org.apache.directory.server.dns.io.encoder
Class CertificateRecordEncoder

java.lang.Object
  extended by org.apache.directory.server.dns.io.encoder.CertificateRecordEncoder

public class CertificateRecordEncoder
extends java.lang.Object

2. The CERT Resource Record The CERT resource record (RR) has the structure given below. Its RR type code is 37. 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | type | key tag | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | algorithm | / +---------------+ certificate or CRL / / / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| The type field is the certificate type as define in section 2.1 below. The algorithm field has the same meaning as the algorithm field in KEY and SIG RRs [RFC 2535] except that a zero algorithm field indicates the algorithm is unknown to a secure DNS, which may simply be the result of the algorithm not having been standardized for secure DNS. The key tag field is the 16 bit value computed for the key embedded in the certificate as specified in the DNSSEC Standard [RFC 2535]. This field is used as an efficiency measure to pick which CERT RRs may be applicable to a particular key. The key tag can be calculated for the key in question and then only CERT RRs with the same key tag need be examined. However, the key must always be transformed to the format it would have as the public key portion of a KEY RR before the key tag is computed. This is only possible if the key is applicable to an algorithm (and limits such as key size limits) defined for DNS security. If it is not, the algorithm field MUST BE zero and the tag field is meaningless and SHOULD BE zero.


Constructor Summary
CertificateRecordEncoder()
           
 
Method Summary
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CertificateRecordEncoder

public CertificateRecordEncoder()


Copyright © 2003-2012 Apache Software Foundation. All Rights Reserved.