<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
On 05/29/2012 12:30 AM, From Eddy Nigg (StartCom Ltd.):
<blockquote cite="mid:4FC3EE86.4070806@startcom.org" type="cite">
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
Thanks for all for confirming the current EV guidelines and for
the background explanations as well. I believe that it's clear
what the guidelines require - those that think it should be
changed can always suggest an errata for ballot (I doubt this
would go through based on the comments I've seen, but it's the
right of every member to suggest a change).<br>
</blockquote>
<br>
The particular issue which made me start this thread is going to be
solved and the relevant certificate(s) revoked. The particular CA
with which I was in contact also confirmed to me that they'll make
an inventory of any other certs that they might have issued
incorrectly in order to ensure they've followed the guidelines
correctly.<br>
<br>
I want to take this as an opportunity to remind the fellow members
and request to verify and check their issuance practices in respect
to trade names and the correct naming convention. Below a summary of
the responses by some of the software vendors:<br>
<br>
Mozilla (Gerv):<br>
<br>
<blockquote>
<pre wrap="">Going back to the original question: I don't think the guidelines
section 8.1.1 are unclear here. "DBA Name (Real Name)" is what's required.</pre>
</blockquote>
Opera (Yngve):<br>
<br>
<blockquote>
<pre wrap="">IMO his name should be included in the parenthesis. He is Jon Smith Doing
Business as Some Name.
</pre>
</blockquote>
Apple (Geoff):<br>
<br>
<blockquote>
<pre wrap="">I think this means the certificate does need to list the specific owner of the name, otherwise it wouldn't be clear to whom the certificate is issued.</pre>
<pre wrap="">The primary purposes of Extended Validation Certificates are to: 1) identify the legal entity that controls a Web or service site, 2) ...
A DBA is not a 'legal entity', and it is not sufficient to uniquely identify a legal entity. So, you can't have an EV certificate that just contains your DBA because that defeats a primary purpose of EV certificates.</pre>
</blockquote>
<br>
Thank you for your attention!<br>
<br>
<br>
<div class="moz-signature">
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td colspan="2">Regards </td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td>Signer: </td>
<td>Eddy Nigg, COO/CTO</td>
</tr>
<tr>
<td> </td>
<td><a href="http://www.startcom.org">StartCom Ltd.</a></td>
</tr>
<tr>
<td>XMPP: </td>
<td><a href="xmpp:startcom@startcom.org">startcom@startcom.org</a></td>
</tr>
<tr>
<td>Blog: </td>
<td><a href="http://blog.startcom.org">Join the Revolution!</a></td>
</tr>
<tr>
<td>Twitter: </td>
<td><a href="http://twitter.com/eddy_nigg">Follow Me</a></td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
</tbody>
</table>
</div>
<br>
</body>
</html>