rfc971.A SURVEY OF DATA REPRESENTATION STANDARDS

v1.0 可编辑可修改中国移动通信集团公司业务卡管理体系SIM卡应用技术规范中国移动通信集团公司二○○一年十一月1范围 (5)2引用标准 (5)3符号和缩略语 (8)4SIM卡应用工具箱概述 (9)4.1概要信息下载 (10)4.2主动式SIM卡 (10)4.3下载数据到SIM卡 (10)4.4菜单选择 (11)4.5SIM卡呼叫控制 (11)4.6SIM卡的MO短消息控制 (11)4.7事件下载 (11)4.8安全 (11)5概要信息下载 (12)5.1过程 (12)5.2TERMINAL PROFILE的结构和编码： (12)6主动式SIM卡 (18)6.1概述 (18)6.2主动式SIM卡命令描述 (21)6.2.1DISPLAY TEXT (22)6.2.1.1命令和过程 (22)6.2.1.2FETCH（DISPLAY TEXT）命令结构 (23)6.2.2GET INKEY (25)6.2.2.1命令和过程 (25)6.2.2.2FETCH（GET INKEY）命令结构 (27)6.2.3GET INPUT (28)6.2.3.1命令和过程 (28)6.2.3.2FETCH（GET INPUT）命令结构 (29)6.2.4MORE TIME (31)6.2.4.1命令和过程 (31)6.2.4.2FETCH（MORE TIME）命令结构 (31)6.2.5PLAY TONE (32)6.2.5.1命令和过程 (32)6.2.5.2FETCH（PLAY TONE）命令结构 (33)6.2.6POLL INTERVAL (36)6.2.6.1命令和过程 (36)6.2.6.2FETCH（POLL INTERVAL）命令结构 (36)6.2.7REFRESH (37)6.2.7.1命令和过程 (37)6.2.7.2FETCH（REFRESH）命令结构 (40)6.2.8SET UP MENU (41)6.2.8.1命令和过程 (41)6.2.8.2FETCH（SET UP MENU）命令结构 (43)6.2.9SELECT ITEM (45)6.2.9.1命令和过程 (45)6.2.9.2FETCH（SELECT ITEM）命令结构 (46)6.2.10SEND SHORT MESSAGE (48)6.2.10.1命令和过程 (48)6.2.10.2FETCH（SEND SHORT MESSAGE）命令结构 (49)6.2.11SEND SS (53)6.2.11.1命令和过程 (53)6.2.11.2FETCH（SEND SS）命令结构 (55)6.2.12SEND USSD (57)6.2.12.1命令和过程 (57)6.2.12.2FETCH（SEND USSD）命令结构 (59)6.2.13SET UP CALL (62)6.2.13.1命令和过程 (62)6.2.13.2FETCH（SET UP CALL）命令结构 (65)6.2.14POLLING OFF (67)6.2.14.1命令和过程 (67)6.2.14.2FETCH（POLLING OFF）命令结构 (68)6.2.15PROVIDE LOCAL INFORMATION (68)6.2.15.1命令和过程 (68)6.2.15.2FETCH（PROVIDE LOCAL INFORMATION）命令结构 (69)6.2.16SET UP EVENT LIST (70)6.2.16.1命令和过程 (70)6.2.16.2FETCH（SET UP EVENT LIST）命令结构 (71)7命令结果(TERMINAL RESPONSE) (72)7.1.1.1TERMINAL RESPONSE 命令结构 (74)8下载数据到SIM卡 (78)8.1点到点短消息(SMS-PP)数据下载 (78)8.1.1过程 (78)8.1.2ENVELOPE (SMS点到点下载) 命令结构 (79)8.2小区广播短消息(SMS-CB)数据下载 (80)8.2.1过程 (80)8.2.2ENVELOPE (小区广播下载) 命令结构 (81)9菜单选择(MENU SELECTION) (81)9.1过程 (82)9.2ENVELOPE(菜单选择)命令结构 (82)10SIM卡的呼叫控制 (83)10.1移动端发起的呼叫过程 (83)10.2补充业务及USSD的过程 (85)10.3给用户的指示 (86)10.4固定拨号的交互操作 (88)10.5支持禁止拨号（BDN）业务 (88)10.6ENVELOPE（呼叫控制）命令结构 (89)11SIM卡的MO短消息控制 (92)11.1过程 (92)11.2ENVELOPE（MO短消息控制）命令结构 (92)12定时器终止 (94)12.1过程 (95)12.2ENVELOPE（定时器终止）命令结构 (95)13事件下载 (96)13.1MT呼叫事件 (96)13.1.1过程 (96)13.1.2ENVELOPE（事件下载-MT呼叫）命令结构 (97)13.2已连接呼叫事件 (98)13.2.1过程 (98)13.2.2ENVELOPE（事件下载-已连接呼叫）命令结构 (99)13.3呼叫拆线事件 (101)13.3.1过程 (101)13.3.2ENVELOPE（事件下载-呼叫拆线）命令结构 (101)13.4位置状态事件 (103)13.4.1过程 (103)13.4.2ENVELOPE（事件下载-位置状态）命令结构 (104)13.5用户动作事件 (105)13.5.1过程 (105)13.5.2ENVELOPE（事件下载-用户动作）命令结构 (105)13.6空闲屏幕可用事件 (106)13.6.1过程 (106)13.6.2ENVELOPE（事件下载-空闲屏幕可用）命令结构 (106)14标记值 (107)14.1ME到SIM卡方向的BER-TLV标记 (107)14.2SIM卡到ME方向的BER-TLV标记 (107)14.3双向SIMPLE-TLV标记 (108)14.4命令及下一个动作指示器的类型 (111)14.5允许命令类型及设备标识的组合 (113)附录A ME支持的SIM卡应用工具箱 (114)附录B SIM卡应用工具箱通信的结构 (116)附录C ME支持的SIM卡应用工具箱（STK） (117)1范围本规范的制定是为了保证中国移动通信集团公司900/1800MHz TDMA数字蜂窝移动通信网的移动台中支持“SIM卡应用工具箱”的SIM卡和移动设备（ME）之间能够正常运行。

File Transfer ProtocolFile Transfer Protocol (FTP) is a network protocol used to transfer data fromone computer to another through a network such as the Internet.FTP is a file transfer protocol for exchanging and manipulating files over a TCP computer network. A FTP client may connect to a FTP server to manipulate fileson that server. As there are many FTP client and server programs available for different operating systems, FTP is a popular choice for exchanging files independent of the operating systems involved.The TCP/IP model (RFC 1122)Application Layer BGP·DHCP·DNS·FTP·Gopher·GTP·HTTP·IMAP·IRC·NNTP·NTP·POP·RIP·RPC·RTCP·RTP·RTSP·SDP·SIP·SMTP·SNMP·SOAP·SSH·SSL·STUN·Telnet·TLS·XMPP·(more)Transport LayerTCP·UDP·DCCP·SCTP·RSVP·ECN·(more)Internet LayerIP (IPv4·IPv6) ·ICMP·ICMPv6·IGMP·IPsec·(more)Link Layer ARP·RARP·NDP·OSPF·Tunnels·Media Access Control·Device Drivers·(more)This box: view•talk•editConnection methodsFTP runs exclusively over TCP. It defaults to listen on port 21 for incoming connections from FTP clients. A connection to this port from the FTP Client forms the control stream on which commands are passed to the FTP server from theFTP client and on occasion from the FTP server to the FTP client. FTP uses out-of-band control, which means it uses a separate connection for control and data. Thus, for the actual file transfer to take place, a different connection is required which is called the data stream. Depending on the transfer mode, the process of setting up the data stream is different.In active mode, the FTP client opens a dynamic port, sends the FTP server the dynamic port number on which it is listening over the control stream and waits fora connection from the FTP server. When the FTP server initiates the data connection to the FTP client it binds the source port to port 20 on the FTP server.In order to use active mode, the client sends a PORT command, with the IP and port as argument. The format for the IP and port is "h1,h2,h3,h4,p1,p2". Eachfield is a decimal representation of 8 bits of the host IP, followed by the chosen data port. For example, a client with an IP of 192.168.0.1, listening on port 49154 for the data connection will send the command "PORT 192,168,0,1,192,2". The port fields should be interpreted as p1×256 + p2 = port, or, in this example,192×256 + 2 = 49154.In passive mode, the FTP server opens a dynamic port, sends the FTP client the server's IP address to connect to and the port