[sidr] #8: Distinguished Names in the RPKI
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[sidr] #8: Distinguished Names in the RPKI
#8: Distinguished Names in the RPKI
-----------------------------+----------------------------------------------
Reporter: gih at … | Owner:
Type: enhancement | Status: new
Priority: medium | Milestone:
Component: res-certs | Version:
Severity: In WG Last Call | Keywords:
-----------------------------+----------------------------------------------
reported by Steve Kent:
Tim Polk asked David Cooper (a NIST colleague) to check on the question
that was raised during our meeting yesterday morning. The question was
whether, if we require Subject and Issuer names in X.509 certs to be
either just a CN or a CN plus a serialNumber (as a set), one could use
commonly available CA software generate certs. The answer is that both
OpenSSL and an NSS can do this. OpenSSL required some configuration
effort, but David provided the details of the config params in his
response!
this related to arch and res-cert drafts - one, or both need to reflect
this structure if adopted
--
Ticket URL: <http://trac.tools.ietf.org/wg/sidr/trac/ticket/8>
sidr <http://tools.ietf.org/sidr/>
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
