Peter Sylvester wrote:
One of the reasons that I see that some "USERS", i.e. relying parties want that, is that it is a bit difficult to get the subject altname email in a CGI under apache, whilst the DN attribute is simply in an environment variable.What happens when you add multiple emails, is either as subject altname or multiple occurence of the email attribute, .well, that's anoher story
This is the real problem. We have users which use this functionality to get all email addresses from a certificate and yes some are in the subject and some are in the subject alt name. Until now nobody tried to use mail instead of emailAddress but it is possible and the most directories implemented mail because it is in inetOrgPerson.
Michael -- _______________________________________________________________ Michael Bell Humboldt-Universitaet zu Berlin Tel.: +49 (0)30-2093 2482 ZE Computer- und Medienservice Fax: +49 (0)30-2093 2704 Unter den Linden 6 [EMAIL PROTECTED] D-10099 Berlin _______________________________________________________________
smime.p7s
Description: S/MIME Cryptographic Signature