on which it is listening (a 16-bit value broken into a high and low byte, as explained above) over the control stream and waits for a connection from the FTP client. In this case, the FTP client binds the source port of the connection to a dynamic port.To use passive mode, the client sends the PASV command to which the server would reply with something similar to "227 Entering Passive Mode(127,0,0,1,192,52)". The syntax of the IP address and port are the same as for the argument to the PORT command.In extended passive mode, the FTP server operates exactly the same as passive mode, however it only transmits the port number (not broken into high and low bytes) and the client is to assume that it connects to the same IP address that was originally connected to. Extended passive mode was added by RFC 2428 in September 1998.While data is being transferred via the data stream, the control stream sits idle. This can cause problems with large data transfers through firewalls which time out sessions after lengthy periods of idleness. While the file may well be successfully transferred, the control session can be disconnected by the firewall, causing an error to be generated.The FTP protocol supports resuming of interrupted downloads using the REST command. The client passes the number of bytes it has already received as argument to the REST command and restarts the transfer. In some commandline clients for example, there is an often-ignored but valuable command, "reget" (meaning "get again") that will cause an interrupted "get" command to be continued, hopefully to completion, after a communications interruption. Resuming uploads is not as easy. Although the FTP protocol supports the APPE command to append data to a file on the server, the client does not know the exact position at which a transfer got interrupted. It has to obtain the size of the file some other way, for example over a directory listing or using the SIZE command.In ASCII mode (see below), resuming transfers can be troublesome if client and server use different end of line characters.The objectives of FTP, as outlined by its RFC, are:1. To promote sharing of files (computer programs and/or data).2. To encourage indirect or implicit use of remote computers.3. To shield a user from variations in file storage systems among differenthosts.4. To transfer data reliably, and efficiently.Criticisms of FTP•Passwords and file contents are sent in clear text, which can be intercepted by eavesdroppers. There are protocol enhancements thatremedy this, for instance by using SSL, TLS or Kerberos.•Multiple TCP/IP connections are used, one for the control connection, and one for each download, upload, or directory listing. Firewalls may needadditional logic and/or configuration changes to account for theseconnections.•It is hard to filter active mode FTP traffic on the client side by using a firewall, since the client must open an arbitrary port in order to receive the connection. This problem is largely resolved by using passive mode FTP.•It is possible to abuse the protocol's built-in proxy features to tell a server to send data to an arbitrary port of a third computer; see FXP.•FTP is a high latency protocol due to the number of commands needed to initiate a transfer.•No integrity check on the receiver side. If a transfer is interrupted, the receiver has no way to know if the received file is complete or not. Someservers support extensions to calculate for example a file's MD5 sum (e.g.using the SITE MD5 command), XCRC, XMD5, XSHA or CRC checksum, however even then the client has to make explicit use of them. In theabsence of such extensions, integrity checks have to be managedexternally.•No date/timestamp attribute transfer. Uploaded files are given a new current timestamp, unlike other file transfer protocols such as SFTP, which allow attributes to be included. There is no way in the standard FTPprotocol to set the time-last-modified (or time-created) datestamp thatmost modern filesystems preserve. There is a draft of a proposedextension that adds new commands for this, but as of yet, most of thepopular FTP servers do not support it.Security problemsThe original FTP specification is an inherently insecure method of transferring files because there is no method specified for transferring data in an encrypted fashion. This means that under most network configurations, user names, passwords, FTP commands and transferred files can be "sniffed" or viewed by anyone on the same network using a packet sniffer. This is a problem common to many Internet protocol specifications written prior to the creation of SSL such asHTTP, SMTP and Telnet. The common solution to this problem is to use either SFTP (SSH File Transfer Protocol), or FTPS (FTP over SSL), which adds SSL or TLS encryption to FTP as specified in RFC 4217.FTP return codesMain article: List of FTP server return codesFTP server return codes indicate their status by the digits within them. A brief explanation of various digits' meanings are given below:•1xx: Positive Preliminary reply. The action requested is being initiated but there will be another reply before it begins.•2xx: Positive Completion reply. The action requested has been completed.The client may now issue a new command.