[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [saml-dev] X509SubjectName and relationship to RFC2253?
The core-00 version of SAML 1.0 describes the format attribute, #X509SubjectName , as follows: Indicates that the content of the NameIdentifier element is in the form specified for the contents of <ds:X509SubjectName> element in [DSIG]. Implementors should note that [DSIG] specifies encoding rules for X.509 subject names that **differ** from the rules given in RFC2253 [RFC2253]. There is no [DSIG] reference in this SAML document's bibliography. The closest I have found is [XMLSig]. Is that the proper one? When I follow that link I end up at RFC3275 which seems to contradict the SAML text: ... The X509SubjectName element, which contains an X.509 subject distinguished name that SHOULD be compliant with RFC 2253 [LDAP-DN] ... Can someone explain what implied differences would exist in encoding between SAML/DSIG and RFC2253 for this field? Most importantly --- can I use this field for LDAP DNs, or should I add an additional format tag (such as #RFC2253DistinguishedName)? Thank you for any clarification. -Ken ___________________________________________________________ Kenneth J. Gartner Development Engineering Manager Quadrasis -- We Unify Security Hitachi Computer Products (America), Inc. 1601 Trapelo Road Phone: (781) 768-5830 Waltham, MA 02451 Fax: (781) 890-4998 email@example.com ___________________________________________________________
Powered by eList eXpress LLC