]> Update to the Object Identifier Registry for the PKIX Working Group Vigil Security, LLC
516 Dranesville Road Herndon VA 20170 United States of America housley@vigilsec.com
Security Certificate Request Message Format CRMF CRMF Registration Controls Alternate Certificate Formats RFC 7299 describes the object identifiers that were assigned by the Public Key Infrastructure using X.509 (PKIX) Working Group in an arc that was allocated by IANA (1.3.6.1.5.5.7). A small number of object identifiers that were assigned in RFC 4212 are omitted from RFC 7299, and this document updates RFC 7299 to correct that oversight.
Introduction When the Public Key Infrastructure using X.509 (PKIX) Working Group was chartered, an object identifier arc was allocated by IANA for use by that working group. After the PKIX Working Group was closed, RFC 7299 was published to describe the object identifiers that were assigned in that arc. A small number of object identifiers that were assigned in RFC 4212 are not included in RFC 7299, and this document corrects that oversight. The PKIX Certificate Management Protocol (CMP) allocated id-regCtrl-altCertTemplate (1.3.6.1.5.5.7.5.1.7), and then two object identifiers were assigned within that arc , which were intended to be used with either PKIX CMP or PKIX Certificate Management over CMS (CMC) . This document describes the object identifiers that were assigned in that arc, establishes an IANA registry for that arc, and establishes IANA allocation policies for any future assignments within that arc.
IANA Considerations IANA has created a new subregistry.
"SMI Security for PKIX CRMF Registration Controls for Alternate Certificate Formats" Registry Within the "Structure of Management Information (SMI) Numbers (MIB Module Registrations)" registry, IANA has created the "SMI Security for PKIX CRMF Registration Controls for Alternate Certificate Formats" subregistry (1.3.6.1.5.5.7.5.1.7). The initial contents of this subregistry are as follows: New SMI Security for PKIX CRMF Registration Controls for Alternate Certificate Formats Subregistry
Decimal Description References
1 id-acTemplate
2 id-openPGPCertTemplateExt
Future updates to the registry table are to be made according to the Specification Required policy defined in . The expert is expected to ensure that any new values are strongly related to the work that was done by the PKIX Working Group. In particular, additional object identifiers should be needed for use with either the PKIX CMP or PKIX CMC to support alternative certificate formats. Object identifiers for other purposes should not be assigned in this arc.
Security Considerations This document populates an IANA registry, and it raises no new security considerations. The protocols that specify these values include the security considerations associated with their usage.
References Normative References Informative References