[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Stray Poll: SerialNumber definition

To: "'Anders Rundgren'" <anders.rundgren@xxxxxxxxxx>, <EL-SIGN@xxxxxxxxxxxx>, <ietf-pkix@xxxxxxx>
Subject: Re: Stray Poll: SerialNumber definition
From: "Stefan Santesson" <stefan@xxxxxxxxxxx>
Date: Fri, 18 Feb 2000 15:55:45 +0100
Importance: Normal
In-reply-to: <61C5E6EA07DBD3119A670050DA74B1FC0ACA@www.naval.se>

Anders,

>Anders wrote:
>
> The QC-03 draft does neither specify how serialNumber is to
> be interpreted, nor specify
> how a CA should could inform an RP about its use of serialNumber.
>

This is all wrong.

Section 3.2.5.1 gives you all the tools you need to explicitly define the
nature of the content in the serialNumber attribute.

And you can do more than just identify that the information is unique per
user, you can also identify in what manner the information is unique (World
wide unique, unique per certificate in the issuers domain, unique per
subject in the issuers domain, unique per subject in the specified country
etc).

You can even define exactly the nature of the content (Swedish civic
registration code, Utah drivers license number, etc...)

And more to it, you can name the registration authority (Swedish tax
authority, Utah drivers license registry, etc...)

All of this you already have in QC 03, what else do you need ?

/Stefan

Prev by Date: Stray Poll: SerialNumber definition
Next by Date: SEIS: Stray Poll: SerialNumber definition
Previous by thread: Re: Stray Poll: SerialNumber definition
Next by thread: RE: Stray Poll: SerialNumber definition
Index(es):
- Date
- Thread