Class: X509V3ExtensionsType
Specifies any standard X.509 v3 extensions that may be used in the certificate.
URI: attack:X509V3ExtensionsType
classDiagram
class X509V3ExtensionsType
click X509V3ExtensionsType href "../X509V3ExtensionsType/"
CommonSchemaComponent <|-- X509V3ExtensionsType
click CommonSchemaComponent href "../CommonSchemaComponent/"
X509V3ExtensionsType : authority_key_identifier
X509V3ExtensionsType : basic_constraints
X509V3ExtensionsType : certificate_policies
X509V3ExtensionsType : crl_distribution_points
X509V3ExtensionsType : description
X509V3ExtensionsType : extended_key_usage
X509V3ExtensionsType : id
X509V3ExtensionsType : inhibit_any_policy
X509V3ExtensionsType : issuer_alternative_name
X509V3ExtensionsType : key_usage
X509V3ExtensionsType : name
X509V3ExtensionsType : name_constraints
X509V3ExtensionsType : policy_constraints
X509V3ExtensionsType : policy_mappings
X509V3ExtensionsType : private_key_usage_period_not_after
X509V3ExtensionsType : private_key_usage_period_not_before
X509V3ExtensionsType : subject_alternative_name
X509V3ExtensionsType : subject_directory_attributes
X509V3ExtensionsType : subject_key_identifier
X509V3ExtensionsType : type
Inheritance
- StixEntity
- CommonSchemaComponent
- X509V3ExtensionsType
- CommonSchemaComponent
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| basic_constraints | 0..1 String |
Specifies a multi-valued extension which indicates whether a certificate is a... | direct |
| name_constraints | 0..1 String |
Specifies a namespace within which all subject names in subsequent certificat... | direct |
| policy_constraints | 0..1 String |
Specifies any constraints on path validation for certificates issued to CAs | direct |
| key_usage | 0..1 String |
Specifies a multi-valued extension consisting of a list of names of the permi... | direct |
| extended_key_usage | 0..1 String |
Specifies a list of usages indicating purposes for which the certificate publ... | direct |
| subject_key_identifier | 0..1 String |
Specifies the identifier that provides a means of identifying certificates th... | direct |
| authority_key_identifier | 0..1 String |
Specifies the identifier that provides a means of identifying the public key ... | direct |
| subject_alternative_name | 0..1 String |
Specifies the additional identities to be bound to the subject of the certifi... | direct |
| issuer_alternative_name | 0..1 String |
Specifies the additional identities to be bound to the issuer of the certific... | direct |
| subject_directory_attributes | 0..1 String |
Specifies the identification attributes (e | direct |
| crl_distribution_points | 0..1 String |
Specifies how CRL information is obtained | direct |
| inhibit_any_policy | 0..1 String |
Specifies the number of additional certificates that may appear in the path b... | direct |
| private_key_usage_period_not_before | 0..1 Datetime |
Specifies the date on which the validity period begins for the private key, i... | direct |
| private_key_usage_period_not_after | 0..1 Datetime |
Specifies the date on which the validity period ends for the private key, if ... | direct |
| certificate_policies | 0..1 String |
Specifies a sequence of one or more policy information terms, each of which c... | direct |
| policy_mappings | 0..1 String |
Specifies one or more pairs of OIDs; each pair includes an issuerDomainPolicy... | direct |
| id | 0..1 StixIdentifier |
STIX object identifier | StixEntity |
| type | 0..1 StixTypeName |
STIX object type | StixEntity |
| name | 0..1 String |
Human-readable name | StixEntity |
| description | 0..1 String |
Human-readable description | StixEntity |
Usages
| used by | used in | type | used |
|---|---|---|---|
| X509Certificate | x509_v3_extensions | range | X509V3ExtensionsType |
In Subsets
Comments
- jsonschema_source: https://github.com/oasis-open/cti-stix2-json-schemas/tree/master/schemas/observables/x509-certificate.json#/definitions/x509-v3-extensions-type
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/attack
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | attack:X509V3ExtensionsType |
| native | attack:X509V3ExtensionsType |
LinkML Source
Direct
name: X509V3ExtensionsType
description: Specifies any standard X.509 v3 extensions that may be used in the certificate.
comments:
- 'jsonschema_source: https://github.com/oasis-open/cti-stix2-json-schemas/tree/master/schemas/observables/x509-certificate.json#/definitions/x509-v3-extensions-type'
in_subset:
- common
from_schema: https://w3id.org/lmodel/attack
is_a: CommonSchemaComponent
slots:
- basic_constraints
- name_constraints
- policy_constraints
- key_usage
- extended_key_usage
- subject_key_identifier
- authority_key_identifier
- subject_alternative_name
- issuer_alternative_name
- subject_directory_attributes
- crl_distribution_points
- inhibit_any_policy
- private_key_usage_period_not_before
- private_key_usage_period_not_after
- certificate_policies
- policy_mappings
Induced
name: X509V3ExtensionsType
description: Specifies any standard X.509 v3 extensions that may be used in the certificate.
