1PKIX1Explicit88 { iso(1) identified-organization(3) dod(6) internet(1) 2 security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit(18) } 3 4DEFINITIONS EXPLICIT TAGS ::= 5 6BEGIN 7 8-- EXPORTS ALL -- 9 10-- IMPORTS NONE -- 11 12-- UNIVERSAL Types defined in 1993 and 1998 ASN.1 13-- and required by this specification 14-- (Commented out for krb5 source tree) 15 16-- UniversalString ::= [UNIVERSAL 28] IMPLICIT OCTET STRING 17 -- UniversalString is defined in ASN.1:1993 18 19-- BMPString ::= [UNIVERSAL 30] IMPLICIT OCTET STRING 20 -- BMPString is the subtype of UniversalString and models 21 -- the Basic Multilingual Plane of ISO/IEC 10646 22 23--UTF8String ::= [UNIVERSAL 12] IMPLICIT OCTET STRING 24 -- The content of this type conforms to RFC 3629. 25 26-- PKIX specific OIDs 27 28id-pkix OBJECT IDENTIFIER ::= 29 { iso(1) identified-organization(3) dod(6) internet(1) 30 security(5) mechanisms(5) pkix(7) } 31 32-- PKIX arcs 33 34id-pe OBJECT IDENTIFIER ::= { id-pkix 1 } 35 -- arc for private certificate extensions 36id-qt OBJECT IDENTIFIER ::= { id-pkix 2 } 37 -- arc for policy qualifier types 38id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } 39 -- arc for extended key purpose OIDS 40id-ad OBJECT IDENTIFIER ::= { id-pkix 48 } 41 -- arc for access descriptors 42 43-- policyQualifierIds for Internet policy qualifiers 44 45id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 } 46 -- OID for CPS qualifier 47id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 } 48 -- OID for user notice qualifier 49 50-- access descriptor definitions 51 52id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 } 53id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 } 54id-ad-timeStamping OBJECT IDENTIFIER ::= { id-ad 3 } 55id-ad-caRepository OBJECT IDENTIFIER ::= { id-ad 5 } 56 57-- attribute data types 58 59Attribute ::= SEQUENCE { 60 type AttributeType, 61 values SET OF AttributeValue } 62 -- at least one value is required 63 64AttributeType ::= OBJECT IDENTIFIER 65 66AttributeValue ::= ANY -- DEFINED BY AttributeType 67 68AttributeTypeAndValue ::= SEQUENCE { 69 type AttributeType, 70 value AttributeValue } 71 72-- suggested naming attributes: Definition of the following 73-- information object set may be augmented to meet local 74-- requirements. Note that deleting members of the set may 75-- prevent interoperability with conforming implementations. 76-- presented in pairs: the AttributeType followed by the 77-- type definition for the corresponding AttributeValue 78 79-- Arc for standard naming attributes 80 81id-at OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) ds(5) 4 } 82 83-- Naming attributes of type X520name 84 85id-at-name AttributeType ::= { id-at 41 } 86id-at-surname AttributeType ::= { id-at 4 } 87id-at-givenName AttributeType ::= { id-at 42 } 88id-at-initials AttributeType ::= { id-at 43 } 89id-at-generationQualifier AttributeType ::= { id-at 44 } 90 91-- Naming attributes of type X520Name: 92-- X520name ::= DirectoryString (SIZE (1..ub-name)) 93-- 94-- Expanded to avoid parameterized type: 95X520name ::= CHOICE { 96 teletexString TeletexString (SIZE (1..ub-name)), 97 printableString PrintableString (SIZE (1..ub-name)), 98 universalString UniversalString (SIZE (1..ub-name)), 99 utf8String UTF8String (SIZE (1..ub-name)), 100 bmpString BMPString (SIZE (1..ub-name)) } 101 102-- Naming attributes of type X520CommonName 103 104id-at-commonName AttributeType ::= { id-at 3 } 105 106-- Naming attributes of type X520CommonName: 107-- X520CommonName ::= DirectoryName (SIZE (1..ub-common-name)) 108-- 109-- Expanded to avoid parameterized type: 110X520CommonName ::= CHOICE { 111 teletexString TeletexString (SIZE (1..ub-common-name)), 112 printableString PrintableString (SIZE (1..ub-common-name)), 113 universalString UniversalString (SIZE (1..ub-common-name)), 114 utf8String UTF8String (SIZE (1..ub-common-name)), 115 bmpString BMPString (SIZE (1..ub-common-name)) } 116 117-- Naming attributes of type X520LocalityName 118 119id-at-localityName AttributeType ::= { id-at 7 } 120 121-- Naming attributes of type X520LocalityName: 122-- X520LocalityName ::= DirectoryName (SIZE (1..ub-locality-name)) 123-- 124-- Expanded to avoid parameterized type: 125X520LocalityName ::= CHOICE { 126 teletexString TeletexString (SIZE (1..ub-locality-name)), 127 printableString PrintableString (SIZE (1..ub-locality-name)), 128 universalString UniversalString (SIZE (1..ub-locality-name)), 129 utf8String UTF8String (SIZE (1..ub-locality-name)), 130 bmpString BMPString (SIZE (1..ub-locality-name)) } 131 132-- Naming attributes of type X520StateOrProvinceName 133 134id-at-stateOrProvinceName AttributeType ::= { id-at 8 } 135 136-- Naming attributes of type X520StateOrProvinceName: 137-- X520StateOrProvinceName ::= DirectoryName (SIZE (1..ub-state-name)) 138-- 139-- Expanded to avoid parameterized type: 140X520StateOrProvinceName ::= CHOICE { 141 teletexString TeletexString (SIZE (1..ub-state-name)), 142 printableString PrintableString (SIZE (1..ub-state-name)), 143 universalString UniversalString (SIZE (1..ub-state-name)), 144 utf8String UTF8String (SIZE (1..ub-state-name)), 145 bmpString BMPString (SIZE (1..ub-state-name)) } 146 147-- Naming attributes of type X520OrganizationName 148 149id-at-organizationName AttributeType ::= { id-at 10 } 150 151-- Naming attributes of type X520OrganizationName: 152-- X520OrganizationName ::= 153-- DirectoryName (SIZE (1..ub-organization-name)) 154-- 155-- Expanded to avoid parameterized type: 156X520OrganizationName ::= CHOICE { 157 teletexString TeletexString 158 (SIZE (1..ub-organization-name)), 159 printableString PrintableString 160 (SIZE (1..ub-organization-name)), 161 universalString UniversalString 162 (SIZE (1..ub-organization-name)), 163 utf8String UTF8String 164 (SIZE (1..ub-organization-name)), 165 bmpString BMPString 166 (SIZE (1..ub-organization-name)) } 167 168-- Naming attributes of type X520OrganizationalUnitName 169 170id-at-organizationalUnitName AttributeType ::= { id-at 11 } 171 172-- Naming attributes of type X520OrganizationalUnitName: 173-- X520OrganizationalUnitName ::= 174-- DirectoryName (SIZE (1..ub-organizational-unit-name)) 175-- 176-- Expanded to avoid parameterized type: 177X520OrganizationalUnitName ::= CHOICE { 178 teletexString TeletexString 179 (SIZE (1..ub-organizational-unit-name)), 180 printableString PrintableString 181 (SIZE (1..ub-organizational-unit-name)), 182 universalString UniversalString 183 (SIZE (1..ub-organizational-unit-name)), 184 utf8String UTF8String 185 (SIZE (1..ub-organizational-unit-name)), 186 bmpString BMPString 187 (SIZE (1..ub-organizational-unit-name)) } 188 189-- Naming attributes of type X520Title 190 191id-at-title AttributeType ::= { id-at 12 } 192 193-- Naming attributes of type X520Title: 194-- X520Title ::= DirectoryName (SIZE (1..ub-title)) 195-- 196-- Expanded to avoid parameterized type: 197X520Title ::= CHOICE { 198 teletexString TeletexString (SIZE (1..ub-title)), 199 printableString PrintableString (SIZE (1..ub-title)), 200 universalString UniversalString (SIZE (1..ub-title)), 201 utf8String UTF8String (SIZE (1..ub-title)), 202 bmpString BMPString (SIZE (1..ub-title)) } 203 204-- Naming attributes of type X520dnQualifier 205 206id-at-dnQualifier AttributeType ::= { id-at 46 } 207 208X520dnQualifier ::= PrintableString 209 210-- Naming attributes of