•3xx: Positive Intermediate reply. The command was successful, but a further command is required before the server can act upon the request.•4xx: Transient Negative Completion reply. The command was not successful, but the client is free to try the command again as the failure is only temporary.•5xx: Permanent Negative Completion reply. The command was not successful and the client should not attempt to repeat it again.•x0x: The failure was due to a syntax error.•x1x: This response is a reply to a request for information.•x2x: This response is a reply relating to connection information.•x3x: This response is a reply relating to accounting and authorization.•x4x: Unspecified as yet•x5x: These responses indicate the status of the Server file system vis-a-vis the requested transfer or other file system action.Anonymous FTPA host which provides an FTP service may additionally provide Anonymous FTP access as well. Under this arrangement, users do not strictly need an account on the host. Instead the user typically enters 'anonymous' or 'ftp' when prompted for username. Although users are commonly asked to send their email address as their password, little to no verification is actually performed on the supplied data.As modern FTP clients typically hide the anonymous login process from the user, the ftp client will supply dummy data as the password (since the user's email address may not be known to the application). For example, the following ftp user agents specify the listed passwords for anonymous logins:•Mozilla Firefox (2.0) — mozilla@•KDE Konqueror (3.5) — anonymous@•wget (1.10.2) — -wget@•lftp (3.4.4) — lftp@The Gopher protocol has been suggested as an alternative to anonymous FTP, as well as Trivial File Transfer Protocol and File Service Protocol.[citation needed] Data formatWhile transferring data over the network, several data representations can be used. The two most common transfer modes are:1. ASCII mode2. Binary mode: In "Binary mode", the sending machine sends each file bytefor byte and as such the recipient stores the bytestream as it receives it.(The FTP standard calls this "IMAGE" or "I" mode)In "ASCII mode", any form of data that is not plain text will be corrupted. When a file is sent using an ASCII-type transfer, the individual letters, numbers, and characters are sent using their ASCII character codes. The receiving machine saves these in a text file in the appropriate format (for example, a Unix machine saves it in a Unix format, a Windows machine saves it in a Windows format). Hence if an ASCII transfer is used it can be assumed plain text is sent, which is stored by the receiving computer in its own format. Translating between text formats might entail substituting the end of line and end of file characters used on the source platform with those on the destination platform, e.g. a Windows machine receiving a file from a Unix machine will replace the line feeds with carriage return-line feed pairs. It might also involve translating characters; for example, when transferring from an IBM mainframe to a system using ASCII, EBCDIC characters used on the mainframe will be translated to their ASCII equivalents, and when transferring from the system using ASCII to the mainframe, ASCII characters will be translated to their EBCDIC equivalents.By default, most FTP clients use ASCII mode. Some clients try to determine the required transfer-mode by inspecting the file's name or contents, or by determining whether the server is running an operating system with the same text file format.The FTP specifications also list the following transfer modes:1. EBCDIC mode - this transfers bytes, except they are encoded in EBCDICrather than ASCII. Thus, for example, the ASCII mode server2. Local mode - this is designed for use with systems that are word-orientedrather than byte-oriented. For example mode "L 36" can be used totransfer binary data between two 36-bit machines. In L mode, the wordsare packed into bytes rather than being padded. Given the predominanceof byte-oriented hardware nowadays, this mode is rarely used. However,some FTP servers accept "L 8" as being equivalent to "I".In practice, these additional transfer modes are rarely used. They are however still used by some legacy mainframe systems.The text (ASCII/EBCDIC) modes can also be qualified with the type of carriage control used (e.g. TELNET NVT carriage control, ASA carriage control), although that is rarely used nowadays.Note that the terminology "mode" is technically incorrect, although commonly used by FTP clients. "MODE" in RFC 959 refers to the format of the protocol data stream (STREAM, BLOCK or COMPRESSED), as opposed to the format of the underlying file. What is commonly called "mode" is actually the "TYPE", which specifies the format of the file rather than the data stream. FTP also supports specification of the file structure ("STRU"), which can be either FILE (stream-oriented files), RECORD (record-oriented files) or PAGE (special type designed for use with TENEX). PAGE STRU is not really useful for non-TENEX systems, and RFC1123 section 4.1.2.3 recommends that it not be implemented.FTP and web browsersMost recent web browsers and file managers can connect to FTP servers, although