Security-58286.260.20.tar.gz

[apple/security.git] / OSX / doc / Apple_OID_Assignments.rtf

{\rtf1\ansi\ansicpg1252\cocoartf1071
{\fonttbl\f0\fswiss\fcharset0 Helvetica;\f1\fnil\fcharset0 HelveticaNeue;\f2\froman\fcharset0 Times-Roman;
}
{\colortbl;\red255\green255\blue255;\red255\green0\blue0;}
{\info
{\title Apple OID Assignments}
{\author Doug Mitchell}
{\*\company Apple Computer, Inc.}}\vieww23080\viewh23560\viewkind0
\deftab720
\pard\pardeftab720\qc\pardirnatural

\f0\fs74 \cf2 NOTICE - Moving to Security Tech Tree\

\fs26 \cf0 \
\
\
Apple OID Assignments\
Last Update 24 March 2010 by Richard Murphy\
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
1.0 apple ::=  \{ iso(1) member-body(2) US(840) 113635 \}\
-- 1 2 840 113635\
-- Top level Apple OID\
\
\pard\pardeftab720\li720\ql\qnatural\pardirnatural
\cf0 1.1 appleDataSecurity ::= \{apple 100\}\
-- 1 2 840 113635 100\
-- Apple Data Security arc\
\
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural
\cf0 1.1.1 appleTrustPolicy ::= \{appleDataSecurity 1\}\
-- 1 2 840 113635 100 1\
-- Apple Certificate Trust Policies\
\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 iSignTP ::= \{appleTrustPolicy 1\}\
-- 1 2 840 113635 100 1 1\
-- Apple iSign policy \
\
appleX509Basic ::= \{appleTrustPolicy 2\}\
-- 1 2 840 113635 100 1 2\
-- Apple Basic X.509 Cert Policy\
\
appleSSLPolicy ::= \{appleTrustPolicy 3\}\
-- 1 2 840 113635 100 1 3\
-- Apple SSL Cert Policy\
\
appleLocalCertGenPolicy ::= \{appleTrustPolicy 4\}\
-- 1 2 840 113635 100 1 4\
-- Apple Local Certificate Generation Policy\
\
appleCSRGenPolicy ::= \{appleTrustPolicy 5\}\
-- 1 2 840 113635 100 1 5\
-- Apple Local CSR Generation Policy\
\
appleCRLPolicy ::= \{appleTrustPolicy 6\}\
-- 1 2 840 113635 100 1 6\
-- Apple CRL Revocation Policy\
\
appleOCSPPolicy ::= \{appleTrustPolicy 7\}\
-- 1 2 840 113635 100 1 7\
-- Apple OCSP Revocation Policy\
\
appleSMIMEPolicy ::= \{appleTrustPolicy 8\}\
-- 1 2 840 113635 100 1 8\
-- Apple S/MIME Cert Policy\
\
appleEAPPolicy ::= \{appleTrustPolicy 9\}\
-- 1 2 840 113635 100 1 9\
-- Apple EAP Cert Policy\
\
appleSWUpdateSigningPolicy ::= \{appleTrustPolicy 10\}\
-- Note: this was renamed from appleCodeSigningPolicy on 8/15/06\
-- 1 2 840 113635 100 1 10\
-- Apple Software Update Signing Policy\
\
appleIPSecPolicy ::= \{appleTrustPolicy 11\}\
-- 1 2 840 113635 100 1 11\
-- Apple IPSec Cert Policy\
\
appleIChatPolicy ::= \{appleTrustPolicy 12\}\
-- 1 2 840 113635 100 1 12\
-- Apple iChat Cert Policy\
\
appleResourceSignPolicy ::= \{appleTrustPolicy 13\}\
-- 1 2 840 113635 100 1 13\
-- Apple Resource Sign Cert Policy\
\
applePKINITClientPolicy ::= \{appleTrustPolicy 14\}\
-- 1 2 840 113635 100 1 14\
-- Apple Kerberos PKINIT Client Cert Policy\
\
applePKINITServerPolicy ::= \{appleTrustPolicy 15\}\
-- 1 2 840 113635 100 1 15\
-- Apple Kerberos PKINIT Server Cert Policy\
\
appleCodeSigningPolicy ::= \{appleTrustPolicy 16\}\
-- 1 2 840 113635 100 1 16\
-- Apple Code Signing Policy\
\
applePackageSigningPolicy ::= \{appleTrustPolicy 17\}\
-- 1 2 840 113635 100 1 17\
-- Apple Package Signing Policy\
\
\
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural
\cf0 1.1.2 appleSecurityAlgorithm ::=  \{appleDataSecurity 2\}\
-- 1 2 840 113635 100 2\
-- Apple Security Algorithms\
\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 appleFEE ::= \{ appleSecurityAlgorithm 1\}\
-- 1 2 840 113635 100 2 1\
-- Apple Fast Elliptic Encryption\
\
appleASC ::= \{ appleSecurityAlgorithm 2\}\
-- 1 2 840 113635 100 2 2\
-- Apple Secure Compression\
\
appleFEE_MD5 ::= \{ appleSecurityAlgorithm 3\}\
-- 1 2 840 113635 100 2 3\
-- Apple FEE with MD5 signature\
\
appleFEE_SHA1::= \{ appleSecurityAlgorithm 4\}\
-- 1 2 840 113635 100 2 4\
-- Apple FEE with MSHA1D5 signature\
\
appleFEED ::= \{ appleSecurityAlgorithm 5\}\
-- 1 2 840 113635 100 2 5\
-- Apple FEE with direct embedding\
\
appleFEEDEXP ::= \{ appleSecurityAlgorithm 6\}\
-- 1 2 840 113635 100 2 6\
-- Apple FEE with direct embedding, experimental\
\
appleECDSA ::= \{ appleSecurityAlgorithm 7\}\
-- 1 2 840 113635 100 2 7\
-- Apple FEE/ECDSA signature\
\
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural
\cf0 1.1.3 appleDotMacCertificate ::=  \{appleDataSecurity 3\}\
-- 1 2 840 113635 100 3\
-- Apple .mac certificate arc\
