---- Included message:
human factors lesson here - if a computer professional is having
trouble specifying his X.400 address in a replyable form, we probably need
to look carefully at the choice of X.500 names (which are similar and
related in a not-quite-obvious way) in certificates. This could be
a Help Desk nightmare - if people don't know their own addresses, how
are they going to be sure they signed things with the right certificate? ;)
I completely concur.
The original intention behind the attribute/value approach was to be friendly,
by
virtue of the non-order-dependent flexibility and possibly the ability to leave
out
some fields. As often proves true, these good intentions had an exactly
counter-
productive effect. The more-rigit internet email model apparently is vastly
simpler for humans to deal with.
One caveat is to question whether the CURRENT strings are indicative of the
long-term
strings. E.g., the current DNS string (foo.com) are clearly not scalable for
the long-term. If we develop string schemas that are, then do we still win on
the human factors. (My own guess is yes, even in a worst-case scenario, like
using
full postal addresses.)
d/