10 : CCITT : ccitt 2 31 : ISO : iso 4 52 : JOINT-ISO-CCITT : joint-iso-ccitt 6 7iso 2 : member-body : ISO Member Body 8 9joint-iso-ccitt 5 1 5 : selected-attribute-types : Selected Attribute Types 10 11selected-attribute-types 55 : clearance 12 13member-body 840 : ISO-US : ISO US Member Body 14ISO-US 10040 : X9-57 : X9.57 15X9-57 4 : X9cm : X9.57 CM ? 16 17!Cname dsa 18X9cm 1 : DSA : dsaEncryption 19X9cm 3 : DSA-SHA1 : dsaWithSHA1 20 21 22ISO-US 10045 : ansi-X9-62 : ANSI X9.62 23!module X9-62 24!Alias id-fieldType ansi-X9-62 1 25X9-62_id-fieldType 1 : prime-field 26X9-62_id-fieldType 2 : characteristic-two-field 27# ... characteristic-two-field OID subtree 28!Alias id-publicKeyType ansi-X9-62 2 29X9-62_id-publicKeyType 1 : id-ecPublicKey 30!Alias ellipticCurve ansi-X9-62 3 31!Alias c-TwoCurve X9-62_ellipticCurve 0 32# ... characteristic 2 curve OIDs 33!Alias primeCurve X9-62_ellipticCurve 1 34X9-62_primeCurve 1 : prime192v1 35X9-62_primeCurve 2 : prime192v2 36X9-62_primeCurve 3 : prime192v3 37X9-62_primeCurve 4 : prime239v1 38X9-62_primeCurve 5 : prime239v2 39X9-62_primeCurve 6 : prime239v3 40X9-62_primeCurve 7 : prime256v1 41!Alias id-ecSigType ansi-X9-62 4 42!global 43X9-62_id-ecSigType 1 : ecdsa-with-SHA1 44 45 46 47ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc 48 : CAST5-ECB : cast5-ecb 49!Cname cast5-cfb64 50 : CAST5-CFB : cast5-cfb 51!Cname cast5-ofb64 52 : CAST5-OFB : cast5-ofb 53!Cname pbeWithMD5AndCast5-CBC 54ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC 55 56ISO-US 113549 : rsadsi : RSA Data Security, Inc. 57 58rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS 59 60pkcs 1 : pkcs1 61pkcs1 1 : : rsaEncryption 62pkcs1 2 : RSA-MD2 : md2WithRSAEncryption 63pkcs1 3 : RSA-MD4 : md4WithRSAEncryption 64pkcs1 4 : RSA-MD5 : md5WithRSAEncryption 65pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption 66# According to PKCS #1 version 2.1 67pkcs1 11 : RSA-SHA256 : sha256WithRSAEncryption 68pkcs1 12 : RSA-SHA384 : sha384WithRSAEncryption 69pkcs1 13 : RSA-SHA512 : sha512WithRSAEncryption 70pkcs1 14 : RSA-SHA224 : sha224WithRSAEncryption 71 72pkcs 3 : pkcs3 73pkcs3 1 : : dhKeyAgreement 74 75pkcs 5 : pkcs5 76pkcs5 1 : PBE-MD2-DES : pbeWithMD2AndDES-CBC 77pkcs5 3 : PBE-MD5-DES : pbeWithMD5AndDES-CBC 78pkcs5 4 : PBE-MD2-RC2-64 : pbeWithMD2AndRC2-CBC 79pkcs5 6 : PBE-MD5-RC2-64 : pbeWithMD5AndRC2-CBC 80pkcs5 10 : PBE-SHA1-DES : pbeWithSHA1AndDES-CBC 81pkcs5 11 : PBE-SHA1-RC2-64 : pbeWithSHA1AndRC2-CBC 82!Cname id_pbkdf2 83pkcs5 12 : : PBKDF2 84!Cname pbes2 85pkcs5 13 : : PBES2 86!Cname pbmac1 87pkcs5 14 : : PBMAC1 88 89pkcs 7 : pkcs7 90pkcs7 1 : : pkcs7-data 91!Cname pkcs7-signed 92pkcs7 2 : : pkcs7-signedData 93!Cname pkcs7-enveloped 94pkcs7 3 : : pkcs7-envelopedData 95!Cname pkcs7-signedAndEnveloped 96pkcs7 4 : : pkcs7-signedAndEnvelopedData 97!Cname pkcs7-digest 98pkcs7 5 : : pkcs7-digestData 99!Cname pkcs7-encrypted 100pkcs7 6 : : pkcs7-encryptedData 101 102pkcs 9 : pkcs9 103!module pkcs9 104pkcs9 1 : : emailAddress 105pkcs9 2 : : unstructuredName 106pkcs9 3 : : contentType 107pkcs9 4 : : messageDigest 108pkcs9 5 : : signingTime 109pkcs9 6 : : countersignature 110pkcs9 7 : : challengePassword 111pkcs9 8 : : unstructuredAddress 112!Cname extCertAttributes 113pkcs9 9 : : extendedCertificateAttributes 114!global 115 116!Cname ext-req 117pkcs9 14 : extReq : Extension Request 118 119!Cname SMIMECapabilities 120pkcs9 15 : SMIME-CAPS : S/MIME Capabilities 121 122# S/MIME 123!Cname SMIME 124pkcs9 16 : SMIME : S/MIME 125SMIME 0 : id-smime-mod 126SMIME 1 : id-smime-ct 127SMIME 2 : id-smime-aa 128SMIME 3 : id-smime-alg 129SMIME 4 : id-smime-cd 130SMIME 5 : id-smime-spq 131SMIME 6 : id-smime-cti 132 133# S/MIME Modules 134id-smime-mod 1 : id-smime-mod-cms 135id-smime-mod 2 : id-smime-mod-ess 136id-smime-mod 3 : id-smime-mod-oid 137id-smime-mod 4 : id-smime-mod-msg-v3 138id-smime-mod 5 : id-smime-mod-ets-eSignature-88 139id-smime-mod 6 : id-smime-mod-ets-eSignature-97 140id-smime-mod 7 : id-smime-mod-ets-eSigPolicy-88 141id-smime-mod 8 : id-smime-mod-ets-eSigPolicy-97 