1 # CCITT was renamed to ITU-T quite some time ago 2 0 : ITU-T : itu-t 3 !Alias ccitt itu-t 4 5 1 : ISO : iso 6 7 2 : JOINT-ISO-ITU-T : joint-iso-itu-t 8 !Alias joint-iso-ccitt joint-iso-itu-t 9 10 iso 2 : member-body : ISO Member Body 11 12 iso 3 : identified-organization 13 14 # HMAC OIDs 15 identified-organization 6 1 5 5 8 1 1 : HMAC-MD5 : hmac-md5 16 identified-organization 6 1 5 5 8 1 2 : HMAC-SHA1 : hmac-sha1 17 18 identified-organization 132 : certicom-arc 19 20 joint-iso-itu-t 23 : international-organizations : International Organizations 21 22 international-organizations 43 : wap 23 wap 1 : wap-wsg 24 25 joint-iso-itu-t 5 1 5 : selected-attribute-types : Selected Attribute Types 26 27 selected-attribute-types 55 : clearance 28 29 member-body 840 : ISO-US : ISO US Member Body 30 ISO-US 10040 : X9-57 : X9.57 31 X9-57 4 : X9cm : X9.57 CM ? 32 33 !Cname dsa 34 X9cm 1 : DSA : dsaEncryption 35 X9cm 3 : DSA-SHA1 : dsaWithSHA1 36 37 38 ISO-US 10045 : ansi-X9-62 : ANSI X9.62 39 !module X9-62 40 !Alias id-fieldType ansi-X9-62 1 41 X9-62_id-fieldType 1 : prime-field 42 X9-62_id-fieldType 2 : characteristic-two-field 43 X9-62_characteristic-two-field 3 : id-characteristic-two-basis 44 X9-62_id-characteristic-two-basis 1 : onBasis 45 X9-62_id-characteristic-two-basis 2 : tpBasis 46 X9-62_id-characteristic-two-basis 3 : ppBasis 47 !Alias id-publicKeyType ansi-X9-62 2 48 X9-62_id-publicKeyType 1 : id-ecPublicKey 49 !Alias ellipticCurve ansi-X9-62 3 50 !Alias c-TwoCurve X9-62_ellipticCurve 0 51 X9-62_c-TwoCurve 1 : c2pnb163v1 52 X9-62_c-TwoCurve 2 : c2pnb163v2 53 X9-62_c-TwoCurve 3 : c2pnb163v3 54 X9-62_c-TwoCurve 4 : c2pnb176v1 55 X9-62_c-TwoCurve 5 : c2tnb191v1 56 X9-62_c-TwoCurve 6 : c2tnb191v2 57 X9-62_c-TwoCurve 7 : c2tnb191v3 58 X9-62_c-TwoCurve 8 : c2onb191v4 59 X9-62_c-TwoCurve 9 : c2onb191v5 60 X9-62_c-TwoCurve 10 : c2pnb208w1 61 X9-62_c-TwoCurve 11 : c2tnb239v1 62 X9-62_c-TwoCurve 12 : c2tnb239v2 63 X9-62_c-TwoCurve 13 : c2tnb239v3 64 X9-62_c-TwoCurve 14 : c2onb239v4 65 X9-62_c-TwoCurve 15 : c2onb239v5 66 X9-62_c-TwoCurve 16 : c2pnb272w1 67 X9-62_c-TwoCurve 17 : c2pnb304w1 68 X9-62_c-TwoCurve 18 : c2tnb359v1 69 X9-62_c-TwoCurve 19 : c2pnb368w1 70 X9-62_c-TwoCurve 20 : c2tnb431r1 71 !Alias primeCurve X9-62_ellipticCurve 1 72 X9-62_primeCurve 1 : prime192v1 73 X9-62_primeCurve 2 : prime192v2 74 X9-62_primeCurve 3 : prime192v3 75 X9-62_primeCurve 4 : prime239v1 76 X9-62_primeCurve 5 : prime239v2 77 X9-62_primeCurve 6 : prime239v3 78 X9-62_primeCurve 7 : prime256v1 79 !Alias id-ecSigType ansi-X9-62 4 80 !global 81 X9-62_id-ecSigType 1 : ecdsa-with-SHA1 82 X9-62_id-ecSigType 2 : ecdsa-with-Recommended 83 X9-62_id-ecSigType 3 : ecdsa-with-Specified 84 ecdsa-with-Specified 1 : ecdsa-with-SHA224 85 ecdsa-with-Specified 2 : ecdsa-with-SHA256 86 ecdsa-with-Specified 3 : ecdsa-with-SHA384 87 ecdsa-with-Specified 4 : ecdsa-with-SHA512 88 89 # SECG curve OIDs from "SEC 2: Recommended Elliptic Curve Domain Parameters" 90 # (http://www.secg.org/) 91 !Alias secg_ellipticCurve certicom-arc 0 92 # SECG prime curves OIDs 93 secg-ellipticCurve 6 : secp112r1 94 secg-ellipticCurve 7 : secp112r2 95 secg-ellipticCurve 28 : secp128r1 96 secg-ellipticCurve 29 : secp128r2 97 secg-ellipticCurve 9 : secp160k1 98 secg-ellipticCurve 8 : secp160r1 99 secg-ellipticCurve 30 : secp160r2 100 secg-ellipticCurve 31 : secp192k1 101 # NOTE: the curve secp192r1 is the same as prime192v1 defined above 102 # and is therefore omitted 103 secg-ellipticCurve 32 : secp224k1 104 secg-ellipticCurve 33 : secp224r1 105 secg-ellipticCurve 10 : secp256k1 106 # NOTE: the curve secp256r1 is the same as prime256v1 defined above 107 # and is therefore omitted 108 secg-ellipticCurve 34 : secp384r1 109 secg-ellipticCurve 35 : secp521r1 110 # SECG characteristic two curves OIDs 111 secg-ellipticCurve 4 : sect113r1 112 secg-ellipticCurve 5 : sect113r2 113 secg-ellipticCurve 22 : sect131r1 114 secg-ellipticCurve 23 : sect131r2 115 secg-ellipticCurve 1 : sect163k1 116 secg-ellipticCurve 2 : sect163r1 117 secg-ellipticCurve 15 : sect163r2 118 secg-ellipticCurve 24 : sect193r1 119 secg-ellipticCurve 25 : sect193r2 120 secg-ellipticCurve 26 : sect233k1 121 secg-ellipticCurve 27 : sect233r1 122 secg-ellipticCurve 3 : sect239k1 123 secg-ellipticCurve 16 : sect283k1 124 secg-ellipticCurve 17 : sect283r1 125 secg-ellipticCurve 36 : sect409k1 126 secg-ellipticCurve 37 : sect409r1 127 secg-ellipticCurve 38 : sect571k1 128 secg-ellipticCurve 39 : sect571r1 129 130 # WAP/TLS curve OIDs (http://www.wapforum.org/) 131 !Alias wap-wsg-idm-ecid wap-wsg 4 132 wap-wsg-idm-ecid 1 : wap-wsg-idm-ecid-wtls1 133 wap-wsg-idm-ecid 3 : wap-wsg-idm-ecid-wtls3 134 wap-wsg-idm-ecid 4 : wap-wsg-idm-ecid-wtls4 135 wap-wsg-idm-ecid 5 : wap-wsg-idm-ecid-wtls5 136 wap-wsg-idm-ecid 6 : wap-wsg-idm-ecid-wtls6 137 wap-wsg-idm-ecid 7 : wap-wsg-idm-ecid-wtls7 138 wap-wsg-idm-ecid 8 : wap-wsg-idm-ecid-wtls8 139 wap-wsg-idm-ecid 9 : wap-wsg-idm-ecid-wtls9 140 wap-wsg-idm-ecid 10 : wap-wsg-idm-ecid-wtls10 141 wap-wsg-idm-ecid 11 : wap-wsg-idm-ecid-wtls11 142 wap-wsg-idm-ecid 12 : wap-wsg-idm-ecid-wtls12 143 144 145 ISO-US 113533 7 66 10 : CAST5-CBC : cast5-cbc 146 : CAST5-ECB : cast5-ecb 147 !Cname cast5-cfb64 148 : CAST5-CFB : cast5-cfb 149 !Cname cast5-ofb64 150 : CAST5-OFB : cast5-ofb 151 !Cname pbeWithMD5AndCast5-CBC 152 ISO-US 113533 7 66 12 : : pbeWithMD5AndCast5CBC 153 154 # Macs for CMP and CRMF 155 ISO-US 113533 7 66 13 : id-PasswordBasedMAC : password based MAC 156 ISO-US 113533 7 66 30 : id-DHBasedMac : Diffie-Hellman based MAC 157 158 ISO-US 113549 : rsadsi : RSA Data Security, Inc. 159 160 rsadsi 1 : pkcs : RSA Data Security, Inc. PKCS 161 162 pkcs 1 : pkcs1 163 pkcs1 1 : : rsaEncryption 164 pkcs1 2 : RSA-MD2 : md2WithRSAEncryption 165 pkcs1 3 : RSA-MD4 : md4WithRSAEncryption 