AuthenticationFramework {joint-iso-itu-t ds(5) module(1) authenticationFramework(7) 4} DEFINITIONS ::=
BEGIN
-- based on RFC 3280 and X.509

Certificate ::=	SEQUENCE {
	toBeSigned TBSCertificate,
	signatureAlgorithm AlgorithmIdentifier,
	signature BIT STRING
}

TBSCertificate ::= SEQUENCE {
		version [0] Version DEFAULT v1,
		serialNumber CertificateSerialNumber,
		signature AlgorithmIdentifier,
		issuer Name,
		validity Validity,
		subject Name,
		subjectPublicKeyInfo SubjectPublicKeyInfo,
		issuerUniqueIdentifier [1] IMPLICIT UniqueIdentifier OPTIONAL,
		-- if present, version shall be v2 or v3
		subjectUniqueIdentifier [2] IMPLICIT UniqueIdentifier OPTIONAL,
		-- if present, version shall be v2 or v3
		extensions [3] Extensions OPTIONAL
		-- If present, version shall be v3 -- }

Version ::= INTEGER { v1(0), v2(1), v3(2) }

CertificateSerialNumber ::= INTEGER

AlgorithmIdentifier ::= SEQUENCE {
	algorithm	OBJECT IDENTIFIER,
	parameters	ANY DEFINED BY algorithm OPTIONAL -- DSA, SHA-1--
}

Name ::= CHOICE {
	rdnSequence RDNSequence }

RDNSequence ::= SEQUENCE OF RelativeDistinguishedName

RelativeDistinguishedName ::= SET OF AttributeTypeAndValue

AttributeTypeAndValue ::= SEQUENCE {
	type     AttributeType,
	value    ANY DEFINED BY type}

AttributeType ::= OBJECT IDENTIFIER

Validity ::= SEQUENCE {
	notBefore Time,
	notAfter Time }

UniqueIdentifier  ::=  BIT STRING

SubjectPublicKeyInfo ::= SEQUENCE {
	algorithm AlgorithmIdentifier,
	subjectPublicKey BIT STRING }

Time ::= CHOICE {
	utcTime UTCTime,
	generalizedTime GeneralizedTime }

Extensions ::= SEQUENCE SIZE(1..MAX) OF Extension

Extension ::= SEQUENCE {
	extnID	OBJECT IDENTIFIER,
	critical BOOLEAN DEFAULT FALSE,
	extnValue OCTET STRING
-- contains a DER encoding of a value of type &ExtnType
-- for the extension object identified by extnId --
}

nullOid OBJECT-TYPE
	SYNTAX	NULL
	ACCESS read-write
	STATUS mandatory
	::= { 1 2 840 113549 1 1 4 }

nullOid2 OBJECT-TYPE
	SYNTAX	NULL
	ACCESS read-write
	STATUS mandatory
	::= { 1 2 840 113549 1 1 1 }

nullOid3 OBJECT-TYPE
	SYNTAX	NULL
	ACCESS read-write
	STATUS mandatory
	::= { 1 2 840 113549 1 1 5 }

printableStringOid OBJECT-TYPE
	SYNTAX PrintableString
	ACCESS read-write
	STATUS mandatory
	::= { 2 5 4 3 }

printableStringOid2 OBJECT-TYPE
	SYNTAX PrintableString
	ACCESS read-write
	STATUS mandatory
	::= { 2 5 4 6 }    

printableStringOid3 OBJECT-TYPE
	SYNTAX PrintableString
	ACCESS read-write
	STATUS mandatory
	::= { 2 5 4 7 }

printableStringOid4 OBJECT-TYPE
	SYNTAX PrintableString
	ACCESS read-write
	STATUS mandatory
	::= { 2 5 4 8 }    

printableStringOid5 OBJECT-TYPE
	SYNTAX PrintableString
	ACCESS read-write
	STATUS mandatory
	::= { 2 5 4 10 }    

printableStringOid6 OBJECT-TYPE
	SYNTAX PrintableString
	ACCESS read-write
	STATUS mandatory
	::= { 2 5 4 11 }

printableStringOid7 OBJECT-TYPE
	SYNTAX PrintableString
	ACCESS read-write
	STATUS mandatory
	::= { 0 9 2342 19200300 100 1 3 }


iA5StringOid OBJECT-TYPE
	SYNTAX IA5String
	ACCESS read-write
	STATUS mandatory
	::= { 1 2 840 113549 1 9 1 }

octetStringOid OBJECT-TYPE
	SYNTAX OCTET STRING
	ACCESS read-write
	STATUS mandatory
	::= { 2 5 29 19 }

octetStringOid2 OBJECT-TYPE
	SYNTAX OCTET STRING
	ACCESS read-write
	STATUS mandatory
	::= { 2 16 840 1 113730 1 13 }

octetStringOid3 OBJECT-TYPE
	SYNTAX OCTET STRING
	ACCESS read-write
	STATUS mandatory
	::= { 2 5 29 14 }

octetStringOid4 OBJECT-TYPE
	SYNTAX OCTET STRING
	ACCESS read-write
	STATUS mandatory
	::= { 2 5 29 21 }

octetStringOid5 OBJECT-TYPE
	SYNTAX OCTET STRING
	ACCESS read-write
	STATUS mandatory
	::= { 2 5 29 20 }

octetStringOid7 OBJECT-TYPE
	SYNTAX OCTET STRING
	ACCESS read-write
	STATUS mandatory
	::= { 2 5 29 28 }

END