Re: [certid] CN fallback
Michael Ströder <michael@stroeder.com> Mon, 19 April 2010 08:37 UTC
Return-Path: <michael@stroeder.com>
X-Original-To: certid@core3.amsl.com
Delivered-To: certid@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id 3256B3A68A2 for <certid@core3.amsl.com>;
Mon, 19 Apr 2010 01:37:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.345
X-Spam-Level:
X-Spam-Status: No,
score=0.345 tagged_above=-999 required=5 tests=[BAYES_50=0.001,
DATE_IN_PAST_03_06=0.044, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IUBCNrJ-lLRz for
<certid@core3.amsl.com>; Mon, 19 Apr 2010 01:37:55 -0700 (PDT)
Received: from srv1.stroeder.com (srv1.stroeder.com [213.240.180.113]) by
core3.amsl.com (Postfix) with ESMTP id 3E8C43A6864 for <certid@ietf.org>;
Mon, 19 Apr 2010 01:37:53 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by srv1.stroeder.com
(Postfix) with ESMTP id 963ED4E0EA for <certid@ietf.org>;
Mon, 19 Apr 2010 10:37:42 +0200 (CEST)
X-Virus-Scanned: amavisd-new at stroeder.com
Received: from srv1.stroeder.com ([127.0.0.1]) by localhost (srv1.stroeder.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6aLioZn-uWbg for
<certid@ietf.org>; Mon, 19 Apr 2010 10:37:39 +0200 (CEST)
Received: from [10.1.0.2] (unknown [10.1.0.2]) by srv1.stroeder.com (Postfix)
with ESMTP id DB2C04E0E7 for <certid@ietf.org>;
Mon, 19 Apr 2010 10:37:38 +0200 (CEST)
Message-ID: <4BCBE831.2050808@stroeder.com>
Date: Mon, 19 Apr 2010 07:20:49 +0200
From: =?ISO-8859-1?Q?Michael_Str=F6der?= <michael@stroeder.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
rv:1.9.1.9) Gecko/20100317 Lightning/1.0b1 SeaMonkey/2.0.4
MIME-Version: 1.0
To: certid@ietf.org
References: <201003231544.05651.ludwig.nussel@suse.de> <4BB3C21E.90502@stpeter.im>
<4BBA5673.7020403@isode.com> <00d401cad517$7ee680c0$7cb38240$%2@osu.edu> <4BBADACF.9090201@isode.com>
<010701cad593$be27ab20$3a770160$@2@osu.edu>
In-Reply-To: <010701cad593$be27ab20$3a770160$@2@osu.edu>
X-Enigmail-Version: 1.0.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [certid] CN fallback
X-BeenThere: certid@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Representation and verification of identity in certificates
<certid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/certid>,
<mailto:certid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/certid>
List-Post: <mailto:certid@ietf.org>
List-Help: <mailto:certid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/certid>,
<mailto:certid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Apr 2010 08:37:56 -0000
Scott Cantor wrote: >>> A previous note mentioned the fact that DNs are hierarchical paths into a >>> directory. This, of course, is not true; >>> >> This part is actually true, by definition of a DN. > > What DNs are supposed to be and how they're used are fairly different in > lots of systems, and the difference trips up a lot of people. Like it or not DNs are used in X.509 certs. And therefore the DN matching rules honoring the order of the DN components have to be applied. Period. Ciao, Michael.
- [certid] CN fallback Ludwig Nussel
- Re: [certid] CN fallback Peter Saint-Andre
- Re: [certid] CN fallback Alexey Melnikov
- Re: [certid] CN fallback Scott Cantor
- Re: [certid] CN fallback Alexey Melnikov
- Re: [certid] CN fallback Scott Cantor
- Re: [certid] CN fallback RL 'Bob' Morgan
- Re: [certid] CN fallback Scott Cantor
- Re: [certid] CN fallback Ludwig Nussel
- [certid] open issue: iPAddress Peter Saint-Andre
- Re: [certid] CN fallback Michael Ströder
- Re: [certid] open issue: iPAddress Michael Ströder
- Re: [certid] CN fallback Michael Ströder