In September 2017, this (legacy) site will be replaced with the new site you can see at beta.csrc.nist.rip. At that time, links to this legacy site will be automatically redirected to apporpriate links on the new site.
CSOR Public Key Infrastructure (PKI) Objects Registration
The CSOR has allocated the following registration branch for Public Key Infrastructure (PKI) objects:
csor-pki ::= {joint-iso-ccitt(2) country(16) us(840) organization(1) gov(101) csor(3) pki(2)}
Policies OIDs are allocated in the following arc:
csor-certpolicy ::= { csor-pki 1 }
For agencies requesting a new OID, please send email with OID name, associated document and point of contact information.
Additional information on Federal PKI activities is available from the NIST PKI Page.
ACES Registered Objects
There are eight objects registered to support the ACES project. The first object is an arc for ACES policies. These objects define an arc for policies associated with the GSA ACES project.
-- the ACES policy arc
aces OBJECT IDENTIFIER ::= { csor-certpolicy 1 }
-- the aces policy OIDs
The four policies below are defined in "Certificate Policy for Access Certificates for Electronic Services" May 12, 2017.
| 2.16.840.1.101.3.2.1.1.1 | aces-ca |
| 2.16.840.1.101.3.2.1.1.2 | aces-identity |
| 2.16.840.1.101.3.2.1.1.3 | aces-business-rep |
| |
Obsolete as of December 2015 |
| 2.16.840.1.101.3.2.1.1.5 | aces-SSL |
| |
Obsolete as of December 2015 |
| |
Obsolete as of December 2015 |
U.S. Patent and Trademark Office Registered Objects
There are thirteen policies registered with the U.S. Patent and Trademark Office. The first object is an arc for PTO policies. These OIDs have been assigned to this agency; however, we do not have the agency Certificate Profile associated with these OIDs.
-- the PTO policy arc
pto-policies OBJECT IDENTIFIER ::= { csor-certpolicy 2 }
-- the pto policy OIDs
| 2.16.840.1.101.3.2.1.2.1 | pto-registered-practitioner |
| 2.16.840.1.101.3.2.1.2.2 | pto-inventor |
| 2.16.840.1.101.3.2.1.2.3 | pto-practitioner-employee |
| 2.16.840.1.101.3.2.1.2.4 | pto-basic |
| 2.16.840.1.101.3.2.1.2.5 | pto-service-provider |
| 2.16.840.1.101.3.2.1.2.6 | pto-service-provider-registrar |
The following policies are defined in the document: "Certificate Policy for the U.S. Patent and Trademark Office".
| 2.16.840.1.101.3.2.1.2.7 | pto-basic-2003 |
| 2.16.840.1.101.3.2.1.2.8 | pto-medium-2003 |
| 2.16.840.1.101.3.2.1.2.9 | id-pto-mediumHardware |
| 2.16.840.1.101.3.2.1.2.10 | id-pto-cardAuth |
| 2.16.840.1.101.3.2.1.2.11 | id-pto-mediumDevice |
| 2.16.840.1.101.3.2.1.2.12 | id-pto-mediumDeviceHardware |
| 2.16.840.1.101.3.2.1.2.13 | id-pto-basicDevice |
Federal Bridge Certification Authority Registered Objects
Forty-three objects have been registered to support the Federal Bridge Certification Authority. The first object is an arc for FBCA policies;
-- the FBCA policy arc
fbca-policies OBJECT IDENTIFIER ::= { csor-certpolicy 3 }
-- the fbca policy OIDs
The polices below are defined by the FBCA certificate policy.
