W3C home > Mailing lists > Public > www-xkms@w3.org > October 2005

XKMS 2: errata: X.509 DNs not in RFC 2253 format

From: Manger, James H <James.H.Manger@team.telstra.com>
Date: Mon, 17 Oct 2005 10:19:52 +1000
Message-ID: <73388857A695D31197EF00508B08F2981888D050@ntmsg0131.corpmail.telstra.com.au>
To: <www-xkms@w3.org> 
XML-Signature formats X.509 distinguished names (DNs) according to RFC 2253 "LDAP (v3): UTF-8 representation of distinguished names".  XKMS should use the same format.

XMKS 2.0 uses the following text as DNs in paragraphs 186, 243, 246 & 252:

  C="UK" O="CryptoGuys Ltd." CN="Bob"
  C="US" O="Alice Corp" CN="Alice Aardvark"
  C="UK" O="Bob Corp" CN="Bob Baker"

The text for these DNs should be:

  CN=Bob,O=CryptoGuys Ltd.,C=UK
  CN=Alice Aardvark,O=Alice Corp,C=US
  CN=Bob Baker,O=Bob Corp,C=UK

XKMS should explicitly state that the RFC 2253 is the format used for the <UseKeyWith> Identifier attribute (when the Application attribute is urn:ietf:rfc:2459).  Paragraph 186 in section 5.1.3 "Element <UseKeyWith>" is the appropriate place.
Received on Monday, 17 October 2005 03:32:48 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:39:24 GMT