Re: [certid] version -07
Peter Saint-Andre <stpeter@stpeter.im> Fri, 09 July 2010 19:40 UTC
Return-Path: <stpeter@stpeter.im>
X-Original-To: certid@core3.amsl.com
Delivered-To: certid@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id 48B293A6881 for <certid@core3.amsl.com>;
Fri, 9 Jul 2010 12:40:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.727
X-Spam-Level:
X-Spam-Status: No, score=-2.727 tagged_above=-999 required=5 tests=[AWL=-0.128,
BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4-i2dWbKeTmc for
<certid@core3.amsl.com>; Fri, 9 Jul 2010 12:40:28 -0700 (PDT)
Received: from stpeter.im (stpeter.im [207.210.219.233]) by core3.amsl.com
(Postfix) with ESMTP id 28AEC3A684B for <certid@ietf.org>;
Fri, 9 Jul 2010 12:40:28 -0700 (PDT)
Received: from dhcp-64-101-72-121.cisco.com (dhcp-64-101-72-121.cisco.com
[64.101.72.121]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with
ESMTPSA id 4F9A940E4B for <certid@ietf.org>;
Fri, 9 Jul 2010 13:40:33 -0600 (MDT)
Message-ID: <4C377B30.2000202@stpeter.im>
Date: Fri, 09 Jul 2010 13:40:32 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US;
rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4
MIME-Version: 1.0
To: certid@ietf.org
References: <4C2ECEB6.7080209@KingsMountain.com> <4C305FBC.4040302@velox.ch>
In-Reply-To: <4C305FBC.4040302@velox.ch>
X-Enigmail-Version: 1.0.1
OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: Re: [certid] version -07
X-BeenThere: certid@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Representation and verification of identity in certificates
<certid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/certid>,
<mailto:certid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/certid>
List-Post: <mailto:certid@ietf.org>
List-Help: <mailto:certid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/certid>,
<mailto:certid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jul 2010 19:40:29 -0000
On 7/4/10 4:17 AM, Kaspar Brand wrote:
> On 03.07.2010 07:46, =JeffH wrote:
>> * I think we need to review the terms/phrases we use to reference cert
>> components and aspects thereof. I think we're being inconsistent and at times
>> ambiguous (need to do careful review). unfortunately other specs we depend on
>> use non-congruent terminology it seems.
>>
>> E.g. in just sections 2.2 and 3 we use these various terms/phrases wrt
>> "subjectAltName"...
>>
>> subjectAltName extension
>>
>> subjectAltName extension types
>>
>> subjectAltNames
>>
>> subjectAltName entry
>>
>> SubjectAltName field
>>
>> subjectAltName identifier
>>
>> subjectAltName identifier types
>>
>> subjectAltName identifier of type
>>
>> [the GeneralName structure in] the subjectAltName
>>
>>
>> ..and then including the rest of the spec we also use (in addition to the above)..
>>
>> application-specific subjectAltName extensions
>>
>> subjectAltName extension of type
>>
>> subjectAltName extensions of type
>>
>>
>> Obviously various of the above terms/phrases are redundant and we ought to
>> clean this up.
>
> Agreed. My earlier suggestion ("subjectAltName entry") is mainly due to
> the following statement in RFCs 2459/3280/5280:
>
> If the subjectAltName extension is present, the sequence MUST contain
> at least one entry.
>
> "Extension" is actually the term for the whole container - i.e., I would
> refrain from using wording like "subjectAltName extension of type X" (or
> even "subjectAltName extensions", because a particular extension is only
> allowed to occur once, as per RFCs 2459/3280/5280). Also,
> "subjectAltNames" seems rather sloppy as a term, IMO.
I've fixed these terminological confusions. We now use only two terms:
- subjectAltName extension (which can contain multiple entries)
- subjectAltName entry (a specific entry of type dNSName, SRVName, etc.)
Peter
--
Peter Saint-Andre
https://stpeter.im/
- [certid] version -07 Peter Saint-Andre
- Re: [certid] version -07 Peter Saint-Andre
- Re: [certid] version -07 Shumon Huque
- Re: [certid] version -07 =JeffH
- Re: [certid] version -07 Kaspar Brand
- Re: [certid] version -07 Peter Saint-Andre
- Re: [certid] version -07 Peter Saint-Andre