Standards » Security Area » CAOPS WG

This document provides guidance for the use of directory names, attributes, and extensions in X.509 certificates, such that they are usable by the majority of the grid infrastructures today. The intended audience for this document includes issuers of X.509 certificates for use in grid infrastructures, and implementers of X.509 validation software for grid purposes.

Interoperability for X.509 identity certificates between the issuers of certificates and the software that interprets them is increasingly more important as the number of participants in grids that rely on a X.509 certificates grows. It is difficult to predict which particular software will be used by the parties relying on the certificate, and how this software interprets specific name forms, attributes, and extensions. This document gives guidance and defines explicit restrictions on the certificate profile to ensure the certificate is interpreted by the relying party in the way the issuer intended. It specifies and further restricts the certificate format as defined in RFC3280 and the X.509 standard.

This document provides guidance for the use of directory names, attributes, and extensions in X.509 certificates, such that they are usable by the majority of the grid infrastructures today. The intended audience for this document includes issuers of X.509 certificates for use in grid infrastructures, and implementers of X.509 validation software for grid purposes.

Interoperability for X.509 identity certificates between the issuers of certificates and the software that interprets them is increasingly more important as the number of participants in grids that rely on a X.509 certificates grows. It is difficult to predict which particular software will be used by the parties relying on the certificate, and how this software interprets specific name forms, attributes, and extensions. This document gives guidance and defines explicit restrictions on the certificate profile to ensure the certificate is interpreted by the relying party in the way the issuer intended. It specifies and further restricts the certificate format as defined in RFC3280 and the X.509 standard.

This document provides guidance for the use of directory names, attributes, and extensions in X.509 certificates, such that they are usable by the majority of the grid infrastructures today. The intended audience for this document includes issuers of X.509 certificates for use in grid infrastructures, and implementers of X.509 validation software for grid purposes.

Interoperability for X.509 identity certificates between the issuers of certificates and the software that interprets them is increasingly more important as the number of participants in grids that rely on a X.509 certificates grows. It is difficult to predict which particular software will be used by the parties relying on the certificate, and how this software interprets specific name forms, attributes, and extensions. This document gives guidance and defines explicit restrictions on the certificate profile to ensure the certificate is interpreted by the relying party in the way the issuer intended. It specifies and further restricts the certificate format as defined in RFC3280 and the X.509 standard.