Overview#

TrustAnchorInfo is a standard format for representing Trust Anchor information defined in RFC 5914TrustAnchorInfo structure:

  TrustAnchorInfo ::= SEQUENCE {
      version   TrustAnchorInfoVersion DEFAULT v1,
      pubKey    SubjectPublicKeyInfo,
      keyId     KeyIdentifier,
      taTitle   TrustAnchorTitle OPTIONAL,
      certPath  CertPathControls OPTIONAL,
      exts      [[1] EXPLICIT Extensions   OPTIONAL,
      taTitleLangTag   [[2] UTF8String OPTIONAL }

   TrustAnchorInfoVersion ::= INTEGER { v1(1) }

Where:

• SubjectPublicKeyInfo
• KeyIdentifier = SubjectPublicKeyInfo Certificate Extension
• taTitle - OPTIONAL provides a human-readable name for the trust anchor
• certPath - OPTIONAL provides the controls needed to initialize an X.509 certification path validation algorithm implementation (see Section 6 of RFC 5280). When absent, the Trust Anchor cannot be used to validate the signature on an X.509 certificate.
• exts - OPTIONAL used to associate additional information with the trust anchor using the standard Certificate Extensions structure.

More Information#

There might be more information for this subject on one of the following:

• Trust Anchor Management Protocol