[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [ebxml-msg-comment] Re: [ebxml-cppa-comment] A "Trivial" Securee-business Question
Thanx Dale,
To put DUNS numbers in DNs is indeed possible but a
problem is how to inform the software (and users) that the object actually is a
DUNS number without creating an arbitrary amount of special DN attributes.
In case you are interested, I have initiated an
(not yet sanctioned) IETF draft effort to address this as well as many
other issues related to the mapping of PKI to business systems. It
exploits the fact that practically all commercial CAs as well as most
professionally run private CAs, implicitly form a two-level
architecture where the CA cert/key vouches for a certain issuance and associated
name space (like VeriSign's web-server CA that vouches for DNS host names
together with associated owner and nothing else). By making this de-facto
scheme explicit, a foundation for a more robust
PKI-to-business-system-mapping is created. To get back to DUNS, such
numbers would to preferably be expressed like http://xmlns.dnb.com/D-U-N-S : 678456123
where the first part would be stored at the CA-level, and the actual DUNS
number using an existing DN attribute, at the
end-entity-level. Well, it is up to D&B to define the actual
name-space but something according to these lines is a more "XML-ish" and
future-proof way than using special codes to identify DUNS. There are
maybe thousands of possible name-spaces possible as even a company could (I
really hope not) define name-spaces for employees, clients, whatever. It
seems that the URI is nowadays the only truly universal way to identify objects
with, so it is (about) time for business to adopt this as well. As we can
keep our legacy EAN, DUNS, VAT, and SIREN numbers as they are today, this step
in not that big. Although some standards institutions may
object.
BTW, I would be very happy to get a co-editor or
just a reviewer on this draft...
Best
Anders Rundgren
|
draft-rundgren-pkix-pnppki4ws-00.pdf
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]