{\rtf1\ansi\ansicpg1252\cocoartf1071 {\fonttbl\f0\fswiss\fcharset0 Helvetica;\f1\fnil\fcharset0 HelveticaNeue;\f2\froman\fcharset0 Times-Roman; } {\colortbl;\red255\green255\blue255;\red255\green0\blue0;} {\info {\title Apple OID Assignments} {\author Doug Mitchell} {\*\company Apple Computer, Inc.}}\vieww23080\viewh23560\viewkind0 \deftab720 \pard\pardeftab720\qc\pardirnatural \f0\fs74 \cf2 NOTICE - Moving to Security Tech Tree\ \fs26 \cf0 \ \ \ Apple OID Assignments\ Last Update 24 March 2010 by Richard Murphy\ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ 1.0 apple ::= \{ iso(1) member-body(2) US(840) 113635 \}\ -- 1 2 840 113635\ -- Top level Apple OID\ \ \pard\pardeftab720\li720\ql\qnatural\pardirnatural \cf0 1.1 appleDataSecurity ::= \{apple 100\}\ -- 1 2 840 113635 100\ -- Apple Data Security arc\ \ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \cf0 1.1.1 appleTrustPolicy ::= \{appleDataSecurity 1\}\ -- 1 2 840 113635 100 1\ -- Apple Certificate Trust Policies\ \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 iSignTP ::= \{appleTrustPolicy 1\}\ -- 1 2 840 113635 100 1 1\ -- Apple iSign policy \ \ appleX509Basic ::= \{appleTrustPolicy 2\}\ -- 1 2 840 113635 100 1 2\ -- Apple Basic X.509 Cert Policy\ \ appleSSLPolicy ::= \{appleTrustPolicy 3\}\ -- 1 2 840 113635 100 1 3\ -- Apple SSL Cert Policy\ \ appleLocalCertGenPolicy ::= \{appleTrustPolicy 4\}\ -- 1 2 840 113635 100 1 4\ -- Apple Local Certificate Generation Policy\ \ appleCSRGenPolicy ::= \{appleTrustPolicy 5\}\ -- 1 2 840 113635 100 1 5\ -- Apple Local CSR Generation Policy\ \ appleCRLPolicy ::= \{appleTrustPolicy 6\}\ -- 1 2 840 113635 100 1 6\ -- Apple CRL Revocation Policy\ \ appleOCSPPolicy ::= \{appleTrustPolicy 7\}\ -- 1 2 840 113635 100 1 7\ -- Apple OCSP Revocation Policy\ \ appleSMIMEPolicy ::= \{appleTrustPolicy 8\}\ -- 1 2 840 113635 100 1 8\ -- Apple S/MIME Cert Policy\ \ appleEAPPolicy ::= \{appleTrustPolicy 9\}\ -- 1 2 840 113635 100 1 9\ -- Apple EAP Cert Policy\ \ appleSWUpdateSigningPolicy ::= \{appleTrustPolicy 10\}\ -- Note: this was renamed from appleCodeSigningPolicy on 8/15/06\ -- 1 2 840 113635 100 1 10\ -- Apple Software Update Signing Policy\ \ appleIPSecPolicy ::= \{appleTrustPolicy 11\}\ -- 1 2 840 113635 100 1 11\ -- Apple IPSec Cert Policy\ \ appleIChatPolicy ::= \{appleTrustPolicy 12\}\ -- 1 2 840 113635 100 1 12\ -- Apple iChat Cert Policy\ \ appleResourceSignPolicy ::= \{appleTrustPolicy 13\}\ -- 1 2 840 113635 100 1 13\ -- Apple Resource Sign Cert Policy\ \ applePKINITClientPolicy ::= \{appleTrustPolicy 14\}\ -- 1 2 840 113635 100 1 14\ -- Apple Kerberos PKINIT Client Cert Policy\ \ applePKINITServerPolicy ::= \{appleTrustPolicy 15\}\ -- 1 2 840 113635 100 1 15\ -- Apple Kerberos PKINIT Server Cert Policy\ \ appleCodeSigningPolicy ::= \{appleTrustPolicy 16\}\ -- 1 2 840 113635 100 1 16\ -- Apple Code Signing Policy\ \ applePackageSigningPolicy ::= \{appleTrustPolicy 17\}\ -- 1 2 840 113635 100 1 17\ -- Apple Package Signing Policy\ \ \ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \cf0 1.1.2 appleSecurityAlgorithm ::= \{appleDataSecurity 2\}\ -- 1 2 840 113635 100 2\ -- Apple Security Algorithms\ \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 appleFEE ::= \{ appleSecurityAlgorithm 1\}\ -- 1 2 840 113635 100 2 1\ -- Apple Fast Elliptic Encryption\ \ appleASC ::= \{ appleSecurityAlgorithm 2\}\ -- 1 2 840 113635 100 2 2\ -- Apple Secure Compression\ \ appleFEE_MD5 ::= \{ appleSecurityAlgorithm 3\}\ -- 1 2 840 113635 100 2 3\ -- Apple FEE with MD5 signature\ \ appleFEE_SHA1::= \{ appleSecurityAlgorithm 4\}\ -- 1 2 840 113635 100 2 4\ -- Apple FEE with MSHA1D5 signature\ \ appleFEED ::= \{ appleSecurityAlgorithm 5\}\ -- 1 2 840 113635 100 2 5\ -- Apple FEE with direct embedding\ \ appleFEEDEXP ::= \{ appleSecurityAlgorithm 6\}\ -- 1 2 840 113635 100 2 6\ -- Apple FEE with direct embedding, experimental\ \ appleECDSA ::= \{ appleSecurityAlgorithm 7\}\ -- 1 2 840 113635 100 2 7\ -- Apple FEE/ECDSA signature\ \ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \cf0 1.1.3 appleDotMacCertificate ::= \{appleDataSecurity 3\}\ -- 1 2 840 113635 100 3\ -- Apple .mac certificate arc\ \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 1.1.3.1 dotMacCertificateRequest ::= \{ appleDotMacCertificate 1\}\ -- 1 2 840 113635 100 3 1\ -- Apple .mac certificate request arc\ \ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 dotMacCertReqIdentity ::= \{ dotMacCertificateRequest 1\}\ -- 1 2 840 113635 100 3 1 1\ -- Apple .mac Identity certificate request \ -- Actually Used for encrypted iChat certs; deprecated in Leopard\ \ dotMacCertReqEmailSign ::= \{ dotMacCertificateRequest 2\}\ -- 1 2 840 113635 100 3 1 2\ -- Apple .mac Email Signing certificate request \ \ dotMacCertReqEmailEncrypt ::= \{ dotMacCertificateRequest 3\}\ -- 1 2 840 113635 100 3 1 3\ -- Apple .mac Email Encryption certificate request \ \ dotMacCertReqArchiveList ::= \{ dotMacCertificateRequest 4\}\ -- 1 2 840 113635 100 3 1 4\ -- Apple .mac archive list request \ \ dotMacCertReqArchiveStore ::= \{ dotMacCertificateRequest 5\}\ -- 1 2 840 113635 100 3 1 5\ -- Apple .mac archive store request \ \ dotMacCertReqArchiveFetch ::= \{ dotMacCertificateRequest 6\}\ -- 1 2 840 113635 100 3 1 6\ -- Apple .mac archive fetch request \ \ dotMacCertReqArchiveRemove ::= \{ dotMacCertificateRequest 7\}\ -- 1 2 840 113635 100 3 1 7\ -- Apple .mac archive remove request \ \ dotMacCertReqSign ::= \{ dotMacCertificateRequest 8\}\ -- 1 2 840 113635 100 3 1 8\ -- Apple .mac signing certificate request \ \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 1.1.3.2 dotMacCertificateExtension ::= \{ appleDotMacCertificate 2\}\ -- 1 2 840 113635 100 3 2\ -- Apple .mac certificate extension arc\ \ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 dotMacCertExtensionIdentity ::= \{ dotMacCertificateExtension 1\}\ -- 1 2 840 113635 100 3 2 1\ -- Apple .mac certificate extended key use: Identity\ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 dotMacCertExtensionEmailSign ::= \{ dotMacCertificateExtension 2\}\ -- 1 2 840 113635 100 3 2 2\ -- Apple .mac certificate extended key use: Email Signing\ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 dotMacCertExtensionEmailEncrypt ::= \{ dotMacCertificateExtension 3\}\ -- 1 2 840 113635 100 3 2 3\ -- Apple .mac certificate extended key use: Email Encrypt\ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 1.1.3.3 dotMacCertificateRequestValues ::= \{ appleDotMacCertificate 3\}\ -- 1 2 840 113635 100 3 3\ -- Apple .mac certificate request parameter arc\ \ dotMacCertRequestValueUserName ::= \{ dotMacCertificateRequestValues 1\}\ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 -- 1 2 840 113635 100 3 3 1\ -- Apple .mac certificate request parameter: userName\ \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 dotMacCertRequestValuePasssword ::= \{ dotMacCertificateRequestValues 2\}\ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 -- 1 2 840 113635 100 3 3 2\ -- Apple .mac certificate request parameter: