From 3e6d558d1b845cf2df31efec08235b15998174d4 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 2 May 2015 21:57:56 -0500 Subject: add authority information access classes --- docs/spelling_wordlist.txt | 1 + docs/x509.rst | 36 ++++++++++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) (limited to 'docs') diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt index b7c4c6c2..badb500c 100644 --- a/docs/spelling_wordlist.txt +++ b/docs/spelling_wordlist.txt @@ -40,6 +40,7 @@ multi naïve namespace namespaces +online paddings pickleable plaintext diff --git a/docs/x509.rst b/docs/x509.rst index 5f36a921..f66178ab 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -719,6 +719,29 @@ X.509 Extensions :returns: A list of values extracted from the matched general names. +.. class:: AuthorityInformationAccess + + .. versionadded:: 0.9 + + The authority information access extension indicates how to access + information and services for the issuer of the certificate in which + the extension appears. Information and services may include online + validation services (such as OCSP) and issuer data. It is an iterable, + containing one or more :class:`AccessDescription` instances. + + +.. class:: AccessDescription + + .. attribute:: access_method + + :type: :class:`ObjectIdentifier` + + Either :data:`OID_OCSP` or :data:`OID_CA_ISSUERS` + + .. attribute:: access_location + + :type: :class:`GeneralName` + Object Identifiers ~~~~~~~~~~~~~~~~~~ @@ -911,6 +934,19 @@ Extended Key Usage OIDs Corresponds to the dotted string ``"1.3.6.1.5.5.7.3.9"``. This is used to denote that a certificate may be used for signing OCSP responses. +Authority Information Access OIDs +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. data:: OID_OCSP + + Corresponds to the dotted string ``"1.3.6.1.5.5.7.48.1"``. Used as the + identifier for OCSP data in :class:`AccessDescription` objects. + +.. data:: OID_CA_ISSUERS + + Corresponds to the dotted string ``"1.3.6.1.5.5.7.48.2"``. Used as the + identifier for CA issuer data in :class:`AccessDescription` objects. + .. _extension_oids: Extension OIDs -- cgit v1.2.3 From f506bca3d2bb449c3889cbbaba11749304e81563 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 2 May 2015 22:31:47 -0500 Subject: updates based on review feedback --- docs/x509.rst | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/x509.rst b/docs/x509.rst index f66178ab..42468626 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -736,12 +736,19 @@ X.509 Extensions :type: :class:`ObjectIdentifier` - Either :data:`OID_OCSP` or :data:`OID_CA_ISSUERS` + The access method defines what the ``access_location`` means. It must + be either :data:`OID_OCSP` or :data:`OID_CA_ISSUERS`. If it is + :data:`OID_OCSP` the access location will be where to obtain OCSP + information for the certificate. If it is :data:`OID_CA_ISSUERS` the + access location will provide additional information about the issuing + certificate. .. attribute:: access_location :type: :class:`GeneralName` + Where to access the information defined by the access method. + Object Identifiers ~~~~~~~~~~~~~~~~~~ -- cgit v1.2.3