Hi,
I'm using OpenCA 0.9.1.7.
I wonder if it is possible to include several OU (Organisational Unit) into the DN (Distinguished Name) of a certificate ?
I think it is possible to have this fields several times in the DN (and if I'm right it is either the only one that could have multiple occurences...)
Hi, In the RFC 3280 I found
The issuer field MUST contain a non-empty distinguished name (DN). The issuer field is defined as the X.501 type Name [X.501]. Name is defined by the following ASN.1 structures:
Name ::= CHOICE { RDNSequence }
RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
RelativeDistinguishedName ::= SET OF AttributeTypeAndValue
AttributeTypeAndValue ::= SEQUENCE { type AttributeType, value AttributeValue }
AttributeType ::= OBJECT IDENTIFIER AttributeValue ::= ANY DEFINED BY AttributeType
So not only "OU" can occur multiple, *every* AttributeType can occur multiple, can't it?
Regards
Michael
--
Dipl.-Inform. Michael Konietzka Schlund + Partner AG
- Development UNIX - Brauerstra�e 48
Webservices D-76135 Karlsuhe
http://www.schlund.de/ Germany-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
