Events
Nov 19, 11 PM - Nov 21, 11 PM
Join online sessions at Microsoft Ignite created to expand your skills and help you tackle today's complex issues.
Register nowThis browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
PNRP defines several X.509 certificate extensions (see [MS-PNRP] section 2.2.3.5), and also defines certificate chain validation rules (see [MS-PNRP] section 2.2.3.5). All certificates and certificate chains used in P2P Grouping MUST follow the PNRP rules, with some additional constraints described below.
The following figure shows the required fields for each certificate type.
Figure 2: Required fields for each certificate type
szOID_PEERNET_CERT_TYPE: P2P Grouping certificate types map to PnrpCertificateTypes ([MS-PNRP] section 2.2.3.5.1.1) as follows.
Value |
Meaning |
---|---|
certTypeMember (0x00000001) |
This value MUST be used for a Group Membership Certificate (GMC). |
certTypeRoot (0x00000002) |
This value MUST be used for a Group Root Certificate (GRC). |
certTypeIdentity (0x00000003) |
This value MUST be used for an IDC. |
szOID_SUBJECT_ALT_NAME: As defined in [MS-PNRP] section 2.2.3.5.1.
szOID_ISSUER_ALT_NAME: As defined in [MS-PNRP] section: 2.2.3.5.1
szOID_PEERNET_GROUPING_PEERNAME:
Sz_OID_PEERNET_GROUPING_PEERNAME |
Usage |
Description |
---|---|---|
1.3.6.1.4.1.311.44.3.1 |
The PeerName of the Group |
The PnrpPeerName extension ([MS-PNRP] section 2.2.3.5.1.3) is used to store the Peer Name of the Group to which the certificate belongs. This extension is used to validate the certificate and the certificate chain for a Group, as specified in sections 2.2.5.2 and 2.2.5.2. |
szOID_PEERNET_IDENTITY_FLAGS:
Sz_OID_PEERNET_IDENTITY_FLAGS |
Usage |
Description |
---|---|---|
1.3.6.1.4.1.311.44.2.2 |
Flags associated with the Group |
A DWORD value representing the Flags associated with the IDC. This value MUST be 0. |
szOID_PEERNET_GROUPING_FLAGS:
Sz_OID_PEERNET_GROUPING_FLAGS |
Usage |
Description |
---|---|---|
1.3.6.1.4.1.311.44.3.2 |
Flags associated with the Group |
A DWORD value representing the Flags associated with a GRC or a GMC. This value MUST be 0. |
szOID_PEERNET_GROUPING_ROLES:
Sz_OID_PEERNET_GROUPING_ROLES |
Usage |
Description |
---|---|---|
1.3.6.1.4.1.311.44.3.3 |
List of roles associated with Group Peer name |
A list of roles, as specified in [MS-PNRP] (section 2.2.3.5.1.4). |
szOID_PEERNET_GROUPING_CLASSIFIERS:
Sz_OID_PEERNET_GROUPING_CLASSIFIERS |
Usage |
Description |
---|---|---|
1.3.6.1.4.1.311.44.3.5 |
List of allowed classifiers for the Group Peer name |
A list of allowed classifiers, as specified in ([MS-PNRP] section 2.2.3.5.1.5). |
Events
Nov 19, 11 PM - Nov 21, 11 PM
Join online sessions at Microsoft Ignite created to expand your skills and help you tackle today's complex issues.
Register now