166 pkcs1 4 : RSA-MD5 : md5WithRSAEncryption 167 pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption 168 # According to PKCS #1 version 2.1 169 pkcs1 7 : RSAES-OAEP : rsaesOaep 170 pkcs1 8 : MGF1 : mgf1 171 pkcs1 10 : RSASSA-PSS : rsassaPss 172 173 pkcs1 11 : RSA-SHA256 : sha256WithRSAEncryption 174 pkcs1 12 : RSA-SHA384 : sha384WithRSAEncryption 175 pkcs1 13 : RSA-SHA512 : sha512WithRSAEncryption 176 pkcs1 14 : RSA-SHA224 : sha224WithRSAEncryption 177 178 pkcs 3 : pkcs3 179 pkcs3 1 : : dhKeyAgreement 180 181 pkcs 5 : pkcs5 182 pkcs5 1 : PBE-MD2-DES : pbeWithMD2AndDES-CBC 183 pkcs5 3 : PBE-MD5-DES : pbeWithMD5AndDES-CBC 184 pkcs5 4 : PBE-MD2-RC2-64 : pbeWithMD2AndRC2-CBC 185 pkcs5 6 : PBE-MD5-RC2-64 : pbeWithMD5AndRC2-CBC 186 pkcs5 10 : PBE-SHA1-DES : pbeWithSHA1AndDES-CBC 187 pkcs5 11 : PBE-SHA1-RC2-64 : pbeWithSHA1AndRC2-CBC 188 !Cname id_pbkdf2 189 pkcs5 12 : : PBKDF2 190 !Cname pbes2 191 pkcs5 13 : : PBES2 192 !Cname pbmac1 193 pkcs5 14 : : PBMAC1 194 195 pkcs 7 : pkcs7 196 pkcs7 1 : : pkcs7-data 197 !Cname pkcs7-signed 198 pkcs7 2 : : pkcs7-signedData 199 !Cname pkcs7-enveloped 200 pkcs7 3 : : pkcs7-envelopedData 201 !Cname pkcs7-signedAndEnveloped 202 pkcs7 4 : : pkcs7-signedAndEnvelopedData 203 !Cname pkcs7-digest 204 pkcs7 5 : : pkcs7-digestData 205 !Cname pkcs7-encrypted 206 pkcs7 6 : : pkcs7-encryptedData 207 208 pkcs 9 : pkcs9 209 !module pkcs9 210 pkcs9 1 : : emailAddress 211 pkcs9 2 : : unstructuredName 212 pkcs9 3 : : contentType 213 pkcs9 4 : : messageDigest 214 pkcs9 5 : : signingTime 215 pkcs9 6 : : countersignature 216 pkcs9 7 : : challengePassword 217 pkcs9 8 : : unstructuredAddress 218 !Cname extCertAttributes 219 pkcs9 9 : : extendedCertificateAttributes 220 !global 221 222 !Cname ext-req 223 pkcs9 14 : extReq : Extension Request 224 225 !Cname SMIMECapabilities 226 pkcs9 15 : SMIME-CAPS : S/MIME Capabilities 227 228 # S/MIME 229 !Cname SMIME 230 pkcs9 16 : SMIME : S/MIME 231 SMIME 0 : id-smime-mod 232 SMIME 1 : id-smime-ct 233 SMIME 2 : id-smime-aa 234 SMIME 3 : id-smime-alg 235 SMIME 4 : id-smime-cd 236 SMIME 5 : id-smime-spq 237 SMIME 6 : id-smime-cti 238 239 # S/MIME Modules 240 id-smime-mod 1 : id-smime-mod-cms 241 id-smime-mod 2 : id-smime-mod-ess 242 id-smime-mod 3 : id-smime-mod-oid 243 id-smime-mod 4 : id-smime-mod-msg-v3 244 id-smime-mod 5 : id-smime-mod-ets-eSignature-88 245 id-smime-mod 6 : id-smime-mod-ets-eSignature-97 246 id-smime-mod 7 : id-smime-mod-ets-eSigPolicy-88 247 id-smime-mod 8 : id-smime-mod-ets-eSigPolicy-97 248 249 # S/MIME Content Types 250 id-smime-ct 1 : id-smime-ct-receipt 251 id-smime-ct 2 : id-smime-ct-authData 252 id-smime-ct 3 : id-smime-ct-publishCert 253 id-smime-ct 4 : id-smime-ct-TSTInfo 254 id-smime-ct 5 : id-smime-ct-TDTInfo 255 id-smime-ct 6 : id-smime-ct-contentInfo 256 id-smime-ct 7 : id-smime-ct-DVCSRequestData 257 id-smime-ct 8 : id-smime-ct-DVCSResponseData 258 id-smime-ct 9 : id-smime-ct-compressedData 259 id-smime-ct 27 : id-ct-asciiTextWithCRLF 260 261 # S/MIME Attributes 262 id-smime-aa 1 : id-smime-aa-receiptRequest 263 id-smime-aa 2 : id-smime-aa-securityLabel 264 id-smime-aa 3 : id-smime-aa-mlExpandHistory 265 id-smime-aa 4 : id-smime-aa-contentHint 266 id-smime-aa 5 : id-smime-aa-msgSigDigest 267 # obsolete 268 id-smime-aa 6 : id-smime-aa-encapContentType 269 id-smime-aa 7 : id-smime-aa-contentIdentifier 270 # obsolete 271 id-smime-aa 8 : id-smime-aa-macValue 272 id-smime-aa 9 : id-smime-aa-equivalentLabels 273 id-smime-aa 10 : id-smime-aa-contentReference 274 id-smime-aa 11 : id-smime-aa-encrypKeyPref 275 id-smime-aa 12 : id-smime-aa-signingCertificate 276 id-smime-aa 13 : id-smime-aa-smimeEncryptCerts 277 id-smime-aa 14 : id-smime-aa-timeStampToken 278 id-smime-aa 15 : id-smime-aa-ets-sigPolicyId 279 id-smime-aa 16 : id-smime-aa-ets-commitmentType 280 id-smime-aa 17 : id-smime-aa-ets-signerLocation 281 id-smime-aa 18 : id-smime-aa-ets-signerAttr 282 id-smime-aa 19 : id-smime-aa-ets-otherSigCert 283 id-smime-aa 20 : id-smime-aa-ets-contentTimestamp 284 id-smime-aa 21 : id-smime-aa-ets-CertificateRefs 285 id-smime-aa 22 : id-smime-aa-ets-RevocationRefs 286 id-smime-aa 23 : id-smime-aa-ets-certValues 287 id-smime-aa 24 : id-smime-aa-ets-revocationValues 288 id-smime-aa 25 : id-smime-aa-ets-escTimeStamp 289 id-smime-aa 26 : id-smime-aa-ets-certCRLTimestamp 290 id-smime-aa 27 : id-smime-aa-ets-archiveTimeStamp 291 id-smime-aa 28 : id-smime-aa-signatureType 292 id-smime-aa 29 : id-smime-aa-dvcs-dvc 293 294 # S/MIME Algorithm Identifiers 295 # obsolete 296 id-smime-alg 1 : id-smime-alg-ESDHwith3DES 297 # obsolete 298 id-smime-alg 2 : id-smime-alg-ESDHwithRC2 299 # obsolete 300 id-smime-alg 3 : id-smime-alg-3DESwrap 301 # obsolete 302 id-smime-alg 4 : id-smime-alg-RC2wrap 303 id-smime-alg 5 : id-smime-alg-ESDH 304 id-smime-alg 6 : id-smime-alg-CMS3DESwrap 305 id-smime-alg 7 : id-smime-alg-CMSRC2wrap 306 id-smime-alg 9 : id-alg-PWRI-KEK 307 308 # S/MIME Certificate Distribution 309 id-smime-cd 1 : id-smime-cd-ldap 310 311 # S/MIME Signature Policy Qualifier 312 id-smime-spq 1 : id-smime-spq-ets-sqt-uri 313 id-smime-spq 2 : id-smime-spq-ets-sqt-unotice 314 315 # S/MIME Commitment Type Identifier 316 id-smime-cti 1 : id-smime-cti-ets-proofOfOrigin 317 id-smime-cti 2 : id-smime-cti-ets-proofOfReceipt 318 id-smime-cti 3 : id-smime-cti-ets-proofOfDelivery 319 id-smime-cti 4 : id-smime-cti-ets-proofOfSender 320 id-smime-cti 5 : id-smime-cti-ets-proofOfApproval 321 id-smime-cti 6 : id-smime-cti-ets-proofOfCreation 322 323 pkcs9 20 : : friendlyName 324 pkcs9 21 : : localKeyID 325 !Cname ms-csp-name 326 1 3 6 1 4 1 311 17 1 : CSPName : Microsoft CSP Name 327 1 3 6 1 4 1 311 17 2 : LocalKeySet : Microsoft Local Key set 328 !Alias certTypes pkcs9 22 329 certTypes 1 : : x509Certificate 330 certTypes 2 : : sdsiCertificate 331 !Alias crlTypes pkcs9 23 332 crlTypes 1 : : x509Crl 333 334 !Alias pkcs12 pkcs 12 335 !Alias pkcs12-pbeids pkcs12 1 336 337 !Cname pbe-WithSHA1And128BitRC4 338 pkcs12-pbeids 1 : PBE-SHA1-RC4-128 : pbeWithSHA1And128BitRC4 339 !Cname pbe-WithSHA1And40BitRC4 340 pkcs12-pbeids 2 : PBE-SHA1-RC4-40 : pbeWithSHA1And40BitRC4 341 !Cname pbe-WithSHA1And3_Key_TripleDES-CBC 342 pkcs12-pbeids 3 : PBE-SHA1-3DES : pbeWithSHA1And3-KeyTripleDES-CBC 343 !Cname pbe-WithSHA1And2_Key_TripleDES-CBC 344 pkcs12-pbeids 4 : PBE-SHA1-2DES : pbeWithSHA1And2-KeyTripleDES-CBC 345 !Cname pbe-WithSHA1And128BitRC2-CBC 346 pkcs12-pbeids 5 : PBE-SHA1-RC2-128 : pbeWithSHA1And128BitRC2-CBC 347 !Cname pbe-WithSHA1And40BitRC2-CBC 348 pkcs12-pbeids 6 : PBE-SHA1-RC2-40 : pbeWithSHA1And40BitRC2-CBC 349 350 !Alias pkcs12-Version1 pkcs12 10 351 !Alias pkcs12-BagIds pkcs12-Version1 1 352 pkcs12-BagIds 1 : : keyBag 353 pkcs12-BagIds 2 : : pkcs8ShroudedKeyBag 354 pkcs12-BagIds 3 : : certBag 355 pkcs12-BagIds 4 : : crlBag 356 pkcs12-BagIds 5 : : secretBag 357 pkcs12-BagIds 6 : : safeContentsBag 358 359 rsadsi 2 2 : MD2 : md2 360 rsadsi 2 4 : MD4 : md4 361 rsadsi 2 5 : MD5 : md5 362 : MD5-SHA1 : md5-sha1 363 rsadsi 2 6 : : hmacWithMD5 364 rsadsi 2 7 : : hmacWithSHA1 365 366 # From RFC4231 367 rsadsi 2 8 : : hmacWithSHA224 368 rsadsi 2 9 : : hmacWithSHA256 369 rsadsi 2 10 : : hmacWithSHA384 370 rsadsi 2 11 : : hmacWithSHA512 371 372 rsadsi 3 2 : RC2-CBC : rc2-cbc 373 : RC2-ECB : rc2-ecb 374 !Cname rc2-cfb64 375 : RC2-CFB : rc2-cfb 376 !Cname rc2-ofb64 377 : RC2-OFB : rc2-ofb 378 : RC2-40-CBC : rc2-40-cbc 379 : RC2-64-CBC : rc2-64-cbc 380 rsadsi 3 4 : RC4 : rc4 381 : RC4-40 : rc4-40 382 rsadsi 3 7 : DES-EDE3-CBC : des-ede3-cbc 383 rsadsi 3 8 : RC5-CBC : rc5-cbc 384 : RC5-ECB : rc5-ecb 385 !Cname rc5-cfb64 386 : RC5-CFB : rc5-cfb 387 !Cname rc5-ofb64 388 : RC5-OFB : rc5-ofb 389 390 !Cname ms-ext-req 391 1 3 6 1 4 1 311 2 1 14 : msExtReq : Microsoft Extension Request 392 !Cname ms-code-ind 393 1 3 6 1 4 1 311 2 1 21 : msCodeInd : Microsoft Individual Code Signing 394 !Cname ms-code-com 395 1 3 6 1 4 1 311 2 1 22 : msCodeCom : Microsoft Commercial Code Signing 396 !Cname ms-ctl-sign 397 1 3 6 1 4 1 311 10 3 1 : msCTLSign : Microsoft Trust List Signing 398 !Cname ms-sgc 399 1 3 6 1 4 1 311 10 3 3 : msSGC : Microsoft Server Gated Crypto 400 !Cname ms-efs 401 1 3 6 1 4 1 311 10 3 4 : msEFS : Microsoft Encrypted File System 402 !Cname ms-smartcard-login 403 1 3 6 1 4 1 311 20 2 2 : msSmartcardLogin : Microsoft Smartcardlogin 404 !Cname ms-upn 405 1 3 6 1 4 1 311 20 2 3 : msUPN : Microsoft Universal Principal Name 406 407 1 3 6 1 4 1 188 7 1 1 2 : IDEA-CBC : idea-cbc 408 : IDEA-ECB : idea-ecb 409 !Cname idea-cfb64 410 : IDEA-CFB : idea-cfb 411 !Cname idea-ofb64 412 : IDEA-OFB : idea-ofb 413 414 1 3 6 1 4 1 3029 1 2 : BF-CBC : bf-cbc 415 : BF-ECB : bf-ecb 416 !Cname bf-cfb64 417 : BF-CFB : bf-cfb 418 !Cname bf-ofb64 419 : BF-OFB : bf-ofb 420 421 !Cname id-pkix 422 1 3 6 1 5 5 7 : PKIX 423 424 # PKIX Arcs 425 id-pkix 0 : id-pkix-mod 426 id-pkix 1 : id-pe 427 id-pkix 2 : id-qt 428 id-pkix 3 : id-kp 429 id-pkix 4 : id-it 430 id-pkix 5 : id-pkip 431 id-pkix 6 : id-alg 432 id-pkix 7 : id-cmc 433 id-pkix 8 : id-on 434 id-pkix 9 : id-pda 435 id-pkix 10 : id-aca 436 id-pkix 11 : id-qcs 437 id-pkix 12 : id-cct 438 id-pkix 21 : id-ppl 439 id-pkix 48 : id-ad 440 441 # PKIX Modules 442 id-pkix-mod 1 : id-pkix1-explicit-88 443 id-pkix-mod 2 : id-pkix1-implicit-88 444 id-pkix-mod 3 : id-pkix1-explicit-93 445 id-pkix-mod 4 : id-pkix1-implicit-93 446 id-pkix-mod 5 : id-mod-crmf 447 id-pkix-mod 6 : id-mod-cmc 448 id-pkix-mod 7 : id-mod-kea-profile-88 449 id-pkix-mod 8 : id-mod-kea-profile-93 450 id-pkix-mod 9 : id-mod-cmp 451 id-pkix-mod 10 : id-mod-qualified-cert-88 452 id-pkix-mod 11 : id-mod-qualified-cert-93 453 id-pkix-mod 12 : id-mod-attribute-cert 454 id-pkix-mod 13 : id-mod-timestamp-protocol 455 id-pkix-mod 14 : id-mod-ocsp 456 id-pkix-mod 15 : id-mod-dvcs 457 id-pkix-mod 16 : id-mod-cmp2000 458 459 # PKIX Private Extensions 460 !Cname info-access 461 id-pe 1 : authorityInfoAccess : Authority Information Access 462 id-pe 2 : biometricInfo : Biometric Info 463 id-pe 3 : qcStatements 464 id-pe 4 : ac-auditEntity 465 id-pe 5 : ac-targeting 466 id-pe 6 : aaControls 467 id-pe 7 : sbgp-ipAddrBlock 468 id-pe 8 : sbgp-autonomousSysNum 469 id-pe 9 : sbgp-routerIdentifier 470 id-pe 10 : ac-proxying 471 !Cname sinfo-access 472 id-pe 11 : subjectInfoAccess : Subject Information Access 473 id-pe 14 : proxyCertInfo : Proxy Certificate Information 474 475 # PKIX policyQualifiers for Internet policy qualifiers 476 id-qt 1 : id-qt-cps : Policy Qualifier CPS 477 id-qt 2 : id-qt-unotice : Policy Qualifier User Notice 478 id-qt 3 : textNotice 479 480 # PKIX key purpose identifiers 481 !Cname server-auth 482 id-kp 1 : serverAuth : TLS Web Server Authentication 483 !Cname client-auth 484 id-kp 2 : clientAuth : TLS Web Client Authentication 485 !Cname code-sign 486 id-kp 3 : codeSigning : Code Signing 487 !Cname email-protect 488 id-kp 4 : emailProtection : E-mail Protection 489 id-kp 5 : ipsecEndSystem : IPSec End System 490 id-kp 6 : ipsecTunnel : IPSec Tunnel 491 id-kp 7 : ipsecUser : IPSec User 492 !Cname time-stamp 493 id-kp 8 : timeStamping : Time Stamping 494 # From OCSP spec RFC2560 495 !Cname OCSP-sign 496 id-kp 9 : OCSPSigning : OCSP Signing 497 id-kp 10 : DVCS : dvcs 498 499 # CMP information types 500 id-it 1 : id-it-caProtEncCert 501 id-it 2 : id-it-signKeyPairTypes 502 id-it 3 : id-it-encKeyPairTypes 503 id-it 4 : id-it-preferredSymmAlg 504 id-it 5 : id-it-caKeyUpdateInfo 505 id-it 6 : id-it-currentCRL 506 id-it 7 : id-it-unsupportedOIDs 507 # obsolete 508 id-it 8 : id-it-subscriptionRequest 509 # obsolete 510 id-it 9 : id-it-subscriptionResponse 511 id-it 10 : id-it-keyPairParamReq 512 id-it 11 : id-it-keyPairParamRep 513 id-it 12 : id-it-revPassphrase 514 id-it 13 : id-it-implicitConfirm 515 id-it 14 : id-it-confirmWaitTime 516 id-it 15 : id-it-origPKIMessage 517 id-it 16 : id-it-suppLangTags 518 519 # CRMF registration 520 id-pkip 1 : id-regCtrl 521 id-pkip 2 : id-regInfo 522 523 # CRMF registration controls 524 id-regCtrl 1 : id-regCtrl-regToken 525 id-regCtrl 2 : id-regCtrl-authenticator 526 id-regCtrl 3 : id-regCtrl-pkiPublicationInfo 527 id-regCtrl 4 : id-regCtrl-pkiArchiveOptions 528 id-regCtrl 5 : id-regCtrl-oldCertID 529 id-regCtrl 6 : id-regCtrl-protocolEncrKey 530 531 # CRMF registration information 532 id-regInfo 1 : id-regInfo-utf8Pairs 533 id-regInfo 2 : id-regInfo-certReq 534 535 # algorithms 536 id-alg 1 : id-alg-des40 537 id-alg 2 : id-alg-noSignature 538 id-alg 3 : id-alg-dh-sig-hmac-sha1 539 id-alg 4 : id-alg-dh-pop 540 541 # CMC controls 542 id-cmc 1 : id-cmc-statusInfo 543 id-cmc 2 : id-cmc-identification 544 id-cmc 3 : id-cmc-identityProof 545 id-cmc 4 : id-cmc-dataReturn 546 id-cmc 5 : id-cmc-transactionId 547 id-cmc 6 : id-cmc-senderNonce 548 id-cmc 7 : id-cmc-recipientNonce 549 id-cmc 8 : id-cmc-addExtensions 550 id-cmc 9 : id-cmc-encryptedPOP 551 id-cmc 10 : id-cmc-decryptedPOP 552 id-cmc 11 : id-cmc-lraPOPWitness 553 id-cmc 15 : id-cmc-getCert 554 id-cmc 16 : id-cmc-getCRL 555 id-cmc 17 : id-cmc-revokeRequest 556 id-cmc 18 : id-cmc-regInfo 557 id-cmc 19 : id-cmc-responseInfo 558 id-cmc 21 : id-cmc-queryPending 559 id-cmc 22 : id-cmc-popLinkRandom 560 id-cmc 23 : id-cmc-popLinkWitness 561 id-cmc 24 : id-cmc-confirmCertAcceptance 562 563 # other names 564 id-on 1 : id-on-personalData 565 id-on 3 : id-on-permanentIdentifier : Permanent Identifier 566 567 # personal data attributes 568 id-pda 1 : id-pda-dateOfBirth 569 id-pda 2 : id-pda-placeOfBirth 570 id-pda 3 : id-pda-gender 571 id-pda 4 : id-pda-countryOfCitizenship 572 id-pda 5 : id-pda-countryOfResidence 573 574 # attribute certificate attributes 575 id-aca 1 : id-aca-authenticationInfo 576 id-aca 2 : id-aca-accessIdentity 577 id-aca 3 : id-aca-chargingIdentity 578 id-aca 4 : id-aca-group 579 # attention : the following seems to be obsolete, replace by 'role' 580 id-aca 5 : id-aca-role 581 id-aca 6 : id-aca-encAttrs 582 583 # qualified certificate statements 584 id-qcs 1 : id-qcs-pkixQCSyntax-v1 585 586 # CMC content types 587 id-cct 1 : id-cct-crs 588 id-cct 2 : id-cct-PKIData 589 id-cct 3 : id-cct-PKIResponse 590 591 # Predefined Proxy Certificate policy languages 592 id-ppl 0 : id-ppl-anyLanguage : Any language 593 id-ppl 1 : id-ppl-inheritAll : Inherit all 594 id-ppl 2 : id-ppl-independent : Independent 595 596 # access descriptors for authority info access extension 597 !Cname ad-OCSP 598 id-ad 1 : OCSP : OCSP 599 !Cname ad-ca-issuers 600 id-ad 2 : caIssuers : CA Issuers 601 !Cname ad-timeStamping 602 id-ad 3 : ad_timestamping : AD Time Stamping 603 !Cname ad-dvcs 604 id-ad 4 : AD_DVCS : ad dvcs 605 id-ad 5 : caRepository : CA Repository 606 607 608 !Alias id-pkix-OCSP ad-OCSP 609 !module id-pkix-OCSP 610 !Cname basic 611 id-pkix-OCSP 1 : basicOCSPResponse : Basic OCSP Response 612 id-pkix-OCSP 2 : Nonce : OCSP Nonce 613 id-pkix-OCSP 3 : CrlID : OCSP CRL ID 614 id-pkix-OCSP 4 : acceptableResponses : Acceptable OCSP Responses 615 id-pkix-OCSP 5 : noCheck : OCSP No Check 616 id-pkix-OCSP 6 : archiveCutoff : OCSP Archive Cutoff 617 id-pkix-OCSP 7 : serviceLocator : OCSP Service Locator 618 id-pkix-OCSP 8 : extendedStatus : Extended OCSP Status 619 id-pkix-OCSP 9 : valid 620 id-pkix-OCSP 10 : path 621 id-pkix-OCSP 11 : trustRoot : Trust Root 622 !global 623 624 1 3 14 3 2 : algorithm : algorithm 625 algorithm 3 : RSA-NP-MD5 : md5WithRSA 626 algorithm 6 : DES-ECB : des-ecb 627 algorithm 7 : DES-CBC : des-cbc 628 !Cname des-ofb64 629 algorithm 8 : DES-OFB : des-ofb 630 !Cname des-cfb64 631 algorithm 9 : DES-CFB : des-cfb 632 algorithm 11 : rsaSignature 633 !Cname dsa-2 634 algorithm 12 : DSA-old : dsaEncryption-old 635 algorithm 13 : DSA-SHA : dsaWithSHA 636 algorithm 15 : RSA-SHA : shaWithRSAEncryption 637 !Cname des-ede-ecb 638 algorithm 17 : DES-EDE : des-ede 639 !Cname des-ede3-ecb 640 : DES-EDE3 : des-ede3 641 : DES-EDE-CBC : des-ede-cbc 642 !Cname des-ede-cfb64 643 : DES-EDE-CFB : des-ede-cfb 644 !Cname des-ede3-cfb64 645 : DES-EDE3-CFB : des-ede3-cfb 646 !Cname des-ede-ofb64 647 : DES-EDE-OFB : des-ede-ofb 648 !Cname des-ede3-ofb64 649 : DES-EDE3-OFB : des-ede3-ofb 650 : DESX-CBC : desx-cbc 651 algorithm 18 : SHA : sha 652 algorithm 26 : SHA1 : sha1 653 !Cname dsaWithSHA1-2 654 algorithm 27 : DSA-SHA1-old : dsaWithSHA1-old 655 algorithm 29 : RSA-SHA1-2 : sha1WithRSA 656 657 1 3 36 3 2 1 : RIPEMD160 : ripemd160 658 1 3 36 3 3 1 2 : RSA-RIPEMD160 : ripemd160WithRSA 659 660 !Cname sxnet 661 1 3 101 1 4 1 : SXNetID : Strong Extranet ID 662 663 2 5 : X500 : directory services (X.500) 664 665 X500 4 : X509 666 X509 3 : CN : commonName 667 X509 4 : SN : surname 668 X509 5 : : serialNumber 669 X509 6 : C : countryName 670 X509 7 : L : localityName 671 X509 8 : ST : stateOrProvinceName 672 X509 9 : street : streetAddress 673 X509 10 : O : organizationName 674 X509 11 : OU : organizationalUnitName 675 X509 12 : title : title 676 X509 13 : : description 677 X509 14 : : searchGuide 678 X509 15 : : businessCategory 679 X509 16 : : postalAddress 680 X509 17 : : postalCode 681 X509 18 : : postOfficeBox 682 X509 19 : : physicalDeliveryOfficeName 683 X509 20 : : telephoneNumber 684 X509 21 : : telexNumber 685 X509 22 : : teletexTerminalIdentifier 686 X509 23 : : facsimileTelephoneNumber 687 X509 24 : : x121Address 688 X509 25 : : internationaliSDNNumber 689 X509 26 : : registeredAddress 690 X509 27 : : destinationIndicator 691 X509 28 : : preferredDeliveryMethod 692 X509 29 : : presentationAddress 693 X509 30 : : supportedApplicationContext 694 X509 31 : member : 695 X509 32 : owner : 696 X509 33 : : roleOccupant 697 X509 34 : seeAlso : 698 X509 35 : : userPassword 699 X509 36 : : userCertificate 700 X509 37 : : cACertificate 701 X509 38 : : authorityRevocationList 702 X509 39 : : certificateRevocationList 703 X509 40 : : crossCertificatePair 704 X509 41 : name : name 705 X509 42 : GN : givenName 706 X509 43 : initials : initials 707 X509 44 : : generationQualifier 708 X509 45 : : x500UniqueIdentifier 709 X509 46 : dnQualifier : dnQualifier 710 X509 47 : : enhancedSearchGuide 711 X509 48 : : protocolInformation 712 X509 49 : : distinguishedName 713 X509 50 : : uniqueMember 714 X509 51 : : houseIdentifier 715 X509 52 : : supportedAlgorithms 716 X509 53 : : deltaRevocationList 717 X509 54 : dmdName : 718 X509 65 : : pseudonym 719 X509 72 : role : role 720 721 X500 8 : X500algorithms : directory services - algorithms 722 X500algorithms 1 1 : RSA : rsa 723 X500algorithms 3 100 : RSA-MDC2 : mdc2WithRSA 724 X500algorithms 3 101 : MDC2 : mdc2 725 726 X500 29 : id-ce 727 !Cname subject-directory-attributes 728 id-ce 9 : subjectDirectoryAttributes : X509v3 Subject Directory Attributes 729 !Cname subject-key-identifier 730 id-ce 14 : subjectKeyIdentifier : X509v3 Subject Key Identifier 731 !Cname key-usage 732 id-ce 15 : keyUsage : X509v3 Key Usage 733 !Cname private-key-usage-period 734 id-ce 16 : privateKeyUsagePeriod : X509v3 Private Key Usage Period 735 !Cname subject-alt-name 736 id-ce 17 : subjectAltName : X509v3 Subject Alternative Name 737 !Cname issuer-alt-name 738 id-ce 18 : issuerAltName : X509v3 Issuer Alternative Name 739 !Cname basic-constraints 740 id-ce 19 : basicConstraints : X509v3 Basic Constraints 741 !Cname crl-number 742 id-ce 20 : crlNumber : X509v3 CRL Number 743 !Cname crl-reason 744 id-ce 21 : CRLReason : X509v3 CRL Reason Code 745 !Cname invalidity-date 746 id-ce 24 : invalidityDate : Invalidity Date 747 !Cname delta-crl 748 id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator 749 !Cname issuing-distribution-point 750 id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distrubution Point 751 !Cname certificate-issuer 752 id-ce 29 : certificateIssuer : X509v3 Certificate Issuer 753 !Cname name-constraints 754 id-ce 30 : nameConstraints : X509v3 Name Constraints 755 !Cname crl-distribution-points 756 id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points 757 !Cname certificate-policies 758 id-ce 32 : certificatePolicies : X509v3 Certificate Policies 759 !Cname any-policy 760 certificate-policies 0 : anyPolicy : X509v3 Any Policy 761 !Cname policy-mappings 762 id-ce 33 : policyMappings : X509v3 Policy Mappings 763 !Cname authority-key-identifier 764 id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier 765 !Cname policy-constraints 766 id-ce 36 : policyConstraints : X509v3 Policy Constraints 767 !Cname ext-key-usage 768 id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage 769 !Cname freshest-crl 770 id-ce 46 : freshestCRL : X509v3 Freshest CRL 771 !Cname inhibit-any-policy 772 id-ce 54 : inhibitAnyPolicy : X509v3 Inhibit Any Policy 773 !Cname target-information 774 id-ce 55 : targetInformation : X509v3 AC Targeting 775 !Cname no-rev-avail 776 id-ce 56 : noRevAvail : X509v3 No Revocation Available 777 778 # From RFC5280 779 ext-key-usage 0 : anyExtendedKeyUsage : Any Extended Key Usage 780 781 782 !Cname netscape 783 2 16 840 1 113730 : Netscape : Netscape Communications Corp. 784 !Cname netscape-cert-extension 785 netscape 1 : nsCertExt : Netscape Certificate Extension 786 !Cname netscape-data-type 787 netscape 2 : nsDataType : Netscape Data Type 788 !Cname netscape-cert-type 789 netscape-cert-extension 1 : nsCertType : Netscape Cert Type 790 !Cname netscape-base-url 791 netscape-cert-extension 2 : nsBaseUrl : Netscape Base Url 792 !Cname netscape-revocation-url 793 netscape-cert-extension 3 : nsRevocationUrl : Netscape Revocation Url 794 !Cname netscape-ca-revocation-url 795 netscape-cert-extension 4 : nsCaRevocationUrl : Netscape CA Revocation Url 796 !Cname netscape-renewal-url 797 netscape-cert-extension 7 : nsRenewalUrl : Netscape Renewal Url 798 !Cname netscape-ca-policy-url 799 netscape-cert-extension 8 : nsCaPolicyUrl : Netscape CA Policy Url 800 !Cname netscape-ssl-server-name 801 netscape-cert-extension 12 : nsSslServerName : Netscape SSL Server Name 802 !Cname netscape-comment 803 netscape-cert-extension 13 : nsComment : Netscape Comment 804 !Cname netscape-cert-sequence 805 netscape-data-type 5 : nsCertSequence : Netscape Certificate Sequence 806 !Cname ns-sgc 807 netscape 4 1 : nsSGC : Netscape Server Gated Crypto 808 809 # iso(1) 810 iso 3 : ORG : org 811 org 6 : DOD : dod 812 dod 1 : IANA : iana 813 !Alias internet iana 814 815 internet 1 : directory : Directory 816 internet 2 : mgmt : Management 817 internet 3 : experimental : Experimental 818 internet 4 : private : Private 819 internet 5 : security : Security 820 internet 6 : snmpv2 : SNMPv2 821 # Documents refer to "internet 7" as "mail". This however leads to ambiguities 822 # with RFC2798, Section 9.1.3, where "mail" is defined as the short name for 823 # rfc822Mailbox. The short name is therefore here left out for a reason. 824 # Subclasses of "mail", e.g. "MIME MHS" don't consitute a problem, as 825 # references are realized via long name "Mail" (with capital M). 826 internet 7 : : Mail 827 828 Private 1 : enterprises : Enterprises 829 830 # RFC 2247 831 Enterprises 1466 344 : dcobject : dcObject 832 833 # RFC 1495 834 Mail 1 : mime-mhs : MIME MHS 835 mime-mhs 1 : mime-mhs-headings : mime-mhs-headings 836 mime-mhs 2 : mime-mhs-bodies : mime-mhs-bodies 837 mime-mhs-headings 1 : id-hex-partial-message : id-hex-partial-message 838 mime-mhs-headings 2 : id-hex-multipart-message : id-hex-multipart-message 839 840 # What the hell are these OIDs, really? 