[certid] chapter 4.4.5 ...
Peter Sylvester <peter.sylvester@edelweb.fr> Tue, 06 July 2010 17:33 UTC
Return-Path: <peter.sylvester@edelweb.fr>
X-Original-To: certid@core3.amsl.com
Delivered-To: certid@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id BBC183A682B for <certid@core3.amsl.com>;
Tue, 6 Jul 2010 10:33:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.299
X-Spam-Level:
X-Spam-Status: No, score=-1.299 tagged_above=-999 required=5 tests=[AWL=1.300,
BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z+rK-w+CG7yP for
<certid@core3.amsl.com>; Tue, 6 Jul 2010 10:33:47 -0700 (PDT)
Received: from ganymede.on-x.com (ganymede.on-x.com [92.103.215.11]) by
core3.amsl.com (Postfix) with ESMTP id D4D593A6979 for <certid@ietf.org>;
Tue, 6 Jul 2010 10:33:46 -0700 (PDT)
Received: from varuna.puteaux.on-x (varuna.puteaux.on-x [192.168.10.6]) by
ganymede.on-x.com (Postfix) with ESMTP id 89C0E149 for <certid@ietf.org>;
Tue, 6 Jul 2010 19:33:48 +0200 (CEST)
Received: from smtps.on-x.com (mintaka.puteaux.on-x [192.168.14.11]) by
varuna.puteaux.on-x (Postfix) with ESMTP id 8A2E717048 for <certid@ietf.org>;
Tue, 6 Jul 2010 19:33:47 +0200 (CEST)
Received: from [192.168.0.14] (gut75-3-82-227-163-182.fbx.proxad.net
[82.227.163.182]) by smtps.on-x.com (Postfix) with ESMTP id 705EF782B for
<certid@ietf.org>; Tue, 6 Jul 2010 19:33:47 +0200 (CEST)
Message-ID: <4C3368FA.3080109@edelweb.fr>
Date: Tue, 06 Jul 2010 19:33:46 +0200
From: Peter Sylvester <peter.sylvester@edelweb.fr>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US;
rv:1.9.1.9) Gecko/20100423 Thunderbird/3.0.4
MIME-Version: 1.0
To: certid@ietf.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: [certid] chapter 4.4.5 ...
X-BeenThere: certid@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Representation and verification of identity in certificates
<certid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/certid>,
<mailto:certid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/certid>
List-Post: <mailto:certid@ietf.org>
List-Help: <mailto:certid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/certid>,
<mailto:certid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Jul 2010 17:33:47 -0000
says
the client MAY as a fallback
check for a fully-qualified DNS domain name in the last Common Name
RDN in the sequence of RDNs making up the Distinguished Name within
the certificate's subjectName (where the term "last" refers to the
DER order, which is often not the string order presented to a user;
the order that is applied here MUST be the DER order).
The text in parenthesis 'refers to the order of the ASN.1 sequence'
the last half sentence is superfluous.
'Common Name RDN' is not the correct term (as already explained
by many).
The text 'In existing certficates ..' stars with a defintion which
should rather belong to 2.2. A clear separation of 2.2 and 4.4
should be done.
There is also redundancy with 4.3 and 4.4.4 In one it is
a security note, the other is not. at least the same things are
said (at least) twice.
- [certid] chapter 4.4.5 ... Peter Sylvester
- Re: [certid] chapter 4.4.5 ... Peter Saint-Andre