type X520countryName (digraph from IS 3166) 211 212id-at-countryName AttributeType ::= { id-at 6 } 213 214X520countryName ::= PrintableString (SIZE (2)) 215 216-- Naming attributes of type X520SerialNumber 217 218id-at-serialNumber AttributeType ::= { id-at 5 } 219 220X520SerialNumber ::= PrintableString (SIZE (1..ub-serial-number)) 221 222-- Naming attributes of type X520Pseudonym 223 224id-at-pseudonym AttributeType ::= { id-at 65 } 225 226-- Naming attributes of type X520Pseudonym: 227-- X520Pseudonym ::= DirectoryName (SIZE (1..ub-pseudonym)) 228-- 229-- Expanded to avoid parameterized type: 230X520Pseudonym ::= CHOICE { 231 teletexString TeletexString (SIZE (1..ub-pseudonym)), 232 printableString PrintableString (SIZE (1..ub-pseudonym)), 233 universalString UniversalString (SIZE (1..ub-pseudonym)), 234 utf8String UTF8String (SIZE (1..ub-pseudonym)), 235 bmpString BMPString (SIZE (1..ub-pseudonym)) } 236 237-- Naming attributes of type DomainComponent (from RFC 4519) 238 239id-domainComponent AttributeType ::= { 0 9 2342 19200300 100 1 25 } 240 241DomainComponent ::= IA5String 242 243-- Legacy attributes 244 245pkcs-9 OBJECT IDENTIFIER ::= 246 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } 247 248id-emailAddress AttributeType ::= { pkcs-9 1 } 249 250EmailAddress ::= IA5String (SIZE (1..ub-emailaddress-length)) 251 252-- naming data types -- 253 254Name ::= CHOICE { -- only one possibility for now -- 255 rdnSequence RDNSequence } 256 257RDNSequence ::= SEQUENCE OF RelativeDistinguishedName 258 259DistinguishedName ::= RDNSequence 260 261RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue 262 263-- Directory string type -- 264 265DirectoryString ::= CHOICE { 266 teletexString TeletexString (SIZE (1..MAX)), 267 printableString PrintableString (SIZE (1..MAX)), 268 universalString UniversalString (SIZE (1..MAX)), 269 utf8String UTF8String (SIZE (1..MAX)), 270 bmpString BMPString (SIZE (1..MAX)) } 271 272-- certificate and CRL specific structures begin here 273 274Certificate ::= SEQUENCE { 275 tbsCertificate TBSCertificate, 276 signatureAlgorithm AlgorithmIdentifier, 277 signature BIT STRING } 278 279TBSCertificate ::= SEQUENCE { 280 version [0] Version DEFAULT v1, 281 serialNumber CertificateSerialNumber, 282 signature AlgorithmIdentifier, 283 issuer Name, 284 validity Validity, 285 subject Name, 286 subjectPublicKeyInfo SubjectPublicKeyInfo, 287 issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, 288 -- If present, version MUST be v2 or v3 289 subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, 290 -- If present, version MUST be v2 or v3 291 extensions [3] Extensions OPTIONAL 292 -- If present, version MUST be v3 -- } 293 294Version ::= INTEGER { v1(0), v2(1), v3(2) } 295 296CertificateSerialNumber ::= INTEGER 297 298Validity ::= SEQUENCE { 299 notBefore Time, 300 notAfter Time } 301 302Time ::= CHOICE { 303 utcTime UTCTime, 304 generalTime GeneralizedTime } 305 306UniqueIdentifier ::= BIT STRING 307 308SubjectPublicKeyInfo ::= SEQUENCE { 309 algorithm AlgorithmIdentifier, 310 subjectPublicKey BIT STRING } 311 312Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension 313 314Extension ::= SEQUENCE { 315 extnID OBJECT IDENTIFIER, 316 critical BOOLEAN DEFAULT FALSE, 317 extnValue OCTET STRING 318 -- contains the DER encoding of an ASN.1 value 319 -- corresponding to the extension type identified 320 -- by extnID 321 } 322 323-- CRL structures 324 325CertificateList ::= SEQUENCE { 326 tbsCertList TBSCertList, 327 signatureAlgorithm AlgorithmIdentifier, 328 signature BIT STRING } 329 330TBSCertList ::= SEQUENCE { 331 version Version OPTIONAL, 332 -- if present, MUST be v2 333 signature AlgorithmIdentifier, 