142 143# S/MIME Content Types 144id-smime-ct 1 : id-smime-ct-receipt 145id-smime-ct 2 : id-smime-ct-authData 146id-smime-ct 3 : id-smime-ct-publishCert 147id-smime-ct 4 : id-smime-ct-TSTInfo 148id-smime-ct 5 : id-smime-ct-TDTInfo 149id-smime-ct 6 : id-smime-ct-contentInfo 150id-smime-ct 7 : id-smime-ct-DVCSRequestData 151id-smime-ct 8 : id-smime-ct-DVCSResponseData 152 153# S/MIME Attributes 154id-smime-aa 1 : id-smime-aa-receiptRequest 155id-smime-aa 2 : id-smime-aa-securityLabel 156id-smime-aa 3 : id-smime-aa-mlExpandHistory 157id-smime-aa 4 : id-smime-aa-contentHint 158id-smime-aa 5 : id-smime-aa-msgSigDigest 159# obsolete 160id-smime-aa 6 : id-smime-aa-encapContentType 161id-smime-aa 7 : id-smime-aa-contentIdentifier 162# obsolete 163id-smime-aa 8 : id-smime-aa-macValue 164id-smime-aa 9 : id-smime-aa-equivalentLabels 165id-smime-aa 10 : id-smime-aa-contentReference 166id-smime-aa 11 : id-smime-aa-encrypKeyPref 167id-smime-aa 12 : id-smime-aa-signingCertificate 168id-smime-aa 13 : id-smime-aa-smimeEncryptCerts 169id-smime-aa 14 : id-smime-aa-timeStampToken 170id-smime-aa 15 : id-smime-aa-ets-sigPolicyId 171id-smime-aa 16 : id-smime-aa-ets-commitmentType 172id-smime-aa 17 : id-smime-aa-ets-signerLocation 173id-smime-aa 18 : id-smime-aa-ets-signerAttr 174id-smime-aa 19 : id-smime-aa-ets-otherSigCert 175id-smime-aa 20 : id-smime-aa-ets-contentTimestamp 176id-smime-aa 21 : id-smime-aa-ets-CertificateRefs 177id-smime-aa 22 : id-smime-aa-ets-RevocationRefs 178id-smime-aa 23 : id-smime-aa-ets-certValues 179id-smime-aa 24 : id-smime-aa-ets-revocationValues 180id-smime-aa 25 : id-smime-aa-ets-escTimeStamp 181id-smime-aa 26 : id-smime-aa-ets-certCRLTimestamp 182id-smime-aa 27 : id-smime-aa-ets-archiveTimeStamp 183id-smime-aa 28 : id-smime-aa-signatureType 184id-smime-aa 29 : id-smime-aa-dvcs-dvc 185 186# S/MIME Algorithm Identifiers 187# obsolete 188id-smime-alg 1 : id-smime-alg-ESDHwith3DES 189# obsolete 190id-smime-alg 2 : id-smime-alg-ESDHwithRC2 191# obsolete 192id-smime-alg 3 : id-smime-alg-3DESwrap 193# obsolete 194id-smime-alg 4 : id-smime-alg-RC2wrap 195id-smime-alg 5 : id-smime-alg-ESDH 196id-smime-alg 6 : id-smime-alg-CMS3DESwrap 197id-smime-alg 7 : id-smime-alg-CMSRC2wrap 198 199# S/MIME Certificate Distribution 200id-smime-cd 1 : id-smime-cd-ldap 201 202# S/MIME Signature Policy Qualifier 203id-smime-spq 1 : id-smime-spq-ets-sqt-uri 204id-smime-spq 2 : id-smime-spq-ets-sqt-unotice 205 206# S/MIME Commitment Type Identifier 207id-smime-cti 1 : id-smime-cti-ets-proofOfOrigin 208id-smime-cti 2 : id-smime-cti-ets-proofOfReceipt 209id-smime-cti 3 : id-smime-cti-ets-proofOfDelivery 210id-smime-cti 4 : id-smime-cti-ets-proofOfSender 211id-smime-cti 5 : id-smime-cti-ets-proofOfApproval 212id-smime-cti 6 : id-smime-cti-ets-proofOfCreation 213 214pkcs9 20 : : friendlyName 215pkcs9 21 : : localKeyID 216!Cname ms-csp-name 2171 3 6 1 4 1 311 17 1 : CSPName : Microsoft CSP Name 218!Alias certTypes pkcs9 22 219certTypes 1 : : x509Certificate 220certTypes 2 : : sdsiCertificate 221!Alias crlTypes pkcs9 23 222crlTypes 1 : : x509Crl 223 224!Alias pkcs12 pkcs 12 225!Alias pkcs12-pbeids pkcs12 1 226 227!Cname pbe-WithSHA1And128BitRC4 228pkcs12-pbeids 1 : PBE-SHA1-RC4-128 : pbeWithSHA1And128BitRC4 229!Cname pbe-WithSHA1And40BitRC4 230pkcs12-pbeids 2 : PBE-SHA1-RC4-40 : pbeWithSHA1And40BitRC4 231!Cname pbe-WithSHA1And3_Key_TripleDES-CBC 232pkcs12-pbeids 3 : PBE-SHA1-3DES : pbeWithSHA1And3-KeyTripleDES-CBC 233!Cname pbe-WithSHA1And2_Key_TripleDES-CBC 234pkcs12-pbeids 4 : PBE-SHA1-2DES : pbeWithSHA1And2-KeyTripleDES-CBC 235!Cname pbe-WithSHA1And128BitRC2-CBC 236pkcs12-pbeids 5 : PBE-SHA1-RC2-128 : pbeWithSHA1And128BitRC2-CBC 237!Cname pbe-WithSHA1And40BitRC2-CBC 238pkcs12-pbeids 6 : PBE-SHA1-RC2-40 : pbeWithSHA1And40BitRC2-CBC 239 240!Alias pkcs12-Version1 pkcs12 10 241!Alias pkcs12-BagIds pkcs12-Version1 1 242pkcs12-BagIds 1 : : keyBag 243pkcs12-BagIds 2 : : pkcs8ShroudedKeyBag 244pkcs12-BagIds 3 : : certBag 245pkcs12-BagIds 4 : : crlBag 246pkcs12-BagIds 5 : : secretBag 247pkcs12-BagIds 6 : : safeContentsBag 248 249rsadsi 2 2 : MD2 : md2 250rsadsi 2 4 : MD4 : md4 251rsadsi 2 5 : MD5 : md5 252 : MD5-SHA1 : md5-sha1 253rsadsi 2 7 : : hmacWithSHA1 254rsadsi 3 2 : RC2-CBC : rc2-cbc 255 : RC2-ECB : rc2-ecb 256!Cname rc2-cfb64 257 : RC2-CFB : rc2-cfb 258!Cname rc2-ofb64 259 : RC2-OFB : rc2-ofb 260 : RC2-40-CBC : rc2-40-cbc 261 : RC2-64-CBC : rc2-64-cbc 262rsadsi 3 4 : RC4 : rc4 263 : RC4-40 : rc4-40 264rsadsi 3 7 : DES-EDE3-CBC : des-ede3-cbc 265rsadsi 3 8 : RC5-CBC : rc5-cbc 266 : RC5-ECB : rc5-ecb 267!Cname rc5-cfb64 268 : RC5-CFB : rc5-cfb 269!Cname rc5-ofb64 270 : RC5-OFB : rc5-ofb 271 272!Cname ms-ext-req 2731 3 6 1 4 1 311 2 1 14 : msExtReq : Microsoft Extension Request 274!Cname ms-code-ind 2751 3 6 1 4 1 311 2 1 21 : msCodeInd : Microsoft Individual Code Signing 276!Cname ms-code-com 2771 3 6 1 4 1 311 2 1 22 : msCodeCom : Microsoft Commercial Code Signing 278!Cname ms-ctl-sign 2791 3 6 1 4 1 311 10 3 1 : msCTLSign : Microsoft Trust List Signing 280!Cname ms-sgc 2811 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto 282!Cname ms-efs 2831 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System 284!Cname ms-smartcard-login 2851 3 6 1 4 1 311 20 2 2 : msSmartcardLogin : Microsoft Smartcardlogin 286!Cname ms-upn 2871 3 6 1 4 1 311 20 2 3 : msUPN : Microsoft Universal Principal Name 288 2891 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc 290 : IDEA-ECB : idea-ecb 291!Cname idea-cfb64 292 : IDEA-CFB : idea-cfb 293!Cname idea-ofb64 294 : IDEA-OFB : idea-ofb 295 2961 3 6 1 4 1 3029 1 2 : BF-CBC : bf-cbc 297 : BF-ECB : bf-ecb 298!Cname bf-cfb64 299 : BF-CFB : bf-cfb 300!Cname bf-ofb64 301 : BF-OFB : bf-ofb 302 303!Cname id-pkix 3041 3 6 1 5 5 7 : PKIX 305 306# PKIX Arcs 307id-pkix 0 : id-pkix-mod 308id-pkix 1 : id-pe 309id-pkix 2 : id-qt 310id-pkix 3 : id-kp 311id-pkix 4 : id-it 312id-pkix 5 : id-pkip 313id-pkix 6 : id-alg 314id-pkix 7 : id-cmc 315id-pkix 8 : id-on 316id-pkix 9 : id-pda 317id-pkix 10 : id-aca 318id-pkix 11 : id-qcs 319id-pkix 12 : id-cct 320id-pkix 21 : id-ppl 321id-pkix 48 : id-ad 322 323# PKIX Modules 324id-pkix-mod 1 : id-pkix1-explicit-88 325id-pkix-mod 2 : id-pkix1-implicit-88 326id-pkix-mod 3 : id-pkix1-explicit-93 327id-pkix-mod 4 : id-pkix1-implicit-93 328id-pkix-mod 5 : id-mod-crmf 329id-pkix-mod 6 : id-mod-cmc 330id-pkix-mod 7 : id-mod-kea-profile-88 331id-pkix-mod 8 : id-mod-kea-profile-93 332id-pkix-mod 9 : id-mod-cmp 333id-pkix-mod 10 : id-mod-qualified-cert-88 334id-pkix-mod 11 : id-mod-qualified-cert-93 335id-pkix-mod 12 : id-mod-attribute-cert 336id-pkix-mod 13 : id-mod-timestamp-protocol 337id-pkix-mod 14 : id-mod-ocsp 338id-pkix-mod 15 : id-mod-dvcs 339id-pkix-mod 16 : id-mod-cmp2000 340 341# PKIX Private Extensions 342!Cname info-access 343id-pe 1 : authorityInfoAccess : Authority Information Access 344id-pe 2 : biometricInfo : Biometric Info 345id-pe 3 : qcStatements 346id-pe 4 : ac-auditEntity 347id-pe 5 : ac-targeting 348id-pe 6 : aaControls 349id-pe 7 : sbgp-ipAddrBlock 350id-pe 8 : sbgp-autonomousSysNum 351id-pe 9 : sbgp-routerIdentifier 352id-pe 10 : ac-proxying 353!Cname sinfo-access 354id-pe 11 : subjectInfoAccess : Subject Information Access 355id-pe 14 : proxyCertInfo : Proxy Certificate Information 356 357# PKIX policyQualifiers for Internet policy qualifiers 358id-qt 1 : id-qt-cps : Policy Qualifier CPS 359id-qt 2 : id-qt-unotice : Policy Qualifier User Notice 360id-qt 3 : textNotice 361 362# PKIX key purpose identifiers 363!Cname server-auth 364id-kp 1 : serverAuth : TLS Web Server Authentication 365!Cname client-auth 366id-kp 2 : clientAuth : TLS Web Client Authentication 367!Cname code-sign 368id-kp 3 : codeSigning : Code Signing 369!Cname email-protect 370id-kp 4 : emailProtection : E-mail Protection 371id-kp 5 : ipsecEndSystem : IPSec End System 372id-kp 6 : ipsecTunnel : IPSec Tunnel 373id-kp 7 : ipsecUser : IPSec User 374!Cname time-stamp 375id-kp 8 : timeStamping : Time Stamping 376# From OCSP spec RFC2560 377!Cname OCSP-sign 378id-kp 9 : OCSPSigning : OCSP Signing 