How does the terminal tell the difference between the various MIDP 2.0 policy domains, and how is this related to certificates?
• MIDP 2.0 ties the policy domain to the CA certificate that was used to verify a signer certificate in a JAD. That is, if the OperatorCA1 certificate was used to verify the certificate chain in the JAD of some MIDlet, then that MIDlet will be mapped to the policy domain corresponding to the OperatorCA1 certificate. The policy domain for a CA certificate, in turn, is determined by an identifier external to the certificate. On a SIM or WIM card, for example, this identifier is stored in the trustedUsage field and must contain the DER encoding of the Oid iso(1)org(3)dod(6)internet(1)private(4)enterprises(1)sun(42)products(2) javaXMLsoftware(110)midp(2)spec(2)gsm-policy(2)operator(1) in order for a CA certificate to map to the GSM Operator domain (see the MIDP 2.0 specification for more information). CA certificates for the GSM trusted third-party domain should either not have the trustedUsage field at all in the CDF or have it contain the DER encoding of the Oid id-kp-codeSigning. For CA
Related Questions
- How does the terminal tell the difference between the various MIDP 2.0 policy domains, and how is this related to certificates?
- Can I attach various supporting documents (my portfolio, letters of reference, certificates, etc.) to my rsum and cover letter?
- How is policy data reported under the various types of workers compensation policies issued for PEO arrangements?
