Christian,
I liked Warwick's suggestion because it didn't rely on English
as a standard language for attribute values, nor impinge on anyone's
choice of names for anything. It does complicate the DN subordination
rule a bit, and so my bottom line concern was whether the added
complexity or the rules, plus the addition of a new attribute, was
likely to be worth the effort to allow a CA to have a name distinct
from the organization name.
From the commnets I've seen so far, there is a lot of concern
over the ability to add a new (distinguihsed) attribute type without
causing lots of problems, which disappoints me a bit. I didn't
realize that this would be so big a sticking problem as you and Mike
have suggested, but I defer to your judgement here since my experience
has been with just one DSA product, where it would be trivially easy to
add the attribute.
I'm not very happy with the alternatives that have been
proposed, e.g., because the fail precisely the tests that Warwick's
original proposal satisfied and which I cited above. I think we have
to avoid being English-centric in this international endeavour.
Back to the drwaing board?
Steve