1 {\rtf1\ansi\ansicpg1252\cocoartf949
2 {\fonttbl\f0\froman\fcharset0 TimesNewRomanPSMT;\f1\froman\fcharset0 Times-Roman;}
3 {\colortbl;\red255\green255\blue255;}
5 {\title Apple OID Assignments}
6 {\author Doug Mitchell}
7 {\*\company Apple Computer, Inc.}}\vieww20400\viewh17580\viewkind0
9 \pard\pardeftab720\qc\pardirnatural
11 \f0\fs24 \cf0 Apple OID Assignments\
12 Last Update 21 January 2008 by Richard Murphy\
13 \pard\pardeftab720\ql\qnatural\pardirnatural
17 \b0 apple ::= \{ iso(1) member-body(2) US(840) 113635 \}\
19 -- Top level Apple OID\
21 \pard\pardeftab720\li720\ql\qnatural\pardirnatural
24 \b0 appleDataSecurity ::= \{apple 100\}\
25 -- 1 2 840 113635 100\
26 -- Apple Data Security arc\
28 \pard\pardeftab720\li1440\ql\qnatural\pardirnatural
31 \b0 appleTrustPolicy ::= \{appleDataSecurity 1\}\
32 -- 1 2 840 113635 100 1\
33 -- Apple Certificate Trust Policies\
35 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
36 \cf0 iSignTP ::= \{appleTrustPolicy 1\}\
37 -- 1 2 840 113635 100 1 1\
38 -- Apple iSign policy \
40 appleX509Basic ::= \{appleTrustPolicy 2\}\
41 -- 1 2 840 113635 100 1 2\
42 -- Apple Basic X.509 Cert Policy\
44 appleSSLPolicy ::= \{appleTrustPolicy 3\}\
45 -- 1 2 840 113635 100 1 3\
46 -- Apple SSL Cert Policy\
48 appleLocalCertGenPolicy ::= \{appleTrustPolicy 4\}\
49 -- 1 2 840 113635 100 1 4\
50 -- Apple Local Certificate Generation Policy\
52 appleCSRGenPolicy ::= \{appleTrustPolicy 5\}\
53 -- 1 2 840 113635 100 1 5\
54 -- Apple Local CSR Generation Policy\
56 appleCRLPolicy ::= \{appleTrustPolicy 6\}\
57 -- 1 2 840 113635 100 1 6\
58 -- Apple CRL Revocation Policy\
60 appleOCSPPolicy ::= \{appleTrustPolicy 7\}\
61 -- 1 2 840 113635 100 1 7\
62 -- Apple OCSP Revocation Policy\
64 appleSMIMEPolicy ::= \{appleTrustPolicy 8\}\
65 -- 1 2 840 113635 100 1 8\
66 -- Apple S/MIME Cert Policy\
68 appleEAPPolicy ::= \{appleTrustPolicy 9\}\
69 -- 1 2 840 113635 100 1 9\
70 -- Apple EAP Cert Policy\
72 appleSWUpdateSigningPolicy ::= \{appleTrustPolicy 10\}\
73 -- Note: this was renamed from appleCodeSigningPolicy on 8/15/06\
74 -- 1 2 840 113635 100 1 10\
75 -- Apple Software Update Signing Policy\
77 appleIPSecPolicy ::= \{appleTrustPolicy 11\}\
78 -- 1 2 840 113635 100 1 11\
79 -- Apple IPSec Cert Policy\
81 appleIChatPolicy ::= \{appleTrustPolicy 12\}\
82 -- 1 2 840 113635 100 1 12\
83 -- Apple iChat Cert Policy\
85 appleResourceSignPolicy ::= \{appleTrustPolicy 13\}\
86 -- 1 2 840 113635 100 1 13\
87 -- Apple Resource Sign Cert Policy\
90 \f1 applePKINITClientPolicy ::= \{appleTrustPolicy 14\}\
91 -- 1 2 840 113635 100 1 14\
92 -- Apple Kerberos PKINIT Client Cert Policy\
94 applePKINITServerPolicy ::= \{appleTrustPolicy 15\}\
95 -- 1 2 840 113635 100 1 15\
96 -- Apple Kerberos PKINIT Server Cert Policy\
98 appleCodeSigningPolicy ::= \{appleTrustPolicy 16\}\
99 -- 1 2 840 113635 100 1 16\
100 -- Apple Code Signing Policy\
102 applePackageSigningPolicy ::= \{appleTrustPolicy 17\}\
103 -- 1 2 840 113635 100 1 17\
104 -- Apple Package Signing Policy\
108 \pard\pardeftab720\li1440\ql\qnatural\pardirnatural
111 \b0 appleSecurityAlgorithm ::= \{appleDataSecurity 2\}\
112 -- 1 2 840 113635 100 2\
113 -- Apple Security Algorithms\
115 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
116 \cf0 appleFEE ::= \{ appleSecurityAlgorithm 1\}\
117 -- 1 2 840 113635 100 2 1\
118 -- Apple Fast Elliptic Encryption\
120 appleASC ::= \{ appleSecurityAlgorithm 2\}\
