Folks:
This discussion of the use of DNs in certificates used with PEM seems
to have gotten very much off track. The central issues are not that
complicated, although a lack of familiarity with the RFCs does seem
to have contributed significanlty to this confusion.
1. I believe that the concern Peter Yee expressed in the message that
triggered this sequence of messages is a valid one. The concern, if I
paraphrase Peter, is that individuals and organizations who generate
DNs in order to make use of X.509 certificates with PEM should
exercise care.
2. Contrary to popular (but uninformed) belief, the PEM RFCs do not
establish conventions for DN formats, allowed attributes, etc. The
only restriciton on DNs is the one implied by the name subordination
requirement which has been cited in previous messages. The RFCs point
out that PCAs and CAs should follow appropriate schema when creating
DNs (vs. merely issuing certificates for existing DNs). Given the
global scope of PEM, I don't think there is one schema guideline we
can point to, although we do point to guidelines for North America.
Given this context, it is silly (at best) to argue that the PEM RFCs
diverge from X.500 DN conventions. We are pointing people in the
right direction and hoping for the best. I don't know that anyone
encouraging very widespread DN adoption can do much more without
usurping somebody's right to establish schema conventions somewhere in
the world, but I'm open to concrete suggestions.
3. X.509 certificates are designed for authentication, not
authorization. The verified DNs provided by such certificates can be
used as inputs to identity-based access control decisions. However,
there are many types of attributes one might wish to associate with an
entity for input to authorization decisions and these attributes are
often not appropriate in a DN. There is considerable literature on
the topic of using certificates for authorization: ECMA documents,
PKCS documents, and ANSI X9F1 documents, and papers published in
various computer security conferences over the last 5 years. All of
this literature distinguishes between certificates for authorization
vs. identification, although there is not universal agreement on what
form the former should take and how they should be related to the
latter. PEM has requirements only for identification certificates,
and has thus adopted the one certificate format generally recognized
as a suitable basis for that function. Thus I don't think it is
reasonable to criticize the one DN relationship constraint in the PEM
RFCs because of a conflict with a desire to use certificates for
authorization.
4. PCAs really should act responsibily. This means that a PCA should
be aware of X.500 schema conventions applicable to any populations
which the PCA serves, and it should be firm in inststing that CAs
abide by those conventions with regard to certificates issued for PEM
use. A PCA which is not prepared to exercise some judgement in this
fashion is doing a disservice to the community as a whole. If I could
have figured out a way to state that "backbone" and a sense of DN
"good tatse" is a requirement for prospective PCAs, I would have put
it in the RFCs.
Steve