x509 certificate oids

In this blog we will look at common  oid for  certificates. These are defined and well known. 1st  these are defined under x509 v3 extension fields. The ISO ( International Standards Organization )  has set oid that are defined.

These are  a few common oids (  see  highlight arrows )

To find the certificate type and oid, most browsers let's you expand  the certificate details. Here's our friends at the NSA.gov

The 1.3.6.1.5.5.7  falls under PKIX


OID value: 1.3.6.1.5.5.7
OID description:
Top of the PKIX OID tree


And the next .3 is for    "extended key purpose"

Subsidiary references (single level)

• 1.3.6.1.5.5.7.3.1 - id_kp_serverAuth
• 1.3.6.1.5.5.7.3.2 - id_kp_clientAuth
• 1.3.6.1.5.5.7.3.3 - id_kp_codeSigning
• 1.3.6.1.5.5.7.3.4 - id_kp_emailProtection
• 1.3.6.1.5.5.7.3.5 - id-kp-ipsecEndSystem
• 1.3.6.1.5.5.7.3.6 - id-kp-ipsecTunnel
• 1.3.6.1.5.5.7.3.7 - id-kp-ipsecUser
• 1.3.6.1.5.5.7.3.8 - id_kp_timeStamping
• 1.3.6.1.5.5.7.3.9 - OCSPSigning
• 1.3.6.1.5.5.7.3.19 - Control And Provisioning of Wireless Access Points, Wireless Termination Points 

 http://www.alvestrand.no/objectid/1.3.6.1.5.5.7.3.html


NOTE: the listing is not completed and numerous other  oid exist for  extended key usage

NSE ( network security expert) and Route/Switching Engineer

kfelix  -----a----t---- socpuppets ---dot---com

     ^      ^

=(  @  @ )=

         o 

        /  \