Standards for Technology in Automotive Retail

 Home -  News Feed 

10.5. Decisions

STAR REQUIRES that digital certificate formats are compliant to X.509 v3 format and to aid interoperability STAR RECOMMENDS limiting extensions to basic constraints; key usage extension, subject alternative extension to communicate the hostname when Digital Certificates are used to support SSL and the CRL distribution point extension containing a URL to the CRL for the certificate.

If an X.509 v3 certificate is exported for exchange with a partner, it is RECOMMENDED that it be exported with its entire trust chain. One implication of this is that .cer format is not recommended except for self-signed X.509 v3 certificates.

STAR Transport solutions SHOULD be able to import the following certificate file formats: .p7b, .p7c, .pfx, .cer

With STAR ebMS the certificate format SHOULD be referenced in the CPA. With STAR Web Services the certificate format SHOULD be agreed upon out-of-band.

To aid interoperability and provide stronger authentication, certificates may be self signed; self issued or obtained through well known third party Certificate Authorities.