| 2.16.840.1.101.3.2.1.3.1 | id-fpki-certpcy-rudimentaryAssurance |
| 2.16.840.1.101.3.2.1.3.2 | id-fpki-certpcy-basicAssurance |
| 2.16.840.1.101.3.2.1.3.3 | id-fpki-certpcy-mediumAssurance |
| 2.16.840.1.101.3.2.1.3.4 | id-fpki-certpcy-highAssurance |
| 2.16.840.1.101.3.2.1.3.5 | id-fpki-certpcy-testAssurance |
| 2.16.840.1.101.3.2.1.3.12 | id-fpki-certpcy-mediumHardware |
| 2.16.840.1.101.3.2.1.3.14 | id-fpki-certpcy-medium-CBP |
| 2.16.840.1.101.3.2.1.3.15 | id-fpki-certpcy-mediumHW-CBP |
| 2.16.840.1.101.3.2.1.3.18 | id-fpki-certpcy-pivi-hardware |
| 2.16.840.1.101.3.2.1.3.19 | id-fpki-certpcy-pivi-cardAuth |
| 2.16.840.1.101.3.2.1.3.20 | id-fpki-certpcy-pivi-contentSigning |
| 2.16.840.1.101.3.2.1.3.21 | id-fpki-SHA1-medium-CBP |
| 2.16.840.1.101.3.2.1.3.22 | id-fpki-SHA1-mediumHW-CBP |
| 2.16.840.1.101.3.2.1.3.23 | id-fpki-SHA1-policy |
| 2.16.840.1.101.3.2.1.3.24 | id-fpki-SHA1-hardware |
| 2.16.840.1.101.3.2.1.3.25 | id-fpki-SHA1-devices |
| 2.16.840.1.101.3.2.1.3.37 | id-fpki-certpcy-mediumDevice |
| 2.16.840.1.101.3.2.1.3.38 | id-fpki-certpcy-mediumDeviceHardware |
The policies below are defined in "X.509 Certificate Policy for the Common Policy Framework".
| 2.16.840.1.101.3.2.1.3.6 | id-fpki-common-policy |
| 2.16.840.1.101.3.2.1.3.7 | id-fpki-common-hardware |
| 2.16.840.1.101.3.2.1.3.8 | id-fpki-common-devices |
| 2.16.840.1.101.3.2.1.3.13 | id-fpki-common-authentication |
| 2.16.840.1.101.3.2.1.3.16 | id-fpki-common-high |
| 2.16.840.1.101.3.2.1.3.17 | id-fpki-common-cardAuth |
Obsolete as of 12/31/2013 |
|
| |
Obsolete as of 12/31/2013 |
| 2.16.840.1.101.3.2.1.3.36 | id-fpki-common-devicesHardware |
| 2.16.840.1.101.3.2.1.3.39 | id-fpki-common-piv-contentSigning |
| 2.16.840.1.101.3.2.1.3.40 | id-fpki-common-derived-pivAuth |
| 2.16.840.1.101.3.2.1.3.41 | id-fpki-common-derived-pivAuth-hardware |
| 2.16.840.1.101.3.2.1.3.42 | id-fpki-common-public-trusted-serverAuth |
The policies below are defined in X.509 Certificate Policy for the E-Governance Certification Authority. Once approved, this document will be available at the "Federal Public Key Infrastructure (FPKI) Policy Authority" website
| 2.16.840.1.101.3.2.1.3.9 | id-eGov-Level1 |
| 2.16.840.1.101.3.2.1.3.10 | id-eGov-Level2 |
| 2.16.840.1.101.3.2.1.3.11 | id-eGov-Applications |
| 2.16.840.1.101.3.2.1.3.28 | id-eGov-Level1-IdP |
| 2.16.840.1.101.3.2.1.3.29 | id-eGov-Level2-IdP |
| 2.16.840.1.101.3.2.1.3.30 | id-eGov-Level3-IdP |
| 2.16.840.1.101.3.2.1.3.31 | id-eGov-Level4-IdP |
| 2.16.840.1.101.3.2.1.3.32 | id-eGov-BAE-Broker |
| 2.16.840.1.101.3.2.1.3.33 | id-eGov-RelyingParty |
| 2.16.840.1.101.3.2.1.3.34 | id-eGov-MetaSigner |
| 2.16.840.1.101.3.2.1.3.35 | id-eGov-MetaSigner-Hardware |
National Institute of Standards and Technology Registered Objects
Two objects have been registered with the National Institute of Standards and Technology PKI policies. The first object is an arc for NIST policies.
-- the NIST policy arc
nist-policies OBJECT IDENTIFIER ::= { csor-certpolicy 4 }
-- the nist policy OIDs
The following policy is defined in the document: "Basic Level NIST Certificate Policy".
| 2.16.840.1.101.3.2.1.4.1 | nist-cp1 |
U.S. Treasury Department's Registered Objects
Fifteen objects have been registered to support the U.S. Treasury Department's PKI. The first object is an arc for Treasury policies.
