[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PKIX Part I - Name Constraints

To: ietf-pkix@xxxxxxxxxx
Subject: PKIX Part I - Name Constraints
From: Warwick Ford <wford@xxxxxxxxxxxx>
Date: Thu, 11 Sep 1997 17:44:18 -0400

I wish to propose a minor addition to 4.2.1.11 (Name Constraints) of PKIX
Part I.  

Regarding RFC822Name, the most common way to convey an e-mail address today
is as a PKCS#9 e-mail attribute in the subject DN.  Migration to
subjectAltNames will undoubtedly occcur in time, and the profile correctly
covers that future.  However, to ensure that the intent of Name Constraints
is met given current styles of naming, I propose that we additionally state
that "Restrictions for the rfc822 name form shall also apply to any
instance of the PKCS#9 E-mail Name attribute type present in a subject DN."

Warwick

---------------------------------------------------------------------
Warwick Ford, VeriSign, Inc., One Alewife Center, Cambridge, MA 02140
   wford@verisign.com; Tel: (617)492 2816 x225; Fax: (617)661 0716
---------------------------------------------------------------------

Follow-Ups:
- Re: PKIX Part I - Name Constraints
  - From: Russ Housley

Prev by Date: Re: Policy Contraints Object Identifier
Next by Date: Name changes and certificates
Previous by thread: Access Descriptors Object Identifier
Next by thread: Re: PKIX Part I - Name Constraints
Index(es):
- Date
- Thread