From 0d21092b1342128cb6568f20d3d5b9ae12009ec0 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 28 Apr 2015 17:31:07 -0500 Subject: add some docs --- docs/x509.rst | 63 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) (limited to 'docs') diff --git a/docs/x509.rst b/docs/x509.rst index 86673e3b..e4d0cd87 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -892,6 +892,69 @@ X.509 Extensions removed from the CRL. This reason cannot be used as a reason flag in a :class:`DistributionPoint`. +.. class:: CertificatePolicies + + .. versionadded:: 0.9 + + The certificate policies extension is a list of one or more + :class:`PolicyInformation` instances. The object is iterable to get every + instance. + +Certificate Policies Classes +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +These classes may be present within a :class:`CertificatePolicies` instance. + +.. class:: PolicyInformation + + .. versionadded:: 0.9 + + Contains a policy identifier and an optional list of qualifiers. + + .. attribute:: policy_identifier + + :type: :class:`ObjectIdentifier` + + .. attribute:: policy_qualifiers + + :type: list + + A list of :class:`PolicyQualifierInfo` objects. + +.. class:: PolicyQualifierInfo + + .. versionadded:: 0.9 + + .. attribute:: qualifier + + :type: :term:`text` or :class:`UserNotice` + +.. class:: UserNotice + + .. versionadded:: 0.9 + + .. attribute:: notice_reference + + :type: :class:`NoticeReference` or None + + .. attribute:: explicit_text + + :type: :term:`text` + +.. class:: NoticeReference + + .. versionadded:: 0.9 + + .. attribute:: organization + + :type: :term:`text` or None + + .. attribute :: notice_numbers + + :type: list or None + + A list of integers or None. + Object Identifiers ~~~~~~~~~~~~~~~~~~ -- cgit v1.2.3 From 2e879745596f4d0affec6b65f759a1082eefd040 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 2 May 2015 23:09:56 -0500 Subject: expand docs --- docs/x509.rst | 50 +++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 47 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/x509.rst b/docs/x509.rst index e4d0cd87..20929768 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -896,9 +896,8 @@ X.509 Extensions .. versionadded:: 0.9 - The certificate policies extension is a list of one or more - :class:`PolicyInformation` instances. The object is iterable to get every - instance. + The certificate policies extension is an iterable, containing one or more + :class:`PolicyInformation` instances. Certificate Policies Classes ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -925,24 +924,56 @@ These classes may be present within a :class:`CertificatePolicies` instance. .. versionadded:: 0.9 + .. attribute:: policy_qualifier_id + + :type: :class:`ObjectIdentifier` + + This attribute can have two possible values: :data:`OID_CPS_QUALIFIER` + or :data:`OID_CPS_USER_NOTICE`. If it is :data:`OID_CPS_QUALIFIER` then + ``qualifier`` will be :term:`text` and should contain a pointer to + a certification practice statement (CPS) published by the CA. This + text should be in the form of a URI. If it is + :data:`OID_CPS_USER_NOTICE` then ``qualifier`` will be + :class:`UserNotice`. + .. attribute:: qualifier :type: :term:`text` or :class:`UserNotice` + The type of this attribute is determined by checking the + ``policy_qualifier_id``. + .. class:: UserNotice .. versionadded:: 0.9 + User notices are intended for display to a relying party when a certificate + is used. In practice, few if any UIs expose this data and it is a rarely + encoded component. + .. attribute:: notice_reference :type: :class:`NoticeReference` or None + The notice reference field names an organization and identifies, + by number, a particular statement prepared by that organization. + .. attribute:: explicit_text + This field includes an arbitrary textual statement directly in the + certificate. + :type: :term:`text` .. class:: NoticeReference + Notice reference can name an organization and provide information about + notices related to the certificate. For example, it might identify the + organization name and notice number 1. Application software could + have a notice file containing the current set of notices for the named + organization; the application would then extract the notice text from the + file and display it. In practice this is rarely seen. + .. versionadded:: 0.9 .. attribute:: organization @@ -1160,6 +1191,19 @@ Authority Information Access OIDs Corresponds to the dotted string ``"1.3.6.1.5.5.7.48.2"``. Used as the identifier for CA issuer data in :class:`AccessDescription` objects. +Policy Qualifier OIDs +~~~~~~~~~~~~~~~~~~~~~ + +.. data:: OID_CPS_QUALIFIER + + Corresponds to the dotted string ``"1.3.6.1.5.5.7.2.1"``. Used as an + identifier in :class:`PolicyQualifierInfo` objects. + +.. data:: OID_CPS_USER_NOTICE + + Corresponds to the dotted string ``"1.3.6.1.5.5.7.2.2"``. Used as an + identifier in :class:`PolicyQualifierInfo` objects. + .. _extension_oids: Extension OIDs -- cgit v1.2.3 From ba35b3ba85c374dfd0659992cae01255c530679d Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 10 May 2015 13:07:59 -0500 Subject: remove policyqualifierinfo object --- docs/x509.rst | 31 +++---------------------------- 1 file changed, 3 insertions(+), 28 deletions(-) (limited to 'docs') diff --git a/docs/x509.rst b/docs/x509.rst index 20929768..48cb0730 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -918,30 +918,7 @@ These classes may be present within a :class:`CertificatePolicies` instance. :type: list - A list of :class:`PolicyQualifierInfo` objects. - -.. class:: PolicyQualifierInfo - - .. versionadded:: 0.9 - - .. attribute:: policy_qualifier_id - - :type: :class:`ObjectIdentifier` - - This attribute can have two possible values: :data:`OID_CPS_QUALIFIER` - or :data:`OID_CPS_USER_NOTICE`. If it is :data:`OID_CPS_QUALIFIER` then - ``qualifier`` will be :term:`text` and should contain a pointer to - a certification practice statement (CPS) published by the CA. This - text should be in the form of a URI. If it is - :data:`OID_CPS_USER_NOTICE` then ``qualifier`` will be - :class:`UserNotice`. - - .. attribute:: qualifier - - :type: :term:`text` or :class:`UserNotice` - - The type of this attribute is determined by checking the - ``policy_qualifier_id``. + A list consisting of :term:`text` and/or :class:`UserNotice` objects. .. class:: UserNotice @@ -1196,13 +1173,11 @@ Policy Qualifier OIDs .. data:: OID_CPS_QUALIFIER - Corresponds to the dotted string ``"1.3.6.1.5.5.7.2.1"``. Used as an - identifier in :class:`PolicyQualifierInfo` objects. + Corresponds to the dotted string ``"1.3.6.1.5.5.7.2.1"``. .. data:: OID_CPS_USER_NOTICE - Corresponds to the dotted string ``"1.3.6.1.5.5.7.2.2"``. Used as an - identifier in :class:`PolicyQualifierInfo` objects. + Corresponds to the dotted string ``"1.3.6.1.5.5.7.2.2"``. .. _extension_oids: -- cgit v1.2.3 From 3f8ddeb3fa8d66710dfbcef54061f5ce9c10c2f4 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 11 May 2015 00:25:36 -0500 Subject: update docs --- docs/x509.rst | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/x509.rst b/docs/x509.rst index 48cb0730..d2313292 100644 --- a/docs/x509.rst +++ b/docs/x509.rst @@ -919,6 +919,10 @@ These classes may be present within a :class:`CertificatePolicies` instance. :type: list A list consisting of :term:`text` and/or :class:`UserNotice` objects. + If the value is text it is a pointer to the practice statement + published by the certificate authority. If it is a user notice it is + meant for display to the relying party when the certificate is + used. .. class:: UserNotice @@ -957,7 +961,7 @@ These classes may be present within a :class:`CertificatePolicies` instance. :type: :term:`text` or None - .. attribute :: notice_numbers + .. attribute:: notice_numbers :type: list or None -- cgit v1.2.3