On 06/30/2010 05:08 PM, Paul Hoffman wrote:
At 10:30 AM -0400 6/30/10, Scott Cantor wrote:
I would really appreciate a "MUST not use DC-ID for server endpoint
identification", which also happens to be the current practice and
what had previously been specified. rfc-2818 doesn't mention DC= at all.
+1
The last thing we need is *another* way to do what existing methods already
address.
Another +1
+1, RFC 5280 already "warns" about that.
In addition, implementations of this specification MUST be prepared
to receive the domainComponent attribute, as defined in [RFC4519].
The Domain Name System (DNS) provides a hierarchical resource
labeling system. This attribute provides a convenient mechanism for
organizations that wish to use DNs that parallel their DNS names.
This is not a replacement for the dNSName component of the
alternative name extensions. Implementations are not required to
convert such names into DNS names.
_______________________________________________
certid mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/certid