\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 1.1.3.1 dotMacCertificateRequest ::= \{ appleDotMacCertificate 1\}\
-- 1 2 840 113635 100 3 1\
-- Apple .mac certificate request arc\
\
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 dotMacCertReqIdentity ::= \{ dotMacCertificateRequest 1\}\
-- 1 2 840 113635 100 3 1 1\
-- Apple .mac Identity certificate request \
-- Actually Used for encrypted iChat certs; deprecated in Leopard\
\
dotMacCertReqEmailSign ::= \{ dotMacCertificateRequest 2\}\
-- 1 2 840 113635 100 3 1 2\
-- Apple .mac Email Signing certificate request \
\
dotMacCertReqEmailEncrypt ::= \{ dotMacCertificateRequest 3\}\
-- 1 2 840 113635 100 3 1 3\
-- Apple .mac Email Encryption certificate request \
\
dotMacCertReqArchiveList ::= \{ dotMacCertificateRequest 4\}\
-- 1 2 840 113635 100 3 1 4\
-- Apple .mac archive list request \
\
dotMacCertReqArchiveStore ::= \{ dotMacCertificateRequest 5\}\
-- 1 2 840 113635 100 3 1 5\
-- Apple .mac archive store request \
\
dotMacCertReqArchiveFetch ::= \{ dotMacCertificateRequest 6\}\
-- 1 2 840 113635 100 3 1 6\
-- Apple .mac archive fetch request \
\
dotMacCertReqArchiveRemove ::= \{ dotMacCertificateRequest 7\}\
-- 1 2 840 113635 100 3 1 7\
-- Apple .mac archive remove request \
\
dotMacCertReqSign ::= \{ dotMacCertificateRequest 8\}\
-- 1 2 840 113635 100 3 1 8\
-- Apple .mac signing certificate request \
\
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 1.1.3.2 dotMacCertificateExtension ::= \{ appleDotMacCertificate 2\}\
-- 1 2 840 113635 100 3 2\
-- Apple .mac certificate extension arc\
\
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 dotMacCertExtensionIdentity ::= \{ dotMacCertificateExtension 1\}\
-- 1 2 840 113635 100 3 2 1\
-- Apple .mac certificate extended key use: Identity\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 dotMacCertExtensionEmailSign ::= \{ dotMacCertificateExtension 2\}\
-- 1 2 840 113635 100 3 2 2\
-- Apple .mac certificate extended key use: Email Signing\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 dotMacCertExtensionEmailEncrypt ::= \{ dotMacCertificateExtension 3\}\
-- 1 2 840 113635 100 3 2 3\
-- Apple .mac certificate extended key use: Email Encrypt\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 1.1.3.3 dotMacCertificateRequestValues ::= \{ appleDotMacCertificate 3\}\
-- 1 2 840 113635 100 3 3\
-- Apple .mac certificate request parameter arc\
\
        dotMacCertRequestValueUserName ::= \{ dotMacCertificateRequestValues 1\}\
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 -- 1 2 840 113635 100 3 3 1\
-- Apple .mac certificate request parameter: userName\
\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0    dotMacCertRequestValuePasssword ::= \{ dotMacCertificateRequestValues 2\}\
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 -- 1 2 840 113635 100 3 3 2\
-- Apple .mac certificate request parameter: password\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 \
        dotMacCertRequestValueHostName ::= \{ dotMacCertificateRequestValues 3\}\
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 -- 1 2 840 113635 100 3 3 3\
-- Apple .mac certificate request parameter: hostName\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 \
        dotMacCertRequestValueRenew ::= \{ dotMacCertificateRequestValues 4\}\
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 -- 1 2 840 113635 100 3 3 4\
-- Apple .mac certificate request parameter: Renew flag\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 \
        dotMacCertRequestValueAsync ::= \{ dotMacCertificateRequestValues 5\}\
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 -- 1 2 840 113635 100 3 3 5\
-- Apple .mac certificate request parameter: asynchronous flag\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 \
        dotMacCertRequestValueIsPending ::= \{ dotMacCertificateRequestValues 6\}\
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 -- 1 2 840 113635 100 3 3 6\
-- Apple .mac certificate request parameter: poll server for pending request\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 \
        dotMacCertRequestValueTypeIChat ::= \{ dotMacCertificateRequestValues 7\}\
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 -- 1 2 840 113635 100 3 3 7\
-- Apple .mac certificate request parameter: cert type = iChat\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 \
