Extended Network Connectivity (ENC) uses X.509 version 3 digital certificates for authentication. The certificate profile in use is that of the IETF PKIX working group's RFC 3280 implementation.
The certificates and their associated private keys are obtained through the Microsoft Certificate Store. The certificates should have an Enhanced Key Usage extension that is marked for Server Authentication (1.3.6.1.5.5.7.3.1) or Client Authentication (1.3.6.1.5.5.7.3.2), dependent on the application using it.
A CA ITCM private extension to the Enhanced Key Usage certificate extension can be used to assist in certificate location (1.3.6.1.4.1.791.2.10.8.3). This object identifier (OID) is private to CA Technologies and is internal to the CA OID tree.
No ENC limits are imposed on the RSA key size used in the certificate key pair. The size of keys used is an organization-specific choice, though we recommend a minimum of 1024-bit keys.
|
Copyright © 2013 CA.
All rights reserved.
|
|