<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<br>
On 05/08/2013 10:38 PM, From Geoff Keating:
<blockquote
cite="mid:4AB39BE6-BD5C-4E82-A276-D76AA59B2652@apple.com"
type="cite">
<pre wrap="">So, I don't support removing (1) from EV.
I think that (2) should be put in the BRs, perhaps with weakened verification methods for non-EV certificates. Most CA processes should achieve it automatically; the cases where it needs care are those where a large corporation is involved and there's some kind of automated certificate issuance mechanism.
For (3), I don't think we should be the WHOIS police (ICANN is doing that) but I do think that CAs should check that the WHOIS results don't raise any red flags. So I don't think this provision should be removed, and if someone can think of appropriate language, I'd support putting a weakened version of it in the BRs.</pre>
</blockquote>
<br>
Thanks for your input so far, those are good points.<br>
<br>
<div class="moz-signature">
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td colspan="2">Regards </td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td>Signer: </td>
<td>Eddy Nigg, COO/CTO</td>
</tr>
<tr>
<td> </td>
<td><a href="http://www.startcom.org">StartCom Ltd.</a></td>
</tr>
<tr>
<td>XMPP: </td>
<td><a href="xmpp:startcom@startcom.org">startcom@startcom.org</a></td>
</tr>
<tr>
<td>Blog: </td>
<td><a href="http://blog.startcom.org">Join the Revolution!</a></td>
</tr>
<tr>
<td>Twitter: </td>
<td><a href="http://twitter.com/eddy_nigg">Follow Me</a></td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
</tbody>
</table>
</div>
<br>
</body>
</html>