OID value: 2.16.840.1.101.2.1.0.3
OID description:
MSPDirectoryAdditions {joint-iso-ccitt(2) 16 840 1 101 2 id-infosec(1) id-modules(0) id-directory(3)} DEFINITIONS IMPLICIT TAGS ::= BEGIN IMPORTS -- X.501 The Directory Models OBJECT-CLASS, ATTRIBUTE FROM InformationFramework {joint-iso-ccitt ds(5) modules(1) informationFramework (1) ORName FROM MTSAbstractService {joint-iso-ccitt mhs-motis(6) mts(3) modules(0) mts-abstract-service(1)} octetStringSyntax FROM SelectedAttributeTypes {joint-iso-ccitt ds(5) modules(1) selectedAttributeTypes(5)} AlgorithmIdentifier, Name, SerialNumber, Certificate FROM AuthenticationFramework {joint-iso-ccitt ds(5) modules(1) authentication-framework(7)}; msp-user-sdns OBJECT-CLASS SUBCLASS OF top MUST CONTAIN { } MAY CONTAIN { sdnsKeyManagementCertificate, sdnsUserSignatureCertificate sdnsKMandSigCertificate, auxiliaryVector, janUKMs, febUKMs, marUKMs, aprUKMs, mayUKMs, junUKMs, julUKMs, augUKMs, sepUKMs, octUKMs, novUKMs, decUKMs, snsGuardGateway, algorithmsSupported, suiteAKeyManagementCertificate, suiteAUserSignatureCertificate, suiteAKMandSigCertificate } ::= {id-msp-user-sdns} -- Although each of the UKMs is optional, the msp-user-sdns -- entry should contain the UKMs for the current month. This is not -- a schema constraint. mail-list OBJECT-CLASS SUBCLASS OF top MUST CONTAIN { } MAY CONTAIN { mlid, mlReceiptPolicy, mlMembership, mlAdministrator, mlExemptedAddressProcessor } ::= {id-mail-list} dsa-sdns OBJECT-CLASS SUBCLASS OF dSA MUST CONTAIN { } MAY CONTAIN { sdnsUserSignatureCertificate, sdnsKMandSigCertificate, ::= {id-dsa-sdns} crls-sdns OBJECT-CLASS SUBCLASS of top MUST CONTAIN { } MAY CONTAIN { metaSDNScrl, sdnsCRL, metaSDNSsignatureCRL, sdnsSignatureCRL ::= {id-crls-sdns} -- These are the crls issued by the KMS. -- Meta in this case refers to "later in time", hence the current crl -- or when two universals are active, the CRL from the new universal. ca-sdns OBJECT-CLASS SUBCLASS OF top MUST CONTAIN { } MAY CONTAIN { sdnsCASignatureCertificate, sdnsKMandSigCertificate, sdnsCertificateRevocationList } ::= {id-ca-sdns} strong-authenticate-user-sdns OBJECT-CLASS SUBCLASS OF top MUST CONTAIN { } MAY CONTAIN { sdnsUserSignatureCertificate} ::= {id-strong-auth-user-sdns } msp-user-mosaic OBJECT-CLASS SUBCLASS OF top MUST CONTAIN { } MAY CONTAIN { mosaicKeyManagementCertificate, mosaicUserSignatureCertificate, mosaicKMandSigCertificate, auxiliaryVector, snsGuardGateway, algorithmsSupported} ::= {id-msp-user-mosaic} dsa-mosaic OBJECT-CLASS SUBCLASS OF dSA MUST CONTAIN { } MAY CONTAIN { mosaicKMandSigCertificate, mosaicUserSignatureCertificate ::= {id-dsa-mosaic} ca-mosaic OBJECT-CLASS SUBCLASS OF top MUST CONTAIN { } MAY CONTAIN { mosaicCASignatureCertificate, mosaicKMandSigCertificate mosaicCertificateRevocationList, mosaicKRL} ::= {id-ca-mosaic} strong-authenticate-user-mosaic OBJECT-CLASS SUBCLASS OF top MUST CONTAIN { } MAY CONTAIN { mosaicUserSignatureCertificate} ::= {id-strong-auth-user-mosaic } sdnsKeyManagementCertificate ATTRIBUTE WITH ATTRIBUTE SYNTAX Certificate ::= id-sdnsKeyManagementCertificate sdnsKMandSigCertificate ATTRIBUTE WITH ATTRIBUTE SYNTAX Certificate ::= id-sdnsKMandSigCertificate sdnsUserSignatureCertificate ATTRIBUTE WITH ATTRIBUTE SYNTAX Certificate ::= id-sdnsUserSignatureCertificate auxiliaryVector ATTRIBUTE WITH ATTRIBUTE SYNTAX octetStringSyntax ::= id-auxiliaryVector janUKMs ATTRIBUTE WITH ATTRIBUTE SYNTAX MonthlyUKMs ::= id-janUKMs febUKMs ATTRIBUTE WITH ATTRIBUTE SYNTAX MonthlyUKMs ::= id-febUKMs marUKMs ATTRIBUTE WITH ATTRIBUTE SYNTAX MonthlyUKMs ::= id-marUKMs aprUKMs ATTRIBUTE WITH ATTRIBUTE SYNTAX MonthlyUKMs ::= id-aprUKMs mayUKMs ATTRIBUTE WITH ATTRIBUTE SYNTAX MonthlyUKMs ::= id-mayUKMs junUKMs ATTRIBUTE WITH ATTRIBUTE SYNTAX MonthlyUKMs ::= id-junUKMs julUKMs ATTRIBUTE WITH ATTRIBUTE SYNTAX MonthlyUKMs ::= id-julUKMs augUKMs ATTRIBUTE WITH ATTRIBUTE SYNTAX MonthlyUKMs ::= id-augUKMs sepUKMs ATTRIBUTE WITH ATTRIBUTE SYNTAX MonthlyUKMs ::= id-sepUKMs octUKMs ATTRIBUTE WITH ATTRIBUTE SYNTAX MonthlyUKMs ::= id-octUKMs novUKMs ATTRIBUTE WITH ATTRIBUTE SYNTAX MonthlyUKMs ::= id-novUKMs decUKMs ATTRIBUTE WITH ATTRIBUTE SYNTAX MonthlyUKMs ::= id-decUKMs mlReceiptPolicy ATTRIBUTE WITH ATTRIBUTE SYNTAX MLReceiptPolicy ::= id-mlReceiptPolicy mlMembership ATTRIBUTE WITH ATTRIBUTE SYNTAX ORNameList ::= id-mlMembership mlAdministrators ATTRIBUTE WITH ATTRIBUTE SYNTAX ORNameList ::= id-mlAdministrators mlid ATTRIBUTE WITH ATTRIBUTE SYNTAX Kmid MATCHES FOR EQUALITY ::= id-mlid metaSDNScrl ATTRIBUTE WITH ATTRIBUTE SYNTAX CRLinfo ::= id-metaSDNScrl sdnsCRL ATTRIBUTE WITH ATTRIBUTE SYNTAX CRLinfo ::= id-sdnsCRL metaSDNSsignatureCRL ATTRIBUTE WITH ATTRIBUTE SYNTAX CRLinfo ::= id-metaSDNSsignatureCRL sdnsSignatureCRL ATTRIBUTE WITH ATTRIBUTE SYNTAX CRLinfo ::= id-SDNSsignatureCRL sdnsCASignatureCertificate ATTRIBUTE WITH ATTRIBUTE SYNTAX Certificate ::= id-sdnsCASignatureCertificate sdnsCertificateRevocationList ATTRIBUTE WITH ATTRIBUTE SYNTAX CaCertificateRevocationList ::= id-sdnsCertificateRevocationList mosaicCertificateRevocationList ATTRIBUTE WITH ATTRIBUTE SYNTAX CaCertificateRevocationList ::= id-mosaicCertificateRevocationList mosaicKeyManagementCertificate ATTRIBUTE WITH ATTRIBUTE SYNTAX Certificate ::= id-mosaicKeyManagementCertificate mosaicKMandSigCertificate ATTRIBUTE WITH ATTRIBUTE SYNTAX Certificate ::= id-mosaicKMandSigCertificate mosaicUserSignatureCertificate ATTRIBUTE WITH ATTRIBUTE SYNTAX Certificate ::= id-mosaicUserSignatureCertificate mosaicCASignatureCertificate ATTRIBUTE WITH ATTRIBUTE SYNTAX Certificate ::= id-mosaicCASignatureCertificate mosaicKRL ATTRIBUTE WITH ATTRIBUTE SYNTAX KmidRevocationList ::= id-mosaicKRL mlExemptedAddressProcessor ATTRIBUTE WITH ATTRIBUTE SYNTAX ORName ::= id-mlExemptedAddressProcessor snsGuardGateway ATTRIBUTE WITH ATTRIBUTE SYNTAX NameList ::= id-snsGuardGateway algorithmsSupported ATTRIBUTE WITH ATTRIBUTE SYNTAX AlgorithmList ::= id-algorithmsSupported suiteAKeyManagementCertificate ATTRIBUTE WITH ATTRIBUTE SYNTAX Certificate ::= id-suiteAKeyManagementCertificate suiteAKMandSigCertificate ATTRIBUTE WITH ATTRIBUTE SYNTAX Certificate ::= id-suiteAKMandSigCertificate suiteAUserSignatureCertificate ATTRIBUTE WITH ATTRIBUTE SYNTAX Certificate ::= id-suiteAUserSignatureCertificate -- The following are Attribute Syntaxes. MonthlyUKMs ::= SIGNED SEQUENCE OF UKMEntry UKMEntry ::= SEQUENCE { tag Tag, ukm OCTET STRING } Tag ::= SEQUENCE { kmid Kmid edition INTEGER, date UTCTime } Kmid ::= OCTET STRING MLReceiptPolicy ::= CHOICE { none [0] NULL, insteadOf [1] ORNameList, inAdditionTo [2] ORNameList } ORNameList ::= SEQUENCE OF ORName NameList ::= SEQUENCE OF Name AlgorithmList ::= SEQUENCE OF AlgorithmIdentifier CRLinfo ::= SEQUENCE universalID INTEGER, crl OCTET STRING } CaCertificateRevocationList ::= SIGNED SEQUENCE{ signature AlgorithmIdentifier, issuer Name, lastUpdate UTCTime, nextUpdate UTCTime, revokedCertificates SEQUENCE OF CRLEntry OPTIONAL} CRLEntry ::= SEQUENCE{ userCertificate SerialNumber, revocationDate UTCTime} KmidRevocationList ::= SIGNED SEQUENCE{ signature AlgorithmIdentifier, issuer Name, lastUpdate UTCTime, nextUpdate UTCTime, revokedKmids SEQUENCE OF KRLEntry OPTIONAL} KRLEntry ::= SEQUENCE{ userCertificate Kmid, revocationDate UTCTime} -- Object Identifiers ID ::= OBJECT IDENTIFIER -- hey - this is illegal! -- id-infosec ID ::= -- {joint-iso-ccitt (2) country (16) us (840) organization (1) -- u.s. government (101) dod -- (2) 1} id-infosec ID ::= {joint-iso-ccitt (2) country (16) us (840) organization (1) us-government (101) dod (2) 1} id-modules ID ::= {id-infosec 0} id-algorithms ID ::= {id-infosec 1} id-formats ID ::= {id-infosec 2} id-policy ID ::= {id-infosec 3} id-object-classes ID ::= {id-infosec 4} id-attributes ID ::= {id-infosec 5} id-sdnsSignatureAlgorithm ID ::= {id-algorithms 1} id-mosaicSignatureAlgorithm ID ::= {id-algorithms 2} id-sdnsConfidentialityAlgorithm ID ::= {id-algorithms 3} id-mosaicConfidentialityAlgorithm ID ::= {id-algorithms 4} id-sdnsIntegrityAlgorithm ID ::= {id-algorithms 5} id-mosaicIntegrityAlgorithm ID ::= {id-algorithms 6} id-sdnsTokenProtectionAlgorithm ID ::= {id-algorithms 7} id-mosaicTokenProtectionAlgorithm ID ::= {id-algorithms 8} id-sdnsKeyManagementAlgorithm ID ::= {id-algorithms 9} id-mosaicKeyManagementAlgorithm ID ::= {id-algorithms 10} id-sdnsKMandSigAlgorithms ID ::= {id-algorithms 11} id-mosaicKMandSigAlgorithms ID ::= {id-algorithms 12} id-SuiteASignatureAlgorithm ID ::= {id-algorithms 13} id-SuiteAConfidentialityAlgorithm ID ::= {id-algorithms 14} id-SuiteAIntegrityAlgorithm ID ::= {id-algorithms 15} id-SuiteATokenProtectionAlgorithm ID ::= {id-algorithms 16} id-SuiteAKeyManagementAlgorithm ID ::= {id-algorithms 17} id-SuiteAKMandSigAlgorithms ID ::= {id-algorithms 