121 -- 1 2 840 113635 100 2 2\
122 -- Apple Secure Compression\
124 appleFEE_MD5 ::= \{ appleSecurityAlgorithm 3\}\
125 -- 1 2 840 113635 100 2 3\
126 -- Apple FEE with MD5 signature\
128 appleFEE_SHA1::= \{ appleSecurityAlgorithm 4\}\
129 -- 1 2 840 113635 100 2 4\
130 -- Apple FEE with MSHA1D5 signature\
132 appleFEED ::= \{ appleSecurityAlgorithm 5\}\
133 -- 1 2 840 113635 100 2 5\
134 -- Apple FEE with direct embedding\
136 appleFEEDEXP ::= \{ appleSecurityAlgorithm 6\}\
137 -- 1 2 840 113635 100 2 6\
138 -- Apple FEE with direct embedding, experimental\
140 appleECDSA ::= \{ appleSecurityAlgorithm 7\}\
141 -- 1 2 840 113635 100 2 7\
142 -- Apple FEE/ECDSA signature\
144 \pard\pardeftab720\li1440\ql\qnatural\pardirnatural
147 \b0 appleDotMacCertificate ::= \{appleDataSecurity 3\}\
148 -- 1 2 840 113635 100 3\
149 -- Apple .mac certificate arc\
151 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
154 \b0 dotMacCertificateRequest ::= \{ appleDotMacCertificate 1\}\
155 -- 1 2 840 113635 100 3 1\
156 -- Apple .mac certificate request arc\
158 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
159 \cf0 dotMacCertReqIdentity ::= \{ dotMacCertificateRequest 1\}\
160 -- 1 2 840 113635 100 3 1 1\
161 -- Apple .mac Identity certificate request \
162 -- Actually Used for encrypted iChat certs; deprecated in Leopard\
164 dotMacCertReqEmailSign ::= \{ dotMacCertificateRequest 2\}\
165 -- 1 2 840 113635 100 3 1 2\
166 -- Apple .mac Email Signing certificate request \
168 dotMacCertReqEmailEncrypt ::= \{ dotMacCertificateRequest 3\}\
169 -- 1 2 840 113635 100 3 1 3\
170 -- Apple .mac Email Encryption certificate request \
172 dotMacCertReqArchiveList ::= \{ dotMacCertificateRequest 4\}\
173 -- 1 2 840 113635 100 3 1 4\
174 -- Apple .mac archive list request \
176 dotMacCertReqArchiveStore ::= \{ dotMacCertificateRequest 5\}\
177 -- 1 2 840 113635 100 3 1 5\
178 -- Apple .mac archive store request \
180 dotMacCertReqArchiveFetch ::= \{ dotMacCertificateRequest 6\}\
181 -- 1 2 840 113635 100 3 1 6\
182 -- Apple .mac archive fetch request \
184 dotMacCertReqArchiveRemove ::= \{ dotMacCertificateRequest 7\}\
185 -- 1 2 840 113635 100 3 1 7\
186 -- Apple .mac archive remove request \
188 dotMacCertReqSign ::= \{ dotMacCertificateRequest 8\}\
189 -- 1 2 840 113635 100 3 1 8\
190 -- Apple .mac signing certificate request \
192 \pard\pardeftab720\ql\qnatural\pardirnatural
194 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
197 \b0 dotMacCertificateExtension ::= \{ appleDotMacCertificate 2\}\
198 -- 1 2 840 113635 100 3 2\
199 -- Apple .mac certificate extension arc\
201 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
202 \cf0 dotMacCertExtensionIdentity ::= \{ dotMacCertificateExtension 1\}\
203 -- 1 2 840 113635 100 3 2 1\
204 -- Apple .mac certificate extended key use: Identity\
205 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
207 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
208 \cf0 dotMacCertExtensionEmailSign ::= \{ dotMacCertificateExtension 2\}\
209 -- 1 2 840 113635 100 3 2 2\
210 -- Apple .mac certificate extended key use: Email Signing\
211 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
213 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
214 \cf0 dotMacCertExtensionEmailEncrypt ::= \{ dotMacCertificateExtension 3\}\
215 -- 1 2 840 113635 100 3 2 3\
216 -- Apple .mac certificate extended key use: Email Encrypt\
217 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
