RE: Long Name Requirements

"Erik Andersen" <era@x500.eu> Mon, 23 February 2009 15:24 UTC

Return-Path: <owner-ietf-pkix@mail.imc.org>
X-Original-To: ietfarch-pkix-archive@core3.amsl.com
Delivered-To: ietfarch-pkix-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1C3D628C149 for <ietfarch-pkix-archive@core3.amsl.com>; Mon, 23 Feb 2009 07:24:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.269
X-Spam-Level:
X-Spam-Status: No, score=0.269 tagged_above=-999 required=5 tests=[BAYES_20=-0.74, HELO_EQ_DK=1.009]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3PpLmGWdfs8y for <ietfarch-pkix-archive@core3.amsl.com>; Mon, 23 Feb 2009 07:24:23 -0800 (PST)
Received: from balder-227.proper.com (properopus-pt.tunnel.tserv3.fmt2.ipv6.he.net [IPv6:2001:470:1f04:392::2]) by core3.amsl.com (Postfix) with ESMTP id A142A28C142 for <pkix-archive@ietf.org>; Mon, 23 Feb 2009 07:24:22 -0800 (PST)
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n1NEuvLM093785 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 23 Feb 2009 07:56:57 -0700 (MST) (envelope-from owner-ietf-pkix@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.14.2/8.13.5/Submit) id n1NEuv9o093784; Mon, 23 Feb 2009 07:56:57 -0700 (MST) (envelope-from owner-ietf-pkix@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-pkix@mail.imc.org using -f
Received: from mail03.dandomain.dk (mail03.dandomain.dk [194.150.112.203]) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n1NEujdo093768 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <ietf-pkix@imc.org>; Mon, 23 Feb 2009 07:56:56 -0700 (MST) (envelope-from era@x500.eu)
Received: from ERA1 ([78.156.215.7]) by mail03.dandomain.dk (DanDomain Mailserver) with ASMTP id EQB51743; Mon, 23 Feb 2009 15:56:43 +0100
From: Erik Andersen <era@x500.eu>
To: egulacti@uekae.tubitak.gov.tr, ietf-pkix@imc.org
Subject: RE: Long Name Requirements
Date: Mon, 23 Feb 2009 15:56:48 +0100
Message-ID: <225D7BAE722B45BD82D788A9D52A58C0@ERA1>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.6838
Thread-Index: AcmVxPmSRdg/2yWETEq5nGDMIFyj9AAAMVgQ
In-Reply-To: <20090223134310.1C3482258026@postaci.uekae.tubitak.gov.tr>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
Importance: Normal
Sender: owner-ietf-pkix@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>

Hi Ersin,

In the latest edition of X.509, we removed the length restrictions on
attribute types. The PKIX group did not follow suit, but retained the length
restriction. A field of 500 characters will not comply with RFC 5280, but it
will comply with the X.509 itself, and that is what is important.

You can find links to the lasted documents on
http://www.x500standard.com/index.php?n=Extension.Ed6.

You do not need to define own attribute types.

Erik Andersen
Andersen's L-Service
Elsevej 48, DK-3500 Vaerloese
Denmark
Mobile: +45 2097 1490
email: era@x500.eu
www.x500.eu
www.x500standard.com
 

-----Original Message-----
From: owner-ietf-pkix@mail.imc.org [mailto:owner-ietf-pkix@mail.imc.org] On
Behalf Of egulacti@uekae.tubitak.gov.tr
Sent: 23. februar 2009 14:42
To: ietf-pkix@imc.org
Subject: Long Name Requirements


Hi,

I have read through the PKIX mailing list archives to find a method for
using name components longer than 64 characters in the Subject field of an
X.509 v3 certificate. Unfortunately I could not find a solution which
satisfies RFC 5280 (3280) by using standard CN, Title, O or OU components.

Now I plan to use a custom attribute-value pair in the Subject field. Is
there any widely used OID for really long names in the Subject field? I
need to put full company titles, up to 500 characters long, in the Subject
field.

Regards,

Ersin