Das Fachgebiet “Theoretische Informatik – Kryptographie und Computeralgebra” (CDC) der Informatik hat die folgenden OIDS definiert, die alle die 1.3.6.1.4.1.8301.3 am Anfang (OID des CDC selbst) gemeinsam haben:
| OID | Bedeutung |
|---|---|
| 1.3.6.1.4.1.8301.3.1 | Cryptographic algorithms |
| 1.3.6.1.4.1.8301.3.1.1 | Imaginary quadratic field cryptography |
| 1.3.6.1.4.1.8301.3.1.1.1 | IQDSA key representation |
| 1.3.6.1.4.1.8301.3.1.1.2 | SHA1withIQDSA signature algorithm |
| 1.3.6.1.4.1.8301.3.1.1.3 | RIPEMD160withIQDSA signature algorithm |
| 1.3.6.1.4.1.8301.3.1.1.4 | IQGQ key representation |
| 1.3.6.1.4.1.8301.3.1.1.5 | SHA1withIQGQ signature algorithm |
| 1.3.6.1.4.1.8301.3.1.1.6 | RIPEMD160withIQGQ signature algorithm |
| 1.3.6.1.4.1.8301.3.1.1.7 | IQRDSA key representation |
| 1.3.6.1.4.1.8301.3.1.1.8 | SHA1withIQRDSA signature algorithm |
| 1.3.6.1.4.1.8301.3.1.1.9 | RIPEMD160withIQRDSA signature algorithm |
| 1.3.6.1.4.1.8301.3.1.2 | Elliptic curve cryptography |
| 1.3.6.1.4.1.8301.3.1.2.1 | ECNR key representation |
| 1.3.6.1.4.1.8301.3.1.2.2 | ECNR with SHA1 signature algorithm |
| 1.3.6.1.4.1.8301.3.1.2.9 | P |
| 1.3.6.1.4.1.8301.3.1.2.9.0 | Prefix for Elliptic Curves over PrimeFields generated byComplex Multiplication |
| 1.3.6.1.4.1.8301.3.1.2.9.0.1 | primeCurve 1 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.2 | primeCurve 2 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.3 | primeCurve 3 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.4 | primeCurve 4 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.5 | primeCurve 5 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.6 | primeCurve 6 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.7 | primeCurve 7 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.8 | primeCurve 8 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.9 | primeCurve 9 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.10 | primeCurve 10 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.11 | primeCurve 11 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.12 | primeCurve 12 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.13 | primeCurve 13 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.14 | primeCurve 14 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.15 | primeCurve 15 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.16 | primeCurve 16 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.17 | primeCurve 17 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.18 | primeCurve 18 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.19 | primeCurve 19 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.20 | primeCurve 20 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.21 | primeCurve 21 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.22 | primeCurve 22 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.23 | primeCurve 23 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.24 | primeCurve 24 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.25 | primeCurve 25 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.26 | primeCurve 26 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.27 | primeCurve 27 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.28 | primeCurve 28 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.29 | primeCurve 29 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.30 | primeCurve 30 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.31 | primeCurve 31 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.32 | primeCurve 32 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.33 | primeCurve 33 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.34 | primeCurve 34 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.35 | primeCurve 35 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.36 | primeCurve 36 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.37 | primeCurve 37 |