219 \pard\pardeftab720\ql\qnatural\pardirnatural
221 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
224 \b0 dotMacCertificateRequestValues ::= \{ appleDotMacCertificate 3\}\
225 -- 1 2 840 113635 100 3 3\
226 -- Apple .mac certificate request parameter arc\
228 dotMacCertRequestValueUserName ::= \{ dotMacCertificateRequestValues 1\}\
229 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
230 \cf0 -- 1 2 840 113635 100 3 3 1\
231 -- Apple .mac certificate request parameter: userName\
233 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
234 \cf0 dotMacCertRequestValuePasssword ::= \{ dotMacCertificateRequestValues 2\}\
235 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
236 \cf0 -- 1 2 840 113635 100 3 3 2\
237 -- Apple .mac certificate request parameter: password\
238 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
240 dotMacCertRequestValueHostName ::= \{ dotMacCertificateRequestValues 3\}\
241 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
242 \cf0 -- 1 2 840 113635 100 3 3 3\
243 -- Apple .mac certificate request parameter: hostName\
244 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
246 dotMacCertRequestValueRenew ::= \{ dotMacCertificateRequestValues 4\}\
247 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
248 \cf0 -- 1 2 840 113635 100 3 3 4\
249 -- Apple .mac certificate request parameter: Renew flag\
250 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
252 dotMacCertRequestValueAsync ::= \{ dotMacCertificateRequestValues 5\}\
253 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
254 \cf0 -- 1 2 840 113635 100 3 3 5\
255 -- Apple .mac certificate request parameter: asynchronous flag\
256 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
258 dotMacCertRequestValueIsPending ::= \{ dotMacCertificateRequestValues 6\}\
259 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
260 \cf0 -- 1 2 840 113635 100 3 3 6\
261 -- Apple .mac certificate request parameter: poll server for pending request\
262 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
264 dotMacCertRequestValueTypeIChat ::= \{ dotMacCertificateRequestValues 7\}\
265 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
266 \cf0 -- 1 2 840 113635 100 3 3 7\
267 -- Apple .mac certificate request parameter: cert type = iChat\
268 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
270 dotMacCertRequestValueTypeSharedServices ::= \
271 \pard\pardeftab720\li3600\fi720\ql\qnatural\pardirnatural
272 \cf0 \{ dotMacCertificateRequestValues 8\}\
273 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
274 \cf0 -- 1 2 840 113635 100 3 3 8\
275 -- Apple .mac certificate request parameter: cert type = Shared Services\
276 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
278 dotMacCertRequestValueTypeEmailEncrypt ::= \
279 \pard\pardeftab720\li3600\fi720\ql\qnatural\pardirnatural
280 \cf0 \{ dotMacCertificateRequestValues 9\}\
281 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
282 \cf0 -- 1 2 840 113635 100 3 3 9\
283 -- Apple .mac certificate request parameter: cert type = Email Encryption\
284 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
286 dotMacCertRequestValueTypeEmailSigning ::= \
287 \pard\pardeftab720\li3600\fi720\ql\qnatural\pardirnatural
288 \cf0 \{ dotMacCertificateRequestValues 10\}\
289 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
290 \cf0 -- 1 2 840 113635 100 3 3 10\
291 -- Apple .mac certificate request parameter: cert type = Email Signing\
