ISSUE-147
Descriptions of certificate matching rules in SWFE need explanations somewhere
- State:
- CLOSED
- Product:
- wsc-xit
- Raised by:
- Mary Ellen Zurko
- Opened on:
- 2008-01-02
- Description:
- 7.1
"If both SiteA's and SiteB's certificates have the same value for the Subject field's Common Name (CN) attribute, there is a match; otherwise, continue with the matching algorithm. "
I'm struggling to understand why this makes sense. I don't remember web user agents (wua's) displaying CN to me in normal or error conditions. So I don't see why this makes sense as matching wua displays (examples would disprove my memory). And I don't remember CAs promising not to "reuse" CNs (but maybe they do?). So it doesn't make sense from that perspective either. And I think I read several versions in the wiki, but don't remember an explanation of this there. Please explain. "If both SiteA's and SiteB's certificates have the same values for all of the "O", "L", "ST" and "C" attributes of the Subject field, there is a match; otherwise, continue with the matching algorithm. "
OK, the conversation the other day was good, and the explanation later in the section is helpful. But I don't remember what these all are. Can you provide an easy to follow reference to decrypt them? O is organization. Drawing a blank on the other 3. - Related Actions Items:
- No related actions
- Related emails:
- ISSUE-147: Descriptions of certificate matching rules in SWFE need explanations somewhere [wsc-xit] (from sysbot+tracker@w3.org on 2008-01-02)
Related notes:
No additional notes.
Display change log
