Re: Use of dnQualifier must be settled

David Boyce <David.Boyce@messagingdirect.com> Tue, 16 November 1999 15:30 UTC

Received: from ns.secondary.com (ns.secondary.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA24540 for <pkix-archive@odin.ietf.org>; Tue, 16 Nov 1999 10:30:11 -0500 (EST)
Received: from localhost by ns.secondary.com (8.9.3/8.9.3) with SMTP id HAA27597; Tue, 16 Nov 1999 07:26:52 -0800 (PST)
Received: by mail.imc.org (bulk_mailer v1.12); Tue, 16 Nov 1999 07:26:51 -0800
Received: from woozle.isode.com (woozle.isode.com [193.133.227.19]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id HAA27570 for <ietf-pkix@imc.org>; Tue, 16 Nov 1999 07:26:45 -0800 (PST)
Received: from MessagingDirect.com (actually dougal.isode.com) by woozle.isode.com (local) with ESMTP; Tue, 16 Nov 1999 15:27:03 +0000
X-Mailer: exmh version 2.0.2 2/24/98
To: Stefan Santesson <stefan@accurata.se>
cc: ietf-pkix@imc.org, Sean Turner <turners@ieca.com>, "Manger, James" <JManger@vtrlmel1.telstra.com.au>, "Kesterson, Hoyt" <Hoyt.Kesterson@bull.com>, "David P. Kemp" <dpkemp@missi.ncsc.mil>, Anders Rundgren <anders.rundgren@jaybis.com>, "Ella P. Gardner" <egardner@mitre.org>, 'housley' <housley@spyrus.com>, 'wford' <wford@verisign.com>, 'wpolk' <wpolk@nist.gov>, "'david.solo@citicorp.com'" <david.solo@citicorp.com>, "\"'Magnus Nystr m'\"" <magnus@rsasecurity.com>
Subject: Re: Use of dnQualifier must be settled
In-reply-to: Your message of "Tue, 16 Nov 1999 16:00:47 +0100." <4.1.19991116150759.00d2d6b0@mail.accurata.se>
Date: Tue, 16 Nov 1999 15:27:01 +0000
Message-ID: <2172.942766021@MessagingDirect.com>
From: David Boyce <David.Boyce@messagingdirect.com>
MIME-version: 1.0
Content-type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by ns.secondary.com id HAA27571
Precedence: bulk
List-Archive: http://www.imc.org/ietf-pkix/mail-archive/
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: mailto:ietf-pkix-request@imc.org?body=unsubscribe
Content-Transfer-Encoding: 8bit

Stefan Santesson writes:

>We must come to a common understanding on what the defined usage of
>dnQualifier is according to X.520.

>Is interpretation 1 or 2 the right one. 
>
>Please be active on this one because it is VERY important that we 
agree on
>a consensus here very soon.

Taking your invitation to be active on this:

I'm coming at this from an X.500 point of view.   I cannot see how
Interpretation 2 can possibly be correct, given the statement in X.520
"that its value be the same in a given DSA for all entries to which this
information has been added".  Interpretation 2 clearly violates this, as
there are different values of dnQualifier for entries in the same DSA.

Consequently, if you are serious about conforming to X.520, I would have
to say interpretation 1 is the way to go.

(When we've done this, we can go on to discuss the proper order of RDNs
in Name.)

David.
-- 
David Boyce

MessagingDirect (UK) Ltd.
Tel:	+44 20 8332 9091		 Richmond, Surrey, ENGLAND
Email:	David.Boyce@MessagingDirect.com	 WWW: http://www.MessagingDirect.com/