-- the Treasury policy arc
treasury-policies OBJECT IDENTIFIER ::= { csor-certpolicy 5 }
-- the treasury policy OIDs
The following object is the FMS PKI policy. The FMS policy is defined in Certificate Policy CP-1 for FMS Public Key Certificates in Unclassified Environments (draft).
| 2.16.840.1.101.3.2.1.5.1 | treasury-cp1 |
The following 9 policies will be defined in the US Treasury PKI X.509 Certificate Policy.
| 2.16.840.1.101.3.2.1.5.2 | id-treasury-certpcy-rudimentary |
| 2.16.840.1.101.3.2.1.5.3 | id-treasury-certpcy-basicindividual |
| 2.16.840.1.101.3.2.1.5.8 | id-treasury-certpcy-basicorganizational |
| 2.16.840.1.101.3.2.1.5.7 | id-treasury-certpcy-medium |
| 2.16.840.1.101.3.2.1.5.4 | id-treasury-certpcy-mediumhardware |
| 2.16.840.1.101.3.2.1.5.5 | id-treasury-certpcy-high |
| 2.16.840.1.101.3.2.1.5.10 | id-treasury-certpcy-pivi-hardware |
| 2.16.840.1.101.3.2.1.5.11 | id-treasury-certpcy-pivi-cardAuth |
| 2.16.840.1.101.3.2.1.5.12 | id-treasury-certpcy-pivi-contentSigning |
The following policy is defined in the "Certificate Policy for the Internal Revenue Service (IRS) Secure Messaging" document.
| 2.16.840.1.101.3.2.1.5.6 | id-US-IRS-Securemail |
The following policies have been assigned to this agency; however, we do not have the agency Certificate Profile associated with these policies.
| 2.16.840.1.101.3.2.1.5.9 | id-treacertpcy-internalnpe |
| 2.16.840.1.101.3.2.1.5.13 | id-treasury-certpcy-personDeviceAuth |
| 2.16.840.1.101.3.2.1.5.14 | id-treasury-certpcy-internalperson |
State Department Registered Objects
Ten objects have been registered to support the U.S. State Department PKI. The first object is an arc for State Department policies.
-- the State policy arc
state-policies OBJECT IDENTIFIER ::= { csor-certpolicy 6 }
-- the state policy OIDs
The following objects are defined in the "United States Department of State X.509 Certificate Policy". (This document is currently not publicly available.)
| 2.16.840.1.101.3.2.1.6.1 | state-basic |
| 2.16.840.1.101.3.2.1.6.2 | state-low |
| 2.16.840.1.101.3.2.1.6.3 | state-moderate |
| 2.16.840.1.101.3.2.1.6.4 | state-high |
The following objects have been assigned to this agency; however, we do not have the agency Certificate Profile associated with this OID.
| 2.16.840.1.101.3.2.1.6.12 | state-certpcy-mediumHardware |
| 2.16.840.1.101.3.2.1.6.14 | state-certpcy-citizen-and-commerce |
| 2.16.840.1.101.3.2.1.6.37 | state-certpcy-mediumDevice |
| 2.16.840.1.101.3.2.1.6.38 | state-certpcy-mediumDeviceHardware |
The following object is defined in the "Machine Readable Travel Document (MRTD) PKI X.509 Certificate Policy Version 1.1". (This document is currently not publicly available.)
| 2.16.840.1.101.3.2.1.6.100 | state-mrtd |
Federal Deposit Insurance Corporation Registered Objects
Five objects have been registered to support the Federal Deposit Insurance Corporation PKI. The first object is an arc for FDIC policies.
-- the FDIC policy arc
fdic-policies OBJECT IDENTIFIER ::= { csor-certpolicy 7 }
-- the fdic policy OIDs
The following four policies can be defined in the "Certificate Policy for the Federal Deposit Insurance Corporation" document. (This document is currently not publicly available.)
| 2.16.840.1.101.3.2.1.7.1 | fdic-basic |
| 2.16.840.1.101.3.2.1.7.2 | fdic-low |
| 2.16.840.1.101.3.2.1.7.3 | fdic-moderate |
| 2.16.840.1.101.3.2.1.7.4 | fdic-high |
NFC (National Finance Center) Registered Objects
Four objects have been registered to support the USDA and NFC PKI. The first object is an arc for USDA-NFC policies.
