001 /* 002 * Licensed to the Apache Software Foundation (ASF) under one 003 * or more contributor license agreements. See the NOTICE file 004 * distributed with this work for additional information 005 * regarding copyright ownership. The ASF licenses this file 006 * to you under the Apache License, Version 2.0 (the 007 * "License"); you may not use this file except in compliance 008 * with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, 013 * software distributed under the License is distributed on an 014 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 015 * KIND, either express or implied. See the License for the 016 * specific language governing permissions and limitations 017 * under the License. 018 * 019 */ 020 021 package org.apache.directory.server.dns.io.encoder; 022 023 024 /** 025 * 2. The CERT Resource Record 026 * 027 * The CERT resource record (RR) has the structure given below. Its RR 028 * type code is 37. 029 * 030 * 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 031 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 032 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 033 * | type | key tag | 034 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 035 * | algorithm | / 036 * +---------------+ certificate or CRL / 037 * / / 038 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| 039 * 040 * The type field is the certificate type as define in section 2.1 041 * below. 042 * 043 * The algorithm field has the same meaning as the algorithm field in 044 * KEY and SIG RRs [RFC 2535] except that a zero algorithm field 045 * indicates the algorithm is unknown to a secure DNS, which may simply 046 * be the result of the algorithm not having been standardized for 047 * secure DNS. 048 * 049 * The key tag field is the 16 bit value computed for the key embedded 050 * in the certificate as specified in the DNSSEC Standard [RFC 2535]. 051 * This field is used as an efficiency measure to pick which CERT RRs 052 * may be applicable to a particular key. The key tag can be calculated 053 * for the key in question and then only CERT RRs with the same key tag 054 * need be examined. However, the key must always be transformed to the 055 * format it would have as the public key portion of a KEY RR before the 056 * key tag is computed. This is only possible if the key is applicable 057 * to an algorithm (and limits such as key size limits) defined for DNS 058 * security. If it is not, the algorithm field MUST BE zero and the tag 059 * field is meaningless and SHOULD BE zero. 060 * 061 * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> 062 * @version $Rev: 501160 $, $Date: 2007-01-29 20:41:33 +0100 (Mon, 29 Jan 2007) $ 063 */ 064 public class CertificateRecordEncoder 065 { 066 }