RE: Questions/Comments for the current draft.

I propose to revise the example of <X509IssuerName> in order to be the
correct one and add "The value of X509IssuerName (MUST?) conforms to
RFC2253" in XMLDSIG document (,for example).

-- Yoshiaki Kawatsura Hitachi, Ltd.

 >>>>> Tue, 11 Jul 2000 08:18:15 -0700,
	Brian LaMacchia <bal@microsoft.com> said:

> > -----Original Message-----
> > From: Gregor Karlinger [mailto:gregor.karlinger@iaik.at]
> > Sent: Monday, June 26, 2000 2:51 AM
> > To: Yoshiaki KAWATSURA; w3c-ietf-xmldsig@w3.org; Joseph M. Reagle Jr.;
> > Brian LaMacchia
> > Subject: RE: Questions/Comments for the current draft.
> > 
> > 
> > Hi Yoshiaki!
> > 
> > > (2-1) For X509Data
> > > I think the X509IssuerName in the example of X509Data should be
> > > described actual value such that distinguished name, for example
> > > <X509IssuerName>CN =XXX Cert, C= US, O = XXX Trust 
> > Inc.</X509IssuerName>.
> > > # Is there any general guideline which describes about text 
> > representation
> > > # of distinguished name? I found 
> > <draft-ietf-pkix-generalname-00.txt>
> > > # which specifies text representations for distinguished names
> > > # but this document has already expired.
> > 
> > A previous version of the XML-Signature draft mentioned RFC 
> > 2253 as the way
> > to represent a Name as a text string, I think this is still 
> > intended by
> > the authors
> > 
> > (Joseph, Brian: Am I right here?)
> 
> (I've been out of the office much for the past couple weeks & am working
> through a backlog of mail...)
> 
> Yup, you're correct.  To the best of my knowledge RFC 2253 is the only
> standard way to string-encode a DN, so that's what we should use for
> X509IssuerName.  It's not what I'd consider optimal for an XML environment,
> but I'd rather use what exists already than define something new. (Since the
> DN is itself a structured object, seems to me the right thing would be a
> direct mapping to a structured XML element...)
> 
> 					--bal
>

Received on Wednesday, 12 July 2000 04:45:52 UTC