<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">
Bonjour,
<div class=""><br class="">
</div>
<div class="">I agree it’s very late for that sort of comments, but here are some anyway.</div>
<div class=""><br class="">
</div>
<div class="">With the proposed text, a certificate could:</div>
<div class="">
<ul class="">
<li class="">have givenName and/or surName attributes, a countryName attribute verified according to 3.2.2.3, no streetAddress/localityName/stateOrProvinceName/postalCode (because 3.2.2.1 is about organizations) despite some of the being mandatory, and have
the policyId 2.23.140.1.2.3; an impossible IV</li><li class="">have givenName and/or surName attributes (and therefore have policyId 2.23.140.1.2.3), an organizationName attribute containing a real org name, a suitable combination of countryName/stateOrProvinceName/localityName/postalCode/streetAddress attributes
for the organization, and a policyId 2.23.140.1.2.2 (in addition to the 1.2.3); this certificate will in a way be OV+IV, and I’m not sure this was intended</li><li class="">have organizationName attribute containing the natural person’s name, but attributes streetAddress/localityName/stateOrProvinceName/postalCode/countryName can’t be filled because 3.2.2.1 is about organizations; again an impossible IV</li></ul>
</div>
<div class=""><br class="">
</div>
<div class="">The idea of allowing givenName+surName in the certificate is fine, but the resulting text won’t be easily enforceable.</div>
<div class=""><br class="">
<div class="">
<div class="">Cordialement,</div>
<div class="">Erwann Abalea</div>
</div>
<br class="">
<div>
<blockquote type="cite" class="">
<div class="">Le 24 août 2016 à 05:18, Jeremy Rowley <<a href="mailto:jeremy.rowley@digicert.com" class="">jeremy.rowley@digicert.com</a>> a écrit :</div>
<br class="Apple-interchange-newline">
<div class="">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)" class="">
<style class=""><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:SimSun;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"\@SimSun";
panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-language:ZH-CN;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:SimSun;
mso-fareast-language:ZH-CN;}
p.line867, li.line867, div.line867
{mso-style-name:line867;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;
mso-fareast-language:ZH-CN;}
p.line862, li.line862, div.line862
{mso-style-name:line862;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;
mso-fareast-language:ZH-CN;}
p.line874, li.line874, div.line874
{mso-style-name:line874;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;
mso-fareast-language:ZH-CN;}
p.line891, li.line891, div.line891
{mso-style-name:line891;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;
mso-fareast-language:ZH-CN;}
span.EmailStyle22
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.apple-converted-space
{mso-style-name:apple-converted-space;}
span.u
{mso-style-name:u;}
span.strike
{mso-style-name:strike;}
span.EmailStyle27
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:285234538;
mso-list-template-ids:782001192;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1
{mso-list-id:1269311636;
mso-list-template-ids:-30480702;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2
{mso-list-id:1501893452;
mso-list-template-ids:-524927578;}
@list l2:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l2:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3
{mso-list-id:1694648446;
mso-list-template-ids:-1284334746;}
@list l3:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level2
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level3
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level5
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level6
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level8
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level9
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div lang="EN-US" link="#0563C1" vlink="#954F72" class="">
<div class="WordSection1">
<p class="line867" style="background:white"><strong class=""><span style="font-family: Arial, sans-serif;" class="">Ballot 17</span></strong><strong class=""><span style="font-family:"Arial",sans-serif" class="">5<span style="" class=""> - Addition of givenName/surname</span></span></strong><o:p class=""></o:p></p>
<p class="line862" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">The following motion has been proposed by Jeremy Rowley of<span class="apple-converted-space"> </span><a href="https://cabforum.org/wiki/DigiCert" class=""><span style="color:gray;border:none windowtext 1.0pt;padding:0in" class="">DigiCert</span></a><span class="apple-converted-space"> </span>and
endorsed by Richard Wang of<span class="apple-converted-space"> </span><a href="https://cabforum.org/wiki/WoSign" class=""><span style="border:none windowtext 1.0pt;padding:0in" class="">WoSign</span></a><span class="apple-converted-space"> </span>and Eddy
Nigg of<span class="apple-converted-space"> </span><a href="https://cabforum.org/wiki/StartCom" class=""><span style="color:gray;border:none windowtext 1.0pt;padding:0in" class="">StartCom</span></a>:<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">Background:<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">The CAB Forum Baseline Requirements theoretically permit use of givenName and surname under Section 7.1.4.2.2. However, the actual language of Section 7.1.4.2.2 ends up prohibiting use of these fields.