        dotMacCertRequestValueTypeSharedServices ::= \
\pard\pardeftab720\li3600\fi720\ql\qnatural\pardirnatural
\cf0 \{ dotMacCertificateRequestValues 8\}\
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 -- 1 2 840 113635 100 3 3 8\
-- Apple .mac certificate request parameter: cert type = Shared Services\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 \
        dotMacCertRequestValueTypeEmailEncrypt ::= \
\pard\pardeftab720\li3600\fi720\ql\qnatural\pardirnatural
\cf0 \{ dotMacCertificateRequestValues 9\}\
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 -- 1 2 840 113635 100 3 3 9\
-- Apple .mac certificate request parameter: cert type = Email Encryption\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 \
        dotMacCertRequestValueTypeEmailSigning ::= \
\pard\pardeftab720\li3600\fi720\ql\qnatural\pardirnatural
\cf0 \{ dotMacCertificateRequestValues 10\}\
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 -- 1 2 840 113635 100 3 3 10\
-- Apple .mac certificate request parameter: cert type = Email Signing\
\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural
\cf0 \
1.1.4 appleExtendedKeyUsage ::= \{appleDataSecurity 4\}\
-- 1 2 840 113635 100 4\
-- Apple Extended Key Usage arc\
\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 appleCodeSigning ::= \{ appleExtendedKeyUsage 1\}\
-- 1 2 840 113635 100 4 1\
-- Apple Code Signing Extended Key Usage \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 appleCodeSigningDevelopment ::= \{ appleCodeSigning 1\}\
-- 1 2 840 113635 100 4 1 1\
-- Apple Code Signing Extended Key Usage, Development \
\
appleSoftwareUpdateSigning ::= \{ appleCodeSigning 2\}\
-- 1 2 840 113635 100 4 1 2\
-- Apple Software Update Signing Extended Key Usage\
\
        appleSoftwareUpdateTestSigning ::= \{ appleSoftwareUpdateSigning 1\}\
        -- 1 2 840 113635 100 4 1 2 1\
        -- Apple Software Update Test Signing Extended Key Usage\
\
appleCodeSigningThirdParty ::= \{ appleCodeSigning 3\}\
-- 1 2 840 113635 100 4 1 3\
-- Apple Third-Party Code Signing Extended Key Usage\
\
appleResourceSigning ::= \{ appleCodeSigning 4\}\
-- 1 2 840 113635 100 4 1 4\
-- Apple Resource Signing Extended Key Usage\
\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 appleIChatSigning ::= \{ appleExtendedKeyUsage 2\}\
-- 1 2 840 113635 100 4 2\
-- Apple iChat Signing Extended Key Usage \
\
appleIChatEncryption ::= \{ appleExtendedKeyUsage 3\}\
-- 1 2 840 113635 100 4 3\
-- Apple iChat Encryption Extended Key Usage \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 appleSystemIdentity ::= \{ appleExtendedKeyUsage 4\}\
-- 1 2 840 113635 100 4 4\
-- Apple System Identity Extended Key Usage \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 appleCryptoEnv ::= \{ appleExtendedKeyUsage 5\}\
-- 1 2 840 113635 100 4 5\
-- Apple Encryption Environment Extended Key Usage \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 appleCryptoProductionEnv ::= \{ appleCryptoEnv 1\}\
-- 1 2 840 113635 100 4 5 1\
-- Apple Encryption Production Environment Extended Key Usage \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 appleCryptoMaintenanceEnv ::= \{ appleCryptoEnv 2\}\
-- 1 2 840 113635 100 4 5 2\
-- Apple Encryption Maintenance Environment Extended Key Usage \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 appleCryptoTestEnv ::= \{ appleCryptoEnv 3\}\
-- 1 2 840 113635 100 4 5 3\
-- Apple Encryption Test Environment Extended Key Usage \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 appleCryptoDevelopmentEnv ::= \{ appleCryptoEnv 4\}\
-- 1 2 840 113635 100 4 5 4\
-- Apple Encryption Development Environment Extended Key Usage \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 appleCryptoQoS ::= \{ appleExtendedKeyUsage 6\}\
-- 1 2 840 113635 100 4 6\
-- Apple Encryption Quality of Service Extended Key Usage \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 appleCryptoTier0QoS ::= \{ appleCryptoQoS 1\}\
-- 1 2 840 113635 100 4 6 1\
-- Apple Encryption Tier 0 Quality of Service Extended Key Usage \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 appleCryptoTier0QoS ::= \{ appleCryptoQoS 2\}\
-- 1 2 840 113635 100 4 6 2\
-- Apple Encryption Tier 1 Quality of Service Extended Key Usage \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 appleCryptoTier0QoS ::= \{ appleCryptoQoS 3\}\
