Updating bind serial numbers automatically
Thus the browser can verify the SSL cert of the website by means of the loaded group of accepted certificates or the root certificates can be looked up in an X.500 or LDAP Directory (or via HTTP/S) and imported into the list of trusted Certificate Authorities.
The "bound" distinguished name is located in the subject fields of the certificate which matches the Directory entry.
To contrast this with X.500, the certificate is one attribute of many for an entry, in which the entry could contain anything allowable by the specific Directory schema.
Thus X.500 does store the digital certificate, but it is one of many attributes that could potentially verify the organization, such as physical address, a contact telephone number and an email contact.
ISO/IEC 9594 is the corresponding ISO identification.
Because these protocols used the OSI networking stack, a number of alternatives to DAP were developed to allow Internet clients to access the X.500 Directory using the TCP/IP networking stack.
For example, a web site using SSL, typically the DNS site name " is verified in a browser by the software using libraries that would check to see if the certificate was signed by one of the trusted root certificates given to the user.Therefore, creating trust for users that they had reached the correct web site via HTTPS.However, stronger checks are also possible, to indicate that more than the domain name was verified.Each entry has a unique Distinguished Name, formed by combining its Relative Distinguished Name (RDN), one or more attributes of the entry itself, and the RDNs of each of the superior entries up to the root of the DIT.As LDAP implements a very similar data model to that of X.500, there is further description of the data model in the article on LDAP.