This ballot permits use of givenName and surname to identify individuals validated under Section 3.2.5.<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">--Motion Begins--<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">Insert a new (C) under 7.1.4.2.2, renumbering all subsequent bullets.<o:p class=""></o:p></span></p>
<p class="line867" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span class="u"><u class=""><span style="font-family: Arial, sans-serif;" class="">c. Certificate Field: subject:givenName (2.5.4.42) and subject:surname (2.5.4.4)</span></u></span><span style="font-family: Arial, sans-serif;" class=""><o:p class=""></o:p></span></p>
<p class="line891" style="mso-margin-top-alt:3.0pt;margin-right:0in;margin-bottom:3.0pt;margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo2;background:white">
<!--[if !supportLists]--><span style="font-size: 10pt; font-family: Symbol;" class=""><span style="mso-list:Ignore" class="">·<span style="font:7.0pt "Times New Roman"" class="">
</span></span></span><!--[endif]--><span class="u"><u class=""><span style="font-family: Arial, sans-serif;" class="">Optional.</span></u></span><span style="font-family: Arial, sans-serif;" class=""><o:p class=""></o:p></span></p>
<p class="line891" style="mso-margin-top-alt:3.0pt;margin-right:0in;margin-bottom:3.0pt;margin-left:.5in;background:white">
<span class="u"><u class=""><span style="font-family: Arial, sans-serif;" class="">Contents: If present, the subject:givenName field and subject:surname field MUST contain an natural person Subject’s name as verified under Section 3.2.3. A Certificate containing
a subject:givenName field or subject:surname field MUST contain the (2.23.140.1.2.3) Certificate Policy OID.</span></u></span><span style="font-family: Arial, sans-serif;" class=""><o:p class=""></o:p></span></p>
<p class="line867" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span class="u"><u class=""><span style="font-family: Arial, sans-serif;" class="">d.</span></u></span><span class="apple-converted-space"><span style="font-family: Arial, sans-serif;" class=""> </span></span><span style="font-family: Arial, sans-serif;" class="">Certificate
Field: Number and street: subject:streetAddress (OID: 2.5.4.9)<o:p class=""></o:p></span></p>
<p class="line862" style="mso-margin-top-alt:3.0pt;margin-right:0in;margin-bottom:3.0pt;margin-left:.5in;text-indent:-.25in;mso-list:l2 level1 lfo4;background:white">
<!--[if !supportLists]--><span style="font-size: 10pt; font-family: Symbol;" class=""><span style="mso-list:Ignore" class="">·<span style="font:7.0pt "Times New Roman"" class="">
</span></span></span><!--[endif]--><span style="font-family: Arial, sans-serif;" class="">Optional if the subject:organizationName field<span class="u"><u class="">, subject: givenName field, or subject:surname field are</u></span><span class="apple-converted-space"> </span><span class="strike"><s class="">is</s></span><span class="apple-converted-space"> </span>present.
