Elementary data items

An elementary data item is a complete item that cannot be broken into separate parts. You can use elementary data items as host variables. Following is an example of an elementary data item:
01 MYSTR PIC X(26).

You can use MYSTR as a host variable (:MYSTR) because it is an elementary data item.

Request Table Optional Data Elements

Values for the following elements of the Request table SHOULD be maintained by the CA: Request_Key_Recovery_Hashes: Column name "Request.KeyRecoveryHashes". Unique identifiers of the key recovery agent (KRA)certificates that are required to retrieve an archived private key. Request_Raw_Old_Certificates: Column name "Request.RawOldCertificates". In the case of a renewal, the preceding certificate. Request_Request_Attributes: Column name "Request.RequestAttributes". The certificate request attributes as defined in [MS-WCCE]. Request_Request_Type: Column name "Request.RequestType". The type or format of a certificate request, such as PKCS#10 or the Cryptographic Message Syntax (CMS) standard with Common Messaging Calls (CMC) as specified in [RFC2797]. Request_Request_Flags: Column name "Request.RequestFlags". Additional certificate request information. The following are examples of request flag values. These flag values can be used in any combination. Name Value Description For encoding of the subject information in the certificate, a 0x0000000 T61String type is used for 1 elements that contain a Unicode character in the value. 0x0000000 The certificate request is a 2 renewal request. 0x0000000 For encoding of the subject

CR_FLG_FORCETELETEX

CR_FLG_RENEWAL CR_FLG_FORCEUTF8

CR_FLG_CAXCHGCERT CR_FLG_ENROLLONBEHALFOF

0x0000000 8 0x0000001 0 0x0000002 0

CR_FLG_SUBJECTUNMODIFIED

CR_FLG_VALIDENCRYPTEDKEYHA 0x0000004 SH 0 0x0000008 0 0x0000010 0

CR_FLG_CACROSSCERT

CR_FLG_ENFORCEUTF8

CR_FLG_DEFINEDCACERT

0x0000020 0

CR_FLG_PUBLISHERROR

0x8000000 0

information in the certificate, a UTF8String type is used for elements that contain a Unicode character in the value. The certificate is the exchange certificate of the CA. The certificate request is an Enroll-on-behalf-of request. The subject information in the certificate is an unmodified binary copy of the subject information from the certificate request. For a certificate request with key archival, the CMC Full response includes the szOID_ENCRYPTED_KEY_HA SH attribute. The certificate is the cross certificate of the CA. For encoding of the subject information in the certificate, a UTF8String type is used for directory string elements. The certificate request contains an Authority Key Identifier extension that identifies the desired CA signing key for the certificate. The CA had difficulty publishing the certificate to the directory that is specified in the userCertificate attribute of the entity.

Request_Status_Code: Column name "Request.StatusCode". Indicates whether the request was successful. The value is 0 if the request processed successfully. Otherwise, this field contains an error code that results from request processing. Error codes are as specified in section 2.2.5 of this document and in [MS-ERREF]. Request_Disposition_Message: Column name "Request.Disposition.Message". The text description of Request_Disposition_ Request_Disposition_Message is for presentation to a user and can contain any text string, including NULL, that the licensee considers informative.

Request_Submitted_When: Column name "Request.SubmittedWhen". The CERTTIME that a request was received by the CA. Request_Resolved_When: Column name "Request.ResolvedWhen". The CERTTIME that the CA completed request processing (whether successfully or unsuccessfully). Request_Revoked_When: Column name "Request.RevokedWhen". The CERTTIME that the CA processed a call to the ICertAdminD::RevokeCertificate function. This field is initialized as NULL and updated by the ICertAdminD::RevokeCertificate function. Request_Requester_Name: Column name "Request.RequesterName". The RequesterName that is included in the certificate request. Request_Caller_Name: Column name "Request.CallerName". The user or machine context that submitted the certificate request to the CA. Request_Signer_Policies: Column name "Request.SignerPolicies". The list of valid certificate policy OIDs for each signer certificate from the certificate request. Request_Signer_Application_Policies: Column name "Request.SignerApplicationPolicies". The list of valid Extended Key Usage OIDs for each signer certificate from the certificate request. Request_Officer: Column name "Request.Officer". Indicates whether the caller is the certificate manager of the entity that corresponds to the Request_Requester_Name. Request_Distinguished_Name: Column name "Request.DistinguishedName". The distinguished name (DN) from the Subject attribute of the certificate request. String representation Request_Country: Column name "Request.Country". The country attribute of the DN from the Subject of the certificate request. Request_Organization: Column name "Request.Organization". The organization attribute of the DN from the Subject of the certificate request. ASN.1 DER encoded Request_Org_Unit: Column name "Request.OrgUnit". The organizational-unit attribute of the DN from the Subject of the certificate request. Request_Common_Name: Column name "Request.CommonName". The common name attribute of the DN from the Subject of the certificate request.

