[cabf_validation] OrganisationIdentifier mandated by ETSI TSt119 495

Wayne Thayer wthayer at mozilla.com
Tue Nov 20 17:13:12 MST 2018


There are no standards for verifying arbitrary subject attributes, so each
CA will make up their own policies and the information in those fields will
be inconsistent, at best.

On Tue, Nov 20, 2018 at 5:04 PM Jeremy Rowley <jeremy.rowley at digicert.com>
wrote:

> The level of verification is different.  As long as all information is
> verified to the relevant standard, what's the risk of including additional
> subject fields?
> ------------------------------
> *From:* Wayne Thayer <wthayer at mozilla.com>
> *Sent:* Tuesday, November 20, 2018 4:02:54 PM
> *To:* Jeremy Rowley
> *Cc:* CA/Browser Forum Validation WG List; Ryan Sleevi; Doug Beattie
> *Subject:* Re: [cabf_validation] OrganisationIdentifier mandated by ETSI
> TSt119 495
>
> By that logic, OV certs are as good as EV - the information is all
> verified.
>
> On Tue, Nov 20, 2018 at 3:49 PM Jeremy Rowley <jeremy.rowley at digicert.com>
> wrote:
>
>> Why is it dangerous? These are subject fields. What's the risk in
>> permitting them of they are verified?
>> ------------------------------
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20181120/0387a77c/attachment.html>


More information about the Validation mailing list