Syntax for the extnesion value QCStatements

[xipki]

The ASN.1 syntax:

• RFC 3739

  QCStatements ::= SEQUENCE OF QCStatement
  
   QCStatement ::= SEQUENCE {
       statementId        OBJECT IDENTIFIER,
       statementInfo      ANY DEFINED BY statementId OPTIONAL}
  
   SemanticsInformation  ::= SEQUENCE {
       semanticsIndentifier        OBJECT IDENTIFIER OPTIONAL,
       nameRegistrationAuthorities NameRegistrationAuthorities OPTIONAL
       } -- At least one field shall be present
  
   NameRegistrationAuthorities ::= SEQUENCE SIZE (1..MAX) OF GeneralName
  
   id-qcs-pkixQCSyntax-v1   OBJECT IDENTIFIER ::= { id-qcs 1 } -- 1.3.6.1.5.5.7.11.1
   id-qcs-pkixQCSyntax-v2   OBJECT IDENTIFIER ::= { id-qcs 2 } -- 1.3.6.1.5.5.7.11.2
  

• ETSI EN 319 412-5

  -- EU qualified certificate declaration
  esi4-qcStatement-1 QC-STATEMENT ::= { IDENTIFIED BY id-etsi-qcs-QcCompliance }
  
  id-etsi-qcs-QcCompliance OBJECT IDENTIFIER ::= { id-etsi-qcs 1 }
  
  -- Declaration of limit value
  esi4-qcStatement-2 QC-STATEMENT ::= { SYNTAX QcEuLimitValue IDENTIFIED
     BY id-etsi-qcs-QcLimitValue }
  
  QcEuLimitValue ::= MonetaryValue
  
  MonetaryValue::= SEQUENCE {
      currency Iso4217CurrencyCode,
      amount INTEGER,
      exponent INTEGER}
      -- value = amount * 10^exponent
  
  Iso4217CurrencyCode ::= CHOICE {
     alphabetic PrintableString (SIZE (3)), -- Recommended
     numeric INTEGER (1..999) }
     -- Alphabetic or numeric currency code as defined in ISO 4217
     -- It is recommended that the Alphabetic form is used
  
  -- Retention period declaration
  esi4-qcStatement-3 QC-STATEMENT ::= { SYNTAX QcEuRetentionPeriod IDENTIFIED
      BY id-etsi-qcs-QcRetentionPeriod }
  
  QcEuRetentionPeriod ::= INTEGER 
  
  -- SSCD and QSCD declaration
  esi4-qcStatement-4 QC-STATEMENT ::= { IDENTIFIED BY id-etsi-qcs-QcSSCD }
  
  -- PKI Disclosure statements
  esi4-qcStatement-5 QC-STATEMENT ::= { SYNTAX QcEuPDS IDENTIFIED
      BY id-etsi-qcs-QcPDS }
  
  QcEuPDS ::= PdsLocations
  
  PdsLocations ::= SEQUENCE SIZE (1..MAX) OF PdsLocation
  PdsLocation::= SEQUENCE {
      url IA5String,
     language PrintableString (SIZE(2))} --ISO 639-1 language code
  
  -- Certificate type
  esi4-qcStatement-6 QC-STATEMENT ::= { SYNTAX QcType IDENTIFIED
      BY id-etsi-qcs-QcType }
  
  QcType::= SEQUENCE OF OBJECT IDENTIFIER (id-etsi-qct-esign | id-etsi-qct-eseal |
      id-etsi-qct-web, ...)
  
