Michael Ströder wrote:

Michael Ströder wrote:

...

following up on this because some older schema files reference 'countryName' (and worked with RE23).

Howard Chu wrote:

...

I'm puzzled why RFC4519 drops the 'countryName' alias for this type from the RFC2256 definition.

Me too...

It was also not in RFC 2256. But it is still listed in RFC 4519 in the table of chapter IANA considerations for OID 2.5.4.6.

Kurt, any idea what happened here? RFC4519 Appendix A note 28 says specifically "Changed the 'c' definition to be consistent with X.500." But there is no explicit reference to 'c' as the name of the attribute in 1993 X.520. It strikes me that this was a gratuitous change that breaks existing implementations, and did not fall under LDAPbis' charter to clarify existing usage and ambiguities in the LDAPv3 spec.

X.520 only lists "countryName" as the name of this attribute. Also as Michael points out, both 'c' and 'countryName' are in the LDAP descriptors registry section of the IANA Considerations (section 4). It looks like the actual registry is correct, and omitting the long names from the schema definition in section 2 is an error. (Likewise for quite a large number of the other attributes in section 2.)

It's also worth pointing out, if harmonization with X.500 was the real goal, that stateOrProvinceName is also broken; in X.520 the shortname for this attribute is just 'S' not 'st' as used in LDAP.