379id-kp 10 : DVCS : dvcs 380 381# CMP information types 382id-it 1 : id-it-caProtEncCert 383id-it 2 : id-it-signKeyPairTypes 384id-it 3 : id-it-encKeyPairTypes 385id-it 4 : id-it-preferredSymmAlg 386id-it 5 : id-it-caKeyUpdateInfo 387id-it 6 : id-it-currentCRL 388id-it 7 : id-it-unsupportedOIDs 389# obsolete 390id-it 8 : id-it-subscriptionRequest 391# obsolete 392id-it 9 : id-it-subscriptionResponse 393id-it 10 : id-it-keyPairParamReq 394id-it 11 : id-it-keyPairParamRep 395id-it 12 : id-it-revPassphrase 396id-it 13 : id-it-implicitConfirm 397id-it 14 : id-it-confirmWaitTime 398id-it 15 : id-it-origPKIMessage 399 400# CRMF registration 401id-pkip 1 : id-regCtrl 402id-pkip 2 : id-regInfo 403 404# CRMF registration controls 405id-regCtrl 1 : id-regCtrl-regToken 406id-regCtrl 2 : id-regCtrl-authenticator 407id-regCtrl 3 : id-regCtrl-pkiPublicationInfo 408id-regCtrl 4 : id-regCtrl-pkiArchiveOptions 409id-regCtrl 5 : id-regCtrl-oldCertID 410id-regCtrl 6 : id-regCtrl-protocolEncrKey 411 412# CRMF registration information 413id-regInfo 1 : id-regInfo-utf8Pairs 414id-regInfo 2 : id-regInfo-certReq 415 416# algorithms 417id-alg 1 : id-alg-des40 418id-alg 2 : id-alg-noSignature 419id-alg 3 : id-alg-dh-sig-hmac-sha1 420id-alg 4 : id-alg-dh-pop 421 422# CMC controls 423id-cmc 1 : id-cmc-statusInfo 424id-cmc 2 : id-cmc-identification 425id-cmc 3 : id-cmc-identityProof 426id-cmc 4 : id-cmc-dataReturn 427id-cmc 5 : id-cmc-transactionId 428id-cmc 6 : id-cmc-senderNonce 429id-cmc 7 : id-cmc-recipientNonce 430id-cmc 8 : id-cmc-addExtensions 431id-cmc 9 : id-cmc-encryptedPOP 432id-cmc 10 : id-cmc-decryptedPOP 433id-cmc 11 : id-cmc-lraPOPWitness 434id-cmc 15 : id-cmc-getCert 435id-cmc 16 : id-cmc-getCRL 436id-cmc 17 : id-cmc-revokeRequest 437id-cmc 18 : id-cmc-regInfo 438id-cmc 19 : id-cmc-responseInfo 439id-cmc 21 : id-cmc-queryPending 440id-cmc 22 : id-cmc-popLinkRandom 441id-cmc 23 : id-cmc-popLinkWitness 442id-cmc 24 : id-cmc-confirmCertAcceptance 443 444# other names 445id-on 1 : id-on-personalData 446 447# personal data attributes 448id-pda 1 : id-pda-dateOfBirth 449id-pda 2 : id-pda-placeOfBirth 450id-pda 3 : id-pda-gender 451id-pda 4 : id-pda-countryOfCitizenship 452id-pda 5 : id-pda-countryOfResidence 453 454# attribute certificate attributes 455id-aca 1 : id-aca-authenticationInfo 456id-aca 2 : id-aca-accessIdentity 457id-aca 3 : id-aca-chargingIdentity 458id-aca 4 : id-aca-group 459# attention : the following seems to be obsolete, replace by 'role' 460id-aca 5 : id-aca-role 461id-aca 6 : id-aca-encAttrs 462 463# qualified certificate statements 464id-qcs 1 : id-qcs-pkixQCSyntax-v1 465 466# CMC content types 467id-cct 1 : id-cct-crs 468id-cct 2 : id-cct-PKIData 469id-cct 3 : id-cct-PKIResponse 470 471# Predefined Proxy Certificate policy languages 472id-ppl 0 : id-ppl-anyLanguage : Any language 473id-ppl 1 : id-ppl-inheritAll : Inherit all 474id-ppl 2 : id-ppl-independent : Independent 475 476# access descriptors for authority info access extension 477!Cname ad-OCSP 478id-ad 1 : OCSP : OCSP 479!Cname ad-ca-issuers 480id-ad 2 : caIssuers : CA Issuers 481!Cname ad-timeStamping 482id-ad 3 : ad_timestamping : AD Time Stamping 483!Cname ad-dvcs 484id-ad 4 : AD_DVCS : ad dvcs 485 486 487!Alias id-pkix-OCSP ad-OCSP 488!module id-pkix-OCSP 489!Cname basic 490id-pkix-OCSP 1 : basicOCSPResponse : Basic OCSP Response 491id-pkix-OCSP 2 : Nonce : OCSP Nonce 492id-pkix-OCSP 3 : CrlID : OCSP CRL ID 493id-pkix-OCSP 4 : acceptableResponses : Acceptable OCSP Responses 494id-pkix-OCSP 5 : noCheck : OCSP No Check 495id-pkix-OCSP 6 : archiveCutoff : OCSP Archive Cutoff 496id-pkix-OCSP 7 : serviceLocator : OCSP Service Locator 497id-pkix-OCSP 8 : extendedStatus : Extended OCSP Status 498id-pkix-OCSP 9 : valid 499id-pkix-OCSP 10 : path 500id-pkix-OCSP 11 : trustRoot : Trust Root 501!global 502 5031 3 14 3 2 : algorithm : algorithm 504algorithm 3 : RSA-NP-MD5 : md5WithRSA 505algorithm 6 : DES-ECB : des-ecb 506algorithm 7 : DES-CBC : des-cbc 507!Cname des-ofb64 508algorithm 8 : DES-OFB : des-ofb 509!Cname