[cabfpub] C=GR, C=UK exceptions in BRs
Ryan Sleevi
sleevi at google.com
Sat Mar 18 00:15:11 UTC 2017
On Fri, Mar 17, 2017 at 8:09 PM, Kirk Hall via Public <public at cabforum.org>
wrote:
> in general, I think a country should be able to decide that for itself.
>
It sounds like you're opposed to including identity information in
certificates, or at least opposed to providing a standard that Browsers
might be able to rely on, because this impinges on the ability of countries
to set their own policies.
Is this correct? If not, could you highlight why you don't believe a
country should also be able to set its own requirements as to what fields
appear in a certificate (as practiced by various government PKIs, as the
recent discussion with Li-Chun presents).
Do you also believe countries should be able to set their own rules on how
domains are validated? If not, could you explain what the difference is?
This would be useful and insightful to understand how to put what appears
to be two logically and practically inconsistent views together - that
Entrust supports identity information in certificates, but opposes
mandating how that information is encoded or validated. How can relying
parties effectively use this information?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170317/3e67871e/attachment-0003.html>
More information about the Public
mailing list