[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: A web of directories

To: "'Stephen Kent'" <kent@xxxxxxx>, Bob Jueneman <BJUENEMAN@xxxxxxxxxx>
Subject: RE: A web of directories
From: Larry Layten <larry@xxxxxxx>
Date: Tue, 23 Feb 1999 14:58:02 -0600
Cc: "ietf-pkix@xxxxxxx" <ietf-pkix@xxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxx

For e-mail certificates, can't you use the domain from
the internet e-mail address to point you to a DNS server
And can't that in turn point you to the correct LDAP directory.

Larry

-----Original Message-----
From:	Stephen Kent [SMTP:kent@bbn.com]
Sent:	Tuesday, February 23, 1999 11:04 AM
To:	Bob Jueneman
Cc:	ietf-pkix@imc.org
Subject:	Re: A web of directories

Bob,

Aw, come on now, Bob.  DN's are NOT intended to include pointers to
directory servers.  They are names within the DIT.  Don't try to shoehorn
other info into a DN just because the GeneralName form allows other forms
of IDs.  I agree with the suggestion that one could use the AAI extension
with an appropriate sub-type.  (Actually, a previous version of PKIX Part
1, which allowed for end-entity info rather than CA info makes more sense
here, but we seemd to have lost that distinction along the way.)

Steve

Follow-Ups:
- RE: A web of directories
  - From: Stephen Kent

Prev by Date: Re: A web of directories
Next by Date: Re: Comments to Qualified Certificates draft
Previous by thread: Re: A web of directories
Next by thread: RE: A web of directories
Index(es):
- Date
- Thread