[cabfpub] C=GR, C=UK exceptions in BRs
Ryan Sleevi
sleevi at google.com
Sat Mar 18 00:19:18 UTC 2017
On Fri, Mar 17, 2017 at 8:15 PM, Ryan Sleevi <sleevi at google.com> wrote:
>
>
> On Fri, Mar 17, 2017 at 8:09 PM, Kirk Hall via Public <public at cabforum.org
> > wrote:
>
>> in general, I think a country should be able to decide that for itself.
>>
>
> It sounds like you're opposed to including identity information in
> certificates, or at least opposed to providing a standard that Browsers
> might be able to rely on, because this impinges on the ability of countries
> to set their own policies.
>
> Is this correct? If not, could you highlight why you don't believe a
> country should also be able to set its own requirements as to what fields
> appear in a certificate (as practiced by various government PKIs, as the
> recent discussion with Li-Chun presents).
>
> Do you also believe countries should be able to set their own rules on how
> domains are validated? If not, could you explain what the difference is?
>
> This would be useful and insightful to understand how to put what appears
> to be two logically and practically inconsistent views together - that
> Entrust supports identity information in certificates, but opposes
> mandating how that information is encoded or validated. How can relying
> parties effectively use this information?
>
Further, it might be useful if you could highlight whether you believe only
countries should have this ability. Can local jurisdictions - such as
states or cities - also be able to set their own rules? Should legal
entities, like corporations, be able to express their wishes as to how
their identity information is represented? What about individuals - should
I be able to request a different name appear in an IV certificate, such as
a name I may be known to my friends as?
Understanding the principles behind your support will no doubt help us
effectively discuss and understand your proposal.
Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170317/93391e84/attachment-0003.html>
More information about the Public
mailing list