841 !Cname rle-compression 842 1 1 1 1 666 1 : RLE : run length compression 843 !Cname zlib-compression 844 id-smime-alg 8 : ZLIB : zlib compression 845 846 # AES aka Rijndael 847 848 !Alias csor 2 16 840 1 101 3 849 !Alias nistAlgorithms csor 4 850 !Alias aes nistAlgorithms 1 851 852 aes 1 : AES-128-ECB : aes-128-ecb 853 aes 2 : AES-128-CBC : aes-128-cbc 854 !Cname aes-128-ofb128 855 aes 3 : AES-128-OFB : aes-128-ofb 856 !Cname aes-128-cfb128 857 aes 4 : AES-128-CFB : aes-128-cfb 858 aes 5 : id-aes128-wrap 859 aes 6 : id-aes128-GCM : aes-128-gcm 860 aes 7 : id-aes128-CCM : aes-128-ccm 861 aes 8 : id-aes128-wrap-pad 862 863 aes 21 : AES-192-ECB : aes-192-ecb 864 aes 22 : AES-192-CBC : aes-192-cbc 865 !Cname aes-192-ofb128 866 aes 23 : AES-192-OFB : aes-192-ofb 867 !Cname aes-192-cfb128 868 aes 24 : AES-192-CFB : aes-192-cfb 869 aes 25 : id-aes192-wrap 870 aes 26 : id-aes192-GCM : aes-192-gcm 871 aes 27 : id-aes192-CCM : aes-192-ccm 872 aes 28 : id-aes192-wrap-pad 873 874 aes 41 : AES-256-ECB : aes-256-ecb 875 aes 42 : AES-256-CBC : aes-256-cbc 876 !Cname aes-256-ofb128 877 aes 43 : AES-256-OFB : aes-256-ofb 878 !Cname aes-256-cfb128 879 aes 44 : AES-256-CFB : aes-256-cfb 880 aes 45 : id-aes256-wrap 881 aes 46 : id-aes256-GCM : aes-256-gcm 882 aes 47 : id-aes256-CCM : aes-256-ccm 883 aes 48 : id-aes256-wrap-pad 884 885 # There are no OIDs for these modes... 886 887 : AES-128-CFB1 : aes-128-cfb1 888 : AES-192-CFB1 : aes-192-cfb1 889 : AES-256-CFB1 : aes-256-cfb1 890 : AES-128-CFB8 : aes-128-cfb8 891 : AES-192-CFB8 : aes-192-cfb8 892 : AES-256-CFB8 : aes-256-cfb8 893 : AES-128-CTR : aes-128-ctr 894 : AES-192-CTR : aes-192-ctr 895 : AES-256-CTR : aes-256-ctr 896 : AES-128-XTS : aes-128-xts 897 : AES-256-XTS : aes-256-xts 898 : DES-CFB1 : des-cfb1 899 : DES-CFB8 : des-cfb8 900 : DES-EDE3-CFB1 : des-ede3-cfb1 901 : DES-EDE3-CFB8 : des-ede3-cfb8 902 903 # OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84. 904 !Alias nist_hashalgs nistAlgorithms 2 905 nist_hashalgs 1 : SHA256 : sha256 906 nist_hashalgs 2 : SHA384 : sha384 907 nist_hashalgs 3 : SHA512 : sha512 908 nist_hashalgs 4 : SHA224 : sha224 909 910 # OIDs for dsa-with-sha224 and dsa-with-sha256 911 !Alias dsa_with_sha2 nistAlgorithms 3 912 dsa_with_sha2 1 : dsa_with_SHA224 913 dsa_with_sha2 2 : dsa_with_SHA256 914 915 # Hold instruction CRL entry extension 916 !Cname hold-instruction-code 917 id-ce 23 : holdInstructionCode : Hold Instruction Code 918 !Alias holdInstruction X9-57 2 919 !Cname hold-instruction-none 920 holdInstruction 1 : holdInstructionNone : Hold Instruction None 921 !Cname hold-instruction-call-issuer 922 holdInstruction 2 : holdInstructionCallIssuer : Hold Instruction Call Issuer 923 !Cname hold-instruction-reject 924 holdInstruction 3 : holdInstructionReject : Hold Instruction Reject 925 926 # OID's from ITU-T. Most of this is defined in RFC 1274. A couple of 927 # them are also mentioned in RFC 2247 928 itu-t 9 : data 929 data 2342 : pss 930 pss 19200300 : ucl 931 ucl 100 : pilot 932 pilot 1 : : pilotAttributeType 933 pilot 3 : : pilotAttributeSyntax 934 pilot 4 : : pilotObjectClass 935 pilot 10 : : pilotGroups 936 pilotAttributeSyntax 4 : : iA5StringSyntax 937 pilotAttributeSyntax 5 : : caseIgnoreIA5StringSyntax 938 pilotObjectClass 3 : : pilotObject 939 pilotObjectClass 4 : : pilotPerson 940 pilotObjectClass 5 : account 941 pilotObjectClass 6 : document 942 pilotObjectClass 7 : room 943 pilotObjectClass 9 : : documentSeries 944 pilotObjectClass 13 : domain : Domain 945 pilotObjectClass 14 : : rFC822localPart 946 pilotObjectClass 15 : : dNSDomain 947 pilotObjectClass 17 : : domainRelatedObject 948 pilotObjectClass 18 : : friendlyCountry 949 pilotObjectClass 19 : : simpleSecurityObject 950 pilotObjectClass 20 : : pilotOrganization 951 pilotObjectClass 21 : : pilotDSA 952 pilotObjectClass 22 : : qualityLabelledData 953 pilotAttributeType 1 : UID : userId 954 pilotAttributeType 2 : : textEncodedORAddress 955 pilotAttributeType 3 : mail : rfc822Mailbox 956 pilotAttributeType 4 : info 957 pilotAttributeType 5 : : favouriteDrink 958 pilotAttributeType 6 : : roomNumber 959 pilotAttributeType 7 : photo 960 pilotAttributeType 8 : : userClass 961 pilotAttributeType 9 : host 962 pilotAttributeType 10 : manager 963 pilotAttributeType 11 : : documentIdentifier 964 pilotAttributeType 12 : : documentTitle 965 pilotAttributeType 13 : : documentVersion 966 pilotAttributeType 14 : : documentAuthor 967 pilotAttributeType 15 : : documentLocation 968 pilotAttributeType 20 : : homeTelephoneNumber 969 pilotAttributeType 21 : secretary 970 pilotAttributeType 22 : : otherMailbox 971 pilotAttributeType 23 : : lastModifiedTime 972 pilotAttributeType 24 : : lastModifiedBy 973 pilotAttributeType 25 : DC : domainComponent 974 pilotAttributeType 26 : : aRecord 975 pilotAttributeType 27 : : pilotAttributeType27 976 pilotAttributeType 28 : : mXRecord 977 pilotAttributeType 29 : : nSRecord 978 pilotAttributeType 30 : : sOARecord 979 pilotAttributeType 31 : : cNAMERecord 980 pilotAttributeType 37 : : associatedDomain 981 pilotAttributeType 38 : : associatedName 982 pilotAttributeType 39 : : homePostalAddress 983 pilotAttributeType 40 : : personalTitle 984 pilotAttributeType 41 : : mobileTelephoneNumber 985 pilotAttributeType 42 : : pagerTelephoneNumber 986 pilotAttributeType 43 : : friendlyCountryName 987 # The following clashes with 2.5.4.45, so commented away 988 #pilotAttributeType 44 : uid : uniqueIdentifier 989 pilotAttributeType 45 : : organizationalStatus 990 pilotAttributeType 46 : : janetMailbox 991 pilotAttributeType 47 : : mailPreferenceOption 992 pilotAttributeType 48 : : buildingName 993 pilotAttributeType 49 : : dSAQuality 994 pilotAttributeType 