Thanks Michael!! I will read this RFC and get more details.
But I have one more question: When my client (in his browser) generate a certificate and change the key pair, install the certificate and will use it with the same browser configuration, the certificate works. But if the client that have one cert installed change the browser options (level of security, uses of SSL 2, SSL 3 or TLS, or aplly the windows patch Q323172 (responsable for a vulnerability with certs) the certificate stop working and we have to tell to the client make a new certificate to work with the new configuration. So, my question is: In the moment of the change key pair/generate, the certificate get some information about browser's configuration? Get any state of the selected SSL option or browser security level? Please, If someone have any document wich explain what exactally happen in this moment tell me! Thanks, Andr�a ----- Original Message ----- From: "Michael Bell" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Tuesday, April 05, 2005 8:44 AM Subject: Re: [Openca-Users] limit of characters > Andr�a Cavallari wrote: > > Hello people! > > > > Please, can someone answer a doubt?? In the requests we have a limitation > > of characters for CN or O? > > What's the size of this fields?? Can I determine this? Where I can > > configure? > > > > For example, this request: > > serialNumber=7,CN=Leverson T de Souza,OU=Internet,O=LUIZAO COM DE > > COMBUSTIVEIS E LUBRIF LTDA,C=BR > > > > I saw some cases that if the CN field was larger than 60 characters I get > > error while issue certificate... > > That's wrong. You get an error if your CN field is longer than 64 > characters ;) > > Please see RFC 3280 Appendix A: > (http://www.ietf.org/rfc/rfc3280.txt?number=3280) > > Examples of upper bounds: > > ub-common-name INTEGER ::= 64 > ub-organization-name INTEGER ::= 64 > ub-organizational-unit-name INTEGER ::= 64 > > Michael > -- > _______________________________________________________________ > > Michael Bell Humboldt-Universitaet zu Berlin > > Tel.: +49 (0)30-2093 2482 ZE Computer- und Medienservice > Fax: +49 (0)30-2093 2704 Unter den Linden 6 > [EMAIL PROTECTED] D-10099 Berlin > _______________________________________________________________ >
smime.p7s
Description: S/MIME cryptographic signature
