On 3/29/11 8:25 AM, Manger, James H wrote: > 2. URI in cert > > Requiring a certificate to include a > subjectAltName.uniformResourceIdentifier (san.uri) seems to exclude a > lots of potential certs, without a great reason. > > Do XMPP ids typically get put in certs as URIs > (san.uri=xmpp:[email protected]), or as a dedicated name-form > ([email protected])?
There is an OID called "id-on-XmppAddr", but you're right that it could be a URI. > An email address can be expressed as a URI (eg > mailto:[email protected]), but a corresponding certificate is likely to > include a san.rfc822 value, not a san.uri. Correct. It would be nice to standardize on one subjectAlternativeName extension, but I don't think that's very likely given wide deployment of things like rfc822name. Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ woes mailing list [email protected] https://www.ietf.org/mailman/listinfo/woes
