Re: [IETF-PKIX] Subject/Issuer Name Population

[Paul Hoffman / IMC <paulh@xxxxxxx>]

All:

Tim has done a marvelous job of wording these sections. I believe that this
will lead to less confusion on implementor's parts and will get us a very
high level of interoperability in cert chaining.

I agree with all the new wording, but would propose a small change to one
part of the new 4.2.1.4 to make it clearer. Where it now says:

      (b) attribute values in string types other than PrintableString
      are case sensitive (this permits matching of attribute values as
      binary objects);

change to:

      (b) attribute values in string types other than PrintableString
      are matched as binary objects;

I propose this change because BMPString and UTF8String also have the
concept of "spaces", and someone reading Tim's version would wonder whether
or not to do the kind of space elimination mandated for PrintableString in
(d) later in the list. My suggested wording says "don't touch it at all,
compare as is".

--Paul Hoffman, Director
--Internet Mail Consortium