Support for certificate policy OID validation in security and trust agent.

[GoogleCodeExporter]

Certain trust circles may require specific attributes (or alternatively 
exclusion of attributes) that represent policy compliance.  These can be 
implemented as policy OIDs in a certificate.

For example, an FBCA certificate may need an OID indicating that the 
certificate is intended for Direct transport communication only.  Certificates 
rooted to the same CA without the policy OID would be excluded as valid 
candidates for encryption and message signature operations (SMIME).

It would be ideal if the security and trust agent could support 
plugable/configurable policy OID validation per trust anchor (or group or trust 
anchors)

Original issue reported on code.google.com by gm2...@cerner.com on 13 Jul 2011 at 4:34

[GoogleCodeExporter]

Project started under a larger concept of policy enablement.  See attached 
document for overview and proposal.

Original comment by gm2...@cerner.com on 29 Apr 2013 at 4:48

• Changed state: Started

Attachments:

• [Direct + Policy Enablement.docx](https://storage.googleapis.com/google-code-attachments/nhin-d/issue-156/comment-1/Direct + Policy Enablement.docx)

[GoogleCodeExporter]

Released in Java RI 3.0.  Work currently underway in .Net RI.

Supporting Modules
direct-policy 1.0
agent 2.0
gateway 3.0

Original comment by gm2...@cerner.com on 16 Aug 2013 at 12:23