R: search for PKCS10 extension

Santoni Adriano <adriano.santoni@sia.it> Mon, 02 April 2001 10:32 UTC

Message-ID: <8160937F4F4CD111A93E00805FC1752904AA258B@ntsiaexch.office>
From: Santoni Adriano <adriano.santoni@sia.it>
To: 'Martin Szotkowski' <martin.szotkowski@ica.cz>
Cc: ietf-pkix@imc.org
Subject: R: search for PKCS10 extension
Date: Mon, 02 Apr 2001 12:30:27 +0200
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Precedence: bulk
Content-Transfer-Encoding: 8bit

Martin,

Afaik, there is no "standard" extension to do that. However, Microsoft
defined their own proprietary extension for exactly this purpose, and that
extension usually gets added to the PKCS#10 request if this is generated via
their XENROLL control. The extension has an OID of {1 3 6 1 4 1 311 13 2 2}
(aka ???) and identifies a SEQUENCE of 3 items, one of which is or contains
the Unicode name of the CSP used to generate the keypair.

Btw, it might be interesting to find out what is the inner structure of this
rather obscure Microsoft extension. I'va not been able to find any mention
of it on Microsoft websites.

Adriano

-----Messaggio originale-----
Da: Martin Szotkowski [mailto:martin.szotkowski@ica.cz]
Inviato: venerdì 30 marzo 2001 9.17
A: ietf-pkix@imc.org
Oggetto: search for PKCS10 extension


I will add into PKCS10 request information about source of private key, but
I don't know if some extension exist or if I must create own.

I search for cases:
1. This information will be CSP Name who generate request
2. This information will be SHA1 over the Secret data on hardware token

thanks Martin



*******************Internet Email Confidentiality Footer******************* 
Qualsiasi utilizzo non autorizzato del presente messaggio nonche' dei suoi
allegati e' vietato e potrebbe costituire reato. Se lei ha ricevuto
erroneamente il presente messaggio, Le saremmo grati se, via e-mail, ce ne
comunicasse la ricezione e provvedesse alla distruzione del messaggio stesso
e dei suoi eventuali allegati. Le dichiarazioni contenute nel presente
messaggio nonche' nei suoi eventuali allegati devono essere attribuite
esclusivamente al mittente e non possono essere considerate come trasmesse o
autorizzate da SIA S.p.A.; le medesime dichiarazioni non impegnano SIA
S.p.A. nei confronti del destinatario o di terzi. 
SIA S.p.A. non si assume alcuna responsabilita' per eventuali
intercettazioni, modifiche o danneggiamenti del presente messaggio e-mail. 

Any unauthorized use of this e-mail or any of its attachments is prohibited
and could constitute an offence. If you are not the intended addressee
please advise immediately the sender by using the reply facility in your
e-mail software and destroy the message and its attachments. The statements
and opinions expressed in this e-mail message are those of the author of the
message and do not necessarily represent those of SIA. Besides, The contents
of this message shall be understood as neither given nor endorsed by SIA
S.p.A.. 
SIA S.p.A. does not accept liability for corruption, interception or
amendment, if any, or the consequences thereof.

R: search for PKCS10 extension Santoni Adriano