Re: Attribute Ordering

        1) Duplicate attribute tags are illegal, 2) Attributes must be
        ordered by tag value.

        The question arose because of a certificate from TIS which does
        not meet the ordering requirement.

Tom, you are confusing ordering within an RDN and the order of RDNs.
Our certificates (more precisely distinguished names) are comprised of
single-valued RDNs.  This means there is exactly one AVA per RDN.

While the elements of an RDN are enclosed in a set, RDNs are in a
sequence.  So, for DER the elements of an RDN are ordered according to
the tag.  However, the RDNs are by definition already ordered.

Thus, the presence of the common name attribute at the end in the DER
encoding is exactly correct, since it is the last RDN in the sequence of
RDNs comprising the distinguished name.

Jim

<Prev in Thread]	Current Thread	[Next in Thread>
Attribute Ordering, TCJones Re: Attribute Ordering, James M Galvin <= Re: Attribute Ordering, Raymond Lau Re: Attribute Ordering, David M. Balenson Re: Attribute Ordering, Raymond Lau Re: Attribute Ordering, Charles W. Gardiner Re: Attribute Ordering, Hoyt Kesterson Re: Attribute Ordering, Steve Kent Re: Attribute Ordering, John Lowry

Previous by Date:	Attribute Ordering, TCJones
Next by Date:	Re: X.400 body part for PEM, James M Galvin
Previous by Thread:	Attribute Ordering, TCJones
Next by Thread:	Re: Attribute Ordering, Raymond Lau
Indexes:	[Date] [Thread] [Top] [All Lists]