[cabf_validation] givenName and surname
kurt at roeckx.be
Fri Jun 10 12:25:05 MST 2016
On Fri, Jun 10, 2016 at 05:36:40PM +0000, Jeremy Rowley wrote:
> Final updates based on discussion. Any other comments before we send this to
> the main list for a vote?
> Insert a new (C) under 220.127.116.11.2, renumbering all subsequent bullets.
> c. Certificate Field: subject:givenName (18.104.22.168) and subject:surname (2.5.
> Contents: If present, the subject:givenName field and subject:surname field
> MUST contain an natural person Subject's name as verified under Section
> 3.2.3. A Certificate containing a subject:givenName field or subject:surname
> field must contain the (22.214.171.124.2.3) Certificate Policy OID.
Should that be a "MUST" instead of "must"?
> d. Certificate Field: Number and street: subject:streetAddress (OID:
> Optional if the subject:organizationName field, subject: givenName
> field, or subject:surname field are is present. Prohibited if the
> subject:organizationName field, subject:givenName, and subject:surname field
> are is absent.
My "are is present" and "are is absent" comment still applies.
> If the Certificate asserts the policy identifier of
> 126.96.36.199.2.1, then it
> MUST NOT include organizationName, givenName, surname,
> localityName, stateOrProvinceName, or postalCode in the Subject
(188.8.131.52.2.1 being Domain Validated)
Add countryName? organizationalUnitName? serialNumber?
Maybe it should instead list the allowed fields, which I think is
More information about the Validation