The Certificate Annotation subject enables applications to share a common certificate for a user. This is an annotation subject that holds a digital certificate for a user identified in the current User identity subject.
The Certificate Annotation subject uses the certificate exchange format defined in PKCS (public key Cryptography standards) #12. The Password privacy mode of PFX (Parallel Framework Extensions) allows the use of either password or pass-phrase based user certificate protection. The user supplies the password or pass-phrase to an application needed to use the certificate. A pass-phrase should protect the certificates maintained in the certificate subject.
Certificate annotation subjects have the following attributes:
Subject Label | "Certificate" |
Subject Type | Annotation |
Synchronization | Constant |
Security | Authentication required to set of get subject |
Subject Dependencies | User |
Mapping Agent Coupon Value | -5 |
The Certificate Annotation subject must be changed or cleared each time the User subject changes. Ideally, a user at a site should have only one certificate used by all applications, but that may not be the case for all sites. Site configurable, application specific suffixes added to a certificate item can differentiate certificates. A Certificate-Link-enabled application should be capable of getting and setting items with the appropriate suffix.
Certificate Annotation subjects have the following standard context data items. A Certificate annotation agent should set the value for at least one of the items listed in the following table:
Certificate Subject Annotation Item Name | Meaning | Data Type | Semantic Constraints on Values | Case Sensitivity |
---|---|---|---|---|
Certificate.An.User.Suffix | User's certificate data in a PFX as defined in PKCS#12 | XPN | None | No |
Certificate annotation agents can optionally set values for the corroborating items listed in the following table:
Certificate Subject Annotation Item Name | Meaning | Data Type | Semantic Constraints on Values | Case Sensitivity |
---|---|---|---|---|
Certificate.An.UserName | User name | XPN | None | No |
Examples of Certificate Subject Items are listed in the following table:
Example Item names | Example Item Values |
---|---|
Certificate.An.User | <PFX containing the common certificate for the current user> |
Certificate.An.User.MiPACS | <PFX containing a certificate specific to Logician> |
Certificate.An.UserName | Jason^King^^^^ |