[cabf_validation] [EXTERNAL] Draft Ballot SCXX: Improve OU validation requirements

Dimitris Zacharopoulos (HARICA) dzacharo at harica.gr
Mon Nov 23 23:33:52 MST 2020

On 24/11/2020 12:34 π.μ., Ryan Sleevi wrote:
>     To use an example, if a CA were to define in its CP/CPS an
>     extension that follows exactly the description of the
>     /cabfOrganizationIdentifier/ as described in section 9.8.2 of the
>     EV Guidelines (my previous example was flawed), describe the same
>     EVG validation rules for that extension and include this extension
>     in an OV Certificate, wouldn't that be compliant with the BRs?
> No, not inherently.

I'm sorry for being confused with this response, I was expecting a "yes" 
because for this example we have documented CABF agreed validation 
rules, which should unambiguously meet all of BRs requirements. 
Which part, in your opinion, doesn't fulfill the section? I 
think it is important to understand this point because if this example 
doesn't fulfill BRs for custom extensions, I don't know what will.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/validation/attachments/20201124/107d1844/attachment.html>

More information about the Validation mailing list