-- the NFC policy arc
nfc-policies OBJECT IDENTIFIER ::= { csor-certpolicy 8}
-- the nfc policy OIDS
The following three policies are defined in the "United States Department of Agriculture and National Finance Center Public Key Infrastructure Certificate Policy"
| 2.16.840.1.101.3.2.1.8.1 | nfc-basicAssurance |
| 2.16.840.1.101.3.2.1.8.2 | nfc-mediumAssurance |
| 2.16.840.1.101.3.2.1.8.3 | nfc-highAssurance |
Drug Enforcement Administration Registered Objects
Three objects have been registered to support the DEA PKI. The first object is an arc for DEA policies.
-- the DEA policy arc
dea-policies OBJECT IDENTIFIER ::= { csor-certpolicy 9}
-- the dea policy OIDS
The following policies have been assigned to this agency; however, we do not have the agency Certificate Profile associated with these OIDs.
| 2.16.840.1.101.3.2.1.9.1 | dea-csos-cp |
| 2.16.840.1.101.3.2.1.9.2 | dea-epcs-policy |
DOE (Department of Energy) Registered Objects
Five objects have been registered to support the Department of Energy policies for PKI. The first object is an arc for DOE policies.
-- the DOE policy arc
doe-policies OBJECT IDENTIFIER ::= { csor-certpolicy 10}
-- the doe policy OIDS
The following three policies are defined in the "Certificate Policy CP-1 for DOE Public Key Certificates in Unclassified"
| 2.16.840.1.101.3.2.1.10.1 | doe-basic |
| 2.16.840.1.101.3.2.1.10.2 | doe-medium |
| 2.16.840.1.101.3.2.1.10.3 | doe-high |
The policy below is defined in the "U.S. Department of Energy Public Key Infrastructure X.509 Certificate Policy" document.
| 2.16.840.1.101.3.2.1.10.4 | doe-medium-v2 |
DOL (Department of Labor) Registered Objects
Three objects have been registered to support the Department of Labor policies for PKI. The first object is an arc for DOL policies.
-- the DOL policy arc
dol-policies OBJECT IDENTIFIER ::= { csor-certpolicy 11}
-- the dol policy OIDS
These OIDs have been assigned to this agency; however, we do not have the agency Certificate Profile associated with these OIDs.
| 2.16.840.1.101.3.2.1.11.1 | dol-basic |
| 2.16.840.1.101.3.2.1.11.2 | dol-medium |
ECA (External Certification Authority) Registered Objects
Eleven objects have been registered to support the ECA policies for PKI. The first object is an arc for ECA policies.
-- the ECA policy arc
eca-policies OBJECT IDENTIFIER ::= { csor-certpolicy 12}
-- the eca policy OIDS
The following policies are defined in the "United States Department of Defense External Certification Authority X.509 Certificate Policy"
| 2.16.840.1.101.3.2.1.12.1 | id-eca-medium |
| 2.16.840.1.101.3.2.1.12.3 | id-eca-medium-token |
| 2.16.840.1.101.3.2.1.12.2 | id-eca-medium-hardware |
| 2.16.840.1.101.3.2.1.12.4 | id-eca-medium-sha256 |
| 2.16.840.1.101.3.2.1.12.5 | id-eca-medium-token-sha256 |
| 2.16.840.1.101.3.2.1.12.6 | id-eca-medium-hardware-pivi |
| 2.16.840.1.101.3.2.1.12.7 | id-eca-cardauth-pivi |
| 2.16.840.1.101.3.2.1.12.8 | id-eca-contentsigning-pivi |
| 2.16.840.1.101.3.2.1.12.9 | id-eca-medium-device-sha256 |
| 2.16.840.1.101.3.2.1.12.10 | id-eca-medium-hardware-sha256 |
FDA (Food and Drug Administration) Registered Objects
Thirteen objects have been registered to support the Food and Drug Administration policies for PKI. The first object is an arc for FDA policies.
id-ORApki-policies OBJECT IDENTIFIER ::= { csor-certpolicy 13}
The following policy is defined in the "X.509 Certificate Policy for the Food and Drug Administration (FDA) Office"
| 2.16.840.1.101.3.2.1.13.1 | id-ORApki-assurance-test |
| 2.16.840.1.101.3.2.1.13.2 | id-ORApki-assurance-basic |
| 2.16.840.1.101.3.2.1.13.3 | id-ORApki-assurance-medium |
| 2.16.840.1.101.3.2.1.13.4 | id-ORApki-assurance-high |
The following objects have been assigned to this agency and are defined in the "HHS Public Key Infrastructure X.509 Certificate Policy for HHS Domain Devices, Ver. 1.5"
| 2.16.840.1.101.3.2.1.13.5 | id-pki-HHSdomains |
| 2.16.840.1.101.3.2.1.13.5.1 | id-HHSdomains-LoA |
| 2.16.840.1.101.3.2.1.13.5.1.1 | id-HHSdomains-assurance-basic |
| 2.16.840.1.101.3.2.1.13.5.1.2 | id-HHSdomains-assurance-high |
| 2.16.840.1.101.3.2.1.13.5.2 | id-HHSdomains-OPDIVpolicies |
| 2.16.840.1.101.3.2.1.13.5.2.1 | id-pki-IHSdomains |
| 2.16.840.1.101.3.2.1.13.5.2.2 | id-pki-NIHdomains |
| 2.16.840.1.101.3.2.1.13.5.2.3 | id-pki-FDAdomains |
Back to Top
Citizen and Commerce Registered Objects
Three objects have been registered to support the Citizen and Commerce policies for PKI. The first object is an arc for the Citizen and Commerce policies.
-- the Citizen and Commerce policy arc
citizen-and-commerce-policies OBJECT IDENTIFIER ::= { csor-certpolicy 14}
-- the citizen-and-commerce policy OIDS
The following two policies are defined in the "Citizen and Commerce Certificate Policy" document.
| 2.16.840.1.101.3.2.1.14.1 | citizen-and-commerce-provisional |
| 2.16.840.1.101.3.2.1.14.2 | citizen-and-commerce-approved |
Department of Homeland Security Registered Objects
Twenty-eight objects have been registered to support the Department of Homeland Security policies for PKI. The first object is an arc for the DHS policies.
dhs-policies OBJECT IDENTIFIER ::= { csor-certpolicy 15}
The following arc is reserved for private DHS certificate content and PKI-protected message formats:
| 2.16.840.1.101.3.2.1.15.0 | id-dhs-pkiObjects |
The following OID is defined for use in the extended key usage extension:
2.16.840.1.101.3.2.1.15.0.1 |
id-dhs-USVISITsigner |
The following OID is assigned to the ASN.1 module that defines the eContentTypes and value for the extendedKeyUsage extension:
2.16.840.1.101.3.2.1.15.0.2 |
id-dhs-MRTDValidationV4 |
The following OIDs are assigned to DHS eContentTypes for use with Cryptographic Message Syntax object formats:
2.16.840.1.101.3.2.1.15.0.3 |
id-dhs-ValidationList |
2.16.840.1.101.3.2.1.15.0.4 |
id-dhs-CertStatus |
2.16.840.1.101.3.2.1.15.0.5 |
id-dhs-CountryStatus |
The following seven policies are defined within the "X.509 Certificate Policy for the Department of Homeland Security Public Key Infrastructure" document.
| 2.16.840.1.101.3.2.1.15.1 | id-dhs-certpcy-rudimentary |
| 2.16.840.1.101.3.2.1.15.2 | id-dhs-certpcy-basic |
| 2.16.840.1.101.3.2.1.15.3 | id-dhs-certpcy-medium |
| 2.16.840.1.101.3.2.1.15.4 | id-dhs-certpcy-high |
| 2.16.840.1.101.3.2.1.15.5 | id-dhs-certpcy-mediumHardware |
| 2.16.840.1.101.3.2.1.15.6 | id-dhs-certpcy-cardAuth |
| 2.16.840.1.101.3.2.1.15.7 | id-dhs-certpcy-internalBasic |
The following policy was defined within the "Department of Homeland Security Public Key Infrastructure X.509 Internal Use Non Person Entity Certificate Policy” document:
2.16.840.1.101.3.2.1.15.8 |
id-dhs-certpcy-internalNpe |
The following policy has been defined by the Department of Homeland Security for use in the Homeland Secure Data Network (HSDN) Mobile Access Capability (MAC) PKI. This policy will be asserted within all certificates issued by the HSDN MAC CA and are intended to be used with the initial pilot and eventual production implementation permitting remote access to HSDN.
