ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzahu_5.4.0.1/rzahudistname.htm

79 lines
4.7 KiB
HTML

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Distinguished name" />
<meta name="abstract" content="Use this information to learn about the identification characteristics of digital certificates." />
<meta name="description" content="Use this information to learn about the identification characteristics of digital certificates." />
<meta name="DC.Relation" scheme="URI" content="rzahurzahu4abunderstanddc.htm" />
<meta name="DC.Relation" scheme="URI" content="rzahucertextensions.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="dist_name" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Distinguished name</title>
</head>
<body id="dist_name"><a name="dist_name"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Distinguished name</h1>
<div><p>Use this information to learn about the identification
characteristics of digital certificates. </p>
<p>Each CA has a policy to determine what identifying information the CA requires
to issue a certificate. Some public Internet Certificate Authorities may require
little information, such as a name and e-mail address. Other public CAs may
require more information and require stricter proof of that identifying information
before issuing a certificate. For example, CAs that support Public Key Infrastructure
Exchange (PKIX) standards, may require that the requester verify identity
information through a Registration Authority (RA) before issuing the certificate.
Consequently, if you plan to accept and use certificates as credentials, you
need to review the identification requirements for a CA to determine whether
their requirements fit your security needs.</p>
<div class="p">Distinguished name (DN) is a term that describes the identifying information
in a certificate and is part of the certificate itself. A certificate contains
DN information for both the owner or requestor of the certificate (called
the Subject DN) and the CA that issues the certificate (called the Issuer
DN). Depending on the identification policy of the CA that issues a certificate,
the DN can include a variety of information. You can use Digital Certificate
Manager (DCM) to operate a private Certificate Authority and issue private
certificates. Also, you can use DCM to generate the DN information and key
pair for certificates that a public Internet CA issues for your organization.
The DN information that you can provide for either type of certificate includes:
<ul><li>Certificate owner's common name</li>
<li>Organization</li>
<li>Organizational unit</li>
<li>Locality or city</li>
<li>State or province</li>
<li>Country or region</li>
</ul>
</div>
<div class="p">When you use DCM to issue private certificates, you can use certificate
extensions to provide additional DN information for the certificate, including:
<ul><li>Version 4 IP address</li>
<li>Fully qualified domain name</li>
<li>E-mail address</li>
</ul>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahurzahu4abunderstanddc.htm" title="View this information to better understand what digital certificates are and how they work. Learn about the different types of certificates and how you can use them as part of your security policy.">DCM concepts</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzahucertextensions.htm" title="Certificate extensions are information fields that provide additional information about the certificate.">Certificate extensions</a></div>
</div>
</div>
</body>
</html>