in SecureBlackbox Forum
TElCertificatePoliciesExtension is a descendant of TElCustomExtention.
Description
The following paragraph is taken from RFC 2459 (Housley, et. al.), part 4.2.1.5:
«The certificate policies extension contains a sequence of one or more
policy information terms, each of which consists of an object
identifier (OID) and optional qualifiers. These policy information
terms indicate the policy under which the certificate has been issued
and the purposes for which the certificate may be used. Optional
qualifiers, which may be present, are not expected to change the
definition of the policy.
Applications with specific policy requirements are expected to have a
list of those policies which they will accept and to compare the
policy OIDs in the certificate to that list. If this extension is
critical, the path validation software MUST be able to interpret this
extension (including the optional qualifier), or MUST reject the
certificate.
To promote interoperability, this profile RECOMMENDS that policy
information terms consist of only an OID. Where an OID alone is
insufficient, this profile strongly recommends that use of qualifiers
be limited to those identified in this section.
This specification defines two policy qualifier types for use by
certificate policy writers and certificate issuers. The qualifier
types are the CPS Pointer and User Notice qualifiers.
The CPS Pointer qualifier contains a pointer to a Certification
Practice Statement (CPS) published by the CA. The pointer is in the
form of a URI.
User notice is intended for display to a relying party when a
certificate is used. The application software SHOULD display all
user notices in all certificates of the certification path used,
except that if a notice is duplicated only one copy need be
displayed. To prevent such duplication, this qualifier SHOULD only
be present in end-entity certificates and CA certificates issued to
other organizations.
The user notice has two optional fields: the noticeRef field and the
explicitText field.
The noticeRef field, if used, names an organization and
identifies, by number, a particular textual statement prepared by
that organization. For example, it might identify the
organization "CertsRUs" and notice number 1. In a typical
implementation, the application software will have a notice file
containing the current set of notices for CertsRUs; the
application will extract the notice text from the file and display
it. Messages may be multilingual, allowing the software to select
the particular language message for its own environment.
An explicitText field includes the textual statement directly in
the certificate. The explicitText field is a string with a
maximum size of 200 characters.
If both the noticeRef and explicitText options are included in the
one qualifier and if the application software can locate the notice
text indicated by the noticeRef option then that text should be
displayed; otherwise, the explicitText string should be displayed.»
Inherited from TElCustomExtension
.NET: