[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: X.509 certificate and its subject name field
What is the basis for this name re-use speculation ?
Clearly there will be no shortage of CA name space. What may
be a problem is a shortage of _desirable_ CA names. Witness
the shortage of desirable names in the DNS.
I'm sure that BULL and IBM would object mightily if I set up
a public CA that had a name which differed from one of their CA's
names by only a UID. Or wouldn't they ? :-)
> From: Denis Pinkas <D.Pinkas@frcl.bull.fr>
>
> (Shyh-Wei Luan) wrote:
>
> > CA names will become a scarce resource in years and need to reused.
>
> I would agree with that statement which would be a nice requirement ...
>
> > Thus I think CA's should also be assigned SUID's by their certifying CA's.
>
> .... but saying that the issuer Unique ID is the solution
> is not the right answer ... until there is a whole story
> about how to use/manage it.
>
> No one has proposed such a story, yet. Until it is proposed, I am
> proposing to solve the most urgent one, i.e. re-use of "end-entity"
> names. This is why I proposed the text change.
>
>
> > BTW, thanks for putting up the proposal! I am glad that the long discussion
> > is getting us somewhere.
> >
> > Shyh-Wei
>
> --
>
> Denis Pinkas Bull S.A. E-mail : D.Pinkas@frcl.bull.fr
> Rue Jean Jaures B.P. 68 Phone : 33 - 1 30 80 34 87
> 78340 Les Clayes sous Bois. FRANCE Fax : 33 - 1 30 80 33 21
>