You are on page 1of 6

Elementary data items

An elementary data item is a complete item that cannot be broken into separate parts. You can use elementary data items as host variables. Following is an example of an elementary data item:
01 MYSTR PIC X(26).

You can use MYSTR as a host variable (:MYSTR) because it is an elementary data item.

Request Table Optional Data Elements
Values for the following elements of the Request table SHOULD be maintained by the CA: Request_Key_Recovery_Hashes: Column name "Request.KeyRecoveryHashes". Unique identifiers of the key recovery agent (KRA)certificates that are required to retrieve an archived private key. Request_Raw_Old_Certificates: Column name "Request.RawOldCertificates". In the case of a renewal, the preceding certificate. Request_Request_Attributes: Column name "Request.RequestAttributes". The certificate request attributes as defined in [MS-WCCE]. Request_Request_Type: Column name "Request.RequestType". The type or format of a certificate request, such as PKCS#10 or the Cryptographic Message Syntax (CMS) standard with Common Messaging Calls (CMC) as specified in [RFC2797]. Request_Request_Flags: Column name "Request.RequestFlags". Additional certificate request information. The following are examples of request flag values. These flag values can be used in any combination. Name Value Description For encoding of the subject information in the certificate, a 0x0000000 T61String type is used for 1 elements that contain a Unicode character in the value. 0x0000000 The certificate request is a 2 renewal request. 0x0000000 For encoding of the subject

CR_FLG_FORCETELETEX

CR_FLG_RENEWAL CR_FLG_FORCEUTF8

5 of this document and in [MS-ERREF]. a UTF8String type is used for elements that contain a Unicode character in the value. Indicates whether the request was successful. The value is 0 if the request processed successfully. The certificate request contains an Authority Key Identifier extension that identifies the desired CA signing key for the certificate. The subject information in the certificate is an unmodified binary copy of the subject information from the certificate request. Error codes are as specified in section 2. The CA had difficulty publishing the certificate to the directory that is specified in the userCertificate attribute of the entity. Request_Status_Code: Column name "Request. including NULL. the CMC Full response includes the szOID_ENCRYPTED_KEY_HA SH attribute. this field contains an error code that results from request processing.Message". The certificate request is an Enroll-on-behalf-of request. The text description of Request_Disposition_ Request_Disposition_Message is for presentation to a user and can contain any text string. For encoding of the subject information in the certificate.2. Otherwise.4 CR_FLG_CAXCHGCERT CR_FLG_ENROLLONBEHALFOF 0x0000000 8 0x0000001 0 0x0000002 0 CR_FLG_SUBJECTUNMODIFIED CR_FLG_VALIDENCRYPTEDKEYHA 0x0000004 SH 0 0x0000008 0 0x0000010 0 CR_FLG_CACROSSCERT CR_FLG_ENFORCEUTF8 CR_FLG_DEFINEDCACERT 0x0000020 0 CR_FLG_PUBLISHERROR 0x8000000 0 information in the certificate. The certificate is the exchange certificate of the CA. a UTF8String type is used for directory string elements. For a certificate request with key archival. The certificate is the cross certificate of the CA.Disposition. . Request_Disposition_Message: Column name "Request.StatusCode". that the licensee considers informative.

ResolvedWhen".Officer". String representation Request_Country: Column name "Request. Request_Requester_Name: Column name "Request.Country". Request_Signer_Policies: Column name "Request.OrgUnit". The CERTTIME that a request was received by the CA. ASN. The country attribute of the DN from the Subject of the certificate request.SubmittedWhen".RequesterName".CommonName".SignerPolicies". The RequesterName that is included in the certificate request.Organization". Request_Officer: Column name "Request. . The list of valid Extended Key Usage OIDs for each signer certificate from the certificate request. The list of valid certificate policy OIDs for each signer certificate from the certificate request.DistinguishedName". Indicates whether the caller is the certificate manager of the entity that corresponds to the Request_Requester_Name. Request_Distinguished_Name: Column name "Request. Request_Organization: Column name "Request.SignerApplicationPolicies". Request_Revoked_When: Column name "Request. The organization attribute of the DN from the Subject of the certificate request. The user or machine context that submitted the certificate request to the CA. The distinguished name (DN) from the Subject attribute of the certificate request.CallerName". Request_Resolved_When: Column name "Request. This field is initialized as NULL and updated by the ICertAdminD::RevokeCertificate function. Request_Signer_Application_Policies: Column name "Request.Request_Submitted_When: Column name "Request.RevokedWhen". Request_Caller_Name: Column name "Request. The common name attribute of the DN from the Subject of the certificate request. The CERTTIME that the CA completed request processing (whether successfully or unsuccessfully).1 DER encoded Request_Org_Unit: Column name "Request. The organizational-unit attribute of the DN from the Subject of the certificate request. Request_Common_Name: Column name "Request. The CERTTIME that the CA processed a call to the ICertAdminD::RevokeCertificate function.

The given name (also called first name) attribute of the DN from the Subject of the certificate request. the subject name of the old certificate. Request_Unstructured_Name: Column name "Request.UnstructuredAddress". . Request_Title: Column name "Request. Request_State: Column name "Request.<7> Request_ID: Column name "RequestID". Request_RequesterName_From_Old_Certificate: Column name "Request. The street address attribute of the DN from the Subject of the certificate request.Request_Locality: Column name "Request.Title".UnstructuredName".Initials". Request_Device_Serial_Number: Column name "Request. Request_Initials: Column name "Request. The RequestID that corresponds to an issued certificate.DomainComponent". The domainComponent attribute of the DN from the Subject of the certificate request. The unstructured address attribute of the DN from the Subject of the certificate request. Request_Domain_Component: Column name "Request. The locality attribute of the DN from the Subject of the certificate request.GivenName". For a renewal request that is signed by the previously issued certificate. The device serial number attribute of the DN from the Subject of the certificate request. The state or province name attribute of the DN from the Subject of the certificate request. The initials attribute of the DN from the Subject of the certificate request. The EmailAddress attribute of the DN from the Subject of the certificate request.SurName".DeviceSerialNumber".EMail". The SHA-1 hash over the value of the Raw_Certificate column. Request_Street_Address: Column name "Request. The surname attribute of the DN from the Subject of the certificate request.RequesterNameFromOldCertificate". Request_Email: Column name "Request.State". Request_Given_Name: Column name "Request. Request_Unstructured_Address: Column name "Request. The unstructured name attribute of the DN from the Subject of the certificate request.Locality".StreetAddress". The title attribute of the DN from the Subject of the certificate request. Certificate_Hash: Column name "CertificateHash". Request_SurName: Column name "Request.

2. Not_After: Column name "NotAfter". The SubjectPublicKeyInfo->algorithm->algorithm field of the issued certificate. Subject_Key_Identifier: Column name "SubjectKeyIdentifier".1.5) of the issued certificate.1. The SubjectPublicKeyInfo->algorithm>parameters field of the issued certificate.1 DER encoded . Issuer_Name_Id: Column name "IssuerNameId". Public_Key_Algorithm: Column name "PublicKeyAlgorithm". The CERTTIME that provides the value for the Validity->notAfter field ([RFC3280] section 4.2.5) of the issued certificate. The Subject information of the issued certificate. UPN: Column name "UPN". Distinguished_Name: Column name "DistinguishedName".311. The SubjectPublicKeyInfo>subjectPublicKey field of the issued certificate. General_Flags: Column name "GeneralFlags".6. The SubjectKeyIdentifier extension ([RFC3280] section 4. String representation Raw_Name: Column name "RawName".2.6) of the issued certificate.2 of issued certificate.1.2) of the issued certificate. The UPN alternate name entry from the SubjectAltName extension in the certificate. Enrollment_Flags: Column name "EnrollmentFlags". A sequential number that indicates which CA key signed the issued certificate. extnValue of extension with OID 1. Public_Key_Length: Column name "PublicKeyLength". The values that are defined in "GeneralFlags" from [MS-CRTD].Certificate_Template: Column name "CertificateTemplate".1. Not_Before: Column name "NotBefore".2.1.4.20. The length of the SubjectPublicKeyInfo->subjectPublicKey field of the issued certificate. The CERTTIME that provides the value for the Validity->notBefore field ([RFC3280] section 4. Raw_Public_Key: Column name "RawPublicKey".1. ASN. The values that are defined in "EnrollmentFlags" from [MS-CRTD].3. The Subject field ([RFC3280] section 4. Raw_Public_Key_Algorithm_Parameters: Column name "RawPublicKeyAlgorithmParameters".

The [RFC822] Name attribute from the Subject Alternative Name of the issued certificate. The surname attribute of the certificate Subject. SurName: Column name "SurName". Initials: Column name "Initials". Organization: Column name "Organization". The unstructured name attribute of the certificate Subject. Device_Serial_Number: Column name "DeviceSerialNumber". Common_Name: Column name "CommonName". The domainComponent attribute of the certificate Subject. The street address attribute of the certificate Subject. Street_Address: Column name "StreetAddress". The initials attribute of the certificate Subject. The unstructured address attribute of the certificate Subject. State: Column name "State". The state or province name attribute of the certificate Subject. Unstructured_Address: Column name "UnstructuredAddress". The title attribute of the certificate Subject. Title: Column name "Title".Country: Column name "Country". The organization attribute of the certificate Subject. The country attribute of the certificate Subject. Org_Unit: Column name "OrgUnit". Email: Column name "EMail". The organizational-unit attribute of the certificate Subject. Domain_Component: Column name "DomainComponent". The locality attribute of the certificate Subject. Given_Name: Column name "GivenName". The given name attribute of the certificate Subject. The serial number attribute of the certificate Subject. Unstructured_Name: Column name "UnstructuredName". The common name attribute of the certificate Subject. {} Curly braces indicate that the element being defined is made up of a series of repetitions of the element(s) enclosed in the brackets. Locality: Column name "Locality". .