Charlie writes:
... scan in a handwritten signature and laser print it on top of an
arbitrary document...
I thought that was how you get *digital* signatures !
JUST KIDDING !! :-)
On a more serious note,
I cannot agree any less strongly with Charlie's point of not using DNs
for authorization and other *things* except what it's there to
do--uniquely identifying an entity.
Also, in a nut shell, i think there are merits with not using the format
of the DN to guarantee its uniqueness. I would rather see a single DN
used for an entity throughout the world than multiple DNs all uniquely
pointing to that entity. The privacy problems of doing that, set aside!
...
_______________________________________________________________________
Alireza Bahreman E-Mail:
bahreman(_at_)bellcore(_dot_)com
Bellcore, Room RRC-1K221 Phone : +1 908 699 7398
444 Hoes Lane, Piscataway, NJ 08854 Fax : +1 908 336 2943