Re: Remaining open issues for RFC-2401bis

[Stephen Kent <kent@bbn.com>]

At 2:37 PM -0600 3/24/04, Nicolas Williams wrote:
>On Wed, Mar 24, 2004 at 11:05:20AM -0800, Charlie Kaufman wrote:
>> We could add yet another ID Type option for UTF-8 string, but does
>> anyone actually have a use for it?
>
>When the rfc822 subjectAltName is internationalized then the
>corresponding ID should be also by extension (one hopes).  If the matter
>is addressed by adding additional cert extensions or by adding to the
>general name CHOICE (why is it not marked extensible?) then we may need
>a new ID type to go with it.
>
>Nico
>--

Nico,

GN is already extensible:

GeneralName ::= CHOICE {
        otherName                       [0]     OtherName,
        rfc822Name                      [1]     IA5String,
        dNSName                         [2]     IA5String,
        x400Address                     [3]     ORAddress,
        directoryName                   [4]     Name,
        ediPartyName                    [5]     EDIPartyName,
        uniformResourceIdentifier       [6]     IA5String,
        iPAddress                       [7]     OCTET STRING,
        registeredID                    [8]     OBJECT IDENTIFIER }

OtherName ::= SEQUENCE {
        type-id    OBJECT IDENTIFIER,
        value      [0] EXPLICIT ANY DEFINED BY type-id }


otherName and registeredID provide all the extensibility you could ever want in terms of creating additional ID types.

Steve