50 : : singleLevelQuality 995 pilotAttributeType 51 : : subtreeMinimumQuality 996 pilotAttributeType 52 : : subtreeMaximumQuality 997 pilotAttributeType 53 : : personalSignature 998 pilotAttributeType 54 : : dITRedirect 999 pilotAttributeType 55 : audio 1000 pilotAttributeType 56 : : documentPublisher 1001 1002 international-organizations 42 : id-set : Secure Electronic Transactions 1003 1004 id-set 0 : set-ctype : content types 1005 id-set 1 : set-msgExt : message extensions 1006 id-set 3 : set-attr 1007 id-set 5 : set-policy 1008 id-set 7 : set-certExt : certificate extensions 1009 id-set 8 : set-brand 1010 1011 set-ctype 0 : setct-PANData 1012 set-ctype 1 : setct-PANToken 1013 set-ctype 2 : setct-PANOnly 1014 set-ctype 3 : setct-OIData 1015 set-ctype 4 : setct-PI 1016 set-ctype 5 : setct-PIData 1017 set-ctype 6 : setct-PIDataUnsigned 1018 set-ctype 7 : setct-HODInput 1019 set-ctype 8 : setct-AuthResBaggage 1020 set-ctype 9 : setct-AuthRevReqBaggage 1021 set-ctype 10 : setct-AuthRevResBaggage 1022 set-ctype 11 : setct-CapTokenSeq 1023 set-ctype 12 : setct-PInitResData 1024 set-ctype 13 : setct-PI-TBS 1025 set-ctype 14 : setct-PResData 1026 set-ctype 16 : setct-AuthReqTBS 1027 set-ctype 17 : setct-AuthResTBS 1028 set-ctype 18 : setct-AuthResTBSX 1029 set-ctype 19 : setct-AuthTokenTBS 1030 set-ctype 20 : setct-CapTokenData 1031 set-ctype 21 : setct-CapTokenTBS 1032 set-ctype 22 : setct-AcqCardCodeMsg 1033 set-ctype 23 : setct-AuthRevReqTBS 1034 set-ctype 24 : setct-AuthRevResData 1035 set-ctype 25 : setct-AuthRevResTBS 1036 set-ctype 26 : setct-CapReqTBS 1037 set-ctype 27 : setct-CapReqTBSX 1038 set-ctype 28 : setct-CapResData 1039 set-ctype 29 : setct-CapRevReqTBS 1040 set-ctype 30 : setct-CapRevReqTBSX 1041 set-ctype 31 : setct-CapRevResData 1042 set-ctype 32 : setct-CredReqTBS 1043 set-ctype 33 : setct-CredReqTBSX 1044 set-ctype 34 : setct-CredResData 1045 set-ctype 35 : setct-CredRevReqTBS 1046 set-ctype 36 : setct-CredRevReqTBSX 1047 set-ctype 37 : setct-CredRevResData 1048 set-ctype 38 : setct-PCertReqData 1049 set-ctype 39 : setct-PCertResTBS 1050 set-ctype 40 : setct-BatchAdminReqData 1051 set-ctype 41 : setct-BatchAdminResData 1052 set-ctype 42 : setct-CardCInitResTBS 1053 set-ctype 43 : setct-MeAqCInitResTBS 1054 set-ctype 44 : setct-RegFormResTBS 1055 set-ctype 45 : setct-CertReqData 1056 set-ctype 46 : setct-CertReqTBS 1057 set-ctype 47 : setct-CertResData 1058 set-ctype 48 : setct-CertInqReqTBS 1059 set-ctype 49 : setct-ErrorTBS 1060 set-ctype 50 : setct-PIDualSignedTBE 1061 set-ctype 51 : setct-PIUnsignedTBE 1062 set-ctype 52 : setct-AuthReqTBE 1063 set-ctype 53 : setct-AuthResTBE 1064 set-ctype 54 : setct-AuthResTBEX 1065 set-ctype 55 : setct-AuthTokenTBE 1066 set-ctype 56 : setct-CapTokenTBE 1067 set-ctype 57 : setct-CapTokenTBEX 1068 set-ctype 58 : setct-AcqCardCodeMsgTBE 1069 set-ctype 59 : setct-AuthRevReqTBE 1070 set-ctype 60 : setct-AuthRevResTBE 1071 set-ctype 61 : setct-AuthRevResTBEB 1072 set-ctype 62 : setct-CapReqTBE 1073 set-ctype 63 : setct-CapReqTBEX 1074 set-ctype 64 : setct-CapResTBE 1075 set-ctype 65 : setct-CapRevReqTBE 1076 set-ctype 66 : setct-CapRevReqTBEX 1077 set-ctype 67 : setct-CapRevResTBE 1078 set-ctype 68 : setct-CredReqTBE 1079 set-ctype 69 : setct-CredReqTBEX 1080 set-ctype 70 : setct-CredResTBE 1081 set-ctype 71 : setct-CredRevReqTBE 1082 set-ctype 72 : setct-CredRevReqTBEX 1083 set-ctype 73 : setct-CredRevResTBE 1084 set-ctype 74 : setct-BatchAdminReqTBE 1085 set-ctype 75 : setct-BatchAdminResTBE 1086 set-ctype 76 : setct-RegFormReqTBE 1087 set-ctype 77 : setct-CertReqTBE 1088 set-ctype 78 : setct-CertReqTBEX 1089 set-ctype 79 : setct-CertResTBE 1090 set-ctype 80 : setct-CRLNotificationTBS 1091 set-ctype 81 : setct-CRLNotificationResTBS 1092 set-ctype 82 : setct-BCIDistributionTBS 1093 1094 set-msgExt 1 : setext-genCrypt : generic cryptogram 1095 set-msgExt 3 : setext-miAuth : merchant initiated auth 1096 set-msgExt 4 : setext-pinSecure 1097 set-msgExt 5 : setext-pinAny 1098 set-msgExt 7 : setext-track2 1099 set-msgExt 8 : setext-cv : additional verification 1100 1101 set-policy 0 : set-policy-root 1102 1103 set-certExt 0 : setCext-hashedRoot 1104 set-certExt 1 : setCext-certType 1105 set-certExt 2 : setCext-merchData 1106 set-certExt 3 : setCext-cCertRequired 1107 set-certExt 4 : setCext-tunneling 1108 set-certExt 5 : setCext-setExt 1109 set-certExt 6 : setCext-setQualf 1110 set-certExt 7 : setCext-PGWYcapabilities 1111 set-certExt 8 : setCext-TokenIdentifier 1112 set-certExt 9 : setCext-Track2Data 1113 set-certExt 10 : setCext-TokenType 1114 set-certExt 11 : setCext-IssuerCapabilities 1115 1116 set-attr 0 : setAttr-Cert 1117 set-attr 1 : setAttr-PGWYcap : payment gateway capabilities 1118 set-attr 2 : setAttr-TokenType 1119 set-attr 3 : setAttr-IssCap : issuer capabilities 1120 1121 setAttr-Cert 0 : set-rootKeyThumb 1122 setAttr-Cert 1 : set-addPolicy 1123 1124 setAttr-TokenType 1 : setAttr-Token-EMV 1125 setAttr-TokenType 2 : setAttr-Token-B0Prime 1126 1127 setAttr-IssCap 3 : setAttr-IssCap-CVM 1128 setAttr-IssCap 4 : setAttr-IssCap-T2 1129 setAttr-IssCap 5 : setAttr-IssCap-Sig 1130 1131 setAttr-IssCap-CVM 1 : setAttr-GenCryptgrm : generate cryptogram 1132 setAttr-IssCap-T2 1 : setAttr-T2Enc : encrypted track 2 1133 setAttr-IssCap-T2 2 : setAttr-T2cleartxt : cleartext track 2 1134 1135 setAttr-IssCap-Sig 1 : setAttr-TokICCsig : ICC or token signature 1136 setAttr-IssCap-Sig 2 : setAttr-SecDevSig : secure device signature 1137 1138 set-brand 1 : set-brand-IATA-ATA 1139 set-brand 30 : set-brand-Diners 1140 set-brand 34 : set-brand-AmericanExpress 1141 set-brand 35 : set-brand-JCB 1142 set-brand 4 : set-brand-Visa 1143 set-brand 5 : set-brand-MasterCard 1144 set-brand 6011 : set-brand-Novus 1145 1146 rsadsi 3 10 : DES-CDMF : des-cdmf 