ANSI X9 68:2001 pdf download.Digital Certificates for Mobile/Wireless and High Transaction Volume Financial Systems:Part 2: Domain Certificate Syntax.
ANSI X9 68 defines a compact public-key certificate whose format is specified using Abstract Syntax Notation One (ASN. 1) [4-9].
The syntax of these certificates provides significantly reduced size and processing complexity when compared to X.509 certificates (examples are provided in Annex G). This is achieved by:
I. using unique name forms;
2. simplifying the certificate extension format;
3. predefining a fixed order of certificate extensions; and
4. allowing the use of Packed Encoding Rules (PER) [9].
These certificates include the functionality of all of the certificate extensions described in
ISO 15782-2 [11]. User-defined extensions are also provided to enhance flexibility.
2 Normative references
The following standards contain provisions that, through reference in this text, constitute provisions of this American National Standard. At the time of publication, the editions indicated were valid. All standards are subject to revision, and parties to agreements based on this American National Standard are encouraged to investigate the possibility of applying the most recent editions of the standards indicated below. Accredited Standards Committee X9 (ASC X9) maintains a register of currently valid financial industry standards.
1. ISO/IEC 10021 -4: 1999 ITU-T Recommendation X.4 11(1998), Information technology – Message Handling Systems (MHS) – Message Transfer System: Abstract service definition and procedures.
2. ISO/IEC 9594-8: Information technology ITU-T Recommendation X.509, Open Systems Interconnection — The Directory: Authentication framework”, International Organization for Standardization, Geneva, Switzerland, 2000.
3 Definitions
3.1 Bit string
A bit string is a sequence of 0’s and I ‘s. The left-most bit is the most-significant bit of
the string. The right-most bit is the least-significant bit of the string.
3.2 Certificate
The public key and the identity of an entity together with some other information, rendered unforgeable by signing the entire certificate with the private key of the certification authority which issued that certificate.
3.3 Certification authority (CA)
An entity trusted by one or more entities to create, assign and revoke public key certificates.
3.4 Cryptography
The discipline that embodies the principles, means and methods for the transformation of data in order to hide its information content, prevent its undetected modification, prevent its unauthorized use or a combination thereof.
3.5 Flash function
A (mathematical) function that maps values from a large (possibly very large) domain into a smaller range and ideally satisfies the following properties.ANSI X9 68 pdf download.