293 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
295 \pard\pardeftab720\li1440\ql\qnatural\pardirnatural
299 \b0 appleExtendedKeyUsage ::= \{appleDataSecurity 4\}\
300 -- 1 2 840 113635 100 4\
301 -- Apple Extended Key Usage arc\
303 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
304 \cf0 appleCodeSigning ::= \{ appleExtendedKeyUsage 1\}\
305 -- 1 2 840 113635 100 4 1\
306 -- Apple Code Signing Extended Key Usage \
307 \pard\pardeftab720\ql\qnatural\pardirnatural
309 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
310 \cf0 appleCodeSigningDevelopment ::= \{ appleCodeSigning 1\}\
311 -- 1 2 840 113635 100 4 1 1\
312 -- Apple Code Signing Extended Key Usage, Development \
314 appleSoftwareUpdateSigning ::= \{ appleCodeSigning 2\}\
315 -- 1 2 840 113635 100 4 1 2\
316 -- Apple Software Update Signing Extended Key Usage\
318 appleCodeSigningThirdParty ::= \{ appleCodeSigning 3\}\
319 -- 1 2 840 113635 100 4 1 3\
320 -- Apple Third-Party Code Signing Extended Key Usage\
322 appleResourceSigning ::= \{ appleCodeSigning 4\}\
323 -- 1 2 840 113635 100 4 1 4\
324 -- Apple Resource Signing Extended Key Usage\
326 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
327 \cf0 appleIChatSigning ::= \{ appleExtendedKeyUsage 2\}\
328 -- 1 2 840 113635 100 4 2\
329 -- Apple iChat Signing Extended Key Usage \
331 appleIChatEncryption ::= \{ appleExtendedKeyUsage 3\}\
332 -- 1 2 840 113635 100 4 3\
333 -- Apple iChat Encryption Extended Key Usage \
334 \pard\pardeftab720\ql\qnatural\pardirnatural
336 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
337 \cf0 appleSystemIdentity ::= \{ appleExtendedKeyUsage 4\}\
338 -- 1 2 840 113635 100 4 4\
339 -- Apple System Identity Extended Key Usage \
340 \pard\pardeftab720\ql\qnatural\pardirnatural
342 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
343 \cf0 appleCryptoEnv ::= \{ appleExtendedKeyUsage 5\}\
344 -- 1 2 840 113635 100 4 5\
345 -- Apple Encryption Environment Extended Key Usage \
346 \pard\pardeftab720\ql\qnatural\pardirnatural
348 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
349 \cf0 appleCryptoProductionEnv ::= \{ appleCryptoEnv 1\}\
350 -- 1 2 840 113635 100 4 5 1\
351 -- Apple Encryption Production Environment Extended Key Usage \
352 \pard\pardeftab720\ql\qnatural\pardirnatural
354 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
355 \cf0 appleCryptoMaintenanceEnv ::= \{ appleCryptoEnv 2\}\
356 -- 1 2 840 113635 100 4 5 2\
357 -- Apple Encryption Maintenance Environment Extended Key Usage \
358 \pard\pardeftab720\ql\qnatural\pardirnatural
360 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
361 \cf0 appleCryptoTestEnv ::= \{ appleCryptoEnv 3\}\
362 -- 1 2 840 113635 100 4 5 3\
363 -- Apple Encryption Test Environment Extended Key Usage \
364 \pard\pardeftab720\ql\qnatural\pardirnatural
366 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
367 \cf0 appleCryptoDevelopmentEnv ::= \{ appleCryptoEnv 4\}\
368 -- 1 2 840 113635 100 4 5 4\
369 -- Apple Encryption Development Environment Extended Key Usage \
370 \pard\pardeftab720\ql\qnatural\pardirnatural
372 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
373 \cf0 appleCryptoQoS ::= \{ appleExtendedKeyUsage 6\}\
374 -- 1 2 840 113635 100 4 6\
375 -- Apple Encryption Quality of Service Extended Key Usage \
376 \pard\pardeftab720\ql\qnatural\pardirnatural
378 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
