79 lines
4.7 KiB
HTML
79 lines
4.7 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="concept" />
|
|
<meta name="DC.Title" content="Distinguished name" />
|
|
<meta name="abstract" content="Use this information to learn about the identification characteristics of digital certificates." />
|
|
<meta name="description" content="Use this information to learn about the identification characteristics of digital certificates." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzahurzahu4abunderstanddc.htm" />
|
|
<meta name="DC.Relation" scheme="URI" content="rzahucertextensions.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2000, 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2000, 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="dist_name" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Distinguished name</title>
|
|
</head>
|
|
<body id="dist_name"><a name="dist_name"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Distinguished name</h1>
|
|
<div><p>Use this information to learn about the identification
|
|
characteristics of digital certificates. </p>
|
|
<p>Each CA has a policy to determine what identifying information the CA requires
|
|
to issue a certificate. Some public Internet Certificate Authorities may require
|
|
little information, such as a name and e-mail address. Other public CAs may
|
|
require more information and require stricter proof of that identifying information
|
|
before issuing a certificate. For example, CAs that support Public Key Infrastructure
|
|
Exchange (PKIX) standards, may require that the requester verify identity
|
|
information through a Registration Authority (RA) before issuing the certificate.
|
|
Consequently, if you plan to accept and use certificates as credentials, you
|
|
need to review the identification requirements for a CA to determine whether
|
|
their requirements fit your security needs.</p>
|
|
<div class="p">Distinguished name (DN) is a term that describes the identifying information
|
|
in a certificate and is part of the certificate itself. A certificate contains
|
|
DN information for both the owner or requestor of the certificate (called
|
|
the Subject DN) and the CA that issues the certificate (called the Issuer
|
|
DN). Depending on the identification policy of the CA that issues a certificate,
|
|
the DN can include a variety of information. You can use Digital Certificate
|
|
Manager (DCM) to operate a private Certificate Authority and issue private
|
|
certificates. Also, you can use DCM to generate the DN information and key
|
|
pair for certificates that a public Internet CA issues for your organization.
|
|
The DN information that you can provide for either type of certificate includes:
|
|
<ul><li>Certificate owner's common name</li>
|
|
<li>Organization</li>
|
|
<li>Organizational unit</li>
|
|
<li>Locality or city</li>
|
|
<li>State or province</li>
|
|
<li>Country or region</li>
|
|
</ul>
|
|
</div>
|
|
<div class="p">When you use DCM to issue private certificates, you can use certificate
|
|
extensions to provide additional DN information for the certificate, including:
|
|
<ul><li>Version 4 IP address</li>
|
|
<li>Fully qualified domain name</li>
|
|
<li>E-mail address</li>
|
|
</ul>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzahurzahu4abunderstanddc.htm" title="View this information to better understand what digital certificates are and how they work. Learn about the different types of certificates and how you can use them as part of your security policy.">DCM concepts</a></div>
|
|
</div>
|
|
<div class="relconcepts"><strong>Related concepts</strong><br />
|
|
<div><a href="rzahucertextensions.htm" title="Certificate extensions are information fields that provide additional information about the certificate.">Certificate extensions</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |