Referencing Properties or Extensions

Every property or extension in a certificate includes an identifier called an Object ID (OID). Microsoft® Certificate Server interfaces can always reference a property or extension by referencing its OID. However, to make the process of specifying extensions via the policy module more intuitive, certain extensions are allowed to be referenced by name instead of requiring an Object ID. The list of supported named extensions includes many of the most commonly used extensions from the IETF, NIST, S/MIME and SET specifications. In addition, Microsoft CryptoAPI 2.0 supports a set of named properties and extensions which is more comprehensive. (See wincrypt.h in the CryptoAPI 2.0 for a complete listing.) These are available to extension handler routines.