Update certificate configuration files to fill required elements: #4
Description
In order to generate the certifcates compliant with the standard the .cnf files corresponding to each certificatemust contain the required and critical extensions as specified in the Certificate profiles in Annex B of 15118-20.
| x | Required: issuing CA must make sure that this extension is present certificate validating entity must ensure that this extension is present |
|---|---|
| (x) | Optional it is upto the discretion of the issuing CA and/or certificate requester to either include or omit this extension certificate validating entity must ignore the absence of this extension |
| - | Must not be present issuing CA must make sure that this extension is not present certificate validating entity must ensure that this extension is not present |
| c | This extension is critical, see IETF RFC 5280 if this extension is present, the certificate validating entity must process it. If an implementation recognizes that a “critical” extension is present, but the implementation cannot interpret the extension, the implementation has to reject the certificate. Quote from IETF RFC 5280: “A certificate-using system MUST reject the certificate if it encounters a critical extension it does not recognize or a critical extension that contains information that it cannot process." NOTE: IETF RFC 5280 has been updated by IETF RFC 6818, IETF RFC 8398 and IETF RFC 8399. These updates are considered to be included for this version of ISO 15118-20 standard. |
| nc | This extension is non-critical, see IETF RFC 5280 if this extension is present, the certificate validating entity may ignore it if either the entity is unable to process the extension or if the requirements allow the entity to ignore the extension. If an implementation recognizes that a “non-critical” extension is present, but the implementation cannot interpret the extension, the extension can be ignored. Quote from IETF RFC 5280: “A non-critical extension MAY be ignored if it is not recognized, but MUST be processed if it is recognized." NOTE: IETF RFC 5280 has been updated by IETF RFC 6818, IETF RFC 8398 and IETF RFC 8399. These updates are considered to be included for this version of ISO 15118-20 standard. |