DoD Implementation Guide for CAC PIV End-Point - Common ...
04.01.2013 Views
Share Embed Flag

DoD Implementation Guide for CAC PIV End-Point - Common ...

DoD Implementation Guide for CAC PIV End-Point - Common ...

DoD Implementation Guide for CAC PIV End-Point - Common ...

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
cac.mil

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

<strong>DoD</strong> <strong>Implementation</strong> <strong>Guide</strong> <strong>for</strong> <strong>CAC</strong> <strong>PIV</strong> <strong>End</strong>-<strong>Point</strong><br />

Appendix D Sample data <strong>for</strong> <strong>PIV</strong> Authentication Certificate<br />

Below is a sample record <strong>for</strong>mat <strong>for</strong> the <strong>DoD</strong> <strong>PIV</strong> Authentication Certificate.<br />

Summary: Sample <strong>PIV</strong> Auth Certificate (2048 Root, 2048 Intermediate, and 1024 <strong>End</strong><br />

Entity) issued from JITC CA 19 on Jan of 2008. The sequence TBSCertificate contains<br />

in<strong>for</strong>mation associated with the subject of the certificate and the CA who issued it. Every<br />

TBSCertificate contains the names of the subject and issuer, a public key associated with<br />

the subject, a validity period, a version number, and a serial number; some MAY contain<br />

optional unique identifier fields. For signature calculation, the data that is to be signed is<br />

encoded using the ASN.1 distinguished encoding rules (DER) [X.690]. ASN.1 DER encoding<br />

is a tag, length, value encoding system <strong>for</strong> each element.<br />

Sources: *ASN.1, **ASN.1. Specified in 800-73 <strong>for</strong> interoperable use**ASN.1. Specified in<br />

800-73 <strong>for</strong> interoperable use<br />

Field<br />

Name<br />

Basic<br />

Certificate<br />

Hex Raw Data OID Data Content<br />

*Version A0 03 02 01 02 2<br />

*Serial<br />

Number<br />

** Issuer<br />

Signature<br />

Algorithm<br />

* Issuer<br />

Distinguished<br />

Name<br />

*Validity<br />

Period<br />

*Subject<br />

Distinguished<br />

Name<br />

*Subject<br />

Public Key<br />

In<strong>for</strong>mation<br />

02 02 13 03 4867<br />

30 0D 06 09 2A 86 48 86 F7 0D<br />

01 01 05 05 00<br />

30 5C 31 0B 30 09 06 03 55 04 06<br />

13 02 55 53 31 18 30 16 06 03 55<br />

04 0A 13 0F 55 2E 53 2E 20 47 6F<br />

76 65 72 6E 6D 65 6E 74 31 0C 30<br />

0A 06 03 55 04 0B 13 03 44 6F 44<br />

31 0C 30 0A 06 03 55 04 0B 13<br />

03 50 4B 49 31 17 30 15 06 03<br />

55 04 03 13 0E 44 4F 44 20 4A 49<br />

54 43 20 43 41 2D 31 39<br />

30 1E 17 0D 30 38 30 31 31 34 30<br />

30 30 30 30 30 5A<br />

17 0D 31 31 30 31 31 30 32 33 35<br />

39 35 39 5A<br />

30 81 90 31 0B 30 09 06 03 55 04<br />

06 13 02 55 53 31 18 30 16 06 03<br />

55 04 0A 13 0F 55 2E 53 2E 20 47<br />

6F 76 65 72 6E 6D 65 6E 74 31 0C<br />

30 0A 06 03 55 04 0B 13 03 44 6F<br />

44 31 0C 30 0A 06 03 55 04 0B 13<br />

03 50 4B 49 31 0D 30 0B 06 03 55<br />

04 0B 13 04 55 53 41 46 31 3C 30<br />

3A 06 03 55 04 03 13 33 4F 43 53<br />

20 50 49 56 41 55 54 48 20 59 45<br />

53 2E 4D 49 4C 4F 4E 2E 43 41 52<br />

44 20 54 48 52 45 45 20 50 49 56<br />

42 45 54 41 2E 31 34 30 31 33 35<br />

37 33 35 38<br />

30 81 9F 30 0D 06 09 2A 86 48 86<br />

F7 0D 01 01 01<br />

2A 86 48 86 F7 0D 01 01 05<br />

(1.2.840.113549.1.1.5 =SHA1withRSA)<br />

30<br />

SHA1withRSA Encryption<br />

55 04 06 (2.5.4.6 =countryName) 'US'<br />

55 04 0A (2.5.4.10=organizationName) 'U.S. Government'<br />

55 04 0B (2.5.4.11=<br />

organizationalUnitName)<br />

'<strong>DoD</strong>'<br />

55 04 0B (2.5.4.11=<br />

organizationalUnitName)<br />

'PKI'<br />

55 04 03 (2.5.4.3 =commonName) 'DOD JITC CA-19'<br />

080114000000Z UTC Time<br />

Code(issued date)<br />

110110235959Z UTC Time<br />

Code<br />

(expiration date)<br />

55 04 06 (2.5.4.6=countryName) 'US'<br />

55 04 0A (2.5.4.10 =organizationName) 'U.S. Government'<br />

55 04 0B<br />

(2.5.4.11=organizationalUnitName)<br />

55 04 0B<br />

(2.5.4.11=organizationUnitName)<br />

55 04 0B<br />

(2.5.4.11=organizationUnitName)<br />

'DOD'<br />

'PKI'<br />

‘USAF’<br />

55 04 03 (2.5.4.3 =commonName) 'OCS <strong>PIV</strong>AUTH<br />

YES.MILON.CARD<br />

THREE<br />

<strong>PIV</strong>BETA.1401357358'<br />

2A 86 48 86 F7 0D 01 01 01<br />

(1.2.840.113549.1.1.1= RSA)<br />

RSA Encryption<br />

**Public Key 03 81 8D 00 30 81 89 02 81 81 00 B7 BE 11 EC B0 3D B3 76 4A 04 1F B8 2A 00 2E C1 C5 3F EF 40 73 5D 4D<br />

ED E1 E4 CE E4 49 8F 8D 98 16 3F BE D1 8C 97 05 9C BA 96 E1 8C E8 00 EA 6A A8 95 12 FC 7A 67 83 34 82<br />

BF A7 6B 4B 20 AC 49 BA 73 25 8C 8D 90 A5 BF ED 4E DD 17 49 50 E6 BB E2 5E 0A A2 19 C4 4E 22 4F A3 8D<br />

50 56 25 0F 33 97 E9 C9 CF 6E 33 8D 32 DF EE 16 38 F1 FD 1A 62 9B 90 A6 39 54 1A DC F8 F8 D6 50 B7 58<br />

20 1A F1 02 03 01 00 01

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!