  -- country or set of countries under the legislation of which the certificate is issued as a
  -- qualified certificate
  esi4-qcStatement-7 QC-STATEMENT ::= { SYNTAX QcCClegislation IDENTIFIED
      BY id-etsi-qcs-QcCClegislation } 
  
  QcCClegislation ::= SEQUENCE OF CountryName
  CountryName ::= PrintableString (SIZE (2)) (CONSTRAINED BY { -- ISO 3166 alpha-2 codes only -- })
  
  -- object identifiers
  id-etsi-qcs OBJECT IDENTIFIER ::= { itu-t(0) identified-organization(4) etsi(0)
      id-qc-profile(1862) 1 }
  id-etsi-qcs-QcCompliance OBJECT IDENTIFIER ::= { id-etsi-qcs 1 }
  
  id-etsi-qcs-QcLimitValue OBJECT IDENTIFIER ::= { id-etsi-qcs 2 }
  
  id-etsi-qcs-QcRetentionPeriod OBJECT IDENTIFIER ::= { id-etsi-qcs 3 }
  
  id-etsi-qcs-QcSSCD OBJECT IDENTIFIER ::= { id-etsi-qcs 4 }
  
  id-etsi-qcs-QcPDS OBJECT IDENTIFIER ::= { id-etsi-qcs 5 }
  
  id-etsi-qcs-QcType OBJECT IDENTIFIER ::= { id-etsi-qcs 6 }
  
  id-etsi-qcs-QcCClegislation OBJECT IDENTIFIER ::= { id-etsi-qcs 7 }
  

• ETSI TS 119 495

  etsi-psd2-qcStatement QC-STATEMENT ::= {SYNTAX PSD2QcType IDENTIFIED BY id-etsi-psd2-qcStatement }
  
  id-etsi-psd2-qcStatement OBJECT IDENTIFIER ::=
      { itu-t(0) identified-organization(4) etsi(0) psd2(19495) qcstatement(2) }
  
  PSD2QcType ::= SEQUENCE{
      rolesOfPSP RolesOfPSP,
      nCAName NCAName,
      nCAId NCAId }
  
  NCAName ::= UTF8String (SIZE (1..256))
  
  NCAId ::= UTF8String (SIZE (1..256))
  
  RolesOfPSP ::= SEQUENCE OF RoleOfPSP
  
  RoleOfPSP ::= SEQUENCE{
      roleOfPspOid RoleOfPspOid,
      roleOfPspName RoleOfPspName}
  
  RoleOfPspOid ::= OBJECT IDENTIFIER 
  

• CBOR: below is my proposed suggestion:

  We need a new "Figure X: C509 Statement Identifiers", and the following syntax:

  QCStatements = [* QCStatement ]
  
  QCStatement = (statementId: int, statementInfo : any) /
                (statementId: ~oid/pen, statementInfo : bstr/null) -- statementInfo may be not present.
  
  -- For qcs-pkixQCSyntax-v1  and qcs-pkixQCSyntax-v2
  SemanticsInformation = [semanticsIdentifier:~oid/pen/null, nameRegistrationAuthorities:GeneralNames/null]
  
  -- For esi4-qcStatement-1
  The statementInfo is `null`.
  
  -- For  esi4-qcStatement-2
  MonetaryValue = [currency: Iso4217CurrencyCode, amount: uint, exponent: uint]
  
  Iso4217CurrencyCode = tstr / uint
  
  -- For  esi4-qcStatement-3
  The statementInfo is uint (or int if negative value is allowed).
  
  -- For esi4-qcStatement-4
  The statementInfo is `null`.
  
  -- For  esi4-qcStatement-5
  PdsLocations = [ + PdsLocation ]
  
  PdsLocation = (url:tstr, language:tstr)
  
  -- For  esi4-qcStatement-6
  QcType = [ * ~oid/pen ]
  
  -- For  esi4-qcStatement-7
  QcCClegislation = [*tstr]
  
  -- For etsi-psd2-qcStatement
  RoleOfPSP = (~oid/pen, tstr)
  
  RolesOfPSP = [* RoleOfPSP]
  
  PSD2QcType = [RolesOfPSP, tstr, tstr]
  

[highlunder]

• This is one of the currently “number only” extensions where we need to get a use case to determine if it is relevant to c509

• Martin will look into ETSI standards to check if this extension is relevant, but other input is also welcome!

[highlunder]

we agree to include this in the upcoming COSE presentation to ask for input