des-cfb64 510algorithm 9 : DES-CFB : des-cfb 511algorithm 11 : rsaSignature 512!Cname dsa-2 513algorithm 12 : DSA-old : dsaEncryption-old 514algorithm 13 : DSA-SHA : dsaWithSHA 515algorithm 15 : RSA-SHA : shaWithRSAEncryption 516!Cname des-ede-ecb 517algorithm 17 : DES-EDE : des-ede 518!Cname des-ede3-ecb 519 : DES-EDE3 : des-ede3 520 : DES-EDE-CBC : des-ede-cbc 521!Cname des-ede-cfb64 522 : DES-EDE-CFB : des-ede-cfb 523!Cname des-ede3-cfb64 524 : DES-EDE3-CFB : des-ede3-cfb 525!Cname des-ede-ofb64 526 : DES-EDE-OFB : des-ede-ofb 527!Cname des-ede3-ofb64 528 : DES-EDE3-OFB : des-ede3-ofb 529 : DESX-CBC : desx-cbc 530algorithm 18 : SHA : sha 531algorithm 26 : SHA1 : sha1 532!Cname dsaWithSHA1-2 533algorithm 27 : DSA-SHA1-old : dsaWithSHA1-old 534algorithm 29 : RSA-SHA1-2 : sha1WithRSA 535 5361 3 36 3 2 1 : RIPEMD160 : ripemd160 5371 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA 538 539!Cname sxnet 5401 3 101 1 4 1 : SXNetID : Strong Extranet ID 541 5422 5 : X500 : directory services (X.500) 543 544X500 4 : X509 545X509 3 : CN : commonName 546X509 4 : SN : surname 547X509 5 : : serialNumber 548X509 6 : C : countryName 549X509 7 : L : localityName 550X509 8 : ST : stateOrProvinceName 551X509 9 : : streetAddress 552X509 10 : O : organizationName 553X509 11 : OU : organizationalUnitName 554X509 12 : : title 555X509 13 : : description 556X509 17 : : postalCode 557X509 41 : name : name 558X509 42 : GN : givenName 559X509 43 : : initials 560X509 44 : : generationQualifier 561X509 45 : : x500UniqueIdentifier 562X509 46 : dnQualifier : dnQualifier 563X509 65 : : pseudonym 564X509 72 : role : role 565 566X500 8 : X500algorithms : directory services - algorithms 567X500algorithms 1 1 : RSA : rsa 568X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA 569X500algorithms 3 101 : MDC2 : mdc2 570 571X500 29 : id-ce 572!Cname subject-key-identifier 573id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier 574!Cname key-usage 575id-ce 15 : keyUsage : X509v3 Key Usage 576!Cname private-key-usage-period 577id-ce 16 : privateKeyUsagePeriod : X509v3 Private Key Usage Period 578!Cname subject-alt-name 579id-ce 17 : subjectAltName : X509v3 Subject Alternative Name 580!Cname issuer-alt-name 581id-ce 18 : issuerAltName : X509v3 Issuer Alternative Name 582!Cname basic-constraints 583id-ce 19 : basicConstraints : X509v3 Basic Constraints 584!Cname crl-number 585id-ce 20 : crlNumber : X509v3 CRL Number 586!Cname crl-reason 587id-ce 21 : CRLReason : X509v3 CRL Reason Code 588!Cname invalidity-date 589id-ce 24 : invalidityDate : Invalidity Date 590!Cname delta-crl 591id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator 592!Cname name-constraints 593id-ce 30 : nameConstraints : X509v3 Name Constraints 594!Cname crl-distribution-points 595id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points 596!Cname certificate-policies 597id-ce 32 : certificatePolicies : X509v3 Certificate Policies 598!Cname authority-key-identifier 599id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier 600!Cname policy-constraints 601id-ce 36 : policyConstraints : X509v3 Policy Constraints 602!Cname ext-key-usage 603id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage 604!Cname target-information 605id-ce 55 : targetInformation : X509v3 AC Targeting 606!Cname no-rev-avail 607id-ce 56 : noRevAvail : X509v3 No Revocation Available 608 609!Cname netscape 6102 16 840 1 113730 : Netscape : Netscape Communications Corp. 611!Cname netscape-cert-extension 612netscape 1 : nsCertExt : Netscape Certificate Extension 613!Cname netscape-data-type 614netscape 2 : nsDataType : Netscape Data Type 615!Cname netscape-cert-type 616netscape-cert-extension 1 : nsCertType : Netscape Cert Type 617!Cname netscape-base-url 618netscape-cert-extension 2 : nsBaseUrl : Netscape Base Url 619!Cname netscape-revocation-url 620netscape-cert-extension 3 : nsRevocationUrl : Netscape Revocation Url 621!Cname netscape-ca-revocation-url 622netscape-cert-extension 4 : nsCaRevocationUrl : Netscape CA Revocation Url 623!Cname