comments:
- 'jsonschema_source: https://github.com/oasis-open/cti-stix2-json-schemas/tree/master/schemas/observables/x509-certificate.json#/definitions/x509-v3-extensions-type'
in_subset:
- common
from_schema: https://w3id.org/lmodel/attack
is_a: CommonSchemaComponent
attributes:
basic_constraints:
name: basic_constraints
description: Specifies a multi-valued extension which indicates whether a certificate
is a CA certificate.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: basic_constraints
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
name_constraints:
name: name_constraints
description: Specifies a namespace within which all subject names in subsequent
certificates in a certification path must be located.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: name_constraints
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
policy_constraints:
name: policy_constraints
description: Specifies any constraints on path validation for certificates issued
to CAs.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: policy_constraints
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
key_usage:
name: key_usage
description: Specifies a multi-valued extension consisting of a list of names
of the permitted key usages.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: key_usage
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
extended_key_usage:
name: extended_key_usage
description: Specifies a list of usages indicating purposes for which the certificate
public key can be used.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: extended_key_usage
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
subject_key_identifier:
name: subject_key_identifier
description: Specifies the identifier that provides a means of identifying certificates
that contain a particular public key.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: subject_key_identifier
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
authority_key_identifier:
name: authority_key_identifier
description: Specifies the identifier that provides a means of identifying the
public key corresponding to the private key used to sign a certificate.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: authority_key_identifier
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
subject_alternative_name:
name: subject_alternative_name
description: Specifies the additional identities to be bound to the subject of
the certificate.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: subject_alternative_name
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
issuer_alternative_name:
name: issuer_alternative_name
description: Specifies the additional identities to be bound to the issuer of
the certificate.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: issuer_alternative_name
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
subject_directory_attributes:
name: subject_directory_attributes
description: Specifies the identification attributes (e.g., nationality) of the
subject.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: subject_directory_attributes
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
crl_distribution_points:
name: crl_distribution_points
description: Specifies how CRL information is obtained.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: crl_distribution_points
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
inhibit_any_policy:
name: inhibit_any_policy
description: Specifies the number of additional certificates that may appear in
the path before anyPolicy is no longer permitted.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: inhibit_any_policy
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
private_key_usage_period_not_before:
name: private_key_usage_period_not_before
description: Specifies the date on which the validity period begins for the private
key, if it is different from the validity period of the certificate.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: private_key_usage_period_not_before
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: datetime
private_key_usage_period_not_after:
name: private_key_usage_period_not_after
description: Specifies the date on which the validity period ends for the private
key, if it is different from the validity period of the certificate.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: private_key_usage_period_not_after
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: datetime
certificate_policies:
name: certificate_policies
description: Specifies a sequence of one or more policy information terms, each
of which consists of an object identifier (OID) and optional qualifiers.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: certificate_policies
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
policy_mappings:
name: policy_mappings
description: Specifies one or more pairs of OIDs; each pair includes an issuerDomainPolicy
and a subjectDomainPolicy.
from_schema: https://w3id.org/lmodel/attack
rank: 1000
alias: policy_mappings
owner: X509V3ExtensionsType
domain_of:
- X509V3ExtensionsType
range: string
id:
name: id
description: STIX object identifier.
from_schema: https://w3id.org/lmodel/attack
related_mappings:
- unified_cyber_ontology:externalReference
rank: 1000
alias: id
owner: X509V3ExtensionsType
domain_of:
- StixEntity
- Bundle
- Core
- CyberObservableCore
- ExtensionDefinition
- LanguageContent
- MarkingDefinition
- File
range: stix_identifier
type:
name: type
description: STIX object type.
from_schema: https://w3id.org/lmodel/attack
related_mappings:
- unified_cyber_ontology:state
rank: 1000
alias: type
owner: X509V3ExtensionsType
domain_of:
- StixEntity
- Bundle
- Core
- CyberObservableCore
- ExtensionDefinition
- LanguageContent
- MarkingDefinition
- File
range: stix_type_name
name:
name: name
description: Human-readable name.
from_schema: https://w3id.org/lmodel/attack
exact_mappings:
- unified_cyber_ontology:name
rank: 1000
alias: name
owner: X509V3ExtensionsType
domain_of:
- RelatedAsset
- StixEntity
- ExtensionDefinition
- MarkingDefinition
- AutonomousSystem
- File
range: string
description:
name: description
description: Human-readable description.
from_schema: https://w3id.org/lmodel/attack
close_mappings:
- unified_cyber_ontology:description
rank: 1000
alias: description
owner: X509V3ExtensionsType
domain_of:
- RelatedAsset
- MutableElement
- StixEntity
- ExtensionDefinition
- ExternalReference
range: string