Unit

ScCertificateExts

 

Description

The TScCertBasicConstraintsExtension class represents the basic constraints extension that provides properties to describe the basic constraint set on a certificate. These constraints are used during the certificate chain verification process.

 

The following paragraph is taken from RFC 5280, section 4.2.1.9:

"The basic constraints extension identifies whether the subject of the certificate is a CA and the maximum depth of valid certification paths that include this certificate.

The cA boolean indicates whether the certified public key may be used to verify certificate signatures.

The pathLenConstraint field is meaningful only if the cA boolean is asserted and the key usage extension, if present, asserts the keyCertSign bit. In this case, it gives the maximum number of non-self-issued intermediate certificates that may follow this certificate in a valid certification path. A pathLenConstraint of zero indicates that no non-self-issued intermediate CA certificates may follow in a valid certification path. Where it appears, the pathLenConstraint field MUST be greater than or equal to zero. Where pathLenConstraint does not appear, no limit is imposed."

 

See Also

TScCertificateExtension

 

SecureBridge Components, Copyright © 2007-2021 Devart. All Rights Reserved. Provide Feedback Visit Forum Request Support