Request_Locality: Column name "Request.Locality". The locality attribute of the DN from the Subject of the certificate request. Request_State: Column name "Request.State". The state or province name attribute of the DN from the Subject of the certificate request. Request_Title: Column name "Request.Title". The title attribute of the DN from the Subject of the certificate request. Request_Given_Name: Column name "Request.GivenName". The given name (also called first name) attribute of the DN from the Subject of the certificate request. Request_Initials: Column name "Request.Initials". The initials attribute of the DN from the Subject of the certificate request. Request_SurName: Column name "Request.SurName". The surname attribute of the DN from the Subject of the certificate request. Request_Domain_Component: Column name "Request.DomainComponent". The domainComponent attribute of the DN from the Subject of the certificate request. Request_Email: Column name "Request.EMail". The EmailAddress attribute of the DN from the Subject of the certificate request. Request_Street_Address: Column name "Request.StreetAddress". The street address attribute of the DN from the Subject of the certificate request. Request_Unstructured_Name: Column name "Request.UnstructuredName". The unstructured name attribute of the DN from the Subject of the certificate request. Request_Unstructured_Address: Column name "Request.UnstructuredAddress". The unstructured address attribute of the DN from the Subject of the certificate request. Request_Device_Serial_Number: Column name "Request.DeviceSerialNumber". The device serial number attribute of the DN from the Subject of the certificate request. Request_RequesterName_From_Old_Certificate: Column name "Request.RequesterNameFromOldCertificate". For a renewal request that is signed by the previously issued certificate, the subject name of the old certificate.<7> Request_ID: Column name "RequestID". The RequestID that corresponds to an issued certificate. Certificate_Hash: Column name "CertificateHash". The SHA-1 hash over the value of the Raw_Certificate column.

Certificate_Template: Column name "CertificateTemplate". extnValue of extension with OID 1.3.6.1.4.1.311.20.2 of issued certificate. Enrollment_Flags: Column name "EnrollmentFlags". The values that are defined in "EnrollmentFlags" from [MS-CRTD]. General_Flags: Column name "GeneralFlags". The values that are defined in "GeneralFlags" from [MS-CRTD]. Issuer_Name_Id: Column name "IssuerNameId". A sequential number that indicates which CA key signed the issued certificate. Not_Before: Column name "NotBefore". The CERTTIME that provides the value for the Validity->notBefore field ([RFC3280] section 4.1.2.5) of the issued certificate. Not_After: Column name "NotAfter". The CERTTIME that provides the value for the Validity->notAfter field ([RFC3280] section 4.1.2.5) of the issued certificate. Subject_Key_Identifier: Column name "SubjectKeyIdentifier". The SubjectKeyIdentifier extension ([RFC3280] section 4.2.1.2) of the issued certificate. Raw_Public_Key: Column name "RawPublicKey". The SubjectPublicKeyInfo>subjectPublicKey field of the issued certificate. Public_Key_Length: Column name "PublicKeyLength". The length of the SubjectPublicKeyInfo->subjectPublicKey field of the issued certificate. Public_Key_Algorithm: Column name "PublicKeyAlgorithm". The SubjectPublicKeyInfo->algorithm->algorithm field of the issued certificate. Raw_Public_Key_Algorithm_Parameters: Column name "RawPublicKeyAlgorithmParameters". The SubjectPublicKeyInfo->algorithm>parameters field of the issued certificate. UPN: Column name "UPN". The UPN alternate name entry from the SubjectAltName extension in the certificate. Distinguished_Name: Column name "DistinguishedName". The Subject field ([RFC3280] section 4.1.2.6) of the issued certificate. String representation Raw_Name: Column name "RawName". The Subject information of the issued certificate. ASN.1 DER encoded

Country: Column name "Country". The country attribute of the certificate Subject. Organization: Column name "Organization". The organization attribute of the certificate Subject. Org_Unit: Column name "OrgUnit". The organizational-unit attribute of the certificate Subject. Common_Name: Column name "CommonName". The common name attribute of the certificate Subject. Locality: Column name "Locality". The locality attribute of the certificate Subject. State: Column name "State". The state or province name attribute of the certificate Subject. Title: Column name "Title". The title attribute of the certificate Subject. Given_Name: Column name "GivenName". The given name attribute of the certificate Subject. Initials: Column name "Initials". The initials attribute of the certificate Subject. SurName: Column name "SurName". The surname attribute of the certificate Subject. Domain_Component: Column name "DomainComponent". The domainComponent attribute of the certificate Subject. Email: Column name "EMail". The [RFC822] Name attribute from the Subject Alternative Name of the issued certificate. Street_Address: Column name "StreetAddress". The street address attribute of the certificate Subject. Unstructured_Name: Column name "UnstructuredName". The unstructured name attribute of the certificate Subject. Unstructured_Address: Column name "UnstructuredAddress". The unstructured address attribute of the certificate Subject. Device_Serial_Number: Column name "DeviceSerialNumber". The serial number attribute of the certificate Subject.
{} Curly braces indicate that the element being defined is made up of a series of repetitions of the element(s) enclosed in the brackets.