OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

xri message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [xri] Subject Auth Name?


> The field I was referring to is "Subject Alternative Name", aka 
> subjectAltName.  See section 4.2.1.6 of RFC 5280, 
> http://www.rfc-editor.org/rfc/rfc5280.txt .

I suppose I should add that my reason for bringing it up was to suggest 
that *if* new profiles specifying the use of X.509 certs are to be written 
they should strongly consider using subjectAltName for subject naming 
rather than trying to wedge yet more stuff into Subject.  As we discussed 
this is a different matter than relying on existing public CAs which do 
use Subject in the conventional way (cn=some.dns.name, ignore all the 
other DN components).  Whether it's a good idea to write new profiles to 
use X.509 certs is not clear to me.

  - RL "Bob"

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]