[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Qualified Certificates draft - Country name
The current QC draft defines
"The subject field SHALL include one of the following choices of sets
of mandatory attributes:
Choice I: countryName commonName
Choice II: countryName givenName surname"
The subject´s countryName is MANDATED. Furthermore, the usage is defined
by setting a general context for the remaining subject (?) attributes.
Is this right?
I propose that the countryName specification should be changed to
OPTIONAL.
with regards
--------------------------------------------------------------------
Juergen Walter
DEH information systems GmbH WWW: http://www.deh.de
Weissenfelser Strasse 46a Germany
D-06217 Merseburg Tel.: +49 3461 3318-25
Email: walter@deh.de Fax: +49 3461 415072
--------------------------------------------------------------------
> "Miklos, Sue A." wrote:
>
> I would like to request that the country field remain optional.
> Sandi Miklos
>
> -----Original Message-----
> From: Stefan Santesson [mailto:stefan@accurata.se]
> Sent: Saturday, February 27, 1999 10:52 AM
> To: Bob Jueneman; tgindin@us.ibm.com
> Cc: samiklo@missi.ncsc.mil; ietf-pkix; Stephen Kent
> Subject: RE: Qualified Certificates draft - Country name
>
> All,
>
> I would like to clarify the scope of the draft.
>
> It is NOT the intent of the draft to specify how a meaningful identity
>
> should be composed.
>
> Period.
>
> It is though the intent of the draft to specify a well defined
> structure
> within which any useful identity information could be expressed
> according
> to the issuers and the key holders preferences.
>
> The qualified certificate has two different compartments for subject
> identity information.
> 1) The subject field
> 2) The PersonalData field (stored in subjextAltName extension as a new
>
> information construct stored under otherNames.)
>
> The main purpose of the subject field is to hold a "technical name"
> fulfilling all technical requirements that might be imposed on the
> certificate with respect to presence of a unique X.500 type of name.
> This
> name may or may not be suitable as the subjects preferred legal name
> (unmistakable identity).
>
> The optional PersonalData field has the main purpose of providing
> means to
> express a legal name in cases where the subject field is not
> sufficient for
> this purpose. The advantage of this approach is to free the subject
> field
> of strange attributes and semantics necessary for expressing the legal
> name.
>
> So, this debate is about whether the countryName attribute in the
> subject
> field (the technical name)shall be mandatory or optional. Keep in mind
> that
> any country information as part of the legal name can be handled in
> the
> PersonalData field regardless of what is done in the subject field.
>
> This gives the conclusion that what we decide in the subject field (as
>
> mandatory or not), should only be based on technical requirements from
>
> X.500 directory systems and similar, not from requirements on legal
> name
> forming.
>
> Based on this presumption I would appreciate a consensus in this
> subject.
>
> /Stefan
>
> -------------------------------------------------------------------
> Stefan Santesson <stefan@accurata.se>
> Accurata Systemsäkerhet AB
> Lotsgatan 27 D Tel. +46-40 152211
> 216 42 Malmö Fax. +46-40 150790
> Sweden Mobile +46-70 5247799
>
> PGP fingerprint: 89BC 6C79 5B3D 591B 8547 1512 7D11 DBF4 528F 29A0
> -------------------------------------------------------------------
--
with regards
--------------------------------------------------------------------
Juergen Walter PoP Leipzig/Halle/Jena
DEH information systems GmbH WWW: http://www.deh.de
Weissenfelser Strasse 46a Germany
D-06217 Merseburg Tel.: +49 3461 3318-25
Email: walter@deh.de Fax: +49 3461 415072
--------------------------------------------------------------------