| 1.3.6.1.4.1.8301.3.1.2.9.0.38 | primeCurve 38 |
| 1.3.6.1.4.1.8301.3.1.3 | Quantum-immune cryptography |
| 1.3.6.1.4.1.8301.3.1.3.1 | One-time signature schemes |
| 1.3.6.1.4.1.8301.3.1.3.1.1 | Merkle one-time signature algorithm |
| 1.3.6.1.4.1.8301.3.1.3.1.1.1 | Merkle OTS with SHA1 and SHA1PRNG |
| 1.3.6.1.4.1.8301.3.1.3.1.1.2 | Merkle OTS with SHA256 and SHA1PRNG |
| 1.3.6.1.4.1.8301.3.1.3.1.1.3 | Merkle OTS with SHA384 and SHA1PRNG |
| 1.3.6.1.4.1.8301.3.1.3.1.1.4 | Merkle OTS with SHA512 and SHA1PRNG |
| 1.3.6.1.4.1.8301.3.1.3.1.2 | Coronado one-time signature algorithm |
| 1.3.6.1.4.1.8301.3.1.3.1.2.1 | Coronado OTS with SHA1 and SHA1PRNG |
| 1.3.6.1.4.1.8301.3.1.3.1.2.2 | Coronado OTS with SHA256 and SHA1PRNG |
| 1.3.6.1.4.1.8301.3.1.3.1.2.3 | Coronado OTS with SHA384 and SHA1PRNG |
| 1.3.6.1.4.1.8301.3.1.3.1.2.4 | Coronado OTS with SHA512 and SHA1PRNG |
| 1.3.6.1.4.1.8301.3.1.3.1.3 | Winternitz one-time signature algorithm |
| 1.3.6.1.4.1.8301.3.1.3.1.4 | Lyubashevsky-Miccancio one-time signature algorithm |
| 1.3.6.1.4.1.8301.3.1.3.2 | CMSS |
| 1.3.6.1.4.1.8301.3.1.3.2.1 | CMSS with SHA1 and Winternitz OTS (w=1) |
| 1.3.6.1.4.1.8301.3.1.3.2.2 | CMSS with SHA1 and Winternitz OTS (w=2) |
| 1.3.6.1.4.1.8301.3.1.3.2.3 | CMSS with SHA1 and Winternitz OTS (w=3) |
| 1.3.6.1.4.1.8301.3.1.3.2.4 | CMSS with SHA1 and Winternitz OTS (w=4) |
| 1.3.6.1.4.1.8301.3.1.3.2.5 | CMSS with SHA256 and Winternitz OTS (w=1) |
| 1.3.6.1.4.1.8301.3.1.3.2.6 | CMSS with SHA256 and Winternitz OTS (w=2) |
| 1.3.6.1.4.1.8301.3.1.3.2.7 | CMSS with SHA256 and Winternitz OTS (w=3) |
| 1.3.6.1.4.1.8301.3.1.3.2.8 | CMSS with SHA256 and Winternitz OTS (w=4) |
| 1.3.6.1.4.1.8301.3.1.3.2.9 | CMSS with SHA384 and Winternitz OTS (w=1) |
| 1.3.6.1.4.1.8301.3.1.3.2.10 | CMSS with SHA384 and Winternitz OTS (w=2) |
| 1.3.6.1.4.1.8301.3.1.3.2.11 | CMSS with SHA384 and Winternitz OTS (w=3) |
| 1.3.6.1.4.1.8301.3.1.3.2.12 | CMSS with SHA384 and Winternitz OTS (w=4) |
| 1.3.6.1.4.1.8301.3.1.3.2.13 | CMSS with SHA512 and Winternitz OTS (w=1) |
| 1.3.6.1.4.1.8301.3.1.3.2.14 | CMSS with SHA512 and Winternitz OTS (w=2) |
| 1.3.6.1.4.1.8301.3.1.3.2.15 | CMSS with SHA512 and Winternitz OTS (w=3) |
| 1.3.6.1.4.1.8301.3.1.3.2.16 | CMSS with SHA512 and Winternitz OTS (w=4) |
| 1.3.6.1.4.1.8301.3.1.3.3 | GMSS |
| 1.3.6.1.4.1.8301.3.1.3.3.1 | GMSS with SHA1 |
| 1.3.6.1.4.1.8301.3.1.3.3.2 | GMSS with SHA224 |
| 1.3.6.1.4.1.8301.3.1.3.3.3 | GMSS with SHA256 |
| 1.3.6.1.4.1.8301.3.1.3.3.4 | GMSS with SHA384 |
| 1.3.6.1.4.1.8301.3.1.3.3.5 | GMSS with SHA512 |
| 1.3.6.1.4.1.8301.3.1.3.4 | Cryptography based on error-correcting codes |
| 1.3.6.1.4.1.8301.3.1.3.4.1 | McEliece PKCS |
| 1.3.6.1.4.1.8301.3.1.3.4.2 | McEliece CCA2 conversions |
| 1.3.6.1.4.1.8301.3.1.3.4.2.1 | McEliece Fujisaki PKCS |
| 1.3.6.1.4.1.8301.3.1.3.4.2.2 | McEliece Pointcheval PKCS |
| 1.3.6.1.4.1.8301.3.1.3.4.2.3 | McEliece Kobara-Imai PKCS |
| 1.3.6.1.4.1.8301.3.1.3.4.3 | Niederreiter PKCS |
| 1.3.6.1.4.1.8301.3.1.3.4.3.1 | Niederreiter encryption scheme |
| 1.3.6.1.4.1.8301.3.1.3.4.3.2 | Niederreiter signature (CFS signature) |
| 1.3.6.1.4.1.8301.3.1.3.5 | Multivariate-based Cryptography |
| 1.3.6.1.4.1.8301.3.1.3.5.1 | Quartz Signature Scheme |
