[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Straw Poll: SerialNumber definition

To: "ietf-pkix@xxxxxxx" <ietf-pkix@xxxxxxx>, "'Denis Pinkas'" <Denis.Pinkas@xxxxxxxx>
Subject: RE: Straw Poll: SerialNumber definition
From: Anders Rundgren <anders.rundgren@xxxxxxxxxx>
Date: Mon, 21 Feb 2000 11:08:06 +0100
Cc: "EL-SIGN@xxxxxxxxxxxx" <EL-SIGN@xxxxxxxxxxxx>

Denis,

<snip>

>All concepts could nicely co-exist if we could find a way to say on
>*which* components of the DN the dnq (DN Qualifier) would apply.
>Rather than leaving the interpretation to an (unprocessable)
>Certificate Policy OID, we should define a way to express which
>components of the RDN should be associated with the dnq to make the
>name unmistakable and *permanently* unique. 

>In this way RPs could use this minimum structure in their ACLs. Note
>that at the same time this would define the rule to compare two
>certificates, i.e. know whether they bear the same minimum permanent
>structure and hence refer to the same individual or not.

This sounds like MUSIC in my ears!

<snip>

Anders

Prev by Date: unsubscribe
Next by Date: AC profile
Previous by thread: Re: Straw Poll: SerialNumber definition
Next by thread: RE: Straw Poll: SerialNumber definition
Index(es):
- Date
- Thread