[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A web of directories

To: "Bob Jueneman" <BJUENEMAN@xxxxxxxxxx>
Subject: Re: A web of directories
From: Stephen Kent <kent@xxxxxxx>
Date: Tue, 23 Feb 1999 12:04:16 -0500
Cc: <ietf-pkix@xxxxxxx>
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxx

Bob,

Aw, come on now, Bob.  DN's are NOT intended to include pointers to
directory servers.  They are names within the DIT.  Don't try to shoehorn
other info into a DN just because the GeneralName form allows other forms
of IDs.  I agree with the suggestion that one could use the AAI extension
with an appropriate sub-type.  (Actually, a previous version of PKIX Part
1, which allowed for end-entity info rather than CA info makes more sense
here, but we seemd to have lost that distinction along the way.)

Steve

References:
- A web of directories
  - From: Bob Jueneman

Prev by Date: RE: A web of directories
Next by Date: RE: DN in a cert
Previous by thread: A web of directories
Next by thread: Re: A web of directories - Finding PKIX Servers
Index(es):
- Date
- Thread