Hi, I have proposed the following text to end of the text of the proposed DNS name attribute type. A DNS name to be used as a name in a public-key certificate or in an attribute certificate shall be a fully-qualified domain name (FQDN), i.e., it shall identify a particular entity. A FQDN may have an asterisk ('*') as an additional leftmost label, which is a substitute (wildcard) for all labels of the next levels of subdomains of the domain identified by the FQDN without the asterisk. Please comment on whether such paragraph is useful, and if so, you might suggest a more elegant formulation. Regards, Erik