379 \cf0 appleCryptoTier0QoS ::= \{ appleCryptoQoS 1\}\
380 -- 1 2 840 113635 100 4 6 1\
381 -- Apple Encryption Tier 0 Quality of Service Extended Key Usage \
382 \pard\pardeftab720\ql\qnatural\pardirnatural
384 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
385 \cf0 appleCryptoTier0QoS ::= \{ appleCryptoQoS 2\}\
386 -- 1 2 840 113635 100 4 6 2\
387 -- Apple Encryption Tier 1 Quality of Service Extended Key Usage \
388 \pard\pardeftab720\ql\qnatural\pardirnatural
390 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
391 \cf0 appleCryptoTier0QoS ::= \{ appleCryptoQoS 3\}\
392 -- 1 2 840 113635 100 4 6 3\
393 -- Apple Encryption Tier 2 Quality of Service Extended Key Usage \
394 \pard\pardeftab720\ql\qnatural\pardirnatural
396 \pard\pardeftab720\li2880\ql\qnatural\pardirnatural
397 \cf0 appleCryptoTier0QoS ::= \{ appleCryptoQoS 4\}\
398 -- 1 2 840 113635 100 4 6 4\
399 -- Apple Encryption Tier 3 Quality of Service Extended Key Usage \
400 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
402 \pard\pardeftab720\li1440\ql\qnatural\pardirnatural
405 \b0 appleCertificatePolicies ::= \{appleDataSecurity 5\}\
406 -- 1 2 840 113635 100 5\
407 -- Apple Certificate Policies arc\
409 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
410 \cf0 appleCertificatePolicyID ::= \{ appleCertificatePolicies 1\}\
411 -- 1 2 840 113635 100 5 1\
412 -- Apple Certificate Policy \
413 \pard\pardeftab720\ql\qnatural\pardirnatural
415 \pard\pardeftab720\li2160\ql\qnatural\pardirnatural
416 \cf0 appleDotMacCertificatePolicyID ::= \{ appleCertificatePolicies 2\}\
417 -- 1 2 840 113635 100 5 2\
418 -- Apple .Mac certificate policy ID\
420 appleADCCertificatePolicyID ::= \{ appleCertificatePolicies 3\}\
421 -- 1 2 840 113635 100 5 3\
422 -- ADC Certificate Policy\
424 \pard\pardeftab720\li1440\ql\qnatural\pardirnatural
427 \b0 appleCertificateExtensions ::= \{appleDataSecurity 6\}\
428 -- 1 2 840 113635 100 6\
429 -- Apple Certificate Extensions arc\
431 appleCertificateExtensionCodeSigning ::= \{ appleCertificateExtensions 1 \}\
432 -- 1 2 840 113635 100 6 1\
433 -- Apple Code Signature\
435 appleCertificateExtensionAppleSigning ::= \{ appleCertificateExtensionCodeSigning 1 \}\
436 -- 1 2 840 113635 100 6 1 1\
437 -- Apple Released Code Signature\
439 appleCertificateExtensionADCDeveloperSigning ::= \{ appleCertificateExtensionCodeSigning 2 \}\
440 -- 1 2 840 113635 100 6 1 2\
441 -- Apple Developer Connection Issued Certificates for Code Signing\
443 appleCertificateExtensionADCAppleSigning ::= \{ appleCertificateExtensionCodeSigning 3 \}\
444 -- 1 2 840 113635 100 6 1 3\
445 -- Apple Developer Connection Apple Certificates for Code Signing\
448 \pard\pardeftab720\ql\qnatural\pardirnatural
452 \pard\pardeftab720\li1440\ql\qnatural\pardirnatural
454 \pard\pardeftab720\ql\qnatural\pardirnatural
456 \b \cf0 \ul \ulc0 Revision History\
458 \ul Date \ulnone \ul Change \
460 \b0 \ulnone 01/21/08 Added Code Signing Critical Certificate Extensions\
461 04/04/07 Added appleCryptoEnv and appleCryptoQoS ExtendedKeyUse trees
464 \b0 09/14/06 Added dotMacCertReqEncryptedIChat, dotMacCertReqCollaboration\
465 08/16/06 Changes AppleCodeSigningPolicy to appleSWUpdateSigningPolicy\
466 Added (new) AppleCodeSigningPolicy\
468 \f1 applePackageSigningPolicy
470 01/28/05 Added appleCertificatePolicies arc \
471 Moved dotMacCertPolicyID to appleCertificatePolicies arc\
472 01/25/05 Added dotMacCertPolicyID\