Hi all, On 2013-01-31 17:55, stephen.burke@stfc.ac.uk wrote:
JP Navarro [mailto:navarro@mcs.anl.gov] said:
It would appear there is no RFC. We have a choice to make on whether to change GLUE 2 to be compliant with an RFC, or keep things the way they are to be compatible with an old de-facto standard. Both option have impacts of different sorts.
With our current middleware I think it doesn't make sense to use anything other than the openssl format in GLUE, it would mean having format converters in both directions which would be highly error-prone, there are lots of subtleties. You could argue that the entire middleware should change, but I think that would be about as likely as the UK changing to driving on the right!
Stephen
I think the same as Stephen. And to be practical, these fields are only used by middlewares to check against certificates DN written in the same format. I think for an extension we can imagine something smarter, but for the moment we should leave it like that. It's just then difficult to formally define the content of that field now.... also because of the reverse order that ldap dn impose :P Cheers, -- Florido Paganelli Lund University - Particle Physics ARC Middleware EMI Project