On 02-04-16 16:49:25 CEST, Richard Levitte - VMS Whacker wrote: > BTW, thinking about it, I'm not sure why this discussion acme up at > all. Certificates are often stored as attributes of a record (eh, > terminology isn't a strength of mine, so if "record" isn't the proper > term, please pardon me), at least in the directories that I've viewed, > and the LDAP DN isn't necesserely the same (obviously, it's at least > inversed :-)).
no, it is not. :-) it's the different presentations of a DN that are inverses. > So I wonder, what exactly is the problem here? Do the OpenCA folks the exact problem is that the openca-developers were confused. and most people here didn't know much better either? :-) but howard chu's comments made me look for a proof that both the X.500 presentation and the LDAP presentation--despite their opposite order-- describe the same DER presentation, and i think i found it in RFC 2253 2.1. now we (openca developers) can write code to handle this mess. rj ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
