[cabf_validation] OrganisationIdentifier mandated by ETSI TS 119 495

Wayne Thayer wthayer at mozilla.com
Mon Nov 19 14:35:18 MST 2018


On Thu, Nov 15, 2018 at 2:00 PM Wayne Thayer <wthayer at mozilla.com> wrote:

>
> I would propose that the best solution to OU issue is a ballot that
> clarifies section 9.2.8’s language forbidding subject fields other than
> those listed in section 9.2. If there is consensus, that ballot could also
> explicitly add organizationUnit to section 9.2. My opinion is that we
> should tightly control what information is included in the subject of EV
> certificates, but OU fields - if validated and not misleading - are okay.
>
> Here's a simple proposal for clarifying section 9.2.8 and explicitly
permitting OU:
https://github.com/wthayer/documents/commit/d0b3da38b3a7d950f48661dce5a9f0a0d90b50ae

Comments appreciated.


> Defining a new extension provides a clear path forward for ETSI without
> any CAB Forum dependencies. It also allows the information to be properly
> structured as Ryan described. I would encourage ETSI to adopt this approach
> and to get busy updating 119 495. If ETSI representatives want to continue
> to pursue the use of the organizationIdentifier attribute, I would like to
> request a detailed explanation of why the "new extension" alternative is
> inferior and unworkable.
>
> Four days have gone by without any response to my request for more
information about this **urgent** issue.

- Wayne
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20181119/19c681d8/attachment.html>


More information about the Validation mailing list