From 4e8dacd02ec4c4b8238e5ebdfcd5ab26348ec658 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 9 May 2015 10:38:23 -0500 Subject: separate full_name/relative_name and change reasons to an enumeration --- docs/x509.rst | 49 +++++++++++++++++++++++++++++++++++-------------- 1 file changed, 35 insertions(+), 14 deletions(-) (limited to 'docs/x509.rst') diff --git a/docs/x509.rst b/docs/x509.rst index 9ef8e149..3cf4f905 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -812,11 +812,19 @@ X.509 Extensions .. versionadded:: 0.9 - .. attribute:: distribution_point + .. attribute:: full_name - :type: list of :class:`GeneralName` instances, :class:`Name`, or None + :type: list of :class:`GeneralName` instances or None + + This field describes methods to retrieve the CRL. If this is not None + then ``relative_name`` must be None. + + .. attribute:: relative_name + + :type: :class:`Name` or None - This field describes methods to retrieve the CRL. + This field describes methods to retrieve the CRL relative to the CRL + issuer. If this is not None then ``full_name`` must be None. .. attribute:: crl_issuer @@ -826,7 +834,7 @@ X.509 Extensions .. attribute:: reasons - :type: :class:`ReasonFlags` or None + :type: list of :class:`ReasonFlags` or None The reasons a given distribution point may be used for when performing revocation checks. @@ -835,40 +843,53 @@ X.509 Extensions .. versionadded:: 0.9 - This class holds reasons a distribution point may be used for when - performing revocation checks. + An enumeration for CRL reasons. + + .. attribute:: unspecified + + It is unspecified why the certificate was revoked. This reason cannot + be used as a reason flag in a :class:`DistributionPoint`. .. attribute:: key_compromise - :type: bool + This reason indicates that the private key was compromised. .. attribute:: ca_compromise - :type: bool + This reason indicates that the CA issuing the certificate was + compromised. .. attribute:: affiliation_changed - :type: bool + This reason indicates that the subject's name or other information has + changed. .. attribute:: superseded - :type: bool + This reason indicates that a certificate has been superseded. .. attribute:: cessation_of_operation - :type: bool + This reason indicates that the certificate is no longer required. .. attribute:: certificate_hold - :type: bool + This reason indicates that the certificate is on hold. .. attribute:: privilege_withdrawn - :type: bool + This reason indicates that the privilege granted by this certificate + have been withdrawn. .. attribute:: aa_compromise - :type: bool + When an attribute authority has been compromised. + + .. attribute:: remove_from_crl + + This reason indicates that the certificate was on hold and should be + removed from the CRL. This reason cannot be used as a reason flag + in a :class:`DistributionPoint`. Object Identifiers ~~~~~~~~~~~~~~~~~~ -- cgit v1.2.3