X.509 Certificate Overview

Certificates that conform to the latest x.509 standard can contain as many as 11 different fields. Their order in the certificate corresponds to the illustration of figure a-1. Note though, that the field names in the figure are not the same as the names in the x.509 standard. To this writer, some of the x.509 field names seem quite confusing. Re- luctantly, therefore, the figure and the following discussion take the liberty of renaming the fields to more reasonable labels.1

A.1.1 Version

The Version field identifies the particular version of the x.509 stan- dard to which the certificate conforms. As of this writing, the latest version of the x.509 standard is 3. Note, though, that for this field within the certificate, version numbers begin with 0 rather than 1. Consequently, the version number that appears in x.509 version 3 certificates is 2.

_________________ 1

Other authors, including Kaufman, Perlman, and Speciner (see References), have also adopted this approach.

Version Serial Number Algorithm Identifier Issuer Period of Validity Subject Subject's Public Key

Issuer Unique ID Subject Unique ID

Extensions Signature

Called "Signature" in standard

Called "Encrypted" in standard Figure A-1 An X.509 certificate contains fewer than a dozen items.

A.1.2 Serial Number

The Serial Number is a value assigned by the certificate authority to an individual certificate. Presumably, the ca ensures that the value is unique for every certificate it issues. The certificate authority has complete control over this field, though, and can put any value what- soever here.

A.1.3 Algorithm Identifier

The Algorithm Identifier is one of the fields that is named differently in the standard. The x.509 specification calls this field the Signature. That choice is particularly inappropriate, because the field doesn’t contain a signature at all. Instead, as the name used here implies, the field simply identifies the algorithm used to sign the certificate, as well as any parameters pertinent to that algorithm. This information is actually repeated in the “encrypted” part of the certificate. Most implementations choose to use the information from that section, ef- fectively ignoring this value.

A.1.4 Issuer

The Issuer field identifies the certificate authority that issued the cer- tificate. It takes the form of a distinguished name. A distinguished name is a hierarchy, often starting with a country and then dividing into state or province, organizations, organizational units, and so on. Theoretically, a distinguished name may extend all the way to an in- dividual. Certificate authorities have historically been rather liberal in their interpretation of this hierarchy. The organizational unit ele- ment, for example, is often used to hold miscellaneous information relating to the authority. The example certificate of section a.4 dem- onstrates this practice.

A.1.5 Period of Validity

The Period of Validity identifies both the earliest and latest times that the certificate is valid. Outside of the bounds this field asserts, the certificate should not be considered valid.

A.1.6 Subject

The Subject field identifies the entity that owns the private key being certified. Like the Issuer field, this field takes the form of a distin- guished name, and, as with the Issuer, certificate authorities have his- torically interpreted the distinguished name hierarchy quite liberally. Generally, the most important element in the subject’s name is the element known as the commonName. The commonName is typically the actual name of the subject being certified.

A.1.7 Subject’s Public Key

This field contains the subject’s public key, and is, in effect, the whole reason for the certificate. This field also identifies the algorithm and its parameters. As an example, if the public key algorithm is rsa, then this field will contain the modulus and public exponent. Note that this information is different from the information in the Signa- ture and Algorithm Identifier fields of the certificate. Those two fields identify the algorithm of the certificate authority’s public key, the key used to sign the certificate. This field identifies the subject’s public key.

A.1.8 Issuer Unique Identifier

This optional field, which was introduced in x.509 version 2, permits two different issuers to have the same Issuer distinguished name. Such issuers would be distinguished from each other by having dif- ferent values for the Issuer Unique Identifier. As a practical matter, this field is rarely used.

A.1.9 Subject Unique Identifier

This optional field, also introduced in x.509 version 2, permits two different subjects to have the same distinguished name. For example, two different people in the same organization might be named Stephen Thomas. Such subjects would be distinguished by different values for this field. As a practical matter, like the Issuer Unique Identifier, the Subject Unique Identifier field is rarely used.

A.1.10 Extensions

The Extensions field was introduced in version 3 of x.509 (the latest version as of this writing). It provides a place for issuers to add their own private information to the certificate. As discussed in Chapter 5, this is the area where the special object identifiers for Netscape’s In- ternational Step-Up and Microsoft’s Server Gated Cryptography ap- pear. Certificate authorities frequently use this area for miscellaneous information related to the certificate. The sample certificate of sec- tion a.4 includes examples of this type of information.

A.1.11 Signature

The Signature itself is the final element of an x.509 certificate. As the figure notes, the specification names this field “encrypted.” The field contains the algorithm identifier, a secure hash of the other fields in the certificate, and a digital signature of that hash.