| 1.3.6.1.4.1.8301.3.1.3.5.2 | Rainbow Signature Scheme |
| 1.3.6.1.4.1.8301.3.1.3.6 | Lattice-based Cryptography |
| 1.3.6.1.4.1.8301.3.1.3.6.1 | GPV Signature Scheme |
| 1.3.6.1.4.1.8301.3.1.3.6.2 | Bonsai-GPV Signature Scheme |
| 1.3.6.1.4.1.8301.3.2 | Applications |
| 1.3.6.1.4.1.8301.3.2.1 | JCash |
| 1.3.6.1.4.1.8301.3.2.2 | FlexiTrust |
| 1.3.6.1.4.1.8301.3.2.2.1 | LDAP OIDs |
| 1.3.6.1.4.1.8301.3.2.2.1.1 | hashOID |
| 1.3.6.1.4.1.8301.3.2.2.1.2 | revocationPasswordHash |
| 1.3.6.1.4.1.8301.3.2.2.1.3 | profile |
| 1.3.6.1.4.1.8301.3.2.2.1.4 | internalCertificate |
| 1.3.6.1.4.1.8301.3.2.2.1.5 | externalCertificate |
| 1.3.6.1.4.1.8301.3.2.2.1.6 | pkiUserManagement |
| 1.3.6.1.4.1.8301.3.2.2.1.7 | userEncryptedPassword |
| 1.3.6.1.4.1.8301.3.3 | Management functions |
| 1.3.6.1.4.1.8301.3.3.1 | Multiple Signed CRLs |
| 1.3.6.1.4.1.8301.3.3.2 | Update Management Protocol (UMP) |
| 1.3.6.1.4.1.8301.3.4 | Certification policies |
| 1.3.6.1.4.1.8301.3.4.1 | Fail-safe PKI policy |
| 1.3.6.1.4.1.8301.3.4.2 | LiDIA CA policy |
| 1.3.6.1.4.1.8301.3.4.3 | CAST e.V. CA policy |
| 1.3.6.1.4.1.8301.3.5 | X.509 Certificate extensions for specifying validity models |
| 1.3.6.1.4.1.8301.3.5.1 | Chain Model |
| 1.3.6.1.4.1.8301.3.5.2 | Shell Model |
| 1.3.6.1.4.1.8301.3.6 | LDAP extensions |
| 1.3.6.1.4.1.8301.3.6.1 | LDAP attributes |
| 1.3.6.1.4.1.8301.3.6.1.1 | signatureRenewal |
| 1.3.6.1.4.1.8301.3.6.1.2 | signatureRenewals |
| 1.3.6.1.4.1.8301.3.6.2 | LDAP objectclasses |
| 1.3.6.1.4.1.8301.3.6.2.1 | signatureRenewalClass |
| 1.3.6.1.4.1.8301.3.7 | Policies |
| 1.3.6.1.4.1.8301.3.7.1 | sigg-signature-renewal-policy |
| 1.3.6.1.4.1.8301.3.8 | PKI |
| 1.3.6.1.4.1.8301.3.8.1 | SCVP Notification Extensions |
| 1.3.6.1.4.1.8301.3.8.1.1 | SCVP Notification Extension |
| 1.3.6.1.4.1.8301.3.8.1.2 | SCVP Notification Client Extension (for use with extended key usage) |
X.509 Certificate extensions for specifying validity models
1.3.6.1.4.1.8301.3.5 – X.509 Certificate extensions for specifying validity models:
The validity model extension is a private extension for X.509v3 certificates. It is used to indicate the validity model used for certificate validation. With this extension, it is possible to identify different validity models. Two different validity models are supported: the chain model and the shell model. Basically, other models are conceivable, but are not specified here.
id-validityModel 1.3.6.1.4.1.8301.3.5
This OID defines the validity model extension. It has the following ASN.1 syntax:
ValidityModel::= SEQUENCE { validityModelId OBJECT IDENTIFIER validityModelInfo ANY DEFINED BY validityModelId OPTIONAL }
Currently, two values (OIDs) are defined for the field validityModelId:
- Chain model: id-validityModel-chain 1.3.6.1.4.1.8301.3.5.1
This OID informs the client validating a certificate chain that the chain model shall be used for the validation. In the chain model, a signature (of a document or certificate) is valid if the certificate certifying the signature key was valid at the time the signature was generated. - Shell model: id-validityModel-shell 1.3.6.1.4.1.8301.3.5.2
This OID informs the client validating a certificate chain that the shell model shall be used for the validation. In the shell model, a signature (of a document or certificate) is valid if the certificate certifying the signature key is valid at the time of the validation.
The validityModelId types defined above are used without the additional validityModelInfo field (i.e., the field is chosen as null).