they may lack the support for protocol extensions such as FTPS. This allows manipulation of remote files over FTP through an interface similar to that used for local files. This is done via an FTP URL, which takes the formftp(s)://<ftpserveraddress> (e.g., ftp:///). A password can optionally be given in the URL, e.g.:ftp(s)://<login>:<password>@<ftpserveraddress>:<port>. Most web-browsers require the use of passive mode FTP, which not all FTP servers are capable of handling. Some browsers allow only the downloading of files, but offer no way to upload files to the server.FTP and NAT devicesThe representation of the IPs and ports in the PORT command and PASV reply poses another challenge for NAT devices in handling FTP. The NAT device must alter these values, so that they contain the IP of the NAT-ed client, and a port chosen by the NAT device for the data connection. The new IP and port will probably differ in length in their decimal representation from the original IP and port. This means that altering the values on the control connection by the NAT device must be done carefully, changing the TCP Sequence and Acknowledgment fields for all subsequent packets.For example: A client with an IP of 192.168.0.1, starting an active mode transfer on port 1025, will send the string "PORT 192,168,0,1,4,1". A NAT device masquerading this client with an IP of 192.168.15.5, with a chosen port of 2000 for the data connection, will need to replace the above string with "PORT192,168,15,5,7,208".The new string is 23 characters long, compared to 20 characters in the original packet. The Acknowledgment field by the server to this packet will need to be decreased by 3 bytes by the NAT device for the client to correctly understand that the PORT command has arrived to the server. If the NAT device is not capable of correcting the Sequence and Acknowledgement fields, it will not be possible to use active mode FTP. Passive mode FTP will work in this case, because the information about the IP and port for the data connection is sent by the server, which doesn't need to be NATed. If NAT is performed on the server by the NAT device, then the exact opposite will happen. Active mode will work, but passive mode will fail.It should be noted that many NAT devices perform this protocol inspection and modify the PORT command without being explicitly told to do so by the user. This can lead to several problems. First of all, there is no guarantee that the used protocol really is FTP, or it might use some extension not understood by the NAT device. One example would be an SSL secured FTP connection. Due to the encryption, the NAT device will be unable to modify the address. As result, active mode transfers will fail only if encryption is used, much to the confusion of the user.The proper way to solve this is to tell the client which IP address and ports to use for active mode. Furthermore, the NAT device has to be configured to forward the selected range of ports to the client's machine.See also Application-level gatewayFTP over SSH (SFTP)FTP over SSH (SFTP) refers to the practice of tunneling a normal FTP session over an SSH connection.Because FTP uses multiple TCP connections (unusual for a TCP/IP protocol that is still in use), it is particularly difficult to tunnel over SSH. With many SSH clients, attempting to set up a tunnel for the control channel (the initial client-to-server connection on port 21) will protect only that channel; when data is transferred, the FTP software at either end will set up new TCP connections (data channels) which will bypass the SSH connection, and thus have no confidentiality, integrity protection, etc.If the FTP client is configured to use passive mode and to connect to a SOCKS server interface that many SSH clients can present for tunneling, it is possible to run all the FTP channels over the SSH connection.Otherwise, it is necessary for the SSH client software to have specific knowledge of the FTP protocol, and monitor and rewrite FTP control channel messages and autonomously open new forwardings for FTP data channels. Version 3 of SSH Communications Security's software suite, and the GPL licensed FONC are two software packages that support this mode.FTP over SSH is sometimes referred to as secure FTP; this should not be confused with other methods of securing FTP, such as with SSL/TLS (FTPS). Other methods of transferring files using SSH that are not related to FTP include SFTP and SCP; in each of these, the entire conversation (credentials and data) is always protected by the SSH protocol.See also•FTAM•FTPFS•List of FTP server return codes•List of FTP commands•List of file transfer protocols•OBEX•Shared file access•TCP Wrapper•Comparison of FTP client software•List of FTP server software•Comparison of FTP server softwareFurther readingThe protocol is standardized in RFC 959 by the IETF as:•RFC 959 File Transfer Protocol (FTP). J. Postel, J. Reynolds. Oct-1985.This obsoleted the preceding RFC 765 and earlier FTP RFCs back to the original RFC 114.•RFC 1579 Firewall-Friendly FTP.•RFC 2228 — FTP Security Extensions•RFC 2428 — Extensions for IPv6, NAT, and Extended passive mode Sep-1998.•RFC 3659 — Extensions to FTP. P. Hethmon. March-2007. External links•FTP Reviewed — a review of the protocol notably from a security standpoint•Raw FTP command list•FTP Sequence Diagram (in PDF format)Retrieved from "/wiki/File_Transfer_Protocol"。

