<div dir="ltr">These certificates are only intended to "secure" Public Administrations website (SSL) in Spain. But if we (Spanish TSPs) are not be able to get de BR seal, how is it supposed to have a secure connection without warnings when Public Administrations use this certificates?<div><br></div><div>Thanks in advance,</div><div><br></div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><table style="font-family:arial;font-size:small"><tbody><tr><td><br></td><td style="color:rgb(153,153,153)"><p><font face="Arial"><b>Chema López González<br>Director Área de Innovación, Cumplimiento y Tecnología<br>AC Firmaprofesional S.A.<br></b></font></p></td></tr><tr><td><br></td><td><br><span style="color:rgb(153,153,153);font-family:Arial">Av. Torre Blanca, 57.</span> <br><font color="#999999" style="color:rgb(153,153,153)"><span style="font-family:Arial">Edificio ESADECREAPOLIS - 1B13</span><br></font><blockquote style="padding:0px;border-style:none;margin:0px 0px 0px 40px"></blockquote><span style="color:rgb(153,153,153);font-family:Arial"><div style="text-align:-webkit-auto">08173 Sant Cugat del Vallès. Barcelona.</div></span><div style="text-align:-webkit-auto"><font color="#999999">Tel: </font><a value="+34934774245" style="color:rgb(17,85,204)">93.477.42.45</a><font color="#999999"> /</font><font color="#3333ff"> <a style="color:rgb(17,85,204)">666.429.224</a></font></div></td></tr></tbody></table><br style="font-family:arial;font-size:small"><div style="font-family:arial;font-size:small">El contenido de este mensaje y de sus anexos es confidencial. Si no es el destinatario, le hacemos saber que está prohibido utilizarlo, divulgarlo y/o copiarlo sin tener la autorización correspondiente. Si ha recibido este mensaje por error, le agradeceríamos que lo haga saber inmediatamente al remitente y que proceda a destruir el mensaje.</div></div></div></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On 7 July 2016 at 16:49, Moudrick M. Dadashov <span dir="ltr"><<a href="mailto:md@ssc.lt" target="_blank">md@ssc.lt</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<p>Thanks, Chema, that also means that those certificates have
limited usage context (see ETSI certificate profile standards).</p>
<p>But even in that case its unfortunate that EU CAs have to
maintain both (ETSI and CAB Forum) certificate profile
specifications.</p>
<p>Thanks,</p>
<p>M.D. <br>
</p><div><div class="h5">
<br>
<div>On 7/7/2016 9:45 AM, Chema Lopez wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Yes, they remain valid. There is not legal
constrain regarding this July 1st to remain valid.
<div><br>
</div>
<div> </div>
</div>
<div class="gmail_extra"><br clear="all">
<div>
<div data-smartmail="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<table style="font-family:arial;font-size:small">
<tbody>
<tr>
<td><br>
</td>
<td style="color:rgb(153,153,153)">
<p><font face="Arial"><b>Chema López
González<br>
Director Área de Innovación,
Cumplimiento y Tecnología<br>
AC Firmaprofesional S.A.<br>
</b></font></p>
</td>
</tr>
<tr>
<td><br>
</td>
<td><br>
<span style="color:rgb(153,153,153);font-family:Arial">Av.
Torre Blanca, 57.</span> <br>
<font style="color:rgb(153,153,153)" color="#999999"><span style="font-family:Arial">Edificio
ESADECREAPOLIS - 1B13</span><br>
</font><span style="color:rgb(153,153,153);font-family:Arial">
<div style="text-align:-webkit-auto">08173
Sant Cugat del Vallès. Barcelona.</div>
</span>
<div style="text-align:-webkit-auto"><font color="#999999">Tel: </font><a value="+34934774245" style="color:rgb(17,85,204)">93.477.42.45</a><font color="#999999"> /</font><font color="#3333ff"> <a style="color:rgb(17,85,204)">666.429.224</a></font></div>
</td>
</tr>
</tbody>
</table>
<br style="font-family:arial;font-size:small">
<div style="font-family:arial;font-size:small">El
contenido de este mensaje y de sus anexos es
confidencial. Si no es el destinatario, le
hacemos saber que está prohibido utilizarlo,
divulgarlo y/o copiarlo sin tener la
autorización correspondiente. Si ha recibido
este mensaje por error, le agradeceríamos
que lo haga saber inmediatamente al
remitente y que proceda a destruir el
mensaje.</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<div class="gmail_quote">On 7 July 2016 at 02:06, Moudrick M.