Prohibited if the subject:organizationName field<span class="u"><u class="">, subject:givenName, and subject:surname field are</u></span><span class="apple-converted-space"> </span><span class="strike"><s class="">is</s></span><span class="apple-converted-space"> </span>absent.<o:p class=""></o:p></span></p>
<ul type="disc" class="">
<li class="MsoNormal" style="background-color: white; background-position: initial initial; background-repeat: initial initial;">
<span style="font-family:"Arial",sans-serif" class="">Contents: If present, the subject:streetAddress field MUST contain the Subject’s street address information as verified under Section 3.2.2.1.<o:p class=""></o:p></span></li></ul>
<p class="line867" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span class="u"><u class=""><span style="font-family: Arial, sans-serif;" class="">e.</span></u></span><span class="apple-converted-space"><span style="font-family: Arial, sans-serif;" class=""> </span></span><span style="font-family: Arial, sans-serif;" class="">Certificate
Field: subject:localityName (OID: 2.5.4.7)<o:p class=""></o:p></span></p>
<p class="line862" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">Required if the subject:organizationName field<span class="u"><u class="">, subject:givenName field, or subject:surname field are</u></span><span class="apple-converted-space"> </span><span class="strike"><s class="">is</s></span><span class="apple-converted-space"> </span>present
and the subject:stateOrProvinceName field is absent. Optional if the subject:stateOrProvinceName field and the subject:organizationName field<span class="u"><u class="">, subject:givenName field, or subject:surname field</u></span><span class="apple-converted-space"> </span>are
present. Prohibited if the subject:organizationName field<span class="u"><u class="">, subject:givenName, and subject:surname field are</u></span><span class="apple-converted-space"> </span><span class="strike"><s class="">is</s></span><span class="apple-converted-space"> </span>absent.<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">Contents: If present, the subject:localityName field MUST contain the Subject’s locality information as verified under Section 3.2.2.1. If the subject:countryName field specifies the ISO 3166</span><span style="font-family: 'Cambria Math', serif;" class="">‐</span><span style="font-family: Arial, sans-serif;" class="">1
user</span><span style="font-family: 'Cambria Math', serif;" class="">‐</span><span style="font-family: Arial, sans-serif;" class="">assigned code of XX in accordance with Section 7.1.4.2.2(g), the localityName field MAY contain the Subject’s locality and/or
state or province information as verified under Section 3.2.2.1.<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">f. Certificate Field: subject:stateOrProvinceName (OID: 2.5.4.8)<o:p class=""></o:p></span></p>
<p class="line862" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">Required if the subject:organizationName field field<span class="u"><u class="">, subject:givenName field, or subject:surname field are</u></span><span class="apple-converted-space"> </span><span class="strike"><s class="">is</s></span><span class="apple-converted-space"> </span>present
and the subject:localityName field is absent. Optional if the subject:localityName field and the subject:organizationName field<span class="u"><u class="">, the subject:givenName field, or subject:surname field</u></span><span class="apple-converted-space"> </span>are
present. Prohibited if the subject:organizationName field<span class="u"><u class="">, subject:givenName field , or subject:surname field are</u></span><span class="apple-converted-space"> </span><span class="strike"><s class="">is</s></span><span class="apple-converted-space"> </span>absent.<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">Contents: If present, the subject:stateOrProvinceName field MUST contain the Subject’s state or province information as verified under Section 3.2.2.1. If the subject:countryName field specifies the ISO
3166</span><span style="font-family: 'Cambria Math', serif;" class="">‐</span><span style="font-family: Arial, sans-serif;" class="">1 user</span><span style="font-family: 'Cambria Math', serif;" class="">‐</span><span style="font-family: Arial, sans-serif;" class="">assigned
code of XX in accordance with Section 7.1.4.2.2(g), the subject:stateOrProvinceName field MAY contain the full name of the Subject’s country information as verified under Section 3.2.2.1.<o:p class=""></o:p></span></p>
<p class="line867" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span class="u"><u class=""><span style="font-family: Arial, sans-serif;" class="">g</span></u></span><span style="font-family: Arial, sans-serif;" class="">. Certificate Field: subject:postalCode (OID: 2.5.4.17)<o:p class=""></o:p></span></p>
<p class="line862" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">Optional if the subject:organizationName<span class="u"><u class="">, subject:givenName field, or subject:surname fields are</u></span><span class="apple-converted-space"> </span><span class="strike"><s class="">is</s></span><span class="apple-converted-space"> </span>present.