18} id-mosaicUpdatedSigAlgorithm ID ::= {id-algorithms 19} id-mosaicKMandUpdSigAlgorithms ID ::= {id-algorithms 20} id-mosaicUpdatedIntegAlgorithm ID ::= {id-algorithms 21} id-msp-content-type ID ::= {id-formats 48} id-msp-rev3-content-type ID ::= {id-formats 42} id-msp-rekey-agent-protocol ID ::= {id-formats 49} id-rfc822-message-format ID ::= {id-formats 1} id-empty-content ID ::= {id-formats 2} forwarded-MSP-message-body-part ID ::= {id-formats 72} id-sdns-security-policy-id ID ::= {id-policy 1} id-sdns-prbac-id ID ::= {id-policy 2} id-mosaic-prbac-id ID ::= {id-policy 3} id-msp-user-sdns ID ::= {id-object-classes 1} id-mail-list ID ::= {id-object-classes 2} id-dsa-sdns ID ::= {id-object-classes 3} id-ca-sdns ID ::= {id-object-classes 4} id-crls-sdns ID ::= {id-object-classes 5} id-msp-user-mosaic ID ::= {id-object-classes 6} id-dsa-mosaic ID ::= {id-object-classes 7} id-ca-mosaic ID ::= {id-object-classes 8} -- RESERVED id-krl-mosaic ID ::= {id-object-classes 9} id-strong-auth-user-sdns ID ::= {id-object-classes 10} id-strong-auth-user-mosaic ID ::= {id-object-classes 11} id-sdnsKeyManagementCertificate ID ::= {id-attributes 1} id-sdnsUserSignatureCertificate ID ::= {id-attributes 2} id-sdnsKMandSigCertificate ID ::= {id-attributes 3} id-mosaicKeyManagementCertificate ID ::= {id-attributes 4} id-mosaicKMandSigCertificate ID ::= {id-attributes 5} id-mosaicUserSignatureCertificate ID ::= {id-attributes 6} id-mosaicCASignatureCertificate ID ::= {id-attributes 7} id-sdnsCASignatureCertificate ID ::= {id-attributes 8} id-auxiliaryVector ID ::= {id-attributes 10} id-mlReceiptPolicy ID ::= {id-attributes 11} id-mlMembership ID ::= {id-attributes 12} id-mlAdministrators ID ::= {id-attributes 13} id-mlid ID ::= {id-attributes 14} id-janUKMs ID ::= {id-attributes 20} id-febUKMs ID ::= {id-attributes 21} id-marUKMs ID ::= {id-attributes 22} id-aprUKMs ID ::= {id-attributes 23} id-mayUKMs ID ::= {id-attributes 24} id-junUKMs ID ::= {id-attributes 25} id-julUKMs ID ::= {id-attributes 26} id-augUKMs ID ::= {id-attributes 27} id-sepUKMs ID ::= {id-attributes 28} id-octUKMs ID ::= {id-attributes 29} id-novUKMs ID ::= {id-attributes 30} id-decUKMs ID ::= {id-attributes 31} id-metaSDNScrl ID ::= {id-attributes 40} id-sdnsCRL ID ::= {id-attributes 41} id-metaSDNSsignatureCRL ID ::= {id-attributes 42} id-SDNSsignatureCRL ID ::= {id-attributes 43} id-sdnsCertificateRevocationList ID ::= {id-attributes 44} id-mosaicCertificateRevocationList ID ::= {id-attributes 45} id-mosaicKRL ID ::= {id-attributes 46} id-mlExemptedAddressProcessor ID ::= {id-attributes 47} id-snsGuardGateway ID ::= {id-attributes 48} id-algorithmsSupported ID ::= {id-attributes 49} id-suiteAKeyManagementCertificate ID ::= {id-attributes 50} id-suiteAKMandSigCertificate ID ::= {id-attributes 51} id-suiteAUserSignatureCertificate ID ::= {id-attributes 52} -- END
See also the OID Repository website reference for 2.16.840.1.101.2.1.0.3