> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Richard Levitte - VMS
> Whacker
> Sent: den 26 september 2000 13:58
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Subject: Re: OCSP and issuerNameHash (was: Object names)
>
>
> Unless we can assume that the same order will be preserved,
> verification would be impossible. Think about it, a DN can have
> multiple RDNs of the same type. Does DC ring a bell?
Multiple RDNs aren't the problem, as they are encoded as a SEQUENCE, if I
understood the question correctly; rather that the individual
RelativeDistinguishedNames themselves contain a SET OF
AttributeTypeAndValue in order to facilitate multi-value RDNs. A quick
snip from RFC 2253 to illustrate this:
<quote>
First is a name containing three relative distinguished names (RDNs):
CN=Steve Kille,O=Isode Limited,C=GB
Here is an example name containing three RDNs, in which the first RDN is
multi-valued:
OU=Sales+CN=J. Smith,O=Widget Inc.,C=US
</quote>
DCs are IIRC encoded as separate RelativeDistinguishedNames, at least
that's how my directories have been designed. Please set me right if I'm
wrong about this.
//oscar
smime.p7s
