This document defines a new form of name@ called permanent identifier@ that may be included in the subjectAltName extension of a public key certificate issued to an entity. The permanent identifier is an optional feature that may be used by a CA to indicate that two or more certificates relate to the same entity@ even if they contain different subject name (DNs) or different names in the subjectAltName extension@ or if the name or the affiliation of that entity stored in the subject or another name form in the subjectAltName extension has changed. The subject name@ carried in the subject field@ is only unique for each subject entity certified by the one CA as defined by the issuer name field. However@ the new name form can carry a name that is unique for each subject entity certified by a CA.
RFC 4043-2005 history
2005RFC 4043-2005 Internet X.509 Public Key Infrastructure Permanent Identifier