Re: certreq with name-format "Lastname, Firstname"
- From: Michael Ströder <michael@xxxxxxxxxxxx>
- Date: Mon, 20 Nov 2006 01:52:07 +0100
Carsten,
Carsten Kinder [MSFT] wrote:
according to RFC1617 (http://www.ietf.org/rfc/rfc1617.txt?number=1617)
heading 4.4.1, a comma is not allowed as part of the common name.
1. The RFC and the section cited above does not say anything about a
comma at all.
2. This informational (and old) RFC was just meant as an profile of
X.500 directories in a special project.
3. The RFC is not relevant here since it talks about directories.
PKIX is relevant, see RFC 3280 (Standards Track).
=> Off course you can use a comma in the CN (alias commonName) if you
encode the subject DN as UTF8String as suggested by PKIX. Even
PrintableString should work.
The main problem with a comma is that it's used as a DN component
separator for the string representation of distinguished names.
Depending on what tools you use and depending on your shell you might
have to escape the comma, e.g. with a backslash \.
Ciao, Michael.
.
- Follow-Ups:
- Re: certreq with name-format "Lastname, Firstname"
- From: MarkusR
- Re: certreq with name-format "Lastname, Firstname"
- References:
- certreq with name-format "Lastname, Firstname"
- From: MarkusR
- Re: certreq with name-format "Lastname, Firstname"
- From: Carsten Kinder [MSFT]
- certreq with name-format "Lastname, Firstname"
- Prev by Date: Re: certreq with name-format "Lastname, Firstname"
- Next by Date: Re: Create a domain account with full access to all files and folders?
- Previous by thread: Re: certreq with name-format "Lastname, Firstname"
- Next by thread: Re: certreq with name-format "Lastname, Firstname"
- Index(es):
Relevant Pages
|