Copyright 1993 RSA Laboratories, a division of RSA Data Security, Inc. License to copy this document is granted provided that it is identified as "RSA Data Security, Inc. Public-Key Cryptography Standards (PKCS)" in all material mentioning or referencing this document.003-903025-100-000-000PKCS #10: Certification Request Syntax Standard An RSA Laboratories Technical NoteVersion 1.0November 1, 1993*1. ScopeThis standard describes a syntax for certification requests. A certification request consists of a distinguished name, a public key, and optionally a set of attributes,collectively signed by the entity requesting certification. Certification requests are sent to a certification authority, who transforms the request to an X.509public-key certificate, or a PKCS #6 extended certificate. (In what form the certification authority returns the newly signed certificate is outside the scope of this document. A PKCS #7 message is one possibility.)The intention of including a set of attributes is twofold: to provide other information about a given entity, such as the postal address to which the signed certificate should be returned if electronic mail is not available, or a "challenge password" by which the entity may later request certificate revocation; and to provide attributes for a PKCS #6 extended certificate. A non-exhaustive list of attributes is given in PKCS #9.Certification authorities may also require non-electronic forms of request and may return non-electronic replies. It is expected that descriptions of such forms,which are outside the scope of this document, will be available from the certification authority.The preliminary intended application of this standard is to support PKCS #7cryptographic messages, but is expected that other applications will be developed.*New document. PKCS documents are available by electronic mail to <pkcs@>.Page 2E RROR! N O TEXT OF SPECIFIED STYLE IN DOCUMENT.2. ReferencesPKCS #1RSA Laboratories. PKCS #1: RSA Encryption Standard. Version 1.5, November 1993.PKCS #6RSA Laboratories. PKCS #6: Extended-Certificate Syntax Standard. Version 1.5, November 1993.PKCS #7RSA Laboratories. PKCS #7: Cryptographic Message Syntax Standard. Version 1.5, November 1993.PKCS #9RSA Laboratories. PKCS #9: Selected Attribute Types. Version 1.1, November 1993. RFC 1424 B. Kaliski. RFC 1424: Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services. February 1993.X.208CCITT. Recommendation X.208: Specification of Abstract Syntax Notation One (ASN.1). 1988.X.209CCITT. Recommendation X.209: Specification of Basic Encoding Rules for Abstract Syntax Notation One (ASN.1). 1988.X.500CCITT. Recommendation X.500: The Directory—Overview of Concepts, Models and Services. 1988.X.501CCITT. Recommendation X.501: The Directory—Models. 1988.X.509CCITT. Recommendation X.509: The Directory—Authentication Framework. 1988. 3. DefinitionsFor the purposes of this standard, the following definitions apply. AlgorithmIdentifier: A type that identifies an algorithm (by object identifier) and any associated parameters. This type is defined in X.509. Attribute: A type that contains an attribute type (specified by object identifier) and one or more attribute values. This type is defined in X.501.ASN.1: Abstract Syntax Notation One, as defined in X.208.BER: Basic Encoding Rules, as defined in X.209.Certificate: A type that binds an entity's distinguished name to a public key with a digital signature. This type is defined in X.509. This type also contains the distinguished name of the certificate issuer (the signer), an issuer-specific serial number, the issuer's signature algorithm identifier, and a validity period.4. S YMBOLS AND ABBREVIATIONS Page 3 DER: Distinguished Encoding Rules for ASN.1, as defined in X.509, Section 8.7. Name: A type that uniquely identifies or "distinguishes" objects in a X.500 directory. This type is defined in X.501. In an X.509 certificate, the type identifies the certificate issuer and the entity whose public key is certified.4. Symbols and abbreviationsNo symbols or abbreviations are defined in this standard.5. General overviewThe next section specifies certification request syntax.This standard exports one type, CertificationRequest.6. Certification request syntaxThis section gives the syntax for certification requests.A certification request consists of three parts: "certification request information,"a signature algorithm identifier, and a digital signature on the certification request information. The certification request information consists of the entity's distinguished name, the entity's public key, and a set of attributes providing other information about the entity.The process by which a certification request is constructed involves the following steps:1. A CertificationRequestInfo value containing adistinguished name, a public key, and optionally a set of attributesis constructed by an entity.2.The CertificationRequestInfo value is signed with theentity's private key. (See Section 6.2.)3.The CertificationRequestInfo value, a signature algorithmidentifier, and the entity's signature are collected together into aCertificationRequest value, defined below.Page 4E RROR! N O TEXT OF SPECIFIED STYLE IN DOCUMENT.A certification authority fulfills the request by verifying the entity's signature, and, if it is valid, constructing a X.509 certificate from the distinguished name and public key, as well as an issuer name, serial number, validity period, and signature algorithm of the certification authority's choice. If the certification request contains a PKCS #9 extended-certificate-attributes attribute, the certification authority also constructs a PKCS #6 extended certificate from the X.509 certificate and the extended-certificate-attributes attribute value.In what form the certification authority returns the new certificate is outside the scope of this document. One possibility is a PKCS #7 cryptographic message with content type signedData, following the degenerate case where there are no signers. The return message may include a certification path from the new certificate to the certification authority. It may also include other certificates such as cross-certificates that the certification authority considers helpful, and it may include certificate-revocation lists (CRLs). Another possibility is that the certification authority inserts the new certificate into a central database.This section is divided into two parts. The first part describes the certification-request-information type CertificationRequestInfo, and the second part describes the top-level type CertificationRequest.Notes.1.An entity would typically send a certification request aftergenerating a public-key/private-key pair, but may also do so aftera change in the entity's distinguished name.2.The signature on the certification request prevents an entity fromrequesting a certificate with another party's public key. Such anattack would give the entity the minor ability to pretend to be theoriginator of any message signed by the other party. This attack issignificant only if the entity does not know the message beingsigned, and the signed part of the message does not identify thesigner. The entity would still not be able to decrypt messagesintended for the other party, of course.3.How the entity sends the certification request to a certificationauthority is outside the scope of this standard. Both paper andelectronic forms are possible.4.This standard is not compatible with the certification requestsyntax for Privacy-Enhanced Mail, as described in RFC 1424. Thesyntax in this standard differs in three respects: It allows a set ofattributes; it does not include issuer name, serial number, orvalidity period; and it does not require an "innocuous" message to6. C ERTIFICATION REQUEST SYNTAX Page 5be signed. The syntax in this standard is designed to minimizerequest size, an important constraint for those certificationauthorities accepting requests on paper.6.1 CertificationRequestInfoCertification request information shall have ASN.1 type CertificationRequestInfo:CertificationRequestInfo::=SEQUENCE{version Version,subject Name,subjectPublicKeyInfo SubjectPublicKeyInfo,attributes[0]IMPLICIT Attributes}Version::=INTEGERAttributes::=SET OF AttributeThe fields of type CertificationRequestInfo have the following meanings:•version is the version number, for compatibility with future revisions of this standard. It shall be 0 for this version of thestandard.•subject is the distinguished name of the certificate subject (the entity whose public key is to be certified).•subjectPublicKeyInfo contains information about the public key being certified. The information identifies the entity's public-key algorithm (and any associated parameters); examples of public-key algorithms include X.509's rsa and PKCS #1'srsaEncryption. The information also includes a bit-stringrepresentation of the entity's public key. For both public-keyalgorithms just mentioned, the bit string contains the BER encodingof a value of X.509/PKCS #1 type RSAPublicKey.•attributes is a set of attributes providing additional information about the subject of the certificate. Some attribute types that mightbe useful here are defined in PKCS #9. An example is the challenge-password attribute, which specifies a password by which the entitymay request that the certificate revocation. Another example is theextended-certificate-attributes attribute, which specifies attributesfor a PKCS #6 extended certificate.Page 6E RROR! N O TEXT OF SPECIFIED STYLE IN DOCUMENT.6.2 CertificationRequestA certification request shall have ASN.1 type CertificationRequest: CertificationRequest::=SEQUENCE{certificationRequestInfo CertificationRequestInfo,signatureAlgorithm SignatureAlgorithmIdentifier,signature Signature}SignatureAlgorithmIdentifier::=AlgorithmIdentifier Signature::=BIT STRINGThe fields of type CertificationRequest have the following meanings:•certificateRequestInfo is the "certification request information." It is the value being signed.•signatureAlgorithm identifies the signature algorithm (and any associated parameters) under which the certification-requestinformation is signed. Examples include PKCS #1'smd2WithRSAEncryption and md5WithRSAEncryption.•signature is the result of signing the certification request information with the certification request subject's private key.The signature process consists of two steps:1.The value of the certificationRequestInfo field is DERencoded, yielding an octet string.2.The result of step 1 is signed with the certification request subject'sprivate key under the specified signature algorithm, yielding a bitstring, the signature.Note. The syntax for CertificationRequest could equivalently be written with the X.509 SIGNED macro:CertificationRequest::=SIGNED CertificateRequestInfoR EVISION HISTORY Page 7 Revision historyVersion 1.0Version 1.0 is the initial version.Author's addressRSA Laboratories(415) 595-7703100 Marine Parkway(415) 595-4126 (fax)Redwood City, CA 94065 USA pkcs-editor@。