-- 1 2 840 113635 100 4 6 3\
-- Apple Encryption Tier 2 Quality of Service Extended Key Usage \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 appleCryptoTier0QoS ::= \{ appleCryptoQoS 4\}\
-- 1 2 840 113635 100 4 6 4\
-- Apple Encryption Tier 3 Quality of Service Extended Key Usage \
\
\pard\pardeftab720\ql\qnatural
\cf0                    appleID ::= \{ appleExtendedKeyUsage 7\}\
                        -- 1 2 840 113635 100 4 7\
                        -- Apple ID Extended Key Usage\
\pard\pardeftab720\li2880\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural
\cf0 1.1.5 appleCertificatePolicies ::= \{appleDataSecurity 5\}\
-- 1 2 840 113635 100 5\
-- Apple Certificate Policies arc\
\
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 appleCertificatePolicyID ::= \{ appleCertificatePolicies 1\}\
-- 1 2 840 113635 100 5 1\
-- Apple Certificate Policy \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\li2160\ql\qnatural\pardirnatural
\cf0 appleDotMacCertificatePolicyID ::= \{ appleCertificatePolicies 2\}\
-- 1 2 840 113635 100 5 2\
-- Apple .Mac certificate policy ID\
\
appleADCCertificatePolicyID ::= \{ appleCertificatePolicies 3\}\
-- 1 2 840 113635 100 5 3\
-- ADC Certificate Policy\
-- unused\
\
appleiPhoneOSDeviceCertificiatePolicyMarker::= \{ appleCertificatePolicies 4\}\
-- 1 2 840 113635 100 5 4\
-- Markers for iPhone OS Device Certificate Policies, used for external sources to trust iPhone OS devices\
\
        appleBBCDeviceCertificatePolicyID ::= \{ appleiPhoneOSDeviceCertificiatePolicyMarker 1 \}\
        -- 1 2 840 113635 100 5 4 1\
        -- BBC's Policy\
\
        \
\
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural
\cf0 1.1.6 appleCertificateExtensions ::= \{appleDataSecurity 6\}\
-- 1 2 840 113635 100 6\
-- Apple Certificate Extensions arc\
\
        appleCertificateExtensionCodeSigning ::= \{ appleCertificateExtensions 1 \}\
        -- 1 2 840 113635 100 6 1\
        -- Apple Code Signature\
\
                appleCertificateExtensionAppleSigning ::= \{ appleCertificateExtensionCodeSigning 1 \}\
                -- 1 2 840 113635 100 6 1 1\
                -- Apple Released Code Signature\
\
                appleCertificateExtensionWWDRDevelopmentSigning ::= \{ appleCertificateExtensionCodeSigning 2 \}\
                -- 1 2 840 113635 100 6 1 2\
                -- Apple World Wide Developer Relations Certificates for Code Signing during development\
\
                appleCertificateExtensionAppleReleaseSigning ::= \{ appleCertificateExtensionCodeSigning 3 \}\
                -- 1 2 840 113635 100 6 1 3\
                -- Apple World Wide Developer Relations Certificates for Code Signing for General Release through the iTMS\
\
                        appleCertificateExtensionAppleTestSigning ::= \{ appleCertificateExtensionAppleReleaseSigning 1 \}\
                        -- 1 2 840 113635 100 6 1 3 1\
                        -- Apple World Wide Developer Relations Certificates for Code Signing for Test Release through the iTMS\
\pard\pardeftab720\ql\qnatural
\cf0 \
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural
\cf0            appleCertificateExtensionWWDRSubmissionSigning ::= \{ appleCertificateExtensionCodeSigning 4 \}\
                -- 1 2 840 113635 100 6 1 4\
\pard\pardeftab720\ql\qnatural
\cf0                            -- Apple World Wide Developer Relations Certificates for Code Signing GM from developer to Apple\
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural
\cf0 \
\
        appleCertificateExtensionIntermediateMarker ::= \{ appleCertificateExtensions 2 \}\
        -- 1 2 840 113635 100 6 2\
        -- Extension Markers for Apple Intermediate Certificates\
\
                appleCertificateExtensionWWDRIntermediate ::= \{ appleCertificateExtensionIntermediateMarker 1 \}\
                -- 1 2 840 113635 100 6 2 1\
                -- Marker for the WWDR Intermediate Certificate\
\
\pard\pardeftab720\ql\qnatural
\cf0                            appleCertificateExtensioniTunesStoreIntermediate ::= \{ appleCertificateExtensionIntermediateMarker 2 \}\
                                -- 1 2 840 113635 100 6 2 2\
                                -- Marker for the iTunes Store Intermediate Certificate\
\pard\pardeftab720\ql\qnatural

