| blob | 14129b06a5cd716417fcf5453a729d54168bb824 |
1 TCG DEFINITIONS ::= BEGIN
3 -- BEGIN Heimdal commentary
4 --
5 -- Copy-pasted from section 4 of
6 -- https://trustedcomputinggroup.org/wp-content/uploads/TCG_IWG_EKCredentialProfile_v2p3_r2_pub.pdf
7 -- https://trustedcomputinggroup.org/wp-content/uploads/Credential_Profile_EK_V2.0_R14_published.pdf
8 -- and adjusted to compile as follows:
9 --
10 -- - Due to limitations of the Heimdal compiler we've moved all of this
11 -- module's contents to rfc2459.asn1.
12 --
13 -- - Extensibility markers added to all SEQUENCEs as per the TCG's spec they
14 -- reserve the right to add fields in the future.
15 -- - Information Object System annotations commented out (Heimdal does not
16 -- support them)
17 --
18 -- - Types sorted topologically (at the time I did that the Heimdal ASN.1
19 -- compiler wouldn't do that on its own)
20 --
21 -- - Two otherwise equal ENUMERATED types share a definition now (at the time
22 -- the Heimdal ASN.1 compiler did not prefix labels of ENUMERATED types)
23 --
24 -- A small note for anyone whoever finds this: do not add complex structures as
25 -- DN attributes, or, indeed, never add DN attributes again. If some metadata
26 -- is name-like, then add a subjectAlternativeName otherName for it, otherwise
27 -- add a certificate extension to carry that metadata. And, for any name-like
28 -- metadata, always always include query and display syntax for it.
29 --
30 -- Anyone designing anything but the simplest schema in ASN.1 should have to
31 -- learn a bit more about ASN.1 and/or get a review from ASN.1 experts.
32 --
33 -- Anyone designing anything but the simplest x.509 extensions should have to
34 -- learn a bit more about ASN.1 and x.509 and/or get a review from x.509
35 -- experts.
36 --
37 -- Note that a module OID was not provided. Indeed, a valid, complete ASN.1
38 -- module was not provided.
39 --
40 -- END Heimdal commentary (though some minor Heimdal commentary appears below)
42 END