> * I read a message that said that putting email address in the cert is > deprecated according to the RFCs. Can someone tell me why?
I think it was with the thought that users e-mail address might change without invalidating the identity of the user? It is also usually including in SubjectAltName, so is duplicated. There are also very good reasons for including them, such as ensuring uniqueness of DN's in a PKI where multiple users have the same name. > * Is it possible to have the Email address attribute be "E" instead of > "EMAILADDRESS"? If so, how would I do this? It looks like 'emailAddress' in OpenCA's web interfaces, but once the certificate is generated you will notice it is actually E= in the DN. ------------------------------------------------------- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
