[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: any surveys about DC vs O,C ?

To: int int Mike Jackson <jacksonm@isorauta.ntc.nokia.com>
Subject: Re: any surveys about DC vs O,C ?
From: Tony Earnshaw <tonni@billy.demon.nl>
Date: 25 Mar 2003 16:32:02 +0100
Cc: openldap-software@OpenLDAP.org
In-reply-to: <20030325130739.GD2353@isorauta.ntc.nokia.com>
Organization:
References: <20030324125028.GA29928@isorauta.ntc.nokia.com> <1048583395.1662.22.camel@localhost> <20030325103447.GC2353@isorauta.ntc.nokia.com> <1048596070.1660.88.camel@localhost> <20030325130739.GD2353@isorauta.ntc.nokia.com>

tir, 2003-03-25 kl. 14:07 skrev int int Mike Jackson:

> > What are you trying to do with the certs that isn't already covered in
> > the PKCS standards?
> 
> Nothing. I just wanted to see if some studies had been done, since this
> is a problem IMHO when X.509 subject names are based one way and
> published into a directory which is based in a different way.

Hmmm ... the cert hierarchy does nothing else than verify that the
holder of a private key is who he says he is and has nothing to do with
any organizational model. Apart from using certs as a basis for
encryption, it doesn't seem to me that how they are organized makes much
difference. If there wasn't x500v3, there would be some other
alternative. As soon as a Norwegian immigration officer sees my British
passport, he accepts it without necessarily understanding a word of what
it says, where I actually live or what kind of a person I am. It looks a
bit like a Norwegian passport. I'm probably now starting on the holy war
Michael mentioned, so I'd better stop.

> However, it seems that vendors of CA related software have a complete
> disregard to directory design when it comes to using domain components.
> And I believe that quite a lot of people are using domain components
> today. That's why I was trying to get some general feelings about this.

I think you'd do better to discuss this with Verisign or one of their
ilk :-)

> It might be time for a draft discussing this issue...

Yes. I see the dc nokia in your sig. I think I can understand a little
of what's driving you in this particular case - a yearning for
rationality. I had a skin full in my Norwegian existence, under pressure
from the Swedes.

Best,

Tony

-- 

Tony Earnshaw

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl

Follow-Ups:
- Re: any surveys about DC vs O,C ?
  - From: Michael Ströder <michael@stroeder.com>

References:
- any surveys about DC vs O,C ?
  - From: "int Mike Jackson" <jacksonm@isorauta.ntc.nokia.com>
- Re: any surveys about DC vs O,C ?
  - From: Tony Earnshaw <tonni@billy.demon.nl>
- Re: any surveys about DC vs O,C ?
  - From: "int Mike Jackson" <jacksonm@isorauta.ntc.nokia.com>
- Re: any surveys about DC vs O,C ?
  - From: Tony Earnshaw <tonni@billy.demon.nl>
- Re: any surveys about DC vs O,C ?
  - From: "int int Mike Jackson" <jacksonm@isorauta.ntc.nokia.com>

Prev by Date: Re: any surveys about DC vs O,C ?
Next by Date: Net::LDAP problem
Index(es):
- Chronological
- Thread