[x500standard] Requesor in CommonArguments

• From: "Erik Andersen" <era@xxxxxxx>
• To: "Directory list" <x500standard@xxxxxxxxxxxxx>, "SG17-Q11" <t09sg17q11@xxxxxxxxxxxxx>
• Date: Thu, 3 Nov 2011 18:16:33 +0100

Hi,

 

In 7.3 of  X.511 one might find the following text for the requestor
parameter of the CommonArguments:

 

The requestor Distinguished Name identifies the originator of a particular
operation. It holds the name of the user as identified at the time of
binding to the Directory. It may be required when the request is to be
signed (see 7.10), and shall hold the name of the user who initiated the
request. 

 

Can anyone explain why the requestor component may be required when the
request is signed?

 

The text has been there unchanged since the very first edition. 7.10 does
not give any clue as to why the component may be required.

 

Anyway, the requestor component is not very reliable  for access control
requirements, as it is supplied by the originator. The identity established
during Bind is somewhat more reliable. 

 

Erik Andersen

Andersen's L-Service

Elsevej 48,

DK-3500 Vaerloese

Denmark

Mobile: +45 2097 1490

e-amail: era@xxxxxxx

Skype: andersen-erik

http://www.x500.eu/

http://www.x500standard.com/

 <http://dk.linkedin.com/in/andersenerik>
http://dk.linkedin.com/in/andersenerik

 

• Follow-Ups:
  • [x500standard] Re: Requesor in CommonArguments
    • From: David Chadwick

Other related posts:

• » [x500standard] Requesor in CommonArguments - Erik Andersen
• » [x500standard] Re: Requesor in CommonArguments - David Chadwick

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page
• » View list details
• » Manage your subscription