17 Nov
2004
17 Nov
'04
8:26 p.m.
On 2004-11-17, at 18:59, Diarmuid O'Neill wrote:
Strictly speaking this violates RFC2246 [cut] These distinguished names may specify a desired distinguished name for a root CA or for a subordinate CA; thus, this message can be used both to describe known roots and a desired authorization space.
It does NOT violate RFC 2246. It's just currently not implemented. "may" and "can" usually indicate optional functionality. Best regards, Mike