[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Microsoft and multi-valued RDNs
Steve,
I was just trying to understand things, It wasn't clear form the minute what
was the issue give that I wasn't at the meeting.
cheers
RFW
----- Original Message -----
From: "Stephen Kent" <kent@xxxxxxx>
To: <RWEISER@xxxxxxxxxxxx>
Cc: "Michael Ströder" <michael@xxxxxxxxxxxx>; <ietf-pkix@xxxxxxx>
Sent: Thursday, July 24, 2003 3:17 PM
Subject: Re: Microsoft and multi-valued RDNs
>
> At 12:53 -0600 7/24/03, RWEISER@xxxxxxxxxxxx wrote:
> >Ah but it is on the directory side of things when we create the directory
> >entry the 0.9.2342.19200300.100.1.1 = D01E473E000000F58FE3DDDC00000709 is
a
> >multi name attribute. I can either search for Russel F Weiser and get
> >multiple entries for Russel F Weiser. Or if I formulation the LDAP search
as
> >0.9.2342.19200300.100.1.1 = D01E473E000000F58FE3DDDC00000709+CN = Russel
F
> >Weiser
> >I will get that exact entry only.
> >I am just trying to understand what the discussion was about.
> >Several years ago when I was looking at all this I tried to get CAs to
> >create DNs that were Mutlivalued RDNs but none of the CAs would do this.
So
> >I just made the directory do it when we published the certificate into
the
> >directory.
> >This allowed me to perform name uniqueness without searching the
directory
> >prior to signing a certificate.
> >cheers
> >RFW
> >
>
> The discussion is not about multiple names for a directory entry, but
> multiple attributes within a SET within a DN, especially the terminal
> RDN.
>
> Steve
>