Bug 3658 – grid-cert-info should have option for RFC 2253 format DN

Bug 3658 - grid-cert-info should have option for RFC 2253 format DN

Summary:

grid-cert-info should have option for RFC 2253 format DN

Status:	RESOLVED FIXED

Product:	GSI C
Component:	Credentials and Proxies
Version:	1.1.3
Platform:	All All

Importance:	P3 enhancement
Target Milestone:	4.2.2
Assigned To:	Rachana Ananthakrishnan

URL:
Keywords:	C/Java

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2005-08-16 12:43 by Von Welch
Modified:	2008-11-17 16:34 (History)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note

You need to log in before you can comment on or make changes to this bug.

Description From Von Welch 2005-08-16 12:43:51

OpenSSL can produce RFC 2253 formatted DNs, but grid-cert-info doesn't have an
option to do so. Since other PKI systems and standards specify RFC 2253 format,
this would be useful. For example, this is the DN format used in SAML.

I suggest we add a '--rfc2253' option to grid-cert-info (and grid-proxy-info) to
produce this behavior.

% openssl x509 -in ~/.globus/usercert.pem -subject -noout -nameopt RFC2253
subject= CN=Von S. Welch,O=National Center for Supercomputing Applications,C=US

(We should leave off the 'subject=' prefix.)

------- Comment #1 From Tom Scavo 2008-08-12 14:26:24 -------

Does it matter that RFC 4514 obsoletes RFC 2253?  I read Appendix B (Changes
Made since RFC 2253) from RFC 4514 but I don't have a sense if the changes are
significant.

------- Comment #2 From Von Welch 2008-08-14 09:04:09 -------

I gave appendix B a read and I don't see anything that I think effects us.

------- Comment #3 From Joe Bester 2008-11-17 16:34:52 -------

Committed this to 4.2 branch and trunk.