Dadashov <span dir="ltr"><<a href="mailto:md@ssc.lt" target="_blank">md@ssc.lt</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<p>Are those certificates remain valid after the July 1st?</p>
<p>Thanks,</p>
<p>M.D.<br>
</p>
<div>
<div> <br>
<div>On 7/6/2016 11:55 PM, Dean Coclin wrote:<br>
</div>
</div>
</div>
<blockquote type="cite">
<div>
<div>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">I
recall there being some discussion on another
list about this (perhaps Mozilla) and maybe
others that follow that could comment.</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"> </span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d">If
you want to bring this up on the CABF call,
please let me know. Unfortunately this week’s
agenda is full but we could schedule it for 2
weeks from now.</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"><br>
Thanks<br>
Dean</span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1f497d"> </span></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> <a href="mailto:public-bounces@cabforum.org" target="_blank"></a><a href="mailto:public-bounces@cabforum.org" target="_blank">public-bounces@cabforum.org</a>
[<a href="mailto:public-bounces@cabforum.org" target="_blank">mailto:public-bounces@cabforum.org</a>]
<b>On Behalf Of </b>Chema Lopez<br>
<b>Sent:</b> Wednesday, June 29, 2016 1:34 PM<br>
<b>To:</b> <a href="mailto:public@cabforum.org" target="_blank">public@cabforum.org</a><br>
<b>Subject:</b> [cabfpub] SAN private
extensions pursuant specific SSL/EV Spanish
ruled profile</span></p>
<p class="MsoNormal"> </p>
<div>
<p class="MsoNormal">Dear all.</p>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">There was a law in Spain
that regulates the profile for some specific
certificates, i.e.:</p>
</div>
<div>
<ol start="1" type="1">
<li class="MsoNormal">Civil Servant or
Public Employee (natural person
certificate)</li>
<li class="MsoNormal">Electronic Seal for
Automated Administrative Action</li>
<li class="MsoNormal">Electronic Office
Certificate (SSL or EV for Public
Administrations)</li>
</ol>
<div>
<p class="MsoNormal">You can find the
profiles attached (unfortunately only in
Spanish).</p>
</div>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">The problem is that these
profiles required private extensions in the
SAN, and this conflicts BR and EV
Guidelines. At least, crt.sh shows this
extensions as an error. See the private
extensions below.</p>
</div>
<div>
<p class="MsoNormal"><img src="cid:part7.576164EC.F08E1020@ssc.lt" alt="Inline images 1" height="183" width="544"></p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">This law has been
repealed recently and the new one does not
require this extensions but, how do we,
Spanish TSP, handle the SSL and EV
certificates issued following the previous
law? In my opinion, an exception needs to be
added.</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">Thanks in advance for
your comments.</p>
</div>
<div>
<p class="MsoNormal"> </p>
</div>
<div>
<p class="MsoNormal">Best regards,</p>
</div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<table border="0" cellpadding="0">
<tbody>
<tr>
<td style="padding:.75pt .75pt .75pt .75pt"><br>
</td>
<td style="padding:.75pt .75pt .75pt .75pt">
<p><b><span style="font-family:"Arial",sans-serif;color:#999999">Chema
López González<br>
Director Área
de Innovación,
Cumplimiento y
Tecnología<br>
AC
Firmaprofesional
S.A.</span></b><span style="font-family:"Arial",sans-serif;color:#999999"></span></p>
</td>
</tr>
<tr>
<td style="padding:.75pt .75pt .75pt .75pt"><br>
</td>
<td style="padding:.75pt .75pt .75pt .75pt">
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif"><br>
<span style="color:#999999">Av.
Torre Blanca,
57.</span> <br>
<span style="color:#999999">Edificio
ESADECREAPOLIS
- 1B13</span></span></p>
<div>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#999999">08173
Sant Cugat del
Vallès.
Barcelona.</span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif;color:#999999">Tel: </span><span style="font-family:"Arial",sans-serif"><a href="tel:93.477.42.45" value="+34934774245" target="_blank">93.477.42.45</a><span style="color:#999999"> /</span><span style="color:#3333ff"> <a href="tel:666.429.224" value="+34666429224" target="_blank">666.429.224</a></span></span></p>
</div>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"> </p>
<div>
<p class="MsoNormal"><span style="font-family:"Arial",sans-serif">El contenido de este
mensaje y de sus
anexos es
confidencial. Si no es
el destinatario, le
hacemos saber que está
prohibido utilizarlo,
divulgarlo y/o
copiarlo sin tener la
autorización
correspondiente. Si ha
recibido este mensaje
por error, le
agradeceríamos que lo
haga saber
inmediatamente al
remitente y que
proceda a destruir el
mensaje.</span></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div>
</div>
<pre>_______________________________________________
Public mailing list
<a href="mailto:Public@cabforum.org" target="_blank">Public@cabforum.org</a>
<a href="https://cabforum.org/mailman/listinfo/public" target="_blank">https://cabforum.org/mailman/listinfo/public</a>
</pre>
</blockquote>
<br>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</div></div></div>
</blockquote></div><br></div>