netscape-renewal-url 624netscape-cert-extension 7 : nsRenewalUrl : Netscape Renewal Url 625!Cname netscape-ca-policy-url 626netscape-cert-extension 8 : nsCaPolicyUrl : Netscape CA Policy Url 627!Cname netscape-ssl-server-name 628netscape-cert-extension 12 : nsSslServerName : Netscape SSL Server Name 629!Cname netscape-comment 630netscape-cert-extension 13 : nsComment : Netscape Comment 631!Cname netscape-cert-sequence 632netscape-data-type 5 : nsCertSequence : Netscape Certificate Sequence 633!Cname ns-sgc 634netscape 4 1 : nsSGC : Netscape Server Gated Crypto 635 636# iso(1) 637iso 3 : ORG : org 638org 6 : DOD : dod 639dod 1 : IANA : iana 640!Alias internet iana 641 642internet 1 : directory : Directory 643internet 2 : mgmt : Management 644internet 3 : experimental : Experimental 645internet 4 : private : Private 646internet 5 : security : Security 647internet 6 : snmpv2 : SNMPv2 648# Documents refer to "internet 7" as "mail". This however leads to ambiguities 649# with RFC2798, Section 9.1.3, where "mail" is defined as the short name for 650# rfc822Mailbox. The short name is therefore here left out for a reason. 651# Subclasses of "mail", e.g. "MIME MHS" don't consitute a problem, as 652# references are realized via long name "Mail" (with capital M). 653internet 7 : : Mail 654 655Private 1 : enterprises : Enterprises 656 657# RFC 2247 658Enterprises 1466 344 : dcobject : dcObject 659 660# RFC 1495 661Mail 1 : mime-mhs : MIME MHS 662mime-mhs 1 : mime-mhs-headings : mime-mhs-headings 663mime-mhs 2 : mime-mhs-bodies : mime-mhs-bodies 664mime-mhs-headings 1 : id-hex-partial-message : id-hex-partial-message 665mime-mhs-headings 2 : id-hex-multipart-message : id-hex-multipart-message 666 667# What the hell are these OIDs, really? 668!Cname rle-compression 6691 1 1 1 666 1 : RLE : run length compression 670!Cname zlib-compression 6711 1 1 1 666 2 : ZLIB : zlib compression 672 673# AES aka Rijndael 674 675!Alias csor 2 16 840 1 101 3 676!Alias nistAlgorithms csor 4 677!Alias aes nistAlgorithms 1 678 679aes 1 : AES-128-ECB : aes-128-ecb 680aes 2 : AES-128-CBC : aes-128-cbc 681!Cname aes-128-ofb128 682aes 3 : AES-128-OFB : aes-128-ofb 683!Cname aes-128-cfb128 684aes 4 : AES-128-CFB : aes-128-cfb 685 686aes 21 : AES-192-ECB : aes-192-ecb 687aes 22 : AES-192-CBC : aes-192-cbc 688!Cname aes-192-ofb128 689aes 23 : AES-192-OFB : aes-192-ofb 690!Cname aes-192-cfb128 691aes 24 : AES-192-CFB : aes-192-cfb 692 693aes 41 : AES-256-ECB : aes-256-ecb 694aes 42 : AES-256-CBC : aes-256-cbc 695!Cname aes-256-ofb128 696aes 43 : AES-256-OFB : aes-256-ofb 697!Cname aes-256-cfb128 698aes 44 : AES-256-CFB : aes-256-cfb 699 700# There are no OIDs for these modes... 701 702 : AES-128-CFB1 : aes-128-cfb1 703 : AES-192-CFB1 : aes-192-cfb1 704 : AES-256-CFB1 : aes-256-cfb1 705 : AES-128-CFB8 : aes-128-cfb8 706 : AES-192-CFB8 : aes-192-cfb8 707 : AES-256-CFB8 : aes-256-cfb8 708 : DES-CFB1 : des-cfb1 709 : DES-CFB8 : des-cfb8 710 : DES-EDE3-CFB1 : des-ede3-cfb1 711 : DES-EDE3-CFB8 : des-ede3-cfb8 712 713# OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84. 714!Alias nist_hashalgs nistAlgorithms 2 715nist_hashalgs 1 : SHA256 : sha256 716nist_hashalgs 2 : SHA384 : sha384 717nist_hashalgs 3 : SHA512 : sha512 718nist_hashalgs 4 : SHA224 : sha224 719 720# Hold instruction CRL entry extension 721!Cname hold-instruction-code 722id-ce 23 : holdInstructionCode : Hold Instruction Code 723!Alias holdInstruction X9-57 2 724!Cname hold-instruction-none 725holdInstruction 1 : holdInstructionNone : Hold Instruction None 726!Cname hold-instruction-call-issuer 727holdInstruction 2 : holdInstructionCallIssuer : Hold Instruction Call Issuer 728!Cname hold-instruction-reject 729holdInstruction 3 : holdInstructionReject : Hold Instruction Reject 730 731# OID's from CCITT. Most of this is defined in RFC 1274. A couple of 732# them are also mentioned in RFC 2247 733ccitt 9 : data 734data 2342 : pss 735pss 19200300 : ucl 736ucl 100 : pilot 737pilot 1 : : pilotAttributeType 738pilot 3 : : pilotAttributeSyntax 739pilot 