Names
Certification Authorities
Certification Authorities
The CILogon Certification Authorities use the following Issuer Distinguished Names:
/DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon Silver CA 1/DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon Basic CA 1/DC=org/DC=cilogon/C=US/O=CILogon/CN=CILogon OpenID CA 1Certificate Subjects
Certificate Subjects
The CILogon Basic and Silver CAs issue certificates with Subject Distinguished Names of the following form:
/DC=org/DC=cilogon/C=US/O=OrganizationDisplayName/CN=displayName UIDIn the above template:
- OrganizationDisplayName is the value of the OrganizationDisplayName element in the EntityDescriptor for the identity provider found in the SAML metadata for the InCommon Federation.
- displayName is the value of the RFC 2798 inetOrgPerson DisplayName attribute in the SAML authentication assertion.
- UID is a unique identifier for the subscriber, assigned by the CA, to ensure uniqueness of subject names.
For example:
/DC=org/DC=cilogon/C=US/O=University of Illinois at Urbana-Champaign/CN=Jim Basney A47983The CILogon OpenID CA issues certificates with Subject Distinguished Names of the following form:
/DC=org/DC=cilogon/C=US/O=OpenIDProvider/CN=EndEntityName UIDIn the above template:
- OpenIDProvider is an identifier for the OpenID Provider ("Google", "Yahoo", "Verisign", etc.).
- EndEntityName is a presentation of the subject's name provided by the OpenID Provider in OpenID namePerson, fullname, or similar attributes.
- UID is a unique identifier for the subscriber, assigned by the CA, to ensure uniqueness of subject names.
For example:
/DC=org/DC=cilogon/C=US/O=Google/CN=Jim Basney A437