[cabf_validation] Proposed ballot - EV State Optional
md
md at ssc.lt
Fri Dec 16 00:56:05 MST 2016
Right, however in case of counties like Lithuania, maybe Taiwan, these categories have no meaning.
That's why we need the 'state or province' be optional only for countiries where it has no meaning, otherwise - Required.
Are you ok with this?
Thanks,M.D.
Sent from Samsung tablet.
-------- Original message --------From: Adriano Santoni <adriano.santoni at staff.aruba.it> Date: 12/16/16 09:41 (GMT+02:00) To: "Moudrick M. Dadashov" <md at ssc.lt>, CA/Browser Forum Validation WG List <validation at cabforum.org> Subject: Re: [cabf_validation] Proposed ballot - EV State Optional
Okay, but then - in my acception - "state or
province" has a real meaning in both Germany and UK (do not know
about Taiwan).... no?
Il 16/12/2016 08:29, Moudrick M.
Dadashov ha scritto:
Hi Adriano,
This is exactly what Tim proposed, whenever "state" or
"province" has real meaning - use it, otherwise, its optional.
Thanks,
M.D.
On 12/16/2016 9:10 AM, Adriano
Santoni via Validation wrote:
Including StateOrProvince helps disambiguating the
address of the certificate holder, which seems to me an
important information in both OV and EV certificates, and there
are several cases where - given just a country and a locality -
the exact location remains uncertain because of homonyms.
It is true that subdivisions named "state" or "province" do not
exist in all countries, but in most countries other subdivisions
do exist (eg. counties, regions, departments, Länder, etc.), and
I do not see why those cannot be specified in
StateOrProvince....they should, IMO.
Adriano
Il 15/12/2016 19:53, Bruce Morton via Validation ha scritto:
My concern with the list is that it will take some time to
evaluate and come to agreement on 249 countries. Once that is
completed, then we will have to maintain the list forever.
I think that the CAs have been verifying Place of Business
appropriately, but the guidelines are just poorly worded. The
result is we do not know how to handle countries with no
states and countries that have states, but do not use them as
part of the address. This also means that the auditor can
state that we have problems when we either do not include the
state field or falsely put information in the state field.
I would prefer that we just change the wording to as Tim put
it, “if it’s in the address, it’s required.” If moving
forward, we see a vulnerability with this method, then let’s
at that time to consider the other method.
Thanks, Bruce.
*From:* Tim Hollebeek [mailto:THollebeek at trustwave.com]
*Sent:* Thursday, December 15, 2016 1:41 PM
*To:* Kirk Hall <Kirk.Hall at entrustdatacard.com>;
CA/Browser Forum Validation WG List <validation at cabforum.org>;
Bruce Morton <Bruce.Morton at entrustdatacard.com>
*Subject:* RE: Proposed ballot - EV State Optional
Yes I like that even better as we can all debate the merits of
each case and agree on the correct handling so there is
absolutely no ambiguity. Each country does tend to have
subtle differences when we’ve previously discussed this on the
policy calls.
But people don’t seem to want to do that, and if they still
don’t, I think “if it’s in the address, it’s required” is a
reasonable low effort solution to move forward.
*From:*Kirk Hall [mailto:Kirk.Hall at entrustdatacard.com]
*Sent:* Thursday, December 15, 2016 1:35 PM
*To:* CA/Browser Forum Validation WG List; Bruce Morton
*Cc:* Tim Hollebeek
*Subject:* RE: Proposed ballot - EV State Optional
Another possibility is to leave state or province as required,
but then add:
“State or province is not required for the countries listed on
Appendix X”
Then we add places (Taiwan, Monaco, Vatican City, Germany,
United Kingdom) as people bring them forward. We could
include an initial list with this ballot to avoid having to
prepare another ballot to add places.
*From:* Validation [mailto:validation-bounces at cabforum.org]
*On Behalf Of *Tim Hollebeek via Validation
*Sent:* Thursday, December 15, 2016 10:26 AM
*To:* Bruce Morton <Bruce.Morton at entrustdatacard.com
<mailto:Bruce.Morton at entrustdatacard.com>>;
CA/Browser Forum Validation WG List <validation at cabforum.org
<mailto:validation at cabforum.org>>
*Cc:* Tim Hollebeek <THollebeek at trustwave.com
<mailto:THollebeek at trustwave.com>>
*Subject:* Re: [cabf_validation] Proposed ballot - EV State
Optional
Yes, I like something along those lines.
*From:*Bruce Morton [mailto:Bruce.Morton at entrustdatacard.com]
*Sent:* Thursday, December 15, 2016 1:25 PM
*To:* Tim Hollebeek; CA/Browser Forum Validation WG List
*Subject:* RE: Proposed ballot - EV State Optional
How about this?