password\ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 \ dotMacCertRequestValueHostName ::= \{ dotMacCertificateRequestValues 3\}\ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 -- 1 2 840 113635 100 3 3 3\ -- Apple .mac certificate request parameter: hostName\ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 \ dotMacCertRequestValueRenew ::= \{ dotMacCertificateRequestValues 4\}\ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 -- 1 2 840 113635 100 3 3 4\ -- Apple .mac certificate request parameter: Renew flag\ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 \ dotMacCertRequestValueAsync ::= \{ dotMacCertificateRequestValues 5\}\ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 -- 1 2 840 113635 100 3 3 5\ -- Apple .mac certificate request parameter: asynchronous flag\ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 \ dotMacCertRequestValueIsPending ::= \{ dotMacCertificateRequestValues 6\}\ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 -- 1 2 840 113635 100 3 3 6\ -- Apple .mac certificate request parameter: poll server for pending request\ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 \ dotMacCertRequestValueTypeIChat ::= \{ dotMacCertificateRequestValues 7\}\ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 -- 1 2 840 113635 100 3 3 7\ -- Apple .mac certificate request parameter: cert type = iChat\ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 \ dotMacCertRequestValueTypeSharedServices ::= \ \pard\pardeftab720\li3600\fi720\ql\qnatural\pardirnatural \cf0 \{ dotMacCertificateRequestValues 8\}\ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 -- 1 2 840 113635 100 3 3 8\ -- Apple .mac certificate request parameter: cert type = Shared Services\ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 \ dotMacCertRequestValueTypeEmailEncrypt ::= \ \pard\pardeftab720\li3600\fi720\ql\qnatural\pardirnatural \cf0 \{ dotMacCertificateRequestValues 9\}\ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 -- 1 2 840 113635 100 3 3 9\ -- Apple .mac certificate request parameter: cert type = Email Encryption\ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 \ dotMacCertRequestValueTypeEmailSigning ::= \ \pard\pardeftab720\li3600\fi720\ql\qnatural\pardirnatural \cf0 \{ dotMacCertificateRequestValues 10\}\ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 -- 1 2 840 113635 100 3 3 10\ -- Apple .mac certificate request parameter: cert type = Email Signing\ \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \cf0 \ 1.1.4 appleExtendedKeyUsage ::= \{appleDataSecurity 4\}\ -- 1 2 840 113635 100 4\ -- Apple Extended Key Usage arc\ \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 appleCodeSigning ::= \{ appleExtendedKeyUsage 1\}\ -- 1 2 840 113635 100 4 1\ -- Apple Code Signing Extended Key Usage \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 appleCodeSigningDevelopment ::= \{ appleCodeSigning 1\}\ -- 1 2 840 113635 100 4 1 1\ -- Apple Code Signing Extended Key Usage, Development \ \ appleSoftwareUpdateSigning ::= \{ appleCodeSigning 2\}\ -- 1 2 840 113635 100 4 1 2\ -- Apple Software Update Signing Extended Key Usage\ \ appleSoftwareUpdateTestSigning ::= \{ appleSoftwareUpdateSigning 1\}\ -- 1 2 840 113635 100 4 1 2 1\ -- Apple Software Update Test Signing Extended Key Usage\ \ appleCodeSigningThirdParty ::= \{ appleCodeSigning 3\}\ -- 1 2 840 113635 100 4 1 3\ -- Apple Third-Party Code Signing Extended Key Usage\ \ appleResourceSigning ::= \{ appleCodeSigning 4\}\ -- 1 2 840 113635 100 4 1 4\ -- Apple Resource Signing Extended Key