4 : : pilotObjectClass 740pilot 10 : : pilotGroups 741pilotAttributeSyntax 4 : : iA5StringSyntax 742pilotAttributeSyntax 5 : : caseIgnoreIA5StringSyntax 743pilotObjectClass 3 : : pilotObject 744pilotObjectClass 4 : : pilotPerson 745pilotObjectClass 5 : account 746pilotObjectClass 6 : document 747pilotObjectClass 7 : room 748pilotObjectClass 9 : : documentSeries 749pilotObjectClass 13 : domain : Domain 750pilotObjectClass 14 : : rFC822localPart 751pilotObjectClass 15 : : dNSDomain 752pilotObjectClass 17 : : domainRelatedObject 753pilotObjectClass 18 : : friendlyCountry 754pilotObjectClass 19 : : simpleSecurityObject 755pilotObjectClass 20 : : pilotOrganization 756pilotObjectClass 21 : : pilotDSA 757pilotObjectClass 22 : : qualityLabelledData 758pilotAttributeType 1 : UID : userId 759pilotAttributeType 2 : : textEncodedORAddress 760pilotAttributeType 3 : mail : rfc822Mailbox 761pilotAttributeType 4 : info 762pilotAttributeType 5 : : favouriteDrink 763pilotAttributeType 6 : : roomNumber 764pilotAttributeType 7 : photo 765pilotAttributeType 8 : : userClass 766pilotAttributeType 9 : host 767pilotAttributeType 10 : manager 768pilotAttributeType 11 : : documentIdentifier 769pilotAttributeType 12 : : documentTitle 770pilotAttributeType 13 : : documentVersion 771pilotAttributeType 14 : : documentAuthor 772pilotAttributeType 15 : : documentLocation 773pilotAttributeType 20 : : homeTelephoneNumber 774pilotAttributeType 21 : secretary 775pilotAttributeType 22 : : otherMailbox 776pilotAttributeType 23 : : lastModifiedTime 777pilotAttributeType 24 : : lastModifiedBy 778pilotAttributeType 25 : DC : domainComponent 779pilotAttributeType 26 : : aRecord 780pilotAttributeType 27 : : pilotAttributeType27 781pilotAttributeType 28 : : mXRecord 782pilotAttributeType 29 : : nSRecord 783pilotAttributeType 30 : : sOARecord 784pilotAttributeType 31 : : cNAMERecord 785pilotAttributeType 37 : : associatedDomain 786pilotAttributeType 38 : : associatedName 787pilotAttributeType 39 : : homePostalAddress 788pilotAttributeType 40 : : personalTitle 789pilotAttributeType 41 : : mobileTelephoneNumber 790pilotAttributeType 42 : : pagerTelephoneNumber 791pilotAttributeType 43 : : friendlyCountryName 792# The following clashes with 2.5.4.45, so commented away 793#pilotAttributeType 44 : uid : uniqueIdentifier 794pilotAttributeType 45 : : organizationalStatus 795pilotAttributeType 46 : : janetMailbox 796pilotAttributeType 47 : : mailPreferenceOption 797pilotAttributeType 48 : : buildingName 798pilotAttributeType 49 : : dSAQuality 799pilotAttributeType 50 : : singleLevelQuality 800pilotAttributeType 51 : : subtreeMinimumQuality 801pilotAttributeType 52 : : subtreeMaximumQuality 802pilotAttributeType 53 : : personalSignature 803pilotAttributeType 54 : : dITRedirect 804pilotAttributeType 55 : audio 805pilotAttributeType 56 : : documentPublisher 806 8072 23 42 : id-set : Secure Electronic Transactions 808 809id-set 0 : set-ctype : content types 810id-set 1 : set-msgExt : message extensions 811id-set 3 : set-attr 812id-set 5 : set-policy 813id-set 7 : set-certExt : certificate extensions 814id-set 8 : set-brand 815 816set-ctype 0 : setct-PANData 817set-ctype 1 : setct-PANToken 818set-ctype 2 : setct-PANOnly 819set-ctype 3 : setct-OIData 820set-ctype 4 : setct-PI 821set-ctype 5 : setct-PIData 822set-ctype 6 : setct-PIDataUnsigned 823set-ctype 7 : setct-HODInput 824set-ctype 8 : setct-AuthResBaggage 825set-ctype 9 : setct-AuthRevReqBaggage 826set-ctype 10 : setct-AuthRevResBaggage 827set-ctype 11 : setct-CapTokenSeq 828set-ctype 12 : setct-PInitResData 829set-ctype 13 : setct-PI-TBS 830set-ctype 14 : setct-PResData 831set-ctype 16 : setct-AuthReqTBS 832set-ctype 17 : setct-AuthResTBS 833set-ctype 18 : setct-AuthResTBSX 834set-ctype 19 : setct-AuthTokenTBS 835set-ctype 20 : setct-CapTokenData 836set-ctype 21 : setct-CapTokenTBS 837set-ctype 22 : setct-AcqCardCodeMsg 838set-ctype 23 : setct-AuthRevReqTBS 839set-ctype 24 : setct-AuthRevResData 840set-ctype 25 : setct-AuthRevResTBS 841set-ctype 26 : setct-CapReqTBS 