[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
names in certificates for IPSec...?
Anyone have ideas on how large a name for an IPSec certificate should be? How many parts (surname, organization, organizational unit, country, etc.) should it have? How big should each entry be allowed to be?
I am interested in what IPSec users and implementors want, _not_ what certificate engine vendors are selling. For example, the fact some CA's jam copyright notices, nutritional information, and galactic polar coordinates into these things is not relevant.
I was thinking of this:
max 16 entries
max 256 characters each entry
Also, does this work for non-US names? I am not sure how non-US names should be stored in this, and I was present when someone from Japan pointed out we kind of got this wrong in the Open PGP work at the IETF meeting.
Follow-Ups: