In September 2017, this (legacy) site will be replaced with the new site you can see at beta.csrc.nist.rip. At that time, links to this legacy site will be automatically redirected to apporpriate links on the new site.

View the beta site
NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage

CSOR Public Key Infrastructure (PKI) Objects Registration

The CSOR has allocated the following registration branch for Public Key Infrastructure (PKI) objects:

csor-pki ::= {joint-iso-ccitt(2) country(16) us(840) organization(1) gov(101) csor(3) pki(2)}

Policies OIDs are allocated in the following arc:

csor-certpolicy ::= { csor-pki 1 }

For agencies requesting a new OID, please send email with OID name, associated document and point of contact information.

Additional information on Federal PKI activities is available from the NIST PKI Page.

ACES Registered Objects

There are eight objects registered to support the ACES project. The first object is an arc for ACES policies. These objects define an arc for policies associated with the GSA ACES project.

-- the ACES policy arc
aces OBJECT IDENTIFIER ::= { csor-certpolicy 1 }

-- the aces policy OIDs

The four policies below are defined in "Certificate Policy for Access Certificates for Electronic Services" May 12, 2017.

2.16.840.1.101.3.2.1.1.1 aces-ca
2.16.840.1.101.3.2.1.1.2 aces-identity
2.16.840.1.101.3.2.1.1.3 aces-business-rep
2.16.840.1.101.3.2.1.1.4 aces-relying-party
Obsolete as of December 2015
2.16.840.1.101.3.2.1.1.5 aces-SSL
2.16.840.1.101.3.2.1.1.6 aces-fed-employee
Obsolete as of December 2015
2.16.840.1.101.3.2.1.1.7 aces-fed-employee-hw
Obsolete as of December 2015

Back to Top

U.S. Patent and Trademark Office Registered Objects

There are thirteen policies registered with the U.S. Patent and Trademark Office. The first object is an arc for PTO policies. These OIDs have been assigned to this agency; however, we do not have the agency Certificate Profile associated with these OIDs.

-- the PTO policy arc
pto-policies OBJECT IDENTIFIER ::= { csor-certpolicy 2 }

-- the pto policy OIDs

2.16.840.1.101.3.2.1.2.1 pto-registered-practitioner
2.16.840.1.101.3.2.1.2.2 pto-inventor
2.16.840.1.101.3.2.1.2.3 pto-practitioner-employee
2.16.840.1.101.3.2.1.2.4 pto-basic
2.16.840.1.101.3.2.1.2.5 pto-service-provider
2.16.840.1.101.3.2.1.2.6 pto-service-provider-registrar

The following policies are defined in the document: "Certificate Policy for the U.S. Patent and Trademark Office".

2.16.840.1.101.3.2.1.2.7 pto-basic-2003
2.16.840.1.101.3.2.1.2.8 pto-medium-2003
2.16.840.1.101.3.2.1.2.9 id-pto-mediumHardware
2.16.840.1.101.3.2.1.2.10 id-pto-cardAuth
2.16.840.1.101.3.2.1.2.11 id-pto-mediumDevice
2.16.840.1.101.3.2.1.2.12 id-pto-mediumDeviceHardware
2.16.840.1.101.3.2.1.2.13 id-pto-basicDevice

Back to Top

Federal Bridge Certification Authority Registered Objects

Forty-three objects have been registered to support the Federal Bridge Certification Authority. The first object is an arc for FBCA policies;

-- the FBCA policy arc
fbca-policies OBJECT IDENTIFIER ::= { csor-certpolicy 3 }

-- the fbca policy OIDs

The polices below are defined by the FBCA certificate policy.

2.16.840.1.101.3.2.1.3.1 id-fpki-certpcy-rudimentaryAssurance
2.16.840.1.101.3.2.1.3.2 id-fpki-certpcy-basicAssurance
2.16.840.1.101.3.2.1.3.3 id-fpki-certpcy-mediumAssurance
2.16.840.1.101.3.2.1.3.4 id-fpki-certpcy-highAssurance
2.16.840.1.101.3.2.1.3.5 id-fpki-certpcy-testAssurance
2.16.840.1.101.3.2.1.3.12 id-fpki-certpcy-mediumHardware
2.16.840.1.101.3.2.1.3.14 id-fpki-certpcy-medium-CBP
2.16.840.1.101.3.2.1.3.15 id-fpki-certpcy-mediumHW-CBP
2.16.840.1.101.3.2.1.3.18 id-fpki-certpcy-pivi-hardware
2.16.840.1.101.3.2.1.3.19 id-fpki-certpcy-pivi-cardAuth
2.16.840.1.101.3.2.1.3.20 id-fpki-certpcy-pivi-contentSigning
2.16.840.1.101.3.2.1.3.21 id-fpki-SHA1-medium-CBP
2.16.840.1.101.3.2.1.3.22 id-fpki-SHA1-mediumHW-CBP
2.16.840.1.101.3.2.1.3.23 id-fpki-SHA1-policy
2.16.840.1.101.3.2.1.3.24 id-fpki-SHA1-hardware
2.16.840.1.101.3.2.1.3.25 id-fpki-SHA1-devices
2.16.840.1.101.3.2.1.3.37 id-fpki-certpcy-mediumDevice
2.16.840.1.101.3.2.1.3.38 id-fpki-certpcy-mediumDeviceHardware

The policies below are defined in "X.509 Certificate Policy for the Common Policy Framework".

2.16.840.1.101.3.2.1.3.6 id-fpki-common-policy
2.16.840.1.101.3.2.1.3.7 id-fpki-common-hardware
2.16.840.1.101.3.2.1.3.8 id-fpki-common-devices
2.16.840.1.101.3.2.1.3.13 id-fpki-common-authentication
2.16.840.1.101.3.2.1.3.16 id-fpki-common-high
2.16.840.1.101.3.2.1.3.17 id-fpki-common-cardAuth
2.16.840.1.101.3.2.1.3.26 id-fpki-SHA1-authentication
Obsolete as of 12/31/2013
2.16.840.1.101.3.2.1.3.27 id-fpki-SHA1-cardAuth
Obsolete as of 12/31/2013
2.16.840.1.101.3.2.1.3.36 id-fpki-common-devicesHardware
2.16.840.1.101.3.2.1.3.39 id-fpki-common-piv-contentSigning
2.16.840.1.101.3.2.1.3.40 id-fpki-common-derived-pivAuth
2.16.840.1.101.3.2.1.3.41 id-fpki-common-derived-pivAuth-hardware
2.16.840.1.101.3.2.1.3.42 id-fpki-common-public-trusted-serverAuth

The policies below are defined in X.509 Certificate Policy for the E-Governance Certification Authority. Once approved, this document will be available at the "Federal Public Key Infrastructure (FPKI) Policy Authority" website

2.16.840.1.101.3.2.1.3.9 id-eGov-Level1
2.16.840.1.101.3.2.1.3.10 id-eGov-Level2
2.16.840.1.101.3.2.1.3.11 id-eGov-Applications
2.16.840.1.101.3.2.1.3.28 id-eGov-Level1-IdP
2.16.840.1.101.3.2.1.3.29 id-eGov-Level2-IdP
2.16.840.1.101.3.2.1.3.30 id-eGov-Level3-IdP
2.16.840.1.101.3.2.1.3.31 id-eGov-Level4-IdP
2.16.840.1.101.3.2.1.3.32 id-eGov-BAE-Broker
2.16.840.1.101.3.2.1.3.33 id-eGov-RelyingParty
2.16.840.1.101.3.2.1.3.34 id-eGov-MetaSigner
2.16.840.1.101.3.2.1.3.35 id-eGov-MetaSigner-Hardware

Back to Top

National Institute of Standards and Technology Registered Objects

Two objects have been registered with the National Institute of Standards and Technology PKI policies. The first object is an arc for NIST policies.

-- the NIST policy arc
nist-policies OBJECT IDENTIFIER ::= { csor-certpolicy 4 }

-- the nist policy OIDs

The following policy is defined in the document: "Basic Level NIST Certificate Policy".

2.16.840.1.101.3.2.1.4.1 nist-cp1

Back to Top

U.S. Treasury Department's Registered Objects

Fifteen objects have been registered to support the U.S. Treasury Department's PKI. The first object is an arc for Treasury policies.

-- the Treasury policy arc
treasury-policies OBJECT IDENTIFIER ::= { csor-certpolicy 5 }

-- the treasury policy OIDs

The following object is the FMS PKI policy. The FMS policy is defined in Certificate Policy CP-1 for FMS Public Key Certificates in Unclassified Environments (draft).

2.16.840.1.101.3.2.1.5.1 treasury-cp1

The following 9 policies will be defined in the US Treasury PKI X.509 Certificate Policy.

2.16.840.1.101.3.2.1.5.2 id-treasury-certpcy-rudimentary
2.16.840.1.101.3.2.1.5.3 id-treasury-certpcy-basicindividual
2.16.840.1.101.3.2.1.5.8 id-treasury-certpcy-basicorganizational
2.16.840.1.101.3.2.1.5.7 id-treasury-certpcy-medium
2.16.840.1.101.3.2.1.5.4 id-treasury-certpcy-mediumhardware
2.16.840.1.101.3.2.1.5.5 id-treasury-certpcy-high
2.16.840.1.101.3.2.1.5.10 id-treasury-certpcy-pivi-hardware
2.16.840.1.101.3.2.1.5.11 id-treasury-certpcy-pivi-cardAuth
2.16.840.1.101.3.2.1.5.12 id-treasury-certpcy-pivi-contentSigning

The following policy is defined in the "Certificate Policy for the Internal Revenue Service (IRS) Secure Messaging" document.

2.16.840.1.101.3.2.1.5.6 id-US-IRS-Securemail

The following policies have been assigned to this agency; however, we do not have the agency Certificate Profile associated with these policies.

2.16.840.1.101.3.2.1.5.9 id-treacertpcy-internalnpe 
2.16.840.1.101.3.2.1.5.13 id-treasury-certpcy-personDeviceAuth
2.16.840.1.101.3.2.1.5.14 id-treasury-certpcy-internalperson
Back to Top

State Department Registered Objects

Ten objects have been registered to support the U.S. State Department PKI. The first object is an arc for State Department policies.

-- the State policy arc
state-policies OBJECT IDENTIFIER ::= { csor-certpolicy 6 }

-- the state policy OIDs

The following objects are defined in the "United States Department of State X.509 Certificate Policy". (This document is currently not publicly available.)

2.16.840.1.101.3.2.1.6.1 state-basic
2.16.840.1.101.3.2.1.6.2 state-low
2.16.840.1.101.3.2.1.6.3 state-moderate
2.16.840.1.101.3.2.1.6.4 state-high

The following objects have been assigned to this agency; however, we do not have the agency Certificate Profile associated with this OID.

2.16.840.1.101.3.2.1.6.12 state-certpcy-mediumHardware
2.16.840.1.101.3.2.1.6.14 state-certpcy-citizen-and-commerce
2.16.840.1.101.3.2.1.6.37 state-certpcy-mediumDevice
2.16.840.1.101.3.2.1.6.38 state-certpcy-mediumDeviceHardware

The following object is defined in the "Machine Readable Travel Document (MRTD) PKI X.509 Certificate Policy Version 1.1". (This document is currently not publicly available.)

2.16.840.1.101.3.2.1.6.100 state-mrtd

Back to Top

Federal Deposit Insurance Corporation Registered Objects

Five objects have been registered to support the Federal Deposit Insurance Corporation PKI. The first object is an arc for FDIC policies.

-- the FDIC policy arc
fdic-policies OBJECT IDENTIFIER ::= { csor-certpolicy 7 }

-- the fdic policy OIDs

The following four policies can be defined in the "Certificate Policy for the Federal Deposit Insurance Corporation" document.  (This document is currently not publicly available.)

2.16.840.1.101.3.2.1.7.1 fdic-basic
2.16.840.1.101.3.2.1.7.2 fdic-low
2.16.840.1.101.3.2.1.7.3 fdic-moderate
2.16.840.1.101.3.2.1.7.4 fdic-high

Back to Top

NFC (National Finance Center) Registered Objects

Four objects have been registered to support the USDA and NFC PKI. The first object is an arc for USDA-NFC policies.

-- the NFC policy arc
nfc-policies OBJECT IDENTIFIER ::= { csor-certpolicy 8}

-- the nfc policy OIDS

The following three policies are defined in the "United States Department of Agriculture and National Finance Center Public Key Infrastructure Certificate Policy"

2.16.840.1.101.3.2.1.8.1 nfc-basicAssurance
2.16.840.1.101.3.2.1.8.2 nfc-mediumAssurance
2.16.840.1.101.3.2.1.8.3 nfc-highAssurance

Back to Top

Drug Enforcement Administration Registered Objects

Three objects have been registered to support the DEA PKI. The first object is an arc for DEA policies.

-- the DEA policy arc
dea-policies OBJECT IDENTIFIER ::= { csor-certpolicy 9}

-- the dea policy OIDS

The following policies have been assigned to this agency; however, we do not have the agency Certificate Profile associated with these OIDs.

2.16.840.1.101.3.2.1.9.1 dea-csos-cp
2.16.840.1.101.3.2.1.9.2 dea-epcs-policy

Back to Top

DOE (Department of Energy) Registered Objects

Five objects have been registered to support the Department of Energy policies for PKI. The first object is an arc for DOE policies.

-- the DOE policy arc
doe-policies OBJECT IDENTIFIER ::= { csor-certpolicy 10}

-- the doe policy OIDS

The following three policies are defined in the "Certificate Policy CP-1 for DOE Public Key Certificates in Unclassified"

2.16.840.1.101.3.2.1.10.1 doe-basic
2.16.840.1.101.3.2.1.10.2 doe-medium
2.16.840.1.101.3.2.1.10.3 doe-high

The policy below is defined in the "U.S. Department of Energy Public Key Infrastructure X.509 Certificate Policy" document.

2.16.840.1.101.3.2.1.10.4 doe-medium-v2

Back to Top

DOL (Department of Labor) Registered Objects

Three objects have been registered to support the Department of Labor policies for PKI. The first object is an arc for DOL policies.

-- the DOL policy arc
dol-policies OBJECT IDENTIFIER ::= { csor-certpolicy 11}

-- the dol policy OIDS

These OIDs have been assigned to this agency; however, we do not have the agency Certificate Profile associated with these OIDs.

2.16.840.1.101.3.2.1.11.1 dol-basic
2.16.840.1.101.3.2.1.11.2 dol-medium

Back to Top

ECA (External Certification Authority) Registered Objects

Eleven objects have been registered to support the ECA policies for PKI. The first object is an arc for ECA policies.

-- the ECA policy arc
eca-policies OBJECT IDENTIFIER ::= { csor-certpolicy 12}

-- the eca policy OIDS

The following policies are defined in the "United States Department of Defense External Certification Authority X.509 Certificate Policy"

2.16.840.1.101.3.2.1.12.1 id-eca-medium
2.16.840.1.101.3.2.1.12.3 id-eca-medium-token
2.16.840.1.101.3.2.1.12.2 id-eca-medium-hardware
2.16.840.1.101.3.2.1.12.4 id-eca-medium-sha256
2.16.840.1.101.3.2.1.12.5 id-eca-medium-token-sha256
2.16.840.1.101.3.2.1.12.6 id-eca-medium-hardware-pivi
2.16.840.1.101.3.2.1.12.7 id-eca-cardauth-pivi
2.16.840.1.101.3.2.1.12.8 id-eca-contentsigning-pivi
2.16.840.1.101.3.2.1.12.9 id-eca-medium-device-sha256
2.16.840.1.101.3.2.1.12.10 id-eca-medium-hardware-sha256

Back to Top

FDA (Food and Drug Administration) Registered Objects

Thirteen objects have been registered to support the Food and Drug Administration policies for PKI. The first object is an arc for FDA policies.

id-ORApki-policies OBJECT IDENTIFIER ::= { csor-certpolicy 13}

The following policy is defined in the "X.509 Certificate Policy for the Food and Drug Administration (FDA) Office"

2.16.840.1.101.3.2.1.13.1 id-ORApki-assurance-test
2.16.840.1.101.3.2.1.13.2 id-ORApki-assurance-basic
2.16.840.1.101.3.2.1.13.3 id-ORApki-assurance-medium
2.16.840.1.101.3.2.1.13.4 id-ORApki-assurance-high

The following objects have been assigned to this agency and are defined in the "HHS Public Key Infrastructure X.509 Certificate Policy for HHS Domain Devices, Ver. 1.5"

2.16.840.1.101.3.2.1.13.5 id-pki-HHSdomains
2.16.840.1.101.3.2.1.13.5.1 id-HHSdomains-LoA
2.16.840.1.101.3.2.1.13.5.1.1 id-HHSdomains-assurance-basic
2.16.840.1.101.3.2.1.13.5.1.2 id-HHSdomains-assurance-high

2.16.840.1.101.3.2.1.13.5.2 id-HHSdomains-OPDIVpolicies
2.16.840.1.101.3.2.1.13.5.2.1 id-pki-IHSdomains
2.16.840.1.101.3.2.1.13.5.2.2 id-pki-NIHdomains
2.16.840.1.101.3.2.1.13.5.2.3 id-pki-FDAdomains

 

Back to Top

Citizen and Commerce Registered Objects

Three objects have been registered to support the Citizen and Commerce policies for PKI. The first object is an arc for the Citizen and Commerce policies.

-- the Citizen and Commerce policy arc
citizen-and-commerce-policies OBJECT IDENTIFIER ::= { csor-certpolicy 14}

-- the citizen-and-commerce policy OIDS

The following two policies are defined in the "Citizen and Commerce Certificate Policy" document.

2.16.840.1.101.3.2.1.14.1 citizen-and-commerce-provisional
2.16.840.1.101.3.2.1.14.2 citizen-and-commerce-approved

Back to Top

Department of Homeland Security Registered Objects

Twenty-eight objects have been registered to support the Department of Homeland Security policies for PKI. The first object is an arc for the DHS policies.

dhs-policies OBJECT IDENTIFIER ::= { csor-certpolicy 15}

The following arc is reserved for private DHS certificate content and PKI-protected message formats:

2.16.840.1.101.3.2.1.15.0 id-dhs-pkiObjects

The following OID is defined for use in the extended key usage extension:

2.16.840.1.101.3.2.1.15.0.1

id-dhs-USVISITsigner

The following OID is assigned to the ASN.1 module that defines the eContentTypes and value for the extendedKeyUsage extension:

2.16.840.1.101.3.2.1.15.0.2

id-dhs-MRTDValidationV4

The following OIDs are assigned to DHS eContentTypes for use with Cryptographic Message Syntax object formats:

2.16.840.1.101.3.2.1.15.0.3

id-dhs-ValidationList

2.16.840.1.101.3.2.1.15.0.4

id-dhs-CertStatus

2.16.840.1.101.3.2.1.15.0.5

id-dhs-CountryStatus

The following seven policies are defined within the "X.509 Certificate Policy for the Department of Homeland Security Public Key Infrastructure" document.

2.16.840.1.101.3.2.1.15.1 id-dhs-certpcy-rudimentary
2.16.840.1.101.3.2.1.15.2 id-dhs-certpcy-basic
2.16.840.1.101.3.2.1.15.3 id-dhs-certpcy-medium
2.16.840.1.101.3.2.1.15.4 id-dhs-certpcy-high
2.16.840.1.101.3.2.1.15.5 id-dhs-certpcy-mediumHardware
2.16.840.1.101.3.2.1.15.6 id-dhs-certpcy-cardAuth
2.16.840.1.101.3.2.1.15.7 id-dhs-certpcy-internalBasic

The following policy was defined within the "Department of Homeland Security Public Key Infrastructure X.509 Internal Use Non Person Entity Certificate Policy” document:

2.16.840.1.101.3.2.1.15.8

id-dhs-certpcy-internalNpe

The following policy has been defined by the Department of Homeland Security for use in the Homeland Secure Data Network (HSDN) Mobile Access Capability (MAC) PKI. This policy will be asserted within all certificates issued by the HSDN MAC CA and are intended to be used with the initial pilot and eventual production implementation permitting remote access to HSDN.

2.16.840.1.101.3.2.1.15.9

id-dhs-certpcy-HSDNMACMediumDevice

The following four policies are defined by the Department of Homeland Security for use in the Homeland Secure Data Network (HSDN) PKI. This PKI is for internal DHS use only and will not have any non-DHS relying parties.

2.16.840.1.101.3.2.1.15.10 id-dhs-certpcy-HSDNMediumDevice
2.16.840.1.101.3.2.1.15.11 id-dhs-certpcy-HSDNMediumHuman
2.16.840.1.101.3.2.1.15.12 id-dhs-certpcy-HSDNMediumHumanDerived
2.16.840.1.101.3.2.1.15.13 id-dhs-certpcy-HSDNCodeSigning

The following seven test policies are defined within the "X.509 Certificate Policy for the Department of Homeland Security Public Key Infrastructure" document to support pilots and testing. These policies should never be inserted in "real" certificates, and no relying party should ever accept such a certificate to implement security services in a "real" application!

2.16.840.1.101.3.2.1.15.31 id-dhs-certpcy-testRudimentary
2.16.840.1.101.3.2.1.15.32 id-dhs-certpcy-testBasic
2.16.840.1.101.3.2.1.15.33 id-dhs-certpcy-testMedium
2.16.840.1.101.3.2.1.15.34 id-dhs-certpcy-testHigh
2.16.840.1.101.3.2.1.15.35 id-dhs-certpcy-testMediumHardware
2.16.840.1.101.3.2.1.15.36 id-dhs-certpcy-testCardAuth
2.16.840.1.101.3.2.1.15.37 id-dhs-certpcy-testInternalBasic

The following test policy was defined within the "Department of Homeland Security Public Key Infrastructure X.509 Internal Use Non Person Entity Certificate Policy” document to support pilots and testing. This policy should never be inserted in "real" certificates, and no relying party should ever accept such a certificate to implement security services in a "real" application!:

2.16.840.1.101.3.2.1.15.38

id-dhs-certpcy-testInternalNpe

 

Back to Top

Department of Justice Registered Objects

Fifteen objects have been registered to support the Department of Justice policies for PKI. The first object is an arc for the DOJ policies.

-- the DOJ policy arc
id-doj-policies OBJECT IDENTIFIER ::= { csor-certpolicy 16}

-- the doj policy OIDS

The following five policies are defined in the "Department of Justice Public Key Infrastructure X.509 Certificate Policy" document.

2.16.840.1.101.3.2.1.16.1 id-doj-Class1
2.16.840.1.101.3.2.1.16.2 id-doj-Class2
2.16.840.1.101.3.2.1.16.3 id-doj-Class3
2.16.840.1.101.3.2.1.16.4 id-doj-Class4
2.16.840.1.101.3.2.1.16.5 id-doj-Class5

The following two policies are defined in the "X.509 Certificate Policy for the Federal Bureau of Investigation Public Key Infrastructure.

2.16.840.1.101.3.2.1.16.6.1 id-fbi-mediumAssurance
2.16.840.1.101.3.2.1.16.6.2 id-fbi-highAssurance

The following seven policies will be defined in a FBI/CJIS Division Certificate Policy (unavailable)

2.16.840.1.101.3.2.1.16.6.3 id-fbi-cjis-basic-individual
2.16.840.1.101.3.2.1.16.6.4 id-fbi-cjis-basic-organizational
2.16.840.1.101.3.2.1.16.6.5 id-fbi-cjis-medium
2.16.840.1.101.3.2.1.16.6.6 id-fbi-cjis-mediumSW
2.16.840.1.101.3.2.1.16.6.7 id-fbi-cjismediumHW
2.16.840.1.101.3.2.1.16.6.8 id-fbi-cjis-mediumDevice
2.16.840.1.101.3.2.1.16.6.9 id-fbi-cjis-high

Back to Top

Government Printing Office Registered Objects

Six objects have been registered to support the Government Printing Office policies for PKI. The first object is an arc for the GPO policies.

-- the GPO policy arc
id-gpo-policies OBJECT IDENTIFIER ::= { csor-certpolicy 17}

-- the gpo policy OIDS

The following policies are defined in the "X.509 Certificate Policy for the Government Printing Office Certification Authority".

2.16.840.1.101.3.2.1.17.1 id-gpo-medium
2.16.840.1.101.3.2.1.17.2 id-gpo-medium-hardware
2.16.840.1.101.3.2.1.17.3 id-gpo-certpcy-devices
2.16.840.1.101.3.2.1.17.4 id-gpo-certpcy-authentication
2.16.840.1.101.3.2.1.17.5 id-gpo-certpcy-cardAuth

Back to Top

Nuclear Regulatory Commission Registered Objects

Three objects have been registered to support the Nuclear Regulatory Commission policies for PKI. The first object is an arc for the NRC policies.

-- the NRC policy arc
id-nrc-policies OBJECT IDENTIFIER ::= { csor-certpolicy 18}

-- the nrc policy OIDS

The following policy are defined in the "U.S. Nuclear Regulatory Commission Certificate Policy for Level 3 Assurance Addendum to the VTN CP" document (not publicly available).

2.16.840.1.101.3.2.1.18.1 id-nrc-level3

The following policy are defined in the "U.S. Nuclear Regulatory Commission Certificate Policy for Level 2 Assurance Addendum to the VTN CP" document (not publicly available).

2.16.840.1.101.3.2.1.18.2 id-nrc-level2

 

Back to Top

Department of Interior Registered Objects

Three objects have been registered to support the Department of Interior policies for PKI. The first object is an arc for the DOI policies.

-- the DOI policy arc
id-doi-policies OBJECT IDENTIFIER ::= { csor-certpolicy 19}

-- the doi policy OIDS

These OIDs have been assigned to this agency; however, we do not have the agency Certificate Profile associated with these OIDs.

2.16.840.1.101.3.2.1.19.1 id-doi-basic
2.16.840.1.101.3.2.1.19.2 id-doi-medium

Back to Top

U.S. Postal Service Registered Objects

Nineteen objects have been registered to support the U.S. Postal Service policies for PKI. The first object is an arc for the USPS policies.

-- the USPS policy arc
id-usps-policies OBJECT IDENTIFIER ::= { csor-certpolicy 20}

-- the usps policy OIDS

These OIDs have been assigned to this agency; however, the Certificate Policy is still in draft format.

2.16.840.1.101.3.2.1.20.1 id-usps-certpcy-rudimentaryAssurance
2.16.840.1.101.3.2.1.20.2 id-usps-certpcy-basicAssurance
2.16.840.1.101.3.2.1.20.3 id-usps-certpcy-mediumAssurance
2.16.840.1.101.3.2.1.20.12 id-usps-certpcy-mediumHardware
2.16.840.1.101.3.2.1.20.18 id-usps-certpcy-pivi-hardware
2.16.840.1.101.3.2.1.20.19 id-usps-certpcy-pivi-cardAuth
2.16.840.1.101.3.2.1.20.20 id-usps-certpcy-pivi-contentSigning
2.16.840.1.101.3.2.1.20.37 id-usps-certpcy-mediumDevice
2.16.840.1.101.3.2.1.20.38 id-usps-certpcy-mediumDeviceHardware

The following OIDs have been assigned to this agency as Test OIDs to mirror the above.

2.16.840.1.101.3.2.1.20.4.1 id-usps-Testcertpcy-rudimentaryAssurance
2.16.840.1.101.3.2.1.20.4.2 id-usps-Testcertpcy-basicAssurance
2.16.840.1.101.3.2.1.20.4.3 id-usps-Testcertpcy-mediumAssurance
2.16.840.1.101.3.2.1.20.4.12 id-usps-Testcertpcy-mediumHardware
2.16.840.1.101.3.2.1.20.4.18 id-usps-Testcertpcy-pivi-hardware
2.16.840.1.101.3.2.1.20.4.19 id-usps-Testcertpcy-pivi-cardAuth
2.16.840.1.101.3.2.1.20.4.20 id-usps-Testcertpcy-pivi-contentSigning
2.16.840.1.101.3.2.1.20.4.37 id-usps-Testcertpcy-mediumDevice
2.16.840.1.101.3.2.1.20.4.38 id-usps-Testcertpcy-mediumDeviceHardware

Back to Top

Committee on National Security Systems Registered Objects

This arc is maintained by CNSS. The first object is an arc for the CNSS policies.

-- the CNSS policy arc
id-
cnss-policies OBJECT IDENTIFIER ::= { csor-certpolicy 21}

The OIDs assigned by this agency can be found in the Instruction for National Security Systems PKI X.509 Certificate Policy.

Back to Top

Federal Energy Regulatory Commission Registered Objects

Six objects have been registered to support the Federal Energy Regulatory Commission policies for PKI. The first object is an arc for the FERC policies.

-- the FERC policy arc
id-ferc-policies OBJECT IDENTIFIER ::= { csor-certpolicy 22}

-- the ferc policy OIDS

These OIDs have been assigned to this agency; however, the Certificate Policy is not publicly available.

2.16.840.1.101.3.2.1.22.1 id-ferc-Test
2.16.840.1.101.3.2.1.22.2 id-ferc-Basic
2.16.840.1.101.3.2.1.22.3 id-ferc-Medium
2.16.840.1.101.3.2.1.22.4 id-ferc-Medium-Hardware
2.16.840.1.101.3.2.1.22.5 id-ferc-High

Back to Top

U.S. Agency for International Development

Three objects have been registered to support the U.S. Agency for International Development policies for PKI. The first object is an arc for the USAID policies.

-- the USAID policy arc
id-
usaid-policies OBJECT IDENTIFIER ::= { csor-certpolicy 23}

-- the usaid policy OIDS

These OIDs have been assigned to this agency; however, the Certificate Policy is not publicly available.

2.16.840.1.101.3.2.1.23.1 id-usaid-basic
2.16.840.1.101.3.2.1.23.2 id-usaid-medium

Back to Top

U.S. Special Operations Command

Three objects have been registered to support the U.S. Special Operations Command policies for PKI. The first object is an arc for the USSOCOM policies.

-- the USSOCM policy arc
id-
ussocom-policies OBJECT IDENTIFIER ::= { csor-certpolicy 24}

-- the ussocom policy OIDS

The following policies are defined in X.509 Certificate Policy for United States Special Operations Command (USSOCOM)

2.16.840.1.101.3.2.1.24.1 id-ussocom-basic
2.16.840.1.101.3.2.1.24.2 id-ussocom-medium

Back to Top

Naval Nuclear Propulsion Program

This arc is maintained by NNPP. The first object is an arc for the NNPP policies.

-- the NNPP policy arc
id-
nnpp-policies OBJECT IDENTIFIER ::= { csor-certpolicy 25}

The OIDs assigned by this agency are documented in a Certificate Policy that is not publicly accessible.

Back to Top

Commodity Futures Trading Commission

Two objects have been assigned to support the Commodity Futures Trading Commission policies for PKI. The first object is an arc for the CFTC policies.

-- the CFTC policy arc
id-
cftc-policies OBJECT IDENTIFIER ::= { csor-certpolicy 26}

-- the cftc policy OIDS

The following OID is to be defined in the "United States Commodity Futures Trading Commission Certificate Authority Certificate Policy" (CP). This document is not publicly available at this time.

2.16.840.1.101.3.2.1.26.1 id-us-cftc-cp

Back to Top

PKI Pilots and Testing Registered Objects

There are 257 objects registered to support PKI pilots and testing. These objects define an arc for policies associated and 256 distinct policies. These policies should never be inserted in "real" certificates, and no relying party should ever accept such a certificate to implement security services in a "real" application! Note that the 256 policies are all equivalent and are defined within the "Test Certificate Policy to Support PKI Pilots and Testing" document.

-- test policy arc

csor-test-policies OBJECT IDENTIFIER ::= { 2 16 840 1 101 3 2 1 48 }

-- test policy OIDs

2.16.840.1.101.3.2.1.48.1 test1
2.16.840.1.101.3.2.1.48.2 test2
2.16.840.1.101.3.2.1.48.3 test3
2.16.840.1.101.3.2.1.48.4 test4
2.16.840.1.101.3.2.1.48.5 test5
2.16.840.1.101.3.2.1.48.6 test6
2.16.840.1.101.3.2.1.48.7 test7
2.16.840.1.101.3.2.1.48.8 test8
2.16.840.1.101.3.2.1.48.9 test9
2.16.840.1.101.3.2.1.48.10 test10

.................


2.16.840.1.101.3.2.1.48.254 test254
2.16.840.1.101.3.2.1.48.255 test255
2.16.840.1.101.3.2.1.48.256 test256

 

Back to Top