Export (0) Print
Expand All

2.2.3.5.1.5 PnrpClassifiersList

pnrpClassifiersList EXTENSION ::= {
          SYNTAX PnrpClassifiersList
          IDENTIFIED BY id-microsoftp2pgeneral-PeerClassifiers }
id-microsoftp2pgrouping-pnrpClassifersList OBJECT IDENTIFIER ::= 
            { id-microsoftp2ppnrp 5 }
PnrpClassifiersList ::= GeneralNames

PnrpClassifiersList: A set of 0 or more classifiers, each encoded as a GeneralName (as specified in [RFC2459] section 4.2.1.7), which allows a choice of types. The type choice for each name MUST be otherName(0), indicating a subtype of AnotherName, as specified in [RFC2459] section A.2. The type-id of AnotherName MUST be id-microsoftp2pgeneral-PeerClassifiers, and the value MUST be a PnrpClassifier as shown in the following formal language specification. This property MUST exist in all certificates except the first certificate in the chain. A list of 0 classifiers (that is, an empty list) means that all classifiers are legal. The list MUST NOT be empty unless the PnrpRole extension (as specified in section 2.2.3.5.1.4) has a value of either roleAdmin or roleInvitingMember and the previous certificate's classifier list contains an empty classifier ("").

id-microsoftp2pgeneral-PeerClassifiers OBJECT_IDENTIFIER ::=
                    { id-microsoftp2pgeneral 3 }
PnrpClassifier ::= UniversalString (SIZE (1..150))

PnrpClassifier: A classifier string for which permission is delegated to the next certificate in the chain. For every certificate in the chain other than the first certificate, each classifier MUST be one that is a legal delegate (as specified in section 2.2.3.5.1.5.1) based on the same certificate's role, and the previous certificate's classifier list.

 
Show:
© 2014 Microsoft