334 issuer Name, 335 thisUpdate Time, 336 nextUpdate Time OPTIONAL, 337 revokedCertificates SEQUENCE OF SEQUENCE { 338 userCertificate CertificateSerialNumber, 339 revocationDate Time, 340 crlEntryExtensions Extensions OPTIONAL 341 -- if present, version MUST be v2 342 } OPTIONAL, 343 crlExtensions [0] Extensions OPTIONAL } 344 -- if present, version MUST be v2 345 346-- Version, Time, CertificateSerialNumber, and Extensions were 347-- defined earlier for use in the certificate structure 348 349AlgorithmIdentifier ::= SEQUENCE { 350 algorithm OBJECT IDENTIFIER, 351 parameters ANY DEFINED BY algorithm OPTIONAL } 352 -- contains a value of the type 353 -- registered for use with the 354 -- algorithm object identifier value 355 356-- X.400 address syntax starts here 357 358ORAddress ::= SEQUENCE { 359 built-in-standard-attributes BuiltInStandardAttributes, 360 built-in-domain-defined-attributes 361 BuiltInDomainDefinedAttributes OPTIONAL, 362 -- see also teletex-domain-defined-attributes 363 extension-attributes ExtensionAttributes OPTIONAL } 364 365-- Built-in Standard Attributes 366 367BuiltInStandardAttributes ::= SEQUENCE { 368 country-name CountryName OPTIONAL, 369 administration-domain-name AdministrationDomainName OPTIONAL, 370 network-address [0] IMPLICIT NetworkAddress OPTIONAL, 371 -- see also extended-network-address 372 terminal-identifier [1] IMPLICIT TerminalIdentifier OPTIONAL, 373 private-domain-name [2] PrivateDomainName OPTIONAL, 374 organization-name [3] IMPLICIT OrganizationName OPTIONAL, 375 -- see also teletex-organization-name 376 numeric-user-identifier [4] IMPLICIT NumericUserIdentifier 377 OPTIONAL, 378 personal-name [5] IMPLICIT PersonalName OPTIONAL, 379 -- see also teletex-personal-name 380 organizational-unit-names [6] IMPLICIT OrganizationalUnitNames 381 OPTIONAL } 382 -- see also teletex-organizational-unit-names 383 384CountryName ::= [APPLICATION 1] CHOICE { 385 x121-dcc-code NumericString 386 (SIZE (ub-country-name-numeric-length)), 387 iso-3166-alpha2-code PrintableString 388 (SIZE (ub-country-name-alpha-length)) } 389 390AdministrationDomainName ::= [APPLICATION 2] CHOICE { 391 numeric NumericString (SIZE (0..ub-domain-name-length)), 392 printable PrintableString (SIZE (0..ub-domain-name-length)) } 393 394NetworkAddress ::= X121Address -- see also extended-network-address 395 396X121Address ::= NumericString (SIZE (1..ub-x121-address-length)) 397 398TerminalIdentifier ::= PrintableString (SIZE (1..ub-terminal-id-length)) 399 400PrivateDomainName ::= CHOICE { 401 numeric NumericString (SIZE (1..ub-domain-name-length)), 402 printable PrintableString (SIZE (1..ub-domain-name-length)) } 403 404OrganizationName ::= PrintableString 405 (SIZE (1..ub-organization-name-length)) 406 -- see also teletex-organization-name 407 408NumericUserIdentifier ::= NumericString 409 (SIZE (1..ub-numeric-user-id-length)) 410 411PersonalName ::= SET { 412 surname [0] IMPLICIT PrintableString 413 (SIZE (1..ub-surname-length)), 414 given-name [1] IMPLICIT PrintableString 415 (SIZE (1..ub-given-name-length)) OPTIONAL, 416 initials [2] IMPLICIT PrintableString 417 (SIZE (1..ub-initials-length)) OPTIONAL, 418 generation-qualifier [3] IMPLICIT PrintableString 419 (SIZE (1..ub-generation-qualifier-length)) 420 OPTIONAL } 421 -- see also teletex-personal-name 422 423OrganizationalUnitNames ::= SEQUENCE SIZE (1..ub-organizational-units) 424 OF OrganizationalUnitName 425 -- see also teletex-organizational-unit-names 426 427OrganizationalUnitName ::= PrintableString (SIZE 428 (1..ub-organizational-unit-name-length)) 429 430-- Built-in Domain-defined Attributes 431 432BuiltInDomainDefinedAttributes ::= SEQUENCE SIZE 433 (1..ub-domain-defined-attributes) OF 434 BuiltInDomainDefinedAttribute 435 436BuiltInDomainDefinedAttribute ::= SEQUENCE { 437 type PrintableString (SIZE 438 (1..ub-domain-defined-attribute-type-length)), 439 value PrintableString (SIZE 440 (1..ub-domain-defined-attribute-value-length)) } 441 442-- Extension Attributes 443 444ExtensionAttributes ::= SET SIZE (1..ub-extension-attributes) OF 445 ExtensionAttribute 446 447ExtensionAttribute ::= SEQUENCE { 448 extension-attribute-type [0] IMPLICIT INTEGER 449 (0..ub-extension-attributes), 450 extension-attribute-value [1] 451 ANY DEFINED BY extension-attribute-type } 452 453-- Extension types and attribute values 454 455common-name INTEGER ::= 1 456 457CommonName ::= PrintableString (SIZE (1..ub-common-name-length)) 458 459teletex-common-name INTEGER ::= 2 460 461TeletexCommonName ::= TeletexString (SIZE (1..ub-common-name-length)) 462 463teletex-organization-name INTEGER ::= 3 464 465TeletexOrganizationName ::= 466 TeletexString (SIZE (1..ub-organization-name-length)) 467 468teletex-personal-name INTEGER ::= 4 469 470TeletexPersonalName ::= SET { 471 surname [0] IMPLICIT TeletexString 472 (SIZE (1..ub-surname-length)), 473 given-name [1] IMPLICIT TeletexString 474 (SIZE (1..ub-given-name-length)) OPTIONAL, 475 initials [2] IMPLICIT TeletexString 476 (SIZE (1..ub-initials-length)) OPTIONAL, 477 generation-qualifier [3] IMPLICIT TeletexString 478 (SIZE (1..ub-generation-qualifier-length)) 479 OPTIONAL } 480 481teletex-organizational-unit-names INTEGER ::= 5 482 483TeletexOrganizationalUnitNames ::= SEQUENCE SIZE 484 (1..ub-organizational-units) OF TeletexOrganizationalUnitName 485 486TeletexOrganizationalUnitName ::= TeletexString 487 (SIZE (1..ub-organizational-unit-name-length)) 488 489pds-name INTEGER ::= 7 490 491PDSName ::= PrintableString (SIZE (1..ub-pds-name-length)) 492 493physical-delivery-country-name INTEGER ::= 8 494 495PhysicalDeliveryCountryName ::= CHOICE { 496 x121-dcc-code NumericString (SIZE (ub-country-name-numeric-length)), 497 iso-3166-alpha2-code PrintableString 498 (SIZE (ub-country-name-alpha-length)) } 499 500postal-code INTEGER ::= 9 501 502PostalCode ::= CHOICE { 503 numeric-code NumericString (SIZE (1..ub-postal-code-length)), 504 printable-code PrintableString (SIZE (1..ub-postal-code-length)) } 505 506physical-delivery-office-name INTEGER ::= 10 507PhysicalDeliveryOfficeName ::= PDSParameter 508 509physical-delivery-office-number INTEGER ::= 11 510 511PhysicalDeliveryOfficeNumber ::= PDSParameter 512 513extension-OR-address-components INTEGER ::= 12 514 515ExtensionORAddressComponents ::= PDSParameter 516 517physical-delivery-personal-name INTEGER ::= 13 518 519PhysicalDeliveryPersonalName ::= PDSParameter 520 521physical-delivery-organization-name INTEGER ::= 14 522 523PhysicalDeliveryOrganizationName ::= PDSParameter 524 525extension-physical-delivery-address-components INTEGER ::= 15 526 527ExtensionPhysicalDeliveryAddressComponents ::= PDSParameter 528 529unformatted-postal-address INTEGER ::= 16 530 531UnformattedPostalAddress ::= SET { 532 printable-address SEQUENCE SIZE (1..ub-pds-physical-address-lines) 533 OF PrintableString (SIZE (1..ub-pds-parameter-length)) OPTIONAL, 534 teletex-string TeletexString 535 (SIZE (1..ub-unformatted-address-length)) OPTIONAL } 536 537street-address INTEGER ::= 17 538 539StreetAddress ::= PDSParameter 540 541post-office-box-address INTEGER ::= 18 542 543PostOfficeBoxAddress ::= PDSParameter 544 545poste-restante-address INTEGER ::= 19 546 547PosteRestanteAddress ::= PDSParameter 548 549unique-postal-name INTEGER ::= 20 550 551UniquePostalName ::= PDSParameter 552 553local-postal-attributes INTEGER ::= 21 554 