From e1513fa0b801e1fce989316575a97bb5b69bb81a Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 30 Mar 2015 23:08:17 -0500 Subject: support the EKU OIDs specified in RFC 5280 section 4.2.1.12 --- docs/x509.rst | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) (limited to 'docs') diff --git a/docs/x509.rst b/docs/x509.rst index dbfb441b..d8fce976 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -633,6 +633,39 @@ Signature Algorithm OIDs Corresponds to the dotted string ``"2.16.840.1.101.3.4.3.2"``. This is a SHA256 digest signed by a DSA key. +Extended Key Usage OIDs +~~~~~~~~~~~~~~~~~~~~~~~ + +.. data:: OID_SERVER_AUTH + + Corresponds to the dotted string ``"1.3.6.1.5.5.7.3.1"``. This is used to + denote that a certificate may be used for TLS web server authentication. + +.. data:: OID_CLIENT_AUTH + + Corresponds to the dotted string ``"1.3.6.1.5.5.7.3.2"``. This is used to + denote that a certificate may be used for TLS web client authentication. + +.. data:: OID_CODE_SIGNING + + Corresponds to the dotted string ``"1.3.6.1.5.5.7.3.3"``. This is used to + denote that a certificate may be used for code signing. + +.. data:: OID_EMAIL_PROTECTION + + Corresponds to the dotted string ``"1.3.6.1.5.5.7.3.4"``. This is used to + denote that a certificate may be used for email protection. + +.. data:: OID_TIME_STAMPING + + Corresponds to the dotted string ``"1.3.6.1.5.5.7.3.8"``. This is used to + denote that a certificate may be used for time stamping. + +.. data:: OID_OCSP_SIGNING + + Corresponds to the dotted string ``"1.3.6.1.5.5.7.3.9"``. This is used to + denote that a certificate may be used for signing OCSP responses. + .. _extension_oids: Extension OIDs -- cgit v1.2.3