2.16.840.1.101.3.2.1.15.9 |
id-dhs-certpcy-HSDNMACMediumDevice |
The following four policies are defined by the Department of Homeland Security for use in the Homeland Secure Data Network (HSDN) PKI. This PKI is for internal DHS use only and will not have any non-DHS relying parties.
| 2.16.840.1.101.3.2.1.15.10 | id-dhs-certpcy-HSDNMediumDevice |
| 2.16.840.1.101.3.2.1.15.11 | id-dhs-certpcy-HSDNMediumHuman |
| 2.16.840.1.101.3.2.1.15.12 | id-dhs-certpcy-HSDNMediumHumanDerived |
| 2.16.840.1.101.3.2.1.15.13 | id-dhs-certpcy-HSDNCodeSigning |
The following seven test policies are defined within the "X.509 Certificate Policy for the Department of Homeland Security Public Key Infrastructure" document to support pilots and testing. These policies should never be inserted in "real" certificates, and no relying party should ever accept such a certificate to implement security services in a "real" application!
| 2.16.840.1.101.3.2.1.15.31 | id-dhs-certpcy-testRudimentary |
| 2.16.840.1.101.3.2.1.15.32 | id-dhs-certpcy-testBasic |
| 2.16.840.1.101.3.2.1.15.33 | id-dhs-certpcy-testMedium |
| 2.16.840.1.101.3.2.1.15.34 | id-dhs-certpcy-testHigh |
| 2.16.840.1.101.3.2.1.15.35 | id-dhs-certpcy-testMediumHardware |
| 2.16.840.1.101.3.2.1.15.36 | id-dhs-certpcy-testCardAuth |
| 2.16.840.1.101.3.2.1.15.37 | id-dhs-certpcy-testInternalBasic |
The following test policy was defined within the "Department of Homeland Security Public Key Infrastructure X.509 Internal Use Non Person Entity Certificate Policy” document to support pilots and testing. This policy should never be inserted in "real" certificates, and no relying party should ever accept such a certificate to implement security services in a "real" application!:
2.16.840.1.101.3.2.1.15.38 |
id-dhs-certpcy-testInternalNpe |
Department of Justice Registered Objects
Fifteen objects have been registered to support the Department of Justice policies for PKI. The first object is an arc for the DOJ policies.
-- the DOJ policy arc
id-doj-policies OBJECT IDENTIFIER ::= { csor-certpolicy 16}
-- the doj policy OIDS
The following five policies are defined in the "Department of Justice Public Key Infrastructure X.509 Certificate Policy" document.
| 2.16.840.1.101.3.2.1.16.1 | id-doj-Class1 |
| 2.16.840.1.101.3.2.1.16.2 | id-doj-Class2 |
| 2.16.840.1.101.3.2.1.16.3 | id-doj-Class3 |
| 2.16.840.1.101.3.2.1.16.4 | id-doj-Class4 |
| 2.16.840.1.101.3.2.1.16.5 | id-doj-Class5 |
The following two policies are defined in the "X.509 Certificate Policy for the Federal Bureau of Investigation Public Key Infrastructure.
| 2.16.840.1.101.3.2.1.16.6.1 | id-fbi-mediumAssurance |
| 2.16.840.1.101.3.2.1.16.6.2 | id-fbi-highAssurance |
The following seven policies will be defined in a FBI/CJIS Division Certificate Policy (unavailable)
| 2.16.840.1.101.3.2.1.16.6.3 | id-fbi-cjis-basic-individual |
| 2.16.840.1.101.3.2.1.16.6.4 | id-fbi-cjis-basic-organizational |
| 2.16.840.1.101.3.2.1.16.6.5 | id-fbi-cjis-medium |
| 2.16.840.1.101.3.2.1.16.6.6 | id-fbi-cjis-mediumSW |
| 2.16.840.1.101.3.2.1.16.6.7 | id-fbi-cjismediumHW |
| 2.16.840.1.101.3.2.1.16.6.8 | id-fbi-cjis-mediumDevice |
| 2.16.840.1.101.3.2.1.16.6.9 | id-fbi-cjis-high |
Government Printing Office Registered Objects
Six objects have been registered to support the Government Printing Office policies for PKI. The first object is an arc for the GPO policies.
-- the GPO policy arc
id-gpo-policies OBJECT IDENTIFIER ::= { csor-certpolicy 17}
-- the gpo policy OIDS
The following policies are defined in the "X.509 Certificate Policy for the Government Printing Office Certification Authority".
| 2.16.840.1.101.3.2.1.17.1 | id-gpo-medium |
| 2.16.840.1.101.3.2.1.17.2 | id-gpo-medium-hardware |
| 2.16.840.1.101.3.2.1.17.3 | id-gpo-certpcy-devices |
| 2.16.840.1.101.3.2.1.17.4 | id-gpo-certpcy-authentication |
| 2.16.840.1.101.3.2.1.17.5 | id-gpo-certpcy-cardAuth |
Back to Top
Nuclear Regulatory Commission Registered Objects
Three objects have been registered to support the Nuclear Regulatory Commission policies for PKI. The first object is an arc for the NRC policies.
-- the NRC policy arc
id-nrc-policies OBJECT IDENTIFIER ::= { csor-certpolicy 18}
-- the nrc policy OIDS
The following policy are defined in the "U.S. Nuclear Regulatory Commission Certificate Policy for Level 3 Assurance Addendum to the VTN CP" document (not publicly available).
| 2.16.840.1.101.3.2.1.18.1 | id-nrc-level3 |
The following policy are defined in the "U.S. Nuclear Regulatory Commission Certificate Policy for Level 2 Assurance Addendum to the VTN CP" document (not publicly available).
| 2.16.840.1.101.3.2.1.18.2 | id-nrc-level2 |
Back to Top
Department of Interior Registered Objects
Three objects have been registered to support the Department of Interior policies for PKI. The first object is an arc for the DOI policies.
-- the DOI policy arc
id-doi-policies OBJECT IDENTIFIER ::= { csor-certpolicy 19}
-- the doi policy OIDS
These OIDs have been assigned to this agency; however, we do not have the agency Certificate Profile associated with these OIDs.
| 2.16.840.1.101.3.2.1.19.1 | id-doi-basic |
| 2.16.840.1.101.3.2.1.19.2 | id-doi-medium |
U.S. Postal Service Registered Objects
Nineteen objects have been registered to support the U.S. Postal Service policies for PKI. The first object is an arc for the USPS policies.
-- the USPS policy arc
id-usps-policies OBJECT IDENTIFIER ::= { csor-certpolicy 20}
-- the usps policy OIDS
These OIDs have been assigned to this agency; however, the Certificate Policy is still in draft format.
| 2.16.840.1.101.3.2.1.20.1 | id-usps-certpcy-rudimentaryAssurance |
| 2.16.840.1.101.3.2.1.20.2 | id-usps-certpcy-basicAssurance |
| 2.16.840.1.101.3.2.1.20.3 | id-usps-certpcy-mediumAssurance |
| 2.16.840.1.101.3.2.1.20.12 | id-usps-certpcy-mediumHardware |
| 2.16.840.1.101.3.2.1.20.18 | id-usps-certpcy-pivi-hardware |
| 2.16.840.1.101.3.2.1.20.19 | id-usps-certpcy-pivi-cardAuth |
| 2.16.840.1.101.3.2.1.20.20 | id-usps-certpcy-pivi-contentSigning |
| 2.16.840.1.101.3.2.1.20.37 | id-usps-certpcy-mediumDevice |
| 2.16.840.1.101.3.2.1.20.38 | id-usps-certpcy-mediumDeviceHardware |
The following OIDs have been assigned to this agency as Test OIDs to mirror the above.
| 2.16.840.1.101.3.2.1.20.4.1 | id-usps-Testcertpcy-rudimentaryAssurance |
| 2.16.840.1.101.3.2.1.20.4.2 | id-usps-Testcertpcy-basicAssurance |
| 2.16.840.1.101.3.2.1.20.4.3 | id-usps-Testcertpcy-mediumAssurance |
| 2.16.840.1.101.3.2.1.20.4.12 | id-usps-Testcertpcy-mediumHardware |
| 2.16.840.1.101.3.2.1.20.4.18 | id-usps-Testcertpcy-pivi-hardware |
| 2.16.840.1.101.3.2.1.20.4.19 | id-usps-Testcertpcy-pivi-cardAuth |
| 2.16.840.1.101.3.2.1.20.4.20 | id-usps-Testcertpcy-pivi-contentSigning |
| 2.16.840.1.101.3.2.1.20.4.37 | id-usps-Testcertpcy-mediumDevice |
| 2.16.840.1.101.3.2.1.20.4.38 | id-usps-Testcertpcy-mediumDeviceHardware |
Committee on National Security Systems Registered Objects
This arc is maintained by CNSS. The first object is an arc for the CNSS policies.
-- the CNSS policy arc
id-cnss-policies OBJECT IDENTIFIER ::= { csor-certpolicy 21}
The OIDs assigned by this agency can be found in the Instruction for National Security Systems PKI X.509 Certificate Policy.
