CRL_DIST_POINT_NAME

The CRL_DIST_POINT_NAME structure identifies the location from which the CRL can be obtained.

When the FullName alternative is used, or when the default applies, the CRL distribution point name may have multiple name forms. The same name, in at least one of its name forms shall be present in the DistPointName field (see CRL_DIST_POINT) of the issuing distribution point extension on the CRL. A certificate using system is not required to be able to process all name forms. It may use a distribution point provided at least one name form can be processed. If no name forms for a distribution point can be processed, a certificate using system can still use the certificate, provided requisite revocation information can be obtained from another source, for example, another distribution point of the CA's directory entry.

typedef struct _CRL_DIST_POINT_NAME {
    DWORD   dwDistPointNameChoice;
    union {
        CERT_ALT_NAME_INFO      FullName;       // 1
        // Not implemented      IssuerRDN;      // 2
    };
} CRL_DIST_POINT_NAME, *PCRL_DIST_POINT_NAME;
 

Members

dwDistPointNameChoice

Indicates the variant used for the name data contained in the union. The following dwDistPointNameChoice values are defined in Wincrypt.h:

#define CRL_DIST_POINT_NO_NAME          0
#define CRL_DIST_POINT_FULL_NAME        1
#define CRL_DIST_POINT_ISSUER_RDN_NAME  2
 

FullName

This structure contains one or more alternative names specifying the CRL distribution point name, using any of a variety of name forms. One of the most common name forms uses a URL in the form of http://… to specify the location of the CRL.

IssuerRDN

Not implemented.

See Also

CRL_DIST_POINT