1 TCG DEFINITIONS ::= BEGIN
3 -- BEGIN Heimdal commentary
5 -- Copy-pasted from section 4 of
6 -- https://trustedcomputinggroup.org/wp-content/uploads/TCG_IWG_EKCredentialProfile_v2p3_r2_pub.pdf
7 -- https://trustedcomputinggroup.org/wp-content/uploads/Credential_Profile_EK_V2.0_R14_published.pdf
8 -- and adjusted to compile as follows:
10 -- - Due to limitations of the Heimdal compiler we've moved all of this
11 -- module's contents to rfc2459.asn1.
13 -- - Extensibility markers added to all SEQUENCEs as per the TCG's spec they
14 -- reserve the right to add fields in the future.
15 -- - Information Object System annotations commented out (Heimdal does not
18 -- - Types sorted topologically (at the time I did that the Heimdal ASN.1
19 -- compiler wouldn't do that on its own)
21 -- - Two otherwise equal ENUMERATED types share a definition now (at the time
22 -- the Heimdal ASN.1 compiler did not prefix labels of ENUMERATED types)
24 -- A small note for anyone whoever finds this: do not add complex structures as
25 -- DN attributes, or, indeed, never add DN attributes again. If some metadata
26 -- is name-like, then add a subjectAlternativeName otherName for it, otherwise
27 -- add a certificate extension to carry that metadata. And, for any name-like
28 -- metadata, always always include query and display syntax for it.
30 -- Anyone designing anything but the simplest schema in ASN.1 should have to
31 -- learn a bit more about ASN.1 and/or get a review from ASN.1 experts.
33 -- Anyone designing anything but the simplest x.509 extensions should have to
34 -- learn a bit more about ASN.1 and x.509 and/or get a review from x.509
37 -- Note that a module OID was not provided. Indeed, a valid, complete ASN.1
38 -- module was not provided.
40 -- END Heimdal commentary (though some minor Heimdal commentary appears below)