-0 : CCITT : ccitt
+# CCITT was renamed to ITU-T quite some time ago
+0 : ITU-T : itu-t
+!Alias ccitt itu-t
1 : ISO : iso
-2 : JOINT-ISO-CCITT : joint-iso-ccitt
+2 : JOINT-ISO-ITU-T : joint-iso-itu-t
+!Alias joint-iso-ccitt joint-iso-itu-t
iso 2 : member-body : ISO Member Body
identified-organization 132 : certicom-arc
-joint-iso-ccitt 23 43 : wap
+joint-iso-itu-t 23 : international-organizations : International Organizations
+
+international-organizations 43 : wap
wap 13 : wap-wsg
-joint-iso-ccitt 5 1 5 : selected-attribute-types : Selected Attribute Types
+joint-iso-itu-t 5 1 5 : selected-attribute-types : Selected Attribute Types
selected-attribute-types 55 : clearance
secg-ellipticCurve 8 : secp160r1
secg-ellipticCurve 30 : secp160r2
secg-ellipticCurve 31 : secp192k1
+# NOTE: the curve secp192r1 is the same as prime192v1 defined above
+# and is therefore omitted
secg-ellipticCurve 32 : secp224k1
secg-ellipticCurve 33 : secp224r1
secg-ellipticCurve 10 : secp256k1
+# NOTE: the curve secp256r1 is the same as prime256v1 defined above
+# and is therefore omitted
secg-ellipticCurve 34 : secp384r1
secg-ellipticCurve 35 : secp521r1
# SECG characteristic two curves OIDs
pkcs1 3 : RSA-MD4 : md4WithRSAEncryption
pkcs1 4 : RSA-MD5 : md5WithRSAEncryption
pkcs1 5 : RSA-SHA1 : sha1WithRSAEncryption
+# According to PKCS #1 version 2.1
+pkcs1 11 : RSA-SHA256 : sha256WithRSAEncryption
+pkcs1 12 : RSA-SHA384 : sha384WithRSAEncryption
+pkcs1 13 : RSA-SHA512 : sha512WithRSAEncryption
+pkcs1 14 : RSA-SHA224 : sha224WithRSAEncryption
pkcs 3 : pkcs3
pkcs3 1 : : dhKeyAgreement
id-pkix 10 : id-aca
id-pkix 11 : id-qcs
id-pkix 12 : id-cct
+id-pkix 21 : id-ppl
id-pkix 48 : id-ad
# PKIX Modules
id-pe 4 : ac-auditEntity
id-pe 5 : ac-targeting
id-pe 6 : aaControls
-id-pe 7 : sbqp-ipAddrBlock
-id-pe 8 : sbqp-autonomousSysNum
-id-pe 9 : sbqp-routerIdentifier
+id-pe 7 : sbgp-ipAddrBlock
+id-pe 8 : sbgp-autonomousSysNum
+id-pe 9 : sbgp-routerIdentifier
id-pe 10 : ac-proxying
!Cname sinfo-access
id-pe 11 : subjectInfoAccess : Subject Information Access
+id-pe 14 : proxyCertInfo : Proxy Certificate Information
# PKIX policyQualifiers for Internet policy qualifiers
id-qt 1 : id-qt-cps : Policy Qualifier CPS
id-cct 2 : id-cct-PKIData
id-cct 3 : id-cct-PKIResponse
+# Predefined Proxy Certificate policy languages
+id-ppl 0 : id-ppl-anyLanguage : Any language
+id-ppl 1 : id-ppl-inheritAll : Inherit all
+id-ppl 2 : id-ppl-independent : Independent
+
# access descriptors for authority info access extension
!Cname ad-OCSP
id-ad 1 : OCSP : OCSP
X500 4 : X509
X509 3 : CN : commonName
-!Cname surname
-X509 4 : SN : surName
+X509 4 : SN : surname
X509 5 : : serialNumber
X509 6 : C : countryName
X509 7 : L : localityName
X509 8 : ST : stateOrProvinceName
+X509 9 : : streetAddress
X509 10 : O : organizationName
