[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

GOST: Bad DNs in RFC 4491 examples

To: <ietf-pkix@xxxxxxx>
Subject: GOST: Bad DNs in RFC 4491 examples
From: "Manger, James H" <James.H.Manger@xxxxxxxxxxxxxxxx>
Date: Tue, 30 May 2006 15:02:35 +1000
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
Thread-index: AcZ9/4bysZlGQUbjS+ufOoyJWTLGhAFpGYHQ
Thread-topic: GOST: Bad DNs in RFC 4491 examples

I guess it is too late to put sensible distinguished names in the sample certificates [issuer and subject fields in certs from sections 4.1 and 4.2].

1. An email address should go in the subjectAltName.rfc822Name extension.  [Actually it MUST go there according to the last paragraph of section 4.1.2.6 "Subject" in RFC 3280]
2. The country, org and common name RDNs are in the wrong order.

Current DN (in pseudo RFC2253 format and pseudo value notation):

EMAILADDRESS=GostR3410-94@xxxxxxxxxxx,C=RU,O=CryptoPro,CN=GostR3410-94 example

 subject rdnSequence:{
   commonName utf8String:"GostR3410-94 example"
   / organizationName utf8String:"CryptoPro"
   / countryName "RU"
   / emailAddress "GostR3410-94@xxxxxxxxxxx"
 },

Prev by Date: Re: draft-ietf-pkix-scvp-24.txt
Next by Date: Re: draft-ietf-pkix-scvp-24.txt
Previous by thread: I-D ACTION:draft-ietf-pkix-scvp-25.txt
Next by thread: draft-ietf-pkix-scvp-25.txt
Index(es):
- Date
- Thread