3 files changed, 11 insertions, 1 deletions

diff --git a/sm/certchain.c b/sm/certchain.c
index 647adc030..054ca4c83 100644
--- a/sm/certchain.c
+++ b/sm/certchain.c
@@ -136,6 +136,8 @@ allowed_ca (ksba_cert_t cert, int *chainlen, int listmode, FILE *fp)
     {
       if (get_regtp_ca_info (cert, chainlen))
         {
+          /* Note that dirmngr takes a different way to cope with such
+             certs. */
           return 0; /* RegTP issued certificate. */
         }
 
diff --git a/sm/certreqgen.c b/sm/certreqgen.c
index 7a9847858..9ca16017d 100644
--- a/sm/certreqgen.c
+++ b/sm/certreqgen.c
@@ -66,7 +66,7 @@ The format of the native parameter file is follows:
 	Length of the key in bits.  Default is 1024.
      Key-Grip: hexstring
         This is optional and used to generate a request for an already
-        existsing key.  Key-Length will be ignored when given,
+        existing key.  Key-Length will be ignored when given,
      Key-Usage: <usage-list>
         Space or comma delimited list of key usage, allowed values are
         "encrypt" and "sign".  This is used to generate the KeyUsage extension.
diff --git a/sm/keylist.c b/sm/keylist.c
index c44d62102..199737541 100644
--- a/sm/keylist.c
+++ b/sm/keylist.c
@@ -70,6 +70,9 @@ struct {
 
   { "2.16.840.1.113730.4.1", "serverGatedCrypto.ns" }, /* Netscape. */
   { "1.3.6.1.4.1.311.10.3.3", "serverGatedCrypto.ms"}, /* Microsoft. */
+
+  { "1.3.6.1.5.5.7.48.1.5", "ocspNoCheck" },
+
   { NULL, NULL }
 };
 
@@ -125,6 +128,11 @@ static struct {
   { "1.3.6.1.5.5.7.1.10", "acProxying" },
   { "1.3.6.1.5.5.7.1.11", "subjectInfoAccess" },
 
+  { "1.3.6.1.5.5.7.48.1", "ocsp" },
+  { "1.3.6.1.5.5.7.48.2", "caIssuers" },
+  { "1.3.6.1.5.5.7.48.3", "timeStamping" },
+  { "1.3.6.1.5.5.7.48.5", "caRepository" },
+
   /* X.509 id-ce */
   { "2.5.29.14", "subjectKeyIdentifier", 1},
   { "2.5.29.15", "keyUsage", 1 },