Add to collection(s) Add to saved
  1. No category

Standard Client Certificate Profile

advertisement 
Certificate Profile
InCommon Standard Client CA
Version 0.9
January 24, 2011
Field
Name
Value
Example
Explanation
Version
0x2
0x2
Version 3
certificates are
specified
Serial
Number
a unique
integer
334
Managed by
Comodo
Signature
Algorithm
SHA1/RSA
Issuer
DN
Validity
Subject
Time
DN
SHA1/RSA is
specified.
cn=InCommon Standard Assurance Client CA,
ou=InCommon, o=Internet2, c=US
Not valid before: present date/time minus one hour
Not valid after: current date plus 1, 2, 3, or 4 years
Managed by
Comodo; validity
period specified
by institution
Where
youruniversity.e
du is maintained
and specified by
InCommon on a
per-school
basis. The
“Name of
Institution” is a
token that is
verified and
E=jas@youruniversity.edu, cn=Joe A. Smith, ou=optional, approved by
L=optional, ST=optional, o=Name of Institution, c=US InCommon. L,
ST, and ou are
optional and
specified by the
institution. cn is
required,
specified by the
institution, is not
verified by
InCommon. The
email address is
optional.
Public
2048 bit RSA
Page 1 of 3
Key
key
Key
Usage
Basic
Constraint
s
Digital Signature and/or Key Encipherment
CA=false
No Path
Length
constraint
CA=false
This extension is
to be marked
critical. The
Institution
specifies if either
or both of these
values are
asserted.
This extension is
to be marked
critical
CRL
Distributio
n Points
As specified by
InCommon
Certificati
on Policy
1.3.6.1.4.1.5923.1.4.3.3.0.1
InCommon OID.
For reference,
see
incommon.org/oi
ds
jas@youruniversity.edu
Where
youruniversity.e
du is approved
and specified by
InCommon.
unique-identifier@youruniversity.edu
Where
youruniversity.e
du is approved
and specified by
InCommon.
Microsoft PKIenabled
applications
(e.g., EAP-TLS
wireless
authentication)
work better if
this extension is
present in end
user certificates.
OID
RFC822Na
me
Subject
Alt Name
Other Name
/
Principal
Name
CPS
Pointer
URI
Authority
Key
Identifier
KeyID
Location
https://www.incommon.org/cert/repository/cps_standard_cl
specified by
ient.pdf
InCommon
KeyID field only
Page 2 of 3
Subject
Key
Identifier
KeyID
KeyID field only
Client
Enhanced Authenticati
Key
on and
Usage
Secure
Email
Authority
Info
Access
Subject
Informatio
n Access
This extension is
not to be marked
critical
OCSP specified
by InCommon
CA Issuer URI
specified by
InCommon
OCSP
Pointer
and CA
Issuer URI
Optional per
school; not
verified by
InCommon
URI
Page 3 of 3
Related documents
Libraries Combine to Develop Shibboleth-EZproxy Hybrid
Libraries Combine to Develop Shibboleth-EZproxy Hybrid
InCommon Overview
InCommon Overview
pptx - Common Solutions Group
pptx - Common Solutions Group
InCommon Federation - Jack Suess, University of Maryland
InCommon Federation - Jack Suess, University of Maryland
Identity & Access Managment Federations
Identity & Access Managment Federations
CAMP Notes – Lightning Talks Monday, June 21, 2010 Federated
CAMP Notes – Lightning Talks Monday, June 21, 2010 Federated
IAM Overview and Self
IAM Overview and Self
CSG Short Workshop: InCommon Silver
CSG Short Workshop: InCommon Silver
Federated Identity & Authentication Workshop Presentation
Federated Identity & Authentication Workshop Presentation
doc - Infrastructure Services
doc - Infrastructure Services
InCommon Grows Up
InCommon Grows Up
StreamliningCollaborationSummit2013
StreamliningCollaborationSummit2013
officer/employee commendation form
officer/employee commendation form
The State Of TIER
The State Of TIER
INT2 ISSUES - JKrienke and AWest - 25SEP2013
INT2 ISSUES - JKrienke and AWest - 25SEP2013
Shibboleth and uApprove at University of Michigan
Shibboleth and uApprove at University of Michigan
I2-RemoteProofingv
I2-RemoteProofingv
Addendum to the InCommon Federation Participation Agreement
Addendum to the InCommon Federation Participation Agreement
Download
advertisement