[cabf_validation] Proposed Update to EV to include OrganisationIdentifier as per ETSI standard
Dimitris Zacharopoulos
jimmy at it.auth.gr
Mon Jun 11 09:47:48 MST 2018
On 11/6/2018 7:32 μμ, Ryan Sleevi wrote:
>
>> 2) For the ETSI case, it doesn't prevent other organizations for
>> issuing in this in a way that can be seen as confusing/misleading
>
> I do not agree with this interpretation. It is no more
> "confusing/misleading" than the serialNumber attribute. For
> Subscribers that want to abide by some kind of regulation that
> requires the organizationIdentifier field to be completed in a
> semantic-specific way, the associated TSP will know how to encode
> this information in the Certificate. IMHO there is no need to add
> more complex rules (like describing the entire ETSI qcStatements
> requirements) in the EV guidelines. A simple reference to the
> relevant ETSI documents and a "MAY", should be sufficient.
>
>
> Except the serialNumber has a defined context to disambiguate, as was
> also pointed out in the F2F - namely, that jurisdictionOfIncorporation
> serves to disambiguate the context of the serialNumber is an
> extensible and unambiguous way that is unified.
I can now see clearer the concerns you raised related to the
serialNumber. Even though the serialNumber field doesn't contain
specific semantics, its combination with the jurisdictionOfIncorporation
fields disambiguate the information. If we leave the
organizationIdentifier without semantics, we create the same problem.
Makes more sense now and can see the clear preference of mr. Pope's
proposal.
Thanks for your patience and this nice discussion :)
Dimitris.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20180611/ff345a0d/attachment.html>
More information about the Validation
mailing list