[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Service name + host check [Re: Last Call: Discovering LDAP Services with DNS to Proposed Standard]

To: helm@fionn.es.net, "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Subject: Re: Service name + host check [Re: Last Call: Discovering LDAP Services with DNS to Proposed Standard]
From: Norbert Klasen <norbert.klasen@daasi.de>
Date: Tue, 26 Feb 2002 13:03:24 +0100
Cc: Lawrence Greenfield <leg+@andrew.cmu.edu>, IETF ldapext WG <ietf-ldapext@netscape.com>, "RL 'Bob' Morgan" <rlmorgan@washington.edu>
Content-disposition: inline

--On Sonntag, 24. Februar 2002 12:30 -0800 Michael Helm <helm@fionn.es.net> wrote:

I think Microsoft has been putting kerberos
principal names in subjectaltname ... I don't have one I can
get at to check at the moment.


It it included as subjectAltName of type OtherName:

Subject Alternative Name = Other Name: Principal Name = (UPN). For example:
UPN = user1@ name .com
The UPN OtherName OID is : "1.3.6.1.4.1.311.20.2.3"
The UPN OtherName value: Must be ASN1-encoded UTF8 string


--
Dipl.-Inform. Norbert Klasen
DAASI International GmbH                 phone: +49 7071 29 70336
Wilhelmstr. 106                          fax:   +49 7071 29 5114
72074 Tübingen                           email: norbert.klasen@daasi.de
Germany                                  web:   http://www.daasi.de

Prev by Date: [no subject]
Next by Date: I n c r e a s e y o u r M u s c l e S t r e n g t h
Index(es):
- Chronological
- Thread