Usage\ \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 appleIChatSigning ::= \{ appleExtendedKeyUsage 2\}\ -- 1 2 840 113635 100 4 2\ -- Apple iChat Signing Extended Key Usage \ \ appleIChatEncryption ::= \{ appleExtendedKeyUsage 3\}\ -- 1 2 840 113635 100 4 3\ -- Apple iChat Encryption Extended Key Usage \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 appleSystemIdentity ::= \{ appleExtendedKeyUsage 4\}\ -- 1 2 840 113635 100 4 4\ -- Apple System Identity Extended Key Usage \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 appleCryptoEnv ::= \{ appleExtendedKeyUsage 5\}\ -- 1 2 840 113635 100 4 5\ -- Apple Encryption Environment Extended Key Usage \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 appleCryptoProductionEnv ::= \{ appleCryptoEnv 1\}\ -- 1 2 840 113635 100 4 5 1\ -- Apple Encryption Production Environment Extended Key Usage \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 appleCryptoMaintenanceEnv ::= \{ appleCryptoEnv 2\}\ -- 1 2 840 113635 100 4 5 2\ -- Apple Encryption Maintenance Environment Extended Key Usage \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 appleCryptoTestEnv ::= \{ appleCryptoEnv 3\}\ -- 1 2 840 113635 100 4 5 3\ -- Apple Encryption Test Environment Extended Key Usage \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 appleCryptoDevelopmentEnv ::= \{ appleCryptoEnv 4\}\ -- 1 2 840 113635 100 4 5 4\ -- Apple Encryption Development Environment Extended Key Usage \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 appleCryptoQoS ::= \{ appleExtendedKeyUsage 6\}\ -- 1 2 840 113635 100 4 6\ -- Apple Encryption Quality of Service Extended Key Usage \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 appleCryptoTier0QoS ::= \{ appleCryptoQoS 1\}\ -- 1 2 840 113635 100 4 6 1\ -- Apple Encryption Tier 0 Quality of Service Extended Key Usage \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 appleCryptoTier0QoS ::= \{ appleCryptoQoS 2\}\ -- 1 2 840 113635 100 4 6 2\ -- Apple Encryption Tier 1 Quality of Service Extended Key Usage \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 appleCryptoTier0QoS ::= \{ appleCryptoQoS 3\}\ -- 1 2 840 113635 100 4 6 3\ -- Apple Encryption Tier 2 Quality of Service Extended Key Usage \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 appleCryptoTier0QoS ::= \{ appleCryptoQoS 4\}\ -- 1 2 840 113635 100 4 6 4\ -- Apple Encryption Tier 3 Quality of Service Extended Key Usage \ \ \pard\pardeftab720\ql\qnatural \cf0 appleID ::= \{ appleExtendedKeyUsage 7\}\ -- 1 2 840 113635 100 4 7\ -- Apple ID Extended Key Usage\ \pard\pardeftab720\li2880\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \cf0 1.1.5 appleCertificatePolicies ::= \{appleDataSecurity 5\}\ -- 1 2 840 113635 100 5\ -- Apple Certificate Policies arc\ \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 appleCertificatePolicyID ::= \{ appleCertificatePolicies 1\}\ -- 1 2 840 113635 100 5 1\ -- Apple Certificate Policy \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\li2160\ql\qnatural\pardirnatural \cf0 appleDotMacCertificatePolicyID ::= \{ appleCertificatePolicies 2\}\ -- 1 2 840 113635 100 5 2\ -- Apple .Mac certificate policy ID\ \ appleADCCertificatePolicyID ::= \{ appleCertificatePolicies 3\}\ -- 1 2 840 113635 100 5 3\ -- ADC Certificate Policy\ -- unused\ \ appleiPhoneOSDeviceCertificiatePolicyMarker::= \{ appleCertificatePolicies 4\}\ -- 1 2 840 113635 100 5 4\ -- Markers for iPhone OS Device Certificate Policies, used for external sources to trust iPhone OS devices\ \ appleBBCDeviceCertificatePolicyID ::= \{ appleiPhoneOSDeviceCertificiatePolicyMarker 1 \}\ -- 1 2 840 113635 100 5 4 1\ -- BBC's Policy\ \ \ \ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \cf0 1.1.6 appleCertificateExtensions ::= \{appleDataSecurity 6\}\ -- 1 2 840 113635 100 6\ -- Apple Certificate Extensions arc\ \ appleCertificateExtensionCodeSigning ::= \{ appleCertificateExtensions 1 \}\ -- 1 2 840 113635 100 6 1\ -- Apple Code Signature\ \ appleCertificateExtensionAppleSigning ::= \{ appleCertificateExtensionCodeSigning 1 \}\ -- 1 2 840 113635 100 6 1 1\ -- Apple Released Code Signature\ \ appleCertificateExtensionWWDRDevelopmentSigning ::= \{ appleCertificateExtensionCodeSigning 2 \}\ -- 1 2 840 113635 100 6 1 2\ -- Apple World Wide Developer Relations Certificates for Code Signing during development\ \ appleCertificateExtensionAppleReleaseSigning ::= \{ appleCertificateExtensionCodeSigning 3 \}\ -- 1 2 840 113635 100 6 1 3\ -- Apple World Wide Developer Relations Certificates for Code Signing for General Release through the iTMS\ \ appleCertificateExtensionAppleTestSigning ::= \{ appleCertificateExtensionAppleReleaseSigning 1 \}\ -- 1 2 840 113635 100 6 1 3 1\ -- Apple World Wide Developer Relations Certificates for Code Signing for Test Release through the iTMS\ \pard\pardeftab720\ql\qnatural \cf0 \ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \cf0 appleCertificateExtensionWWDRSubmissionSigning ::= \{ appleCertificateExtensionCodeSigning 4 \}\ -- 1 2 840 113635 100 6 1 4\ \pard\pardeftab720\ql\qnatural \cf0 -- Apple World Wide Developer Relations Certificates for Code Signing GM from developer to Apple\ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \cf0 \ \ appleCertificateExtensionIntermediateMarker ::= \{ appleCertificateExtensions 2 \}\ -- 1 2 840 113635 100 6 2\ -- Extension Markers for Apple Intermediate Certificates\ \ appleCertificateExtensionWWDRIntermediate ::= \{ appleCertificateExtensionIntermediateMarker 1 \}\ -- 1 2 840 113635 100 6 2 1\ -- Marker for the WWDR Intermediate Certificate\ \ \pard\pardeftab720\ql\qnatural \cf0 appleCertificateExtensioniTunesStoreIntermediate ::= \{ appleCertificateExtensionIntermediateMarker 2 \}\ -- 1 2 840 113635 100 6 2 2\ -- Marker for the iTunes Store Intermediate Certificate\ \pard\pardeftab720\ql\qnatural \f1\fs24 \cf0 \ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \f0\fs26 \cf0 \f1\fs24 appleCertificateExtensionClientSSL \f0\fs26 ::= \{ appleCertificateExtensions 3 \}\ -- 1 2 840 113635 100 6 3\ -- Extension Markers for Apple SSL Push Service\ \ \pard\pardeftab720\ql\qnatural \f1\fs24 \cf0 appleCertificateExtensionDevelopmentApplePushServiceClientSSL\'a0::= \{ appleCertificateExtensionClientSSL 1 \}\ --\'a01 2 840 113635 100 6 3 1\ -- Apple World Wide Developer Relations Client SSL Certificates for Accessing the Development Apple Push Service\ \ appleCertificateExtensionProductionApplePushServiceClientSSL\'a0::= \{ appleCertificateExtensionClientSSL 2 \}\ --\'a01 2 840 113635 100 6 3 2\ -- Apple World Wide Developer Relations Client SSL Certificates for Accessing the Production Apple Push Service\ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \f0\fs26 \cf0 \ appleOtherNameExtensionMarker ::= \{ appleCertificateExtensions 4 \}\ -- 1 2 840 113635 100 6 4\ -- Extension Markers for Apple Specific SubjectAltName otherNames\ \ appleDeviceVersion ::= \{ appleOtherNameExtensionMarker 1 \}\ -- 1 2 840 113635 100 6 4 1\ -- Extension Markers for device version string, expects UTF8 to follow in SubjectAltName\ \ appleOSVersion ::= \{ appleOtherNameExtensionMarker 2 \}\ -- 1 2 840 113635 100 6 4 2\ -- Extension Markers for OS version string, expects UTF8 to follow in SubjectAltName\ \pard\pardeftab720\ql\qnatural \f1\fs24 \cf0 \ \pard\pardeftab720\ql\qnatural \f0\fs26 \cf0 appleCertificateExtensioniTunesStoreData ::= \{ appleCertificateExtensions 5 \} \ -- 1 2 840 113635 100 6 5\ -- Apple Receipt Signature\ \ appleCertificateExtensioniTSPurchaseReceiptSigning ::= \{ appleCertificateExtensioniTunesStoreData 1 \}\ -- 1 2 840 113635 100 6 5 1\ -- Apple iTunes Store Certificates for Signing Receipts of Purchases from the iTS\ \ appleCertificateExtensioniTSPurchaseRequestSigning ::= \{ appleCertificateExtensioniTunesStoreData 2 \}\ -- 1 2 840 113635 100 6 5 2\ -- Apple iTunes Store Certificates for Signing Requests to Purchase for the iTS\ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\ql\qnatural \cf0 \ appleCertificateExtensioniPodAccessoryFirmwareUpdate ::= \{ appleCertificateExtensions 6 \} \ -- 1 2 840 113635 100 6 6\ -- iPod Accessory Firmware Updates\ \ appleCertificateExtensioniPodAccessoryFirmwareUpdateRelease ::= \{ appleCertificateExtensioniPodAccessoryFirmwareUpdate 1 \}\ -- 1 2 840 113635 100 6 6 1\ -- iPod Accessory Firmware Updates Release Certificates\ \ appleCertificateExtensioniPodAccessoryFirmwareUpdateTest ::= \{ appleCertificateExtensioniPodAccessoryFirmwareUpdate 2 \}\ -- 1 2 840 113635 100 6 6 2\ -- iPod Accessory Firmware Updates Test Certificates\ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\ql\qnatural \fs24 \cf0 \ 1.1.7 appleFairPlayCertificate ::= \'a0\{appleDataSecurity 7\}\ -- 1 2 840 113635 100 7\ -- Apple FairPlay certificate arc\ \ 1.1.7.2 fairplayCertificateExtension ::= \{ appleFairPlayCertificate 1\}\ -- 1 2 840 113635 100 7 1\ -- Apple FairPlay certificate extension arc\ \ \'a0\'a0 fairplayCertExtensionAAA ::= \{ fairplayCertificateExtension 1\}\ \'a0 \'a0-- 1 2 840 113635 100 7 1 1\ \'a0 \'a0-- Apple FairPlay certificate extended Application Authentication & Authorization: Policy\ \ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \fs26 \cf0 \ \pard\pardeftab720\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\ql\qnatural\pardirnatural \f2\fs24 \cf0 \ \ \pard\pardeftab720\li1440\ql\qnatural\pardirnatural \cf0 \ \pard\pardeftab720\ql\qnatural\pardirnatural \b \cf0 \ul \ulc0 Revision History\ \ulnone \ \ul Date \ulnone \ul Change \ \b0 \ulnone 03/24/10 Added AppleID EKU\ 02/10/10 Added appleCertificateExtensioniPodAccessoryFirmwareUpdate subarc\ 06/12/09 Added appleCertificateExtensioniTunesStoreData and appleCertificateExtensioniTunesStoreIntermediate\ 01/19/09 Adding SSL Push Service Extention Hiearchy\ 04/30/08 appleCertificateExtensionAppleReleaseSigning and appleSoftwareUpdateSigning now have .1 testing subordinates\ 04/08/08 Added Fairplay Arc\ 02/29/08 Fixed Comments for WWDR Phone SDK Cert Extensions\ 02/12/08 Changed Code Signing Critical Certificate Extensions from ADC to WWDR - re-ordered them,\ Added the intermediate cert marker sub-arc\ 01/21/08 Added Code Signing Critical Certificate Extensions\ 04/04/07 Added appleCryptoEnv and appleCryptoQoS ExtendedKeyUse trees \b \ \b0 09/14/06 Added dotMacCertReqEncryptedIChat, dotMacCertReqCollaboration\ 08/16/06 Changes AppleCodeSigningPolicy to appleSWUpdateSigningPolicy\ Added (new) AppleCodeSigningPolicy\ Added applePackageSigningPolicy\ 01/28/05 Added appleCertificatePolicies arc \ Moved dotMacCertPolicyID to appleCertificatePolicies arc\ 01/25/05 Added dotMacCertPolicyID\ }