Dear all, Following the discussions at OGF38a and addressing the public comments, a new version (0.7) of the Grid Certificate Profile is now at: http://redmine.ogf.org/dmsf_files/25 It contains the following material changes: - attribute names have been normalised and changed to match RFC5280 - explanatory text clarified in several places by re-ordering sentences - SHA-2 description for CAs and EECs harmonised - table headings added for DNs and attributes, and clarified normative language columns - expanded the list of eKU values, instead of refering to non-existent section 5 - fixed one 'rfc822emailAddress' misnomer to read "rfc822Name" Also, when implementing these changes I found one inconsistency: - subject RDN description in section 3.3.1 mentioned only PrintableString and UTF-8 string, but in section 3.3.4 and 3.3.6 it specifically added IA5String and advised its use. Added IA5String as permissible to 3.3.1 and 3.3.3 as well, in particular to encode the "@" sign in commonName attributes. The 7-bit printable ASCII subset of UTF-8 is given as permissible. The changes are highlighted in the PDF at http://redmine.ogf.org/dmsf_files/13083 Depending on Jens or Greg, this now may need to go back to public comment after the WG has reviewed the changes (the updates are minor but not insignificant). Best, DavidG. -- David Groep ** Nikhef, Dutch National Institute for Sub-atomic Physics,PDP/Grid group ** ** Room: H1.50 Phone: +31 20 5922179, PObox 41882, NL-1009DB Amsterdam NL **