RE: Indentication confusion continues

["Stefan Santesson" <stefan@xxxxxxxxxxx>]

Anders,

Your way of using serialNumber fits well in the QC definition. We could not
limit the use of serialNumber to a static identifier based on the past
discussions.

/Stefan


> -----Original Message-----
> From: Anders Rundgren [mailto:anders.rundgren@jaybis.com]
> Sent: Sunday, February 13, 2000 09:05
> To: Magnus (RSA); ietf-pkix@imc.org; Stefan Santesson
> Subject: QC: Indentication confusion continues
>
>
> Guys,
> After a quick reading of the QC-03 draft I am pretty puzzled.
>
> You have simply renamed dNqualifier into serialNumber.  Where
> did last years endless
> discussion landed?
>
> serialNumber is now made into a name collosion eliminator
> which is a completely different
> task than it has in for example the Swedish and Finnish
> ID-card programs which was one
> of the reasons to switch from dnqualifier.
>
> In those systems serialNumber is a unique identitity and
> other attributes are simply "informative".
>
> You had a number of options to solve this but I can't see any
> traces of this in the draft.
> Of course a CA can define a unique QC statement saying how
> attributes are to be used but that
> is totally redundant and requires proprietary interpretation
> at run-time.
>
> So basically you have "smart-coded" serialNumber into having
> multiple semantics which
> is plain stupid when there are existing attributes like qnQualifier.
>
> Or is it still the "politically correct issues" that haunts
> this draft?.  I.e. that SSN's and similar
> unique identities should not be directly supported  as it
> could be interpreted
> as a recommendation?
>
> Anders