资 源 简 介
A certification path is an ordered list of certificates starting with a certificate issued by the relying
party s trust root, and ending with the target certificate that needs to be validated. Certification
path validation procedures are based on the algorithm supplied in ITU-T Recommendation X.509
and further defined in Internet Engineering Task Force (IETF) Request for Comments (RFC)
3280. Certification path processing verifies the binding between the subject distinguished name
and/or subject alternative name and the subject public key defined in the target certificate. The
binding is limited by constraints, which are specified in the certificates that comprise the path,
and inputs that are specified by the relying party. To ensure secure interoperation of PKI-enabled
applications, the path validation must be done in accordance with the X.509 and RFC 3280
specifications. This document provides the test assertions and the test cases for testing path
validation software against these specifications.