IETF Logo Mail Archive

RE: Logotypes in certificates

"Trevor Freeman" <trevorf@Exchange.Microsoft.com> Thu, 22 March 2001 19:59 UTC

Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id OAA19471 for <pkix-archive@odin.ietf.org>; Thu, 22 Mar 2001 14:59:19 -0500 (EST)
Received: from localhost (daemon@localhost) by above.proper.com (8.9.3/8.9.3) with SMTP id LAA18154; Thu, 22 Mar 2001 11:58:39 -0800 (PST)
Received: by mail.imc.org (bulk_mailer v1.12); Thu, 22 Mar 2001 11:58:32 -0800
Received: from df-inet1.exchange.microsoft.com (df-inet1.exchange.microsoft.com [131.107.8.8]) by above.proper.com (8.9.3/8.9.3) with ESMTP id LAA18089 for <ietf-pkix@imc.org>; Thu, 22 Mar 2001 11:58:31 -0800 (PST)
Received: from df-virus2.platinum.corp.microsoft.com ([172.30.236.33]) by df-inet1.exchange.microsoft.com with Microsoft SMTPSVC(5.0.2195.2831); Thu, 22 Mar 2001 11:58:51 -0800
Received: from 172.30.236.11 by df-virus2.platinum.corp.microsoft.com (InterScan E-Mail VirusWall NT); Thu, 22 Mar 2001 11:58:59 -0800 (Pacific Standard Time)
Received: from speak.platinum.corp.microsoft.com ([172.30.236.197]) by yuri.dns.microsoft.com with Microsoft SMTPSVC(5.0.2195.2883); Thu, 22 Mar 2001 11:58:59 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.0.4673.0
content-class: urn:content-classes:message
Subject: RE: Logotypes in certificates
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Date: Thu, 22 Mar 2001 11:58:58 -0800
Message-ID: <CC2E64D4B3BAB646A87B5A3AE97090420D0F46DA@speak.dogfood>
Thread-Topic: Logotypes in certificates
Thread-Index: AcCyOl+Fhk4n6b95QIK9wfkD/O7JiQAlh5xA
From: Trevor Freeman <trevorf@Exchange.Microsoft.com>
To: pgut001@cs.auckland.ac.nz, tgindin@us.ibm.com
Cc: ietf-pkix@imc.org
X-OriginalArrivalTime: 22 Mar 2001 19:58:59.0249 (UTC) FILETIME=[88CC0210:01C0B30A]
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by above.proper.com id LAA18090
Precedence: bulk
List-Archive: http://www.imc.org/ietf-pkix/mail-archive/
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: mailto:ietf-pkix-request@imc.org?body=unsubscribe
Content-Transfer-Encoding: 8bit

Logically speaking, this is a name in that we are talking about a token
which represents an organization. Its just a graphical token, not a
textual token. However I full agree with Steve that like other name
forms, we have to validate the CAs write to assert that logo. I for one
don't see a way to make this work with graphics, and unless it lives by
the same rules as text rules, it is open to abuse and therefore is a
very bad idea.
Trevor

-----Original Message-----
From: Peter Gutmann [mailto:pgut001@cs.auckland.ac.nz] 
Sent: Wednesday, March 21, 2001 9:56 PM
To: tgindin@us.ibm.com
Cc: ietf-pkix@imc.org
Subject: RE: Logotypes in certificates

"Tom Gindin" <tgindin@us.ibm.com> writes:

>Wouldn't Logotypes most easily be implemented as an OTHER-NAME within
one of
>the alternate name fields (probably SubjectAltName)?  If so, how would
they
>affect NameConstraints and the like?  IMHO, they would have little
effect on
>them since logos are not hierarchical names and thus couldn't easily be
>governed by NameConstraints.

That sounds like a sensible way to do it, if your cert is issued by
(say) VISA
then they'll put the VISA logo in the issuer's other-name.  I used an
other-
name for the MPEG-of-cat cert I created a few years back and both
MSIE/Windows
and Netscape accepted it (meaning they didn't reject the cert or crash)
so it
looks like a fairly clean way to do it.

Peter.

v2.23.0 | Report a Bug | By Email