[caops-wg] Grid Certificate Profile document update
David Groep
davidg at nikhef.nl
Thu Nov 30 14:38:42 CST 2006
Dear all,
I've uploaded an updated version of the Grid Certificate Profile document,
clearing up confusion on the use of the Country (C) attribute in issuer
and subject distinguished names. It's interpretation for the issuer
and subject should be considered differently. The new text in v0.17
The new version reads (in the explanatory footnotes), for issuer (CA) DNs:
"If a Country (C) component is included in the issuer DN, it SHOULD reflect the
country in which the issuer is based."
and for subject end-entity DNs:
"The country (C) asserted in the subject DN of an end-entity certificate
SHOULD correspond the home country of the end-entity, and thus does not
necessarily reflect and is not necessarily the same as the country in which the
CA is operating, or the country code in the issuer DN. Therefore, in such cases
the Country attribute should not be part of a unique subject DN naming prefix."
The new version is on GridForge:
https://forge.gridforum.org/sf/go/doc13741 (PDF)
https://forge.gridforum.org/sf/go/doc13742 (MS Word)
with the comment:
new version 0.17:
Clarified use of Country(C) attribute in subject and issuer names
Regards,
DavidG.
--
David Groep
** National Institute for Nuclear and High Energy Physics, PDP/Grid group **
** Room: H1.56 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **
More information about the caops-wg
mailing list