3.1.2.4.2.2.2.7 Certificate.Template.msPKI-Enrollment-Flag

Artykuł
04/23/2024

The following processing rules are applied to flags in the Certificate.Template.msPKI-Enrollment-Flag datum.

Flag	Client processing
0x00000001	CT_FLAG_INCLUDE_SYMMETRIC_ALGORITHMS The client MUST include a Secure/Multipurpose Internet Mail Extensions (S/MIME), as specified in [RFC4262], in the request. Note that although the flag contains the words "SYMMETRIC ALGORITHMS" as part of its name, it specifies only S/MIME extensions.
0x00008000	CT_FLAG_INCLUDE_BASIC_CONSTRAINTS_FOR_EE_CERTS If this flag is set, the client SHOULD add a Basic Constraints extension (as specified in [RFC3280], section 4.2.1.10) to the certificate request and set the cA field to FALSE. The client SHOULD NOT include the pathLenConstraint field in the Basic Constraints extension. <56>

Flag

Client processing

0x00000001

CT_FLAG_INCLUDE_SYMMETRIC_ALGORITHMS

The client MUST include a Secure/Multipurpose Internet Mail Extensions (S/MIME), as specified in [RFC4262], in the request.

Note that although the flag contains the words "SYMMETRIC ALGORITHMS" as part of its name, it specifies only S/MIME extensions.

0x00008000

CT_FLAG_INCLUDE_BASIC_CONSTRAINTS_FOR_EE_CERTS

If this flag is set, the client SHOULD add a Basic Constraints extension (as specified in [RFC3280], section 4.2.1.10) to the certificate request and set the cA field to FALSE. The client SHOULD NOT include the pathLenConstraint field in the Basic Constraints extension. <56>

Udostępnij za pośrednictwem

3.1.2.4.2.2.2.7 Certificate.Template.msPKI-Enrollment-Flag

Dodatkowe zasoby