X509 11 : OU : organizationalUnitName
X509 12 : : title
X509 13 : : description
+X509 17 : : postalCode
X509 41 : name : name
X509 42 : GN : givenName
X509 43 : : initials
id-ce 24 : invalidityDate : Invalidity Date
!Cname delta-crl
id-ce 27 : deltaCRL : X509v3 Delta CRL Indicator
+!Cname issuing-distribution-point
+id-ce 28 : issuingDistributionPoint : X509v3 Issuing Distrubution Point
+!Cname name-constraints
+id-ce 30 : nameConstraints : X509v3 Name Constraints
!Cname crl-distribution-points
id-ce 31 : crlDistributionPoints : X509v3 CRL Distribution Points
!Cname certificate-policies
id-ce 32 : certificatePolicies : X509v3 Certificate Policies
+!Cname any-policy
+certificate-policies 0 : anyPolicy : X509v3 Any Policy
+!Cname policy-mappings
+id-ce 33 : policyMappings : X509v3 Policy Mappings
!Cname authority-key-identifier
id-ce 35 : authorityKeyIdentifier : X509v3 Authority Key Identifier
!Cname policy-constraints
id-ce 36 : policyConstraints : X509v3 Policy Constraints
!Cname ext-key-usage
id-ce 37 : extendedKeyUsage : X509v3 Extended Key Usage
+!Cname inhibit-any-policy
+id-ce 54 : inhibitAnyPolicy : X509v3 Inhibit Any Policy
!Cname target-information
id-ce 55 : targetInformation : X509v3 AC Targeting
!Cname no-rev-avail
!Cname aes-256-cfb128
aes 44 : AES-256-CFB : aes-256-cfb
+# There are no OIDs for these modes...
+
+ : AES-128-CFB1 : aes-128-cfb1
+ : AES-192-CFB1 : aes-192-cfb1
+ : AES-256-CFB1 : aes-256-cfb1
+ : AES-128-CFB8 : aes-128-cfb8
+ : AES-192-CFB8 : aes-192-cfb8
+ : AES-256-CFB8 : aes-256-cfb8
+ : DES-CFB1 : des-cfb1
+ : DES-CFB8 : des-cfb8
+ : DES-EDE3-CFB1 : des-ede3-cfb1
+ : DES-EDE3-CFB8 : des-ede3-cfb8
+
+# OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84.
+!Alias nist_hashalgs nistAlgorithms 2
+nist_hashalgs 1 : SHA256 : sha256
+nist_hashalgs 2 : SHA384 : sha384
+nist_hashalgs 3 : SHA512 : sha512
+nist_hashalgs 4 : SHA224 : sha224
+
# Hold instruction CRL entry extension
!Cname hold-instruction-code
id-ce 23 : holdInstructionCode : Hold Instruction Code
!Cname hold-instruction-reject
holdInstruction 3 : holdInstructionReject : Hold Instruction Reject
-# OID's from CCITT. Most of this is defined in RFC 1274. A couple of
+# OID's from ITU-T. Most of this is defined in RFC 1274. A couple of
# them are also mentioned in RFC 2247
-ccitt 9 : data
+itu-t 9 : data
data 2342 : pss
pss 19200300 : ucl
ucl 100 : pilot
pilotAttributeType 55 : audio
pilotAttributeType 56 : : documentPublisher
-2 23 42 : id-set : Secure Electronic Transactions
+international-organizations 42 : id-set : Secure Electronic Transactions
id-set 0 : set-ctype : content types
id-set 1 : set-msgExt : message extensions
rsadsi 3 10 : DES-CDMF : des-cdmf
rsadsi 1 1 6 : rsaOAEPEncryptionSET
+
+ : Oakley-EC2N-3 : ipsec3
+ : Oakley-EC2N-4 : ipsec4
projects / openssl.git / blobdiff