\f1\fs24 \cf0 \
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural

\f0\fs26 \cf0   
\f1\fs24 appleCertificateExtensionClientSSL
\f0\fs26  ::= \{ appleCertificateExtensions 3 \}\
        -- 1 2 840 113635 100 6 3\
        -- Extension Markers for Apple SSL Push Service\
\
\pard\pardeftab720\ql\qnatural

\f1\fs24 \cf0                           appleCertificateExtensionDevelopmentApplePushServiceClientSSL\'a0::= \{ appleCertificateExtensionClientSSL 1 \}\
                                        --\'a01 2 840 113635 100 6 3 1\
                                        -- Apple World Wide Developer Relations Client SSL Certificates for Accessing the Development Apple Push Service\
\
                                appleCertificateExtensionProductionApplePushServiceClientSSL\'a0::= \{ appleCertificateExtensionClientSSL 2 \}\
                                        --\'a01 2 840 113635 100 6 3 2\
                                        -- Apple World Wide Developer Relations Client SSL Certificates for Accessing the Production Apple Push Service\
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural

\f0\fs26 \cf0 \
        appleOtherNameExtensionMarker ::= \{ appleCertificateExtensions 4 \}\
        -- 1 2 840 113635 100 6 4\
        -- Extension Markers for Apple Specific SubjectAltName otherNames\
\
                appleDeviceVersion ::= \{ appleOtherNameExtensionMarker 1 \}\
                -- 1 2 840 113635 100 6 4 1\
                -- Extension Markers for device version string, expects UTF8 to follow in SubjectAltName\
                \
                appleOSVersion ::= \{ appleOtherNameExtensionMarker 2 \}\
                -- 1 2 840 113635 100 6 4 2\
                -- Extension Markers for OS version string, expects UTF8 to follow in SubjectAltName\
\pard\pardeftab720\ql\qnatural

