[glue-wg] DN definitions
Timo Baur
Timo.Baur at lrz-muenchen.de
Thu Jun 5 07:02:46 CDT 2008
Hello,
in the public comment version of GLUE 2.0, two kinds of DNs
(Distinguished Names) with different delimiters are specified.
Section 16.3.8 defines as DNs: "X509 uses a X500 namespace represented
as several Relative Domain-Names (RDNs)
concatenated by forward-slashes". A slash-separated DN notation is also
used in the examples throughout the document.
I was not able to find such a definition in the X509 spec. As X509 stay
rather general, are you sure it implements a forward-slash
notation ?
Section 17.4., in contrast, defines a DataType DN_T as a RFC 4515
Distinguished name.
RFC 4515 says "There is zero or more relative distinguished names,
separated by <COMMA>, for a distinguished name."
I propose to either
- specify both delimiters, fix the X509 citation and state clearly in
which cases which notation is to be used, or
- decide for the RFC4515 notation (comma separated), which seems to be
(better) standardized and rewrite the examples.
Also at the beginning of section 16.3.8, the sentence "It must start
[...]" (state ?) should be improved.
ciao,
Timo
Dipl-Inf. Timo Baur
Leibniz Rechenzentrum
Kommunikationsnetze/Netzplanung/D-MON
Boltzmannstr. 1
D-85748 Garching
Telefon +49 89 35831-8729
Fax +49 89 35831-5729
timo.baur at lrz-muenchen.de
More information about the glue-wg
mailing list