[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: dnQualifier topic - not solved yet.

To: ietf-pkix@xxxxxxx
Subject: Re: dnQualifier topic - not solved yet.
From: "David P. Kemp" <dpkemp@xxxxxxxxxxxxxx>
Date: Tue, 30 Nov 1999 18:46:00 -0500 (EST)
Reply-to: "David P. Kemp" <dpkemp@xxxxxxxxxxxxxx>

> From: "Charles Moore" <cmoore@spyrus.com.au>
> 
> So if nobody strongly object to this I will go ahead and include this in
> the QC profile and I assume that rfc 2459 will be updated accordingly
> 
> cm> I object for the reasons previously outlined.. You are using it with the
> wrong sematics and it will be impossible to distinguish from previous usage
> that has the correct semantics...
> Please address these issues...

Charles,

I don't understand this objection.  If X.520 is modified as suggested
(so that serialNumber applies to person objects as well as device objects),
what is "incorrect" about the semantics?   To my American English ear :-),
the word "serialNumber" when applied to a person means the same thing
as "employee number" or "customer number" when applied to a person, or
"VIN" when applied to an automobile.  The word "number" shouldn't be
the problem - even when applied to devices such as modems and
lawnmowers, serial numbers are generally alphanumeric, not purely
numeric.

What incompatibility or problem with existing usage would be caused by
adding "person" to the class of objects to which serialNumber applies?



> The proposal was previously presented as:
> > I suggest that we:
> >
> > - Add serialNumber to son of rfc2459 supportedAttributes as a MUST
> > implement attribute (i.e. compliant applications MUST be able to
> understand
> > it).
> cm> See above this is not possible given existing usage...
> Also please address the usage and privacy issue....

What privacy issue?  There is nothing that implies a serialNumber attribute
must be a National ID (or a Global ID); more likely it will be unique
per issuer.  Your customer number from Land's End Direct Merchants is
different from your driver's license number, your bank account
number(s), and your brokerage account number(s), and your employer's
retirement account number.

Your proposed new attribute would be no different from serialNumber from
a privacy perspective - privacy is affected by the scope of uniqueness
(the number of databases which know you by a particular identifier),
not by the choice of attribute OID.


> > It would help to get your immediate support for this. Can you live with
> it??
> 
> cm> No...

So far the consensus for serialNumber seems smooth, with only one nay.

Follow-Ups:
- Re: dnQualifier topic - not solved yet.
  - From: Stefan Santesson

Prev by Date: RE: Unknown private verisign extension
Next by Date: Re: dnQualifier topic - not solved yet.
Previous by thread: Re: dnQualifier topic - not solved yet.
Next by thread: Re: dnQualifier topic - not solved yet.
Index(es):
- Date
- Thread