3.1.4.1.3.16 OID

The <OID> complex type is used and referenced throughout the X.509 Certificate Enrollment Policy Protocol to identify an object and to provide generic attributes on the object. Each OID object has a specific intended purpose, denoted by the <group> element.

 <xs:complexType name="OID">
   <xs:sequence>
     <xs:element name="value" type="xs:string" />
     <xs:element name="group" type="xs:unsignedInt" />
     <xs:element name="oIDReferenceID" type="xs:int"/>
     <xs:element name="defaultName" type="xs:string" nillable="true" />
     <xs:any namespace="##any" processContents="lax"
       minOccurs="0" maxOccurs="unbounded" />
   </xs:sequence>
 </xs:complexType>

value: The object identifier value (for example, 1.2.3.4).

group: The integer value that identifies the type of object that the OID object represents. The <group> element MUST be one of the following integer values.

Integer value	Meaning
1	Hash algorithm identifier.
2	Encryption algorithm identifier.
3	Public key identifier.
4	Signing algorithm identifier.
5	Relative distinguished name (RDN) identifier.
6	Certificate extension or attribute identifier.
7	Extended key usage identifier.
8	Certificate policy identifier.
9	Enrollment object identifier.

oIDReferenceID: The integer identifier for the OID. The value of <oIDReferenceID> MUST be unique for each unique OID object instance in a GetPoliciesResponse message.

defaultName: A friendly name for the OID object. The <defaultName> element MUST be provided in a GetPoliciesResponse message. The <defaultName> is not localized and has no language specifier.

##any: This element provides a vendor-extensible point. Additional elements MAY be included as part of an OID object instance.