英文网络聊天缩略语表情符号大全AAK Alive And KickingAAR At Any RateAAS Alive And SmilingADN Any Day NowAFAIK As Far As I KnowAFK Away From the KeyboardAFN that's All For NowAOTA All Of The Abovea/s/l or asl Age/Sex/Location - (used to ask a chatter their personal information)AV Avatar - Graphical representation (a picture) often used in chat rooms to depict a person that is in the room and chatting.b4BeforeBAK Back At Keyboard (I'm back)BBL Be Back LaterBBS Be Back SoonBCNU I'll Be Seeing You.b/f Boyfriend (also shown as bf, B/F, or BF)BEG Big Evil GrinBFN Bye For NowBMA Bite My A** (became popular with the Simpson's cartoon show)boot To get kicked out of a chat room, or have to restart the computer because you couldn't talk in the chat room anymore.BR Best RegardsBRB Be Right BackBRH Be Right HereBSEG Big S**t Eatin GrinBTA But Then Again....BTW By The Waybtw BeTWeen you and me ...chat room A web page where people gather using software that allows them to talk to one another in real time.CRS Can't Remember S**tCU See You - also posted as cyaCUS Can't Understand S**t (stuff)CNP Continued in Next Post (seen more on message boards than chat)CP Chat PostCUL8R See You LaterCUOL See You On LineCYA See Yadd, ds, dh Darling or Dear: Dear Son, Dear Daughter, or DearHusband. Usually exchanged in family chats.DDSOS Different Day, Same Old S**tDEGT Don't Even Go There (I don't want to talk about it)DIKU Do I Know You?DIS Did I SayD/L, DL, d/l, dl Downloading, or Download it.EG Evil GrinEM E-MailEMA E-mail Address (example: ?ema or ema? = what is your email address) EOT End Of Thread (meaning end of discussion)ez or EZ easy (one of the really old ones)F2F Face To FaceFAQ Frequently Asked QuestionFISH First In Still Here (someone who is on line TOO much)FITB Fill In The Blanksflame to insult someone. Used when a person asks a stupid question, or says something rude to irritate the users of a chat room or message board. FOCL Falling Off Chair - Laughingforum What todays message boards are called. Often using php as defining language to quickly write 'real time' messages and replies to a web site (or page) FTS F*** This S***fu f*** you (If you can't figure this one out, you shouldn't be on line) FUBAR"Fouled" Up Beyond All Repair / RecognitionFUD Fear, Uncertainty, and DoubtFWIW For What It's WorthFYI For Your InformationGA Go AheadGAL Get A Lifegest Gesture ... a small multimedia file played over the internet, usually expressing an emotion or comment.g/f Girlfriend (also shown as gf, G/F, or GF)GFN Gone For NowGGOH Gotta Get Outta HereGMTA Great Minds Think AlikeGR Gotta RunGR&D Grinning, Running, and Ducking.GTR Got To RunGTRM Going To Read Mail (leaving chat room to check email)H&K Hugs and Kisseshack person who breaks into software, or disrupts a chat room.HAGD Have A Good DayHAGO Have A Good OneHalsoft Name of a company that purchased the brand of Chat that Excite offered, now a pay as you go service.HB Hurry BackHosts Refers to the people that are running the chat room, they usually have the ability to kick a person off due to rude behavior.HTH Hope That Helpshuggles HugsIAC In Any CaseIB I'm BackIC I SeeIDN I Don't kNowIDK I Don't KnowIDTS I Don't Think SoIANAL I'm Am Not A Lawyer (expect an uninformed opinion)IC I SeeICQ I Seek You. A computer program used to communicate instantly over the Internet.ILU or ILY I Love YouIM Instant MessageIMHO In My Humble Opinion (or In My Honest Opinion)IMO In My OpinionIOH I'm Out of HereIOW In Other WordsIRL In Real LifeIYO In Your OpinionJAS Just A SecondJIC Just In CaseJK Just KiddingJMO Just My OpinionJW Just Wonderingk, K, or kk O. K.KIT Keep In TouchL8R Later (an early one, kind of outdated with current 'young geeks') LMAO Laughing My Ass OffLFFAO Laughing My F***(freaking) Ass OffLOL Laughing Out LoudLTNS Long Time No SeeLTS Laughing To ones SelfLY I Love Ya.LYL Love You LotsMessage Board. A web page where people write comments, and those comments are than added to that web-page for others to view. Used to carry on conversation, request information, and relay messages.MUG Refers to a new user of that chat program, goes back to Excite VP days when the AV (or icon) that represented someone new was a picture of a coffee mug.NE1 Anyonenewbie refers to a person who is new to an area or technology. Also seen as nube, nooby, nubie, nb, etc.NFW No Feasible (or F***ing) WayNIMBY Not In My Back Yardnm, or NM Never MindNP, np No ProblemNRN 1. No Response Necessary 2. Not Right NowNT No ThanksOBTW Oh, By The Way.OIC Oh, I SeeOF Old Fart, someone who has been