<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=iso-2022-jp"><meta name=Generator content="Microsoft Word 12 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:PMingLiU;
panose-1:2 2 5 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Cambria;
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:"\@PMingLiU";
panose-1:2 2 5 0 0 0 0 0 0 0;}
@font-face
{font-family:"MS PGothic";
panose-1:2 11 6 0 7 2 5 8 2 4;}
@font-face
{font-family:"\@MS PGothic";
panose-1:2 11 6 0 7 2 5 8 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:9.0pt;
font-family:"Cambria","serif";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri","sans-serif";}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
span.a
{mso-style-name:"\8A3B\89E3\65B9\584A\6587\5B57 \5B57\5143";
mso-style-priority:99;
mso-style-link:\8A3B\89E3\65B9\584A\6587\5B57;
font-family:"Cambria","serif";}
p.a0, li.a0, div.a0
{mso-style-name:\8A3B\89E3\65B9\584A\6587\5B57;
mso-style-link:"\8A3B\89E3\65B9\584A\6587\5B57 \5B57\5143";
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri","sans-serif";}
span.EmailStyle22
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EmailStyle23
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle24
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle25
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle26
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle27
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EmailStyle28
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple style='text-justify-trim:punctuation'><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>How about adding the following as a clarification in Section 9.2.4 of the BRs:<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>"Taking into account the optional nature of the Locality and State/Province fields, as specified in Section 9.2.4 (c) and (d) respectively and taking into account the possible use of the user-assigned country code XX as specified in Section 9.2.5, IF the certificate Subject Organization field is populated THEN Locality, State/Province and Country fields MUST also be populated in accordance with the standard postal address conventions within the Applicant's jurisdiction."<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>I think that still keeps the fields as optional when it is indeed correct to do so, but makes it clear that any and all of those fields which are included the official address of the Applicant MUST be included in the certificate.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>Regards,<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>Rich<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'><o:p> </o:p></span></p><div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> public-bounces@cabforum.org [mailto:public-bounces@cabforum.org] <b>On Behalf Of </b>Robin Alden<br><b>Sent:</b> Monday, September 15, 2014 1:05 PM<br><b>To:</b> 'Dean Coclin'; '</span><span lang=JA style='font-size:10.0pt;font-family:"MS PGothic","sans-serif"'>陳立群</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>'; public@cabforum.org<br><b>Subject:</b> Re: [cabfpub] FW: [cabfquest] CP Working Group Participation<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>Hi Dean, Li Chun, <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'> I shall be there for the meeting, and wrote this while travelling.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>It seems to me that although Li Chun has pointed out a valid issue on pages 2 through 6 – that some countries are not separated into states or provinces – I think the suggested modification of the BRs to allow the omission of BOTH localityName and stateOrProvinceName from the subject of a certificate that includes an organizationName in the subject (aka an OV certificate) permits a general reduction in the degree of detail in the subject of an OV certificate which is undesirable.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>The current wording of the BRs and draft Code-signing requirements is already intended to deal with this situation where a stateOrProvinceName is not always available.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>The localityName field is usually used to hold the name of the village, town, or city in which the subject entity resides.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>Two things strike me from this suggested modification:<o:p></o:p></span></p><p class=MsoListParagraph style='text-indent:-.25in'><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>1)</span><span lang=EN-GB style='font-size:7.0pt;font-family:"Times New Roman","serif";color:#1F497D'> </span><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>That some of the countries in the list on page 2 of the PowerPoint document definitely have place names (village/town/city) which fit well into the localityName field; and<o:p></o:p></span></p><p class=MsoListParagraph style='text-indent:-.25in'><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>2)</span><span lang=EN-GB style='font-size:7.0pt;font-family:"Times New Roman","serif";color:#1F497D'> </span><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>That if there are a subset of the countries on page 2 which do not have any internal postal address structure beyond the street address and country code then those countries should be specifically enumerated in the BRs so that we do not unintentionally permit addresses which are more ambiguous than they need to be.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>Another possible means to achieve the desirable aspects of this change might be, in addition to the wording proposed in the slides, to introduce an obligation on the CA to include in an OV certificate the detail (e.g. to include the localityName) where it exists. This would be something that an auditor could test for.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>If I haven’t already made it clear, my concern is that if the BRs were amended as suggested on slides 2 through 6, a CA could issue a certificate with a subject of:<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>O=Smith’s Builders<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>Street=125 Main Street<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>C=US<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'> And claim BR compliance while using a partial address which in many cases would not adequately identify the subject.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>although I have to admit that the BR’s today permit:<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>O=Smith’s Builders<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>Street=125 Main Street<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>L=Springfield<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>C=US<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>which isn’t much better because the STATE is omitted where it should always be present for US addresses.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'>Robin<o:p></o:p></span></p><p class=MsoNormal><a name="_MailEndCompose"></a><span lang=EN-GB style='font-size:11.0pt;color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:11.0pt'>From:</span></b><span style='font-size:11.0pt'> <a href="mailto:public-bounces@cabforum.org">public-bounces@cabforum.org</a> [<a href="mailto:public-bounces@cabforum.org">mailto:public-bounces@cabforum.org</a>] <b>On Behalf Of </b>Dean Coclin<br><b>Sent:</b> 14 September 2014 21:09<br><b>To:</b> <a href="mailto:public@cabforum.org">public@cabforum.org</a><br><b>Subject:</b> [cabfpub] FW: [cabfquest] CP Working Group Participation<o:p></o:p></span></p></div></div><p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>Reposting this to the public list (from member Chungwa Telecom). For discussion at the meeting this week. If anyone who is not attending has comments, please chime in.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'>Thanks,<br>Dean<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> </span><span lang=ZH-TW style='font-size:10.0pt;font-family:"PMingLiU","serif"'>陳立群</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> <br><b>Sent:</b> Sunday, September 14, 2014 8:37 PM<br><b>To:</b> <a href="mailto:ben.wilson@digicert.com">ben.wilson@digicert.com</a>; Dean Coclin<br><b>Cc:</b> </span><span lang=ZH-TW style='font-size:10.0pt;font-family:"PMingLiU","serif"'>王瘢雹文正</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>; <a href="mailto:realsky@cht.com.tw">realsky@cht.com.tw</a>; <a href="mailto:wgh@wosign.com">wgh@wosign.com</a><br><b>Subject:</b> FW: [cabfquest] CP Working Group Participation<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span style='color:blue'>Dear Ben,Dean and Richard <o:p></o:p></span></p><p class=MsoNormal><span style='color:blue'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:blue'> Attached file is about correcting of documents of CA/Browser Forum. Please arrange to discuss it.<o:p></o:p></span></p><p class=MsoNormal><span style='color:blue'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:blue'> I am looking forward to see you soon in Beijing. <o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F497D'> <o:p></o:p></span></p><p class=MsoNormal><span style='color:blue'>Sincerely Yours,<o:p></o:p></span></p><p class=MsoNormal><span style='color:blue'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:blue'> Li-Chun CHEN<o:p></o:p></span></p><p class=MsoNormal style='text-indent:78.0pt'><span style='color:blue'>Engineer<o:p></o:p></span></p><p class=MsoNormal><span style='font-family:"PMingLiU","serif"'><o:p> </o:p></span></p></div></div></body></html>