[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

National Identifier into Serial Number or SubjectAltName? (Was: Why don't using Permanent Identifier on QC certificates?)

To: "Robert Moskowitz" <rgm-sec@xxxxxxxxxxxxxxx>
Subject: National Identifier into Serial Number or SubjectAltName? (Was: Why don't using Permanent Identifier on QC certificates?)
From: Juan Carlos Perez Aguayo <juancarlos.perez@xxxxxxxxxx>
Date: Wed, 20 Dec 2000 12:57:39 -0400
Cc: "Ietf-Pkix" <ietf-pkix@xxxxxxx>
Importance: Normal
In-reply-to: <>
Reply-to: <juancarlos.perez@xxxxxxxxxx>

May be isn't a good idea to incorporate Permanet Identifier into a QC, as
Anders Rundgren did say to me:

"...If you use QC DN must be unique so you really do not have an alternative
but keep SerailNymber
and insert a redundant SerialNumber in a PI entry.

That's why I think PI is wrong. ..."

My principal concern is about how to incorporate a national ID into a
certificate, in a interoperable fashion.

I don't know how many countries has National IDs, and if is desired that
such ID could be to incorporated into a digital certificate, but in my
country (CHILE) so happen, and I wish to using a standard solution...

I think that QC is a good solution for certificates issued only a physical
people, and when a require a unique statement of identity

I like PI solution, mainly because I think that "Permanent Identifier" ia a
separate concept, and should be outer the DN, but I am concern about how
many support into the PKIX WG the PI has currently. Seem that QC has better
support today.

I am the Chief Technology Officer of a newly Certification Authority in my
country (we are currently not in production yet, but soon I hope :) ), and I
am strongly supporting "PKIX standards" for our certificates.

If you are not interested in a discussion on Chilean National IDs and
certificates, you might skip the
rest of this message.

In my country , Chile, the Civil Registry Authority issue a unique
identifier (on a national domain) on birth. This ID is put into a plastic
"identification card" (and biometrics information is on the card too). Every
citizen has a ID. This ID is used for many transactions: tax pay, obtaining
bank accounts, voting, ... Then I think that is nice to incorporate this ID
into a certificate, as a "virtual" identification card (whidauth photo and
biometrics).

The companies must to obtain a ID assigned by the authoruty too. This ID
uniquely identify the company into the country.


Which do you think that is the PI draft future support?

Thanks

Juan Carlos Perez Aguayo
CTO
Acepta.com
juancarlos.perez@acepta.com

Follow-Ups:
- RE: National Identifier into Serial Number or SubjectAltName?
  - From: Oscar Conesa
- Re: National Identifier into Serial Number or SubjectAltName? (Was: Why don't using Permanent Identifier on QC certificates?)
  - From: Denis Pinkas

References:
- Re: Why don't using Permanent Identifier on QC certificates?
  - From: Robert Moskowitz

Prev by Date: Re: Why don't using Permanent Identifier on QC certificates?
Next by Date: Re: National Identifier into Serial Number or SubjectAltName? (Was: Why don't using Permanent Identifier on QC certificates?)
Previous by thread: Re: Why don't using Permanent Identifier on QC certificates?
Next by thread: Re: National Identifier into Serial Number or SubjectAltName? (Was: Why don't using Permanent Identifier on QC certificates?)
Index(es):
- Date
- Thread