\f1\fs24 \cf0   \
\pard\pardeftab720\ql\qnatural

\f0\fs26 \cf0                   appleCertificateExtensioniTunesStoreData ::= \{ appleCertificateExtensions 5 \} \
                        -- 1 2 840 113635 100 6 5\
                        -- Apple Receipt Signature\
\
                                appleCertificateExtensioniTSPurchaseReceiptSigning ::= \{ appleCertificateExtensioniTunesStoreData 1 \}\
                                -- 1 2 840 113635 100 6 5 1\
                                -- Apple iTunes Store Certificates for Signing Receipts of Purchases from the iTS\
\
                                appleCertificateExtensioniTSPurchaseRequestSigning ::= \{ appleCertificateExtensioniTunesStoreData 2 \}\
                                -- 1 2 840 113635 100 6 5 2\
                                -- Apple iTunes Store Certificates for Signing Requests to Purchase for the iTS\
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural
\cf0            \
\pard\pardeftab720\ql\qnatural
\cf0 \
                        appleCertificateExtensioniPodAccessoryFirmwareUpdate ::= \{ appleCertificateExtensions 6 \} \
                        -- 1 2 840 113635 100 6 6\
                        -- iPod Accessory Firmware Updates\
\
                                appleCertificateExtensioniPodAccessoryFirmwareUpdateRelease ::= \{ appleCertificateExtensioniPodAccessoryFirmwareUpdate 1 \}\
                                -- 1 2 840 113635 100 6 6 1\
                                -- iPod Accessory Firmware Updates Release Certificates\
\
                                appleCertificateExtensioniPodAccessoryFirmwareUpdateTest ::= \{ appleCertificateExtensioniPodAccessoryFirmwareUpdate 2 \}\
                                -- 1 2 840 113635 100 6 6 2\
                                -- iPod Accessory Firmware Updates Test Certificates\
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\ql\qnatural

\fs24 \cf0 \
                1.1.7 appleFairPlayCertificate ::= \'a0\{appleDataSecurity 7\}\
                -- 1 2 840 113635 100 7\
                -- Apple FairPlay certificate arc\
\
                        1.1.7.2 fairplayCertificateExtension ::= \{ appleFairPlayCertificate 1\}\
                        -- 1 2 840 113635 100 7 1\
                        -- Apple FairPlay certificate extension arc\
\
\'a0\'a0                                fairplayCertExtensionAAA ::= \{ fairplayCertificateExtension 1\}\
\'a0                            \'a0-- 1 2 840 113635 100 7 1 1\
\'a0                            \'a0-- Apple FairPlay certificate extended Application Authentication & Authorization: Policy\
\
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural

\fs26 \cf0 \
\pard\pardeftab720\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\ql\qnatural\pardirnatural

\f2\fs24 \cf0 \
\
\pard\pardeftab720\li1440\ql\qnatural\pardirnatural
\cf0 \
\pard\pardeftab720\ql\qnatural\pardirnatural

\b \cf0 \ul \ulc0 Revision History\
\ulnone \
\ul    Date   \ulnone   \ul Change    \

\b0 \ulnone 03/24/10    Added AppleID EKU\
02/10/10        Added appleCertificateExtensioniPodAccessoryFirmwareUpdate subarc\
06/12/09        Added appleCertificateExtensioniTunesStoreData and appleCertificateExtensioniTunesStoreIntermediate\
01/19/09        Adding SSL Push Service Extention Hiearchy\
04/30/08        appleCertificateExtensionAppleReleaseSigning and appleSoftwareUpdateSigning now have .1 testing subordinates\
04/08/08        Added Fairplay Arc\
02/29/08        Fixed Comments for WWDR Phone SDK Cert Extensions\
02/12/08        Changed Code Signing Critical Certificate Extensions from ADC to WWDR - re-ordered them,\
                Added the intermediate cert  marker sub-arc\
01/21/08        Added Code Signing Critical Certificate Extensions\
04/04/07        Added appleCryptoEnv and appleCryptoQoS ExtendedKeyUse trees
\b \

\b0 09/14/06    Added dotMacCertReqEncryptedIChat, dotMacCertReqCollaboration\
08/16/06        Changes AppleCodeSigningPolicy to appleSWUpdateSigningPolicy\
                Added (new) AppleCodeSigningPolicy\
                Added applePackageSigningPolicy\
01/28/05        Added appleCertificatePolicies arc  \
                Moved dotMacCertPolicyID to appleCertificatePolicies arc\
01/25/05        Added dotMacCertPolicyID\
}