CRLDistributionPointsExtension

Class Overview

Represent the CRL Distribution Points Extension (OID = 2.5.29.31).

The CRL distribution points extension identifies how CRL information is obtained. The extension SHOULD be non-critical, but the PKIX profile recommends support for this extension by CAs and applications.

For PKIX, if the cRLDistributionPoints extension contains a DistributionPointName of type URI, the following semantics MUST be assumed: the URI is a pointer to the current CRL for the associated reasons and will be issued by the associated cRLIssuer. The expected values for the URI conform to the following rules. The name MUST be a non-relative URL, and MUST follow the URL syntax and encoding rules specified in [RFC 1738]. The name must include both a scheme (e.g., "http" or "ftp") and a scheme-specific-part. The scheme- specific-part must include a fully qualified domain name or IP address as the host. As specified in [RFC 1738], the scheme name is not case-sensitive (e.g., "http" is equivalent to "HTTP"). The host part is also not case-sensitive, but other components of the scheme-specific-part may be case-sensitive. When comparing URIs, conforming implementations MUST compare the scheme and host without regard to case, but assume the remainder of the scheme-specific-part is case sensitive. Processing rules for other values are not defined by this specification. If the distributionPoint omits reasons, the CRL MUST include revocations for all reasons. If the distributionPoint omits cRLIssuer, the CRL MUST be issued by the CA that issued the certificate.

The ASN.1 definition for this is:

 id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::=  { id-ce 31 }

 cRLDistributionPoints ::= {
      CRLDistPointsSyntax }

 CRLDistPointsSyntax ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
 

Summary

[Expand] Inherited Fields
From class sun.security.x509.Extension protected boolean critical protected ObjectIdentifier extensionId protected byte[] extensionValue

[Expand] Inherited Methods
From class sun.security.x509.Extension void encode(DerOutputStream out) Write the extension to the DerOutputStream. boolean equals(Object other) Compares this Extension for equality with the specified object. ObjectIdentifier getExtensionId() Returns the ObjectIdentifier of the extension. byte[] getExtensionValue() Returns the extension value as an byte array for further processing. int hashCode() Returns a hashcode value for this Extension. boolean isCritical() Returns true if extension is critical. String toString() Returns the Extension in user readable form.
From class java.lang.Object Object clone() Creates and returns a copy of this object. boolean equals(Object obj) Indicates whether some other object is "equal to" this one. void finalize() Called by the garbage collector on an object when garbage collection determines that there are no more references to the object. final Class<?> getClass() Returns the runtime class of this Object. int hashCode() Returns a hash code value for the object. final void notify() Wakes up a single thread that is waiting on this object's monitor. final void notifyAll() Wakes up all threads that are waiting on this object's monitor. String toString() Returns a string representation of the object. final void wait() Causes the current thread to wait until another thread invokes the notify() method or the notifyAll() method for this object. final void wait(long timeout, int nanos) Causes the current thread to wait until another thread invokes the notify() method or the notifyAll() method for this object, or some other thread interrupts the current thread, or a certain amount of real time has elapsed. final void wait(long timeout) Causes the current thread to wait until either another thread invokes the notify() method or the notifyAll() method for this object, or a specified amount of time has elapsed.
From interface sun.security.x509.CertAttrSet abstract void delete(String name) Deletes an attribute value from this CertAttrSet. abstract void encode(OutputStream out) Encodes the attribute to the output stream in a format that can be parsed by the decode method. abstract Object get(String name) Gets an attribute value for this CertAttrSet. abstract Enumeration<T> getElements() Returns an enumeration of the names of the attributes existing within this attribute. abstract String getName() Returns the name (identifier) of this CertAttrSet. abstract void set(String name, Object obj) Sets an attribute value within this CertAttrSet. abstract String toString() Returns a short string describing this certificate attribute.