Discuss this help topic in SecureBlackbox Forum
Description
This class is used to store information about a single
Permitted/Excluded tree.
The following paragraph is taken from RFC 2459 (Housley, et. al.), part 4.2.1.11:
«
The name constraints extension, which MUST be used only in a CA
certificate, indicates a name space within which all subject names in
subsequent certificates in a certification path shall be located.
Restrictions may apply to the subject distinguished name or subject
alternative names. Restrictions apply only when the specified name
form is present. If no name of the type is in the certificate, the
certificate is acceptable.
Restrictions are defined in terms of permitted or excluded name
subtrees. Any name matching a restriction in the excludedSubtrees
field is invalid regardless of information appearing in the
permittedSubtrees. This extension MUST be critical.
Within this profile, the minimum and maximum fields are not used with
any name forms, thus minimum is always zero, and maximum is always
absent.
»
.NET: