ECA-External Certificate Authority

Medium Hardware Assurance Identity Certificate

Field Medium
Hardware Assurance Identity Certificate Value
Version V3 (2)
Serial Number Must be unique
Issuer Signature
Algorithm
sha-1WithRSAEncryption
Issuer Distinguished
Name
cn=ORC ECA, ou=Certification
Authorities, ou=ECA, o=U.S. Government, c=US
Validity Period 3 years from date of issue
Subject Distinguished
Name
<cn=Subscriber Name>, <ou=Subscriber
Company Name>, ou=ORC, ou=ECA, o=U.S.
Government, c=US
Subject Public Key
Information
1024 bit RSA key modulus,
rsaEncryption
Issuer Unique Identifier Not Present
Subject Unique Identifier Not Present
Issuer’s Signature sha-1WithRSAEncryption
Authority key Identifier c=no; octet string
Subject key Identifier c=no; octet string
Key Usage c=yes; digitalSignature,
nonRepudiation
Extended key Usage
c=no; id-kp-clientAuth
{1 3 6 1 5 5 7 3 2}; id-kp-emailProtection {1 3 6 1 5 5 7 3 4};
MS-SC {1 3 6 1 4 1 311 20 2 2}
Private Key Usage
Period
Not Present
Certificate Policies c=no; {2 16 840 1 101 3
2 1 12 1}, {2 16 840 1 101 3 2 1 12 2}
Policy Mapping Not Present
Subject Alternative
Name
 

Other Name

 

c=no; always present, contains
RFC822 e-mail address;
<UPN=Domain Login Name>; {1 3 6 1 4 1 311
20 2 3}
Issuer Alternative
Name
Not Present
Subject Directory
Attributes
Not Present
Basic Constraints Not Present
Name Constraints Not Present
Policy Constraints Not Present
Authority Information
Access
C=no; ocsp=http://eva.orc.com,
caIssuers=http://eca.orc.com/ecaroot.crt
CRL Distribution
Points
c = no; always present,
ldap://eca-ds.orc.com/cn=ORC ECA, ou=Certification Authorities, ou=ECA,
o=U.S. Government, c=US?certificaterevocationlist;binary