842set-ctype 27 : setct-CapReqTBSX 843set-ctype 28 : setct-CapResData 844set-ctype 29 : setct-CapRevReqTBS 845set-ctype 30 : setct-CapRevReqTBSX 846set-ctype 31 : setct-CapRevResData 847set-ctype 32 : setct-CredReqTBS 848set-ctype 33 : setct-CredReqTBSX 849set-ctype 34 : setct-CredResData 850set-ctype 35 : setct-CredRevReqTBS 851set-ctype 36 : setct-CredRevReqTBSX 852set-ctype 37 : setct-CredRevResData 853set-ctype 38 : setct-PCertReqData 854set-ctype 39 : setct-PCertResTBS 855set-ctype 40 : setct-BatchAdminReqData 856set-ctype 41 : setct-BatchAdminResData 857set-ctype 42 : setct-CardCInitResTBS 858set-ctype 43 : setct-MeAqCInitResTBS 859set-ctype 44 : setct-RegFormResTBS 860set-ctype 45 : setct-CertReqData 861set-ctype 46 : setct-CertReqTBS 862set-ctype 47 : setct-CertResData 863set-ctype 48 : setct-CertInqReqTBS 864set-ctype 49 : setct-ErrorTBS 865set-ctype 50 : setct-PIDualSignedTBE 866set-ctype 51 : setct-PIUnsignedTBE 867set-ctype 52 : setct-AuthReqTBE 868set-ctype 53 : setct-AuthResTBE 869set-ctype 54 : setct-AuthResTBEX 870set-ctype 55 : setct-AuthTokenTBE 871set-ctype 56 : setct-CapTokenTBE 872set-ctype 57 : setct-CapTokenTBEX 873set-ctype 58 : setct-AcqCardCodeMsgTBE 874set-ctype 59 : setct-AuthRevReqTBE 875set-ctype 60 : setct-AuthRevResTBE 876set-ctype 61 : setct-AuthRevResTBEB 877set-ctype 62 : setct-CapReqTBE 878set-ctype 63 : setct-CapReqTBEX 879set-ctype 64 : setct-CapResTBE 880set-ctype 65 : setct-CapRevReqTBE 881set-ctype 66 : setct-CapRevReqTBEX 882set-ctype 67 : setct-CapRevResTBE 883set-ctype 68 : setct-CredReqTBE 884set-ctype 69 : setct-CredReqTBEX 885set-ctype 70 : setct-CredResTBE 886set-ctype 71 : setct-CredRevReqTBE 887set-ctype 72 : setct-CredRevReqTBEX 888set-ctype 73 : setct-CredRevResTBE 889set-ctype 74 : setct-BatchAdminReqTBE 890set-ctype 75 : setct-BatchAdminResTBE 891set-ctype 76 : setct-RegFormReqTBE 892set-ctype 77 : setct-CertReqTBE 893set-ctype 78 : setct-CertReqTBEX 894set-ctype 79 : setct-CertResTBE 895set-ctype 80 : setct-CRLNotificationTBS 896set-ctype 81 : setct-CRLNotificationResTBS 897set-ctype 82 : setct-BCIDistributionTBS 898 899set-msgExt 1 : setext-genCrypt : generic cryptogram 900set-msgExt 3 : setext-miAuth : merchant initiated auth 901set-msgExt 4 : setext-pinSecure 902set-msgExt 5 : setext-pinAny 903set-msgExt 7 : setext-track2 904set-msgExt 8 : setext-cv : additional verification 905 906set-policy 0 : set-policy-root 907 908set-certExt 0 : setCext-hashedRoot 909set-certExt 1 : setCext-certType 910set-certExt 2 : setCext-merchData 911set-certExt 3 : setCext-cCertRequired 912set-certExt 4 : setCext-tunneling 913set-certExt 5 : setCext-setExt 914set-certExt 6 : setCext-setQualf 915set-certExt 7 : setCext-PGWYcapabilities 916set-certExt 8 : setCext-TokenIdentifier 917set-certExt 9 : setCext-Track2Data 918set-certExt 10 : setCext-TokenType 919set-certExt 11 : setCext-IssuerCapabilities 920 921set-attr 0 : setAttr-Cert 922set-attr 1 : setAttr-PGWYcap : payment gateway capabilities 923set-attr 2 : setAttr-TokenType 924set-attr 3 : setAttr-IssCap : issuer capabilities 925 926setAttr-Cert 0 : set-rootKeyThumb 927setAttr-Cert 1 : set-addPolicy 928 929setAttr-TokenType 1 : setAttr-Token-EMV 930setAttr-TokenType 2 : setAttr-Token-B0Prime 931 932setAttr-IssCap 3 : setAttr-IssCap-CVM 933setAttr-IssCap 4 : setAttr-IssCap-T2 934setAttr-IssCap 5 : setAttr-IssCap-Sig 935 936setAttr-IssCap-CVM 1 : setAttr-GenCryptgrm : generate cryptogram 937setAttr-IssCap-T2 1 : setAttr-T2Enc : encrypted track 2 938setAttr-IssCap-T2 2 : setAttr-T2cleartxt : cleartext track 2 939 940setAttr-IssCap-Sig 1 : setAttr-TokICCsig : ICC or token signature 941setAttr-IssCap-Sig 2 : setAttr-SecDevSig : secure device signature 942 943set-brand 1 : set-brand-IATA-ATA 944set-brand 30 : set-brand-Diners 945set-brand 34 : set-brand-AmericanExpress 946set-brand 35 : set-brand-JCB 947set-brand 4 : set-brand-Visa 948set-brand 5 : set-brand-MasterCard 949set-brand 6011 : set-brand-Novus 950 951rsadsi 3 10 : DES-CDMF : des-cdmf 952rsadsi 1 1 6 : rsaOAEPEncryptionSET 953