[cabf_validation] Subject/Subscriber Relationship in BRs

kirk_hall at trendmicro.com kirk_hall at trendmicro.com
Thu Mar 24 09:02:12 MST 2016


My apologies for missing the call this morning.  Where are we at?  Can we provide an update (and new draft) to the Forum at next Thursday's call?

-----Original Message-----
From: validation-bounces at cabforum.org [mailto:validation-bounces at cabforum.org] On Behalf Of Peter Bowen
Sent: Thursday, March 24, 2016 8:50 AM
To: validation at cabforum.org
Subject: [cabf_validation] Subject/Subscriber Relationship in BRs

As discussed on the call there are several parts of the BRs that either say or strongly imply that the Subject and Subscriber must be the same entity.  If we want to allow them to be different unrelated entities, then several items will need to be changed.

“The Subject is either the Subscriber or a device under the control and operation of the Subscriber.” (BR §1.6.1 “Subject”) This seems very clear.

“Applicant: The natural person or Legal Entity that applies for (or seeks renewal of) a Certificate. Once the Certificate issues, the Applicant is referred to as the Subscriber” (BR §1.6.1 “Applicant”) This makes it clear that the terms Applicant and Subscriber refer to the same entity.

“If the Subject Identity Information is to include the name or address of an organization, the CA SHALL verify the identity and address of the organization and that the address is the Applicant’s (Subscriber’s) address of existence or operation.” (BR §3.2.2.1) The Applicant/Subscriber and Subject have to share a postal address.

“If the Subject Identity Information is to include a DBA or tradename, the CA SHALL verify the Applicant’s (Subscriber’s) right to use the DBA/tradename” (BR §3.2.2.2) “the CA implemented a procedure for verifying that the Subject authorized the issuance of the Certificate and that the Applicant (Subscriber) Representative is authorized to request the Certificate on behalf of the Subject” (BR §9.6.1 #2) I think this is neutral  — Company A could authorize Company B to use their name to get a certificate


_______________________________________________
Validation mailing list
Validation at cabforum.org
https://cabforum.org/mailman/listinfo/validation

<table class="TM_EMAIL_NOTICE"><tr><td><pre>
TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
</pre></td></tr></table>


More information about the Validation mailing list