Establishing application policies

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Establishing application policies

Application policies, which are called enhanced key usage in Windows 2000, define how a certificate can be used. Specifically, application policies are object identifiers that are included in the issued certificate. When a subject uses that certificate, Windows Server 2003, Standard Edition, reads the application policies to determine if this certificate can be used for the current intended purpose. If the intended purpose is included in the application policies, the operation continues. If not, the operation fails.

Because these application policies are simply text labels with an associated object identifier, there are no options associated with them. The only special application policy is All application policies, which indicates that this policy includes all others. This is normally reserved for certificates held by certification authorities.