1147 rsadsi 1 1 6 : rsaOAEPEncryptionSET 1148 1149 : Oakley-EC2N-3 : ipsec3 1150 : Oakley-EC2N-4 : ipsec4 1151 1152 iso 0 10118 3 0 55 : whirlpool 1153 1154 # GOST OIDs 1155 1156 member-body 643 2 2 : cryptopro 1157 member-body 643 2 9 : cryptocom 1158 1159 cryptopro 3 : id-GostR3411-94-with-GostR3410-2001 : GOST R 34.11-94 with GOST R 34.10-2001 1160 cryptopro 4 : id-GostR3411-94-with-GostR3410-94 : GOST R 34.11-94 with GOST R 34.10-94 1161 !Cname id-GostR3411-94 1162 cryptopro 9 : md_gost94 : GOST R 34.11-94 1163 cryptopro 10 : id-HMACGostR3411-94 : HMAC GOST 34.11-94 1164 !Cname id-GostR3410-2001 1165 cryptopro 19 : gost2001 : GOST R 34.10-2001 1166 !Cname id-GostR3410-94 1167 cryptopro 20 : gost94 : GOST R 34.10-94 1168 !Cname id-Gost28147-89 1169 cryptopro 21 : gost89 : GOST 28147-89 1170 : gost89-cnt 1171 !Cname id-Gost28147-89-MAC 1172 cryptopro 22 : gost-mac : GOST 28147-89 MAC 1173 !Cname id-GostR3411-94-prf 1174 cryptopro 23 : prf-gostr3411-94 : GOST R 34.11-94 PRF 1175 cryptopro 98 : id-GostR3410-2001DH : GOST R 34.10-2001 DH 1176 cryptopro 99 : id-GostR3410-94DH : GOST R 34.10-94 DH 1177 1178 cryptopro 14 1 : id-Gost28147-89-CryptoPro-KeyMeshing 1179 cryptopro 14 0 : id-Gost28147-89-None-KeyMeshing 1180 1181 # GOST parameter set OIDs 1182 1183 cryptopro 30 0 : id-GostR3411-94-TestParamSet 1184 cryptopro 30 1 : id-GostR3411-94-CryptoProParamSet 1185 1186 cryptopro 31 0 : id-Gost28147-89-TestParamSet 1187 cryptopro 31 1 : id-Gost28147-89-CryptoPro-A-ParamSet 1188 cryptopro 31 2 : id-Gost28147-89-CryptoPro-B-ParamSet 1189 cryptopro 31 3 : id-Gost28147-89-CryptoPro-C-ParamSet 1190 cryptopro 31 4 : id-Gost28147-89-CryptoPro-D-ParamSet 1191 cryptopro 31 5 : id-Gost28147-89-CryptoPro-Oscar-1-1-ParamSet 1192 cryptopro 31 6 : id-Gost28147-89-CryptoPro-Oscar-1-0-ParamSet 1193 cryptopro 31 7 : id-Gost28147-89-CryptoPro-RIC-1-ParamSet 1194 1195 cryptopro 32 0 : id-GostR3410-94-TestParamSet 1196 cryptopro 32 2 : id-GostR3410-94-CryptoPro-A-ParamSet 1197 cryptopro 32 3 : id-GostR3410-94-CryptoPro-B-ParamSet 1198 cryptopro 32 4 : id-GostR3410-94-CryptoPro-C-ParamSet 1199 cryptopro 32 5 : id-GostR3410-94-CryptoPro-D-ParamSet 1200 1201 cryptopro 33 1 : id-GostR3410-94-CryptoPro-XchA-ParamSet 1202 cryptopro 33 2 : id-GostR3410-94-CryptoPro-XchB-ParamSet 1203 cryptopro 33 3 : id-GostR3410-94-CryptoPro-XchC-ParamSet 1204 1205 cryptopro 35 0 : id-GostR3410-2001-TestParamSet 1206 cryptopro 35 1 : id-GostR3410-2001-CryptoPro-A-ParamSet 1207 cryptopro 35 2 : id-GostR3410-2001-CryptoPro-B-ParamSet 1208 cryptopro 35 3 : id-GostR3410-2001-CryptoPro-C-ParamSet 1209 1210 cryptopro 36 0 : id-GostR3410-2001-CryptoPro-XchA-ParamSet 1211 cryptopro 36 1 : id-GostR3410-2001-CryptoPro-XchB-ParamSet 1212 1213 id-GostR3410-94 1 : id-GostR3410-94-a 1214 id-GostR3410-94 2 : id-GostR3410-94-aBis 1215 id-GostR3410-94 3 : id-GostR3410-94-b 1216 id-GostR3410-94 4 : id-GostR3410-94-bBis 1217 1218 # Cryptocom LTD GOST OIDs 1219 1220 cryptocom 1 6 1 : id-Gost28147-89-cc : GOST 28147-89 Cryptocom ParamSet 1221 !Cname id-GostR3410-94-cc 1222 cryptocom 1 5 3 : gost94cc : GOST 34.10-94 Cryptocom 1223 !Cname id-GostR3410-2001-cc 1224 cryptocom 1 5 4 : gost2001cc : GOST 34.10-2001 Cryptocom 1225 1226 cryptocom 1 3 3 : id-GostR3411-94-with-GostR3410-94-cc : GOST R 34.11-94 with GOST R 34.10-94 Cryptocom 1227 cryptocom 1 3 4 : id-GostR3411-94-with-GostR3410-2001-cc : GOST R 34.11-94 with GOST R 34.10-2001 Cryptocom 1228 1229 cryptocom 1 8 1 : id-GostR3410-2001-ParamSet-cc : GOST R 3410-2001 Parameter Set Cryptocom 1230 1231 # Definitions for Camellia cipher - CBC MODE 1232 1233 1 2 392 200011 61 1 1 1 2 : CAMELLIA-128-CBC : camellia-128-cbc 1234 1 2 392 200011 61 1 1 1 3 : CAMELLIA-192-CBC : camellia-192-cbc 1235 1 2 392 200011 61 1 1 1 4 : CAMELLIA-256-CBC : camellia-256-cbc 1236 1 2 392 200011 61 1 1 3 2 : id-camellia128-wrap 1237 1 2 392 200011 61 1 1 3 3 : id-camellia192-wrap 1238 1 2 392 200011 61 1 1 3 4 : id-camellia256-wrap 1239 1240 # Definitions for Camellia cipher - ECB, CFB, OFB MODE 1241 1242 !Alias ntt-ds 0 3 4401 5 1243 !Alias camellia ntt-ds 3 1 9 1244 1245 camellia 1 : CAMELLIA-128-ECB : camellia-128-ecb 1246 !Cname camellia-128-ofb128 1247 camellia 3 : CAMELLIA-128-OFB : camellia-128-ofb 1248 !Cname camellia-128-cfb128 1249 camellia 4 : CAMELLIA-128-CFB : camellia-128-cfb 1250 1251 camellia 21 : CAMELLIA-192-ECB : camellia-192-ecb 1252 !Cname camellia-192-ofb128 1253 camellia 23 : CAMELLIA-192-OFB : camellia-192-ofb 1254 !Cname camellia-192-cfb128 1255 camellia 24 : CAMELLIA-192-CFB : camellia-192-cfb 1256 1257 camellia 41 : CAMELLIA-256-ECB : camellia-256-ecb 1258 !Cname camellia-256-ofb128 1259 camellia 43 : CAMELLIA-256-OFB : camellia-256-ofb 1260 !Cname camellia-256-cfb128 1261 camellia 44 : CAMELLIA-256-CFB : camellia-256-cfb 1262 1263 # There are no OIDs for these modes... 1264 1265 : CAMELLIA-128-CFB1 : camellia-128-cfb1 1266 : CAMELLIA-192-CFB1 : camellia-192-cfb1 1267 : CAMELLIA-256-CFB1 : camellia-256-cfb1 1268 : CAMELLIA-128-CFB8 : camellia-128-cfb8 1269 : CAMELLIA-192-CFB8 : camellia-192-cfb8 1270 : CAMELLIA-256-CFB8 : camellia-256-cfb8 1271 1272 # Definitions for SEED cipher - ECB, CBC, OFB mode 1273 1274 member-body 410 200004 : KISA : kisa 1275 kisa 1 3 : SEED-ECB : seed-ecb 1276 kisa 1 4 : SEED-CBC : seed-cbc 1277 !Cname seed-cfb128 1278 kisa 1 5 : SEED-CFB : seed-cfb 1279 !Cname seed-ofb128 1280 kisa 1 6 : SEED-OFB : seed-ofb 1281 1282 # There is no OID that just denotes "HMAC" oddly enough... 1283 1284 : HMAC : hmac 1285 # Nor CMAC either 1286 : CMAC : cmac 1287 1288 # Synthetic composite ciphersuites 1289 : RC4-HMAC-MD5 : rc4-hmac-md5 1290 : AES-128-CBC-HMAC-SHA1 : aes-128-cbc-hmac-sha1 1291 : AES-192-CBC-HMAC-SHA1 : aes-192-cbc-hmac-sha1 1292 : AES-256-CBC-HMAC-SHA1 : aes-256-cbc-hmac-sha1 1293
