Phil Dibowitz wrote: > Bear Giles wrote: > >>Issuer DN and serial number are unique. > > > Yes, but we have a central identity system that uses GUIDs to ... > everything. We want to do it for cerificates as well. We want said GUID > to be in the certificate. > > Serial number is typically used for renewals, I don't want to step on that. > > Any suggestions for attributes for that? > > We'll only be dealing with our internal CA, so I have control over all > of that. >
No references on places to look? Suggestions on extensions to use? For reference, the original question was: We'd like to tie all of our certificates to a unique identifier in a DB... is there an attribute out there, perhaps in the PKIX extensions or x509v3 extensions or somewhere else that would be a reasonable place for this? -- Phil Dibowitz P: 310-360-2330 C: 213-923-5115 Unix Admin, Ticketmaster.com
signature.asc
Description: OpenPGP digital signature