Federal Energy Regulatory Commission Registered Objects
Six objects have been registered to support the Federal Energy Regulatory Commission policies for PKI. The first object is an arc for the FERC policies.
-- the FERC policy arc
id-ferc-policies OBJECT IDENTIFIER ::= { csor-certpolicy 22}
-- the ferc policy OIDS
These OIDs have been assigned to this agency; however, the Certificate Policy is not publicly available.
| 2.16.840.1.101.3.2.1.22.1 | id-ferc-Test |
| 2.16.840.1.101.3.2.1.22.2 | id-ferc-Basic |
| 2.16.840.1.101.3.2.1.22.3 | id-ferc-Medium |
| 2.16.840.1.101.3.2.1.22.4 | id-ferc-Medium-Hardware |
| 2.16.840.1.101.3.2.1.22.5 | id-ferc-High |
U.S. Agency for International Development
Three objects have been registered to support the U.S. Agency for International Development policies for PKI. The first object is an arc for the USAID policies.
-- the USAID policy arc
id-usaid-policies OBJECT IDENTIFIER ::= { csor-certpolicy 23}
-- the usaid policy OIDS
These OIDs have been assigned to this agency; however, the Certificate Policy is not publicly available.
| 2.16.840.1.101.3.2.1.23.1 | id-usaid-basic |
| 2.16.840.1.101.3.2.1.23.2 | id-usaid-medium |
U.S. Special Operations Command
Three objects have been registered to support the U.S. Special Operations Command policies for PKI. The first object is an arc for the USSOCOM policies.
-- the USSOCM policy arc
id-ussocom-policies OBJECT IDENTIFIER ::= { csor-certpolicy 24}
-- the ussocom policy OIDS
The following policies are defined in X.509 Certificate Policy for United States Special Operations Command (USSOCOM)
| 2.16.840.1.101.3.2.1.24.1 | id-ussocom-basic |
| 2.16.840.1.101.3.2.1.24.2 | id-ussocom-medium |
Naval Nuclear Propulsion Program
This arc is maintained by NNPP. The first object is an arc for the NNPP policies.
-- the NNPP policy arc
id-nnpp-policies OBJECT IDENTIFIER ::= { csor-certpolicy 25}
The OIDs assigned by this agency are documented in a Certificate Policy that is not publicly accessible.
Commodity Futures Trading Commission
Two objects have been assigned to support the Commodity Futures Trading Commission policies for PKI. The first object is an arc for the CFTC policies.
-- the CFTC policy arc
id-cftc-policies OBJECT IDENTIFIER ::= { csor-certpolicy 26}
-- the cftc policy OIDS
The following OID is to be defined in the "United States Commodity Futures Trading Commission Certificate Authority Certificate Policy" (CP). This document is not publicly available at this time.
| 2.16.840.1.101.3.2.1.26.1 | id-us-cftc-cp |
PKI Pilots and Testing Registered Objects
There are 257 objects registered to support PKI pilots and testing. These objects define an arc for policies associated and 256 distinct policies. These policies should never be inserted in "real" certificates, and no relying party should ever accept such a certificate to implement security services in a "real" application! Note that the 256 policies are all equivalent and are defined within the "Test Certificate Policy to Support PKI Pilots and Testing" document.
-- test policy arc
csor-test-policies OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 2 1 48 }
-- test policy OIDs
| 2.16.840.1.101.3.2.1.48.1 | test1 |
| 2.16.840.1.101.3.2.1.48.2 | test2 |
| 2.16.840.1.101.3.2.1.48.3 | test3 |
| 2.16.840.1.101.3.2.1.48.4 | test4 |
| 2.16.840.1.101.3.2.1.48.5 | test5 |
| 2.16.840.1.101.3.2.1.48.6 | test6 |
| 2.16.840.1.101.3.2.1.48.7 | test7 |
| 2.16.840.1.101.3.2.1.48.8 | test8 |
| 2.16.840.1.101.3.2.1.48.9 | test9 |
| 2.16.840.1.101.3.2.1.48.10 | test10 |
.................
| 2.16.840.1.101.3.2.1.48.254 | test254 |
| 2.16.840.1.101.3.2.1.48.255 | test255 |
| 2.16.840.1.101.3.2.1.48.256 | test256 |
Back to Top