555LocalPostalAttributes ::= PDSParameter 556 557PDSParameter ::= SET { 558 printable-string PrintableString 559 (SIZE(1..ub-pds-parameter-length)) OPTIONAL, 560 teletex-string TeletexString 561 (SIZE(1..ub-pds-parameter-length)) OPTIONAL } 562 563extended-network-address INTEGER ::= 22 564 565ExtendedNetworkAddress ::= CHOICE { 566 e163-4-address SEQUENCE { 567 number [0] IMPLICIT NumericString 568 (SIZE (1..ub-e163-4-number-length)), 569 sub-address [1] IMPLICIT NumericString 570 (SIZE (1..ub-e163-4-sub-address-length)) 571 OPTIONAL }, 572 psap-address [0] IMPLICIT PresentationAddress } 573 574PresentationAddress ::= SEQUENCE { 575 pSelector [0] EXPLICIT OCTET STRING OPTIONAL, 576 sSelector [1] EXPLICIT OCTET STRING OPTIONAL, 577 tSelector [2] EXPLICIT OCTET STRING OPTIONAL, 578 nAddresses [3] EXPLICIT SET SIZE (1..MAX) OF OCTET STRING } 579 580terminal-type INTEGER ::= 23 581 582TerminalType ::= INTEGER { 583 telex (3), 584 teletex (4), 585 g3-facsimile (5), 586 g4-facsimile (6), 587 ia5-terminal (7), 588 videotex (8) } (0..ub-integer-options) 589 590-- Extension Domain-defined Attributes 591 592teletex-domain-defined-attributes INTEGER ::= 6 593 594TeletexDomainDefinedAttributes ::= SEQUENCE SIZE 595 (1..ub-domain-defined-attributes) OF TeletexDomainDefinedAttribute 596 597TeletexDomainDefinedAttribute ::= SEQUENCE { 598 type TeletexString 599 (SIZE (1..ub-domain-defined-attribute-type-length)), 600 value TeletexString 601 (SIZE (1..ub-domain-defined-attribute-value-length)) } 602 603-- specifications of Upper Bounds MUST be regarded as mandatory 604-- from Annex B of ITU-T X.411 Reference Definition of MTS Parameter 605-- Upper Bounds 606 607-- Upper Bounds 608ub-name INTEGER ::= 32768 609ub-common-name INTEGER ::= 64 610ub-locality-name INTEGER ::= 128 611ub-state-name INTEGER ::= 128 612ub-organization-name INTEGER ::= 64 613ub-organizational-unit-name INTEGER ::= 64 614ub-title INTEGER ::= 64 615ub-serial-number INTEGER ::= 64 616ub-match INTEGER ::= 128 617ub-emailaddress-length INTEGER ::= 255 618ub-common-name-length INTEGER ::= 64 619ub-country-name-alpha-length INTEGER ::= 2 620ub-country-name-numeric-length INTEGER ::= 3 621ub-domain-defined-attributes INTEGER ::= 4 622ub-domain-defined-attribute-type-length INTEGER ::= 8 623ub-domain-defined-attribute-value-length INTEGER ::= 128 624ub-domain-name-length INTEGER ::= 16 625ub-extension-attributes INTEGER ::= 256 626ub-e163-4-number-length INTEGER ::= 15 627ub-e163-4-sub-address-length INTEGER ::= 40 628ub-generation-qualifier-length INTEGER ::= 3 629ub-given-name-length INTEGER ::= 16 630ub-initials-length INTEGER ::= 5 631ub-integer-options INTEGER ::= 256 632ub-numeric-user-id-length INTEGER ::= 32 633ub-organization-name-length INTEGER ::= 64 634ub-organizational-unit-name-length INTEGER ::= 32 635ub-organizational-units INTEGER ::= 4 636ub-pds-name-length INTEGER ::= 16 637ub-pds-parameter-length INTEGER ::= 30 638ub-pds-physical-address-lines INTEGER ::= 6 639ub-postal-code-length INTEGER ::= 16 640ub-pseudonym INTEGER ::= 128 641ub-surname-length INTEGER ::= 40 642ub-terminal-id-length INTEGER ::= 24 643ub-unformatted-address-length INTEGER ::= 180 644ub-x121-address-length INTEGER ::= 16 645 646-- Note - upper bounds on string types, such as TeletexString, are 647-- measured in characters. Excepting PrintableString or IA5String, a 648-- significantly greater number of octets will be required to hold 649-- such a value. As a minimum, 16 octets, or twice the specified 650-- upper bound, whichever is the larger, should be allowed for 651-- TeletexString. For UTF8String or UniversalString at least four 652-- times the upper bound should be allowed. 653 654END 655