Required/Optional:
City and country – Required;
State – Required, if verified per Section 11.4.1 as part of
the address for the Place of Business;
Street and postal code – Optional
If there is no state or the state is not used as part of the
address, then it is not required.
Bruce.
*From:* Tim Hollebeek [mailto:THollebeek at trustwave.com]
*Sent:* Thursday, December 15, 2016 10:19 AM
*To:* CA/Browser Forum Validation WG List <validation at cabforum.org
<mailto:validation at cabforum.org>>
*Cc:* Bruce Morton <Bruce.Morton at entrustdatacard.com
<mailto:Bruce.Morton at entrustdatacard.com>>
*Subject:* RE: Proposed ballot - EV State Optional
But City + Country is not unique in many common, important
cases (“Springfield, United States”), and the state is also
important since state laws tend to vary quite a bit in the US
… I think something more in the spirit of the current BRs that
does a better job of tightening up what “where applicable”
means would be better.
I don’t want to lose the requirement that US EV certificates
MUST include the state.
-Tim
*From:*Validation [mailto:validation-bounces at cabforum.org]
*On Behalf Of *Bruce Morton via Validation
*Sent:* Thursday, December 15, 2016 9:28 AM
*To:* CA/Browser Forum Validation WG List
*Cc:* Bruce Morton
*Subject:* [cabf_validation] Proposed ballot - EV State
Optional
Here is a proposed ballot per my action.
Thanks, Bruce.
*Background*:
There is confusion on whether the state or province OID MUST
be included in an EV certificate. EV section 9.2.7 states in
one place “State or province (where applicable)” and also
“City, state and country – Required.”
Since many countries do not have states or provinces and some
that do have states or provinces do not use them for their
address, it is proposed that inclusion of the state or
province OID should be optional.
*-- MOTION BEGINS --*
/Current section 9.2.7 of EV Guidelines/:
*Required/Optional:*City, state, and country – Required;
Street and postal code – Optional
/Proposed section 9.2.7 of EV Guidelines:/
*Required/Optional:*City and country – Required; Street, state
and postal code – Optional
*-- MOTION ENDS -- *
The review period for this ballot shall commence at 2200 UTC
on XX, and will close at 2200 UTC on XX. Unless the motion is
withdrawn during the review period, the voting period will
start immediately thereafter and will close at 2200 UTC on XX.
Votes must be cast by posting an on-list reply to this thread.
A vote in favor of the motion must indicate a clear 'yes' in
the response. A vote against must indicate a clear 'no' in the
response. A vote to abstain must indicate a clear 'abstain' in
the response. Unclear responses will not be counted. The
latest vote received from any representative of a voting
member before the close of the voting period will be counted.
Voting members are listed here: https://cabforum.org/members/
<https://scanmail.trustwave.com/?c=4062&d=4uLS2LctdUselJfNN_qKqhlUiQGKRBR1RnDgtqpA8A&s=5&u=https%3a%2f%2fcabforum%2eorg%2fmembers%2f>
In order for the motion to be adopted, two thirds or more of
the votes cast by members in the CA category and greater than
50% of the votes cast by members in the browser category must
be in favor. Quorum is currently nine (9) members– at least
nine members must participate in the ballot, either by voting
in favor, voting against, or abstaining.
------------------------------------------------------------------------
This transmission may contain information that is privileged,
confidential, and/or exempt from disclosure under applicable
law. If you are not the intended recipient, you are hereby
notified that any disclosure, copying, distribution, or use of
the information contained herein (including any reliance
thereon) is strictly prohibited. If you received this
transmission in error, please immediately contact the sender
and destroy the material in its entirety, whether in
electronic or hard copy format.
------------------------------------------------------------------------
This transmission may contain information that is privileged,
confidential, and/or exempt from disclosure under applicable
law. If you are not the intended recipient, you are hereby
notified that any disclosure, copying, distribution, or use of
the information contained herein (including any reliance
thereon) is strictly prohibited. If you received this
transmission in error, please immediately contact the sender
and destroy the material in its entirety, whether in
electronic or hard copy format.
------------------------------------------------------------------------
This transmission may contain information that is privileged,
confidential, and/or exempt from disclosure under applicable
law. If you are not the intended recipient, you are hereby
notified that any disclosure, copying, distribution, or use of
the information contained herein (including any reliance
thereon) is strictly prohibited. If you received this
transmission in error, please immediately contact the sender
and destroy the material in its entirety, whether in
electronic or hard copy format.
_______________________________________________
Validation mailing list
Validation at cabforum.org
https://cabforum.org/mailman/listinfo/validation
_______________________________________________
Validation mailing list
Validation at cabforum.org
https://cabforum.org/mailman/listinfo/validation
--
Cordiali saluti,
Adriano Santoni
ACTALIS S.p.A.
(Aruba Group)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20161216/37abe2c3/attachment-0001.html>
More information about the Validation
mailing list