View Javadoc
1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *  
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *  
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License. 
18   *  
19   */
20  
21  package org.apache.directory.server.dns.io.encoder;
22  
23  
24  /**
25   * 2. The CERT Resource Record
26   * 
27   *    The CERT resource record (RR) has the structure given below.  Its RR
28   *    type code is 37.
29   * 
30   *                          1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
31   *      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
32   *     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
33   *     |             type              |             key tag           |
34   *     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
35   *     |   algorithm   |                                               /
36   *     +---------------+            certificate or CRL                 /
37   *     /                                                               /
38   *     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
39   * 
40   *    The type field is the certificate type as define in section 2.1
41   *    below.
42   * 
43   *    The algorithm field has the same meaning as the algorithm field in
44   *    KEY and SIG RRs [RFC 2535] except that a zero algorithm field
45   *    indicates the algorithm is unknown to a secure DNS, which may simply
46   *    be the result of the algorithm not having been standardized for
47   *    secure DNS.
48   * 
49   *    The key tag field is the 16 bit value computed for the key embedded
50   *    in the certificate as specified in the DNSSEC Standard [RFC 2535].
51   *    This field is used as an efficiency measure to pick which CERT RRs
52   *    may be applicable to a particular key.  The key tag can be calculated
53   *    for the key in question and then only CERT RRs with the same key tag
54   *    need be examined. However, the key must always be transformed to the
55   *    format it would have as the public key portion of a KEY RR before the
56   *    key tag is computed.  This is only possible if the key is applicable
57   *    to an algorithm (and limits such as key size limits) defined for DNS
58   *    security.  If it is not, the algorithm field MUST BE zero and the tag
59   *    field is meaningless and SHOULD BE zero.
60   * 
61   * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
62   */
63  public class CertificateRecordEncoder
64  {
65  }