around for a while.OJ or OK Only Joking or Only KiddingOL the Old LadyOM the Old ManOMG Oh My Gosh (although it's usually used with the Lords name in place of "gosh")OT Off Topicoth or OTH Off The Hook: Something is really popular, or hot. Very exciting.otr or OTR Off The Rack: Saying that something is outside the ordinary. OTE Over The Edge (beyond common sense or beyond good taste) OTOH On The Other Hand ...OTOMH Off the Top of My Head ...OTW On The Way ... I've sent a file to you, it's "On the way"P911 My parents are in the room. P=Parents, and 911=emergency, in other words either drop the subject, or watch the language.PANS Pretty Awesome New Stuff (often referring to computer technology) PCMCIA Personal Computer Memory Cards International AssociationPCMCIA People Can't Master Computer Industry Acronyms (slang) PEBCAK Problem Exists Between Chair And Keyboardpeeps People. example: "There sure are a lot of peeps in this room" - meaning a lot of people are in the chat room.peep this Hey, listen to this, I've got some interesting news.PITA Pain In The AssPLZ PleasePMJI Pardon Me for Jumping In (when you enter into a new conversation) poof when someone leaves a chat room, often seen as *poof* as in boy he *poofed* in a hurry.POTS Plain Old Telephone ServicePOS Parents are looking Over my Shoulder.POTS Parents Over The Shoulder - (My parents are watching, I can't really talk)PPL PeopleQT CutieRFC Request For Comments (used more in newsgroups, a page or pages that supply technical information)rl or RL Real Life (as opposed to being online)r m or RM Ready Made: pre-existingROFL Rolling On Floor, LaughingROTF Rolling On The Floor (laughing is implied)ROTFLMAO Rolling On The Floor Laughing My Ass OffROTFLMFAO Rolling On The Floor Laughing F(***ing) My Ass OffRSN Real Soon Nowr/t Real Time (also: RT, or rt)RTFM Read The "Flippin" Manual (response to beginner question on net, chat, newsgroups, etc.)RU aRe yoU?SEG Shit Eating GrinSH Same HereSMS Short Message Service (more cell phones and pagers than chat rooms and the Internet)SN Screen Name. The name or moniker selected by person in an IM or chat program. ex: My "SN" in vp was "-lone.wolf"SNAFU Situation Normal, All "Fouled" UpSO Significant OtherSOL Shit Out Of LuckSOS Same Old S**t (stuff)SOTA State Of The Art (latest technology)SPST Same Place, Same TimeSSDD Same S**t, Different DaySTR8Straight (can refer to sex, or DSTR8 as in Damn Straight)STW Search The WebSY Sincerely YoursSYL See You LaterTAFN That's All For NowTC Take CareTFH Thread From Hell (a topic or discussion that won't stop - esp. newsgroups)TGIF Thank Goodness It's FridayTHX Thanks!TIA Thanks In AdvanceTM Text Message (often refers to communications with text over cell phones) TMI Too Much Info. (information)TNT 'Til Next TimeTPS That's Pretty StupidTPTB The Powers That Be (can sometimes refer to the people that are running the chat room or server)TRDMF Tears Running Down My Face: Can be with either laughter, or due to saddness.TS Tough S**tTSFY Tough S**t For YouTTFN Ta-Ta For NowTTTT These Things Take TimeTTYL Talk To You LaterTY Thank YouTYT Take Your TimeTYVM Thank You Very MuchVPPH Virtual Places Page HostUS You Suckusa or USA Until Sides Ache: Usually used with one of the laughter acronyms such as "lolusa" Laughing Out Loud Until my Sides Ache. I've also heard that some folks substitute ush for "Until Sides Hurt". rotflolush = rolling on the floor, laughing out loud, until my sides hurt.UV Unpleasant VisualUW yoU're WelcomeUY Up Yoursvp or VP Virtual Places: A brand of chat offered by Excite in the late 90s and early 2000.WB Welcome Back (you say this when someone returns to a chat room) WC WelComeWEG Wicked Evil GrinWEU What's Eating You?WFM Works For MeWIIFM What's In It For Me?WTG Way To GoWTF What The F**KWT? What The ...? or Who the ...?WTGP? Want To Go Private? (move to a private chat room)WWJD What Would Jesus Do?YAA Yet Another AcronymYBS You'll Be SorryYL Young LadyYM Young ManYMMV Your Mileage May VaryYR Yea, Right. (sarcastic)*ys*You StinkerYVW You're Very WelcomeYW You're Welcome*s*, *S*, <s>, = smile*g*, <g> = grinxoxo = hugs and kisseshuggggggsssss = hugs*w*, <w> = wink*g*, = giggles*k*, *K* = kiss;-)~~~~~~~~ = giving someone the raspberries. (((((person))))) = giving them a virtual hug.\~/ = glass with a drink. (usually booze)^5 = high five?^ = What's Up?\_/? = a cup of tea[_]> + Cup of coffee@@@ = Cookies@--/-- = a rose:-) .. smile;-) ... wink<:-| ... curious:~) ... cute:-( ... sad8-) ... wears glasses:-} ... embarrassed:-/ ... perplexed, confused:,-( ..or ;`-( .... to cry:-< ... pouting>:-( ... angry0:-) ... angel:-| ... bored or no opinion:-> ... grin/mischievous| -) ... dreaming:-O ... shouting, or shocked:-o ... talking, or surprised>:-|| ... mad / angry:-D ... big grin or laugh=:-O ... scared:-x ... keeping mouth shut:o) ... smiles (w/nose):-))))))) ... lots of smiles;-P ... sticking tongue out:P ... sticking tongue out# 8 - ) ... nerd, or or person with glasses and crew cut.&-( ... crying!:-) .. I have an idea;-{ ) ... person with a mustache ;-)~ ... sexy tongue - or drunk ;~) ... being cutec["] ... coffee mug[_]> ... another cup or mug:-> ... grin/mischievous<:-| ... curious|-| ... sound asleep:-x .. I'm keeping my mouth shut。