Prohibited if the subject:organizationName field<span class="u"><u class="">, subject:givenName field, or subject:surname field are</u></span><span class="apple-converted-space"> </span><span class="strike"><s class="">is</s></span><span class="apple-converted-space"> </span>absent.<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">Contents: If present, the subject:postalCode field MUST contain the Subject’s zip or postal information as verified under Section 3.2.2.1.<o:p class=""></o:p></span></p>
<p class="line867" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span class="u"><u class=""><span style="font-family: Arial, sans-serif;" class="">h</span></u></span><span style="font-family: Arial, sans-serif;" class="">. Certificate Field: subject:countryName (OID: 2.5.4.6)<o:p class=""></o:p></span></p>
<p class="line862" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">Required if the subject:organizationName field<span class="u"><u class="">, subject:givenName, or subject:surname field are</u></span><span class="apple-converted-space"> </span><span class="strike"><s class="">is</s></span><span class="apple-converted-space"> </span>present.
Optional if the subject:organizationName field<span class="u"><u class="">, subject:givenName field, and subject:surname field are</u></span><span class="apple-converted-space"> </span><span class="strike"><s class="">is</s></span><span class="apple-converted-space"> </span>absent.<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">Contents: If the subject:organizationName field is present, the subject:countryName MUST contain the two</span><span style="font-family: 'Cambria Math', serif;" class="">‐</span><span style="font-family: Arial, sans-serif;" class="">letter
ISO 3166</span><span style="font-family: 'Cambria Math', serif;" class="">‐</span><span style="font-family: Arial, sans-serif;" class="">1 country code associated with the location of the Subject verified under Section 3.2.2.1. If the subject:organizationName,
subject:givenName field, and subject:surname field are is absent, the subject:countryName field MAY contain the two</span><span style="font-family: 'Cambria Math', serif;" class="">‐</span><span style="font-family: Arial, sans-serif;" class="">letter ISO 3166</span><span style="font-family: 'Cambria Math', serif;" class="">‐</span><span style="font-family: Arial, sans-serif;" class="">1
country code associated with the Subject as verified in accordance with Section 3.2.2.3. If a Country is not represented by an official ISO 3166</span><span style="font-family: 'Cambria Math', serif;" class="">‐</span><span style="font-family: Arial, sans-serif;" class="">1
country code, the CA MAY specify the ISO 3166</span><span style="font-family: 'Cambria Math', serif;" class="">‐</span><span style="font-family: Arial, sans-serif;" class="">1 user</span><span style="font-family: 'Cambria Math', serif;" class="">‐</span><span style="font-family: Arial, sans-serif;" class="">assigned
code of XX indicating that an official ISO 3166</span><span style="font-family: 'Cambria Math', serif;" class="">‐</span><span style="font-family: Arial, sans-serif;" class="">1 alpha</span><span style="font-family: 'Cambria Math', serif;" class="">‐</span><span style="font-family: Arial, sans-serif;" class="">2
code has not been assigned.<o:p class=""></o:p></span></p>
<p class="line867" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span class="u"><u class=""><span style="font-family: Arial, sans-serif;" class="">i</span></u></span><span style="font-family: Arial, sans-serif;" class="">. Certificate Field: subject:organizationalUnitName<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">Optional.<o:p class=""></o:p></span></p>
<p class="line867" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span class="u"><u class=""><span style="font-family: Arial, sans-serif;" class="">Contents</span></u></span><span style="font-family: Arial, sans-serif;" class="">: The CA SHALL implement a process that prevents an OU attribute from including a name, DBA,
tradename, trademark, address, location, or other text that refers to a specific natural person or Legal Entity unless the CA has verified this information in accordance with Section 3.2 and the Certificate also contains subject:organizationName<span class="u"><u class="">,
subject:givenName, subject:surname</u></span>, subject:localityName, and subject:countryName attributes, also verified in accordance with Section 3.2.2.1.<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">7.1.6.1<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">…<o:p class=""></o:p></span></p>
<p class="line862" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">If the Certificate asserts the policy identifier of 2.23.140.1.2.1, then it MUST NOT include organizationName<span class="u"><u class="">, givenName, surname</u></span>, streetAddress, localityName, stateOrProvinceName,
or postalCode in the Subject field.<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">…<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">--Motion Ends--<o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">The review period for this ballot shall commence at 2200 UTC on 24 August 2016, and will close at 2200 UTC on 31 August 2016. Unless the motion is withdrawn during the review period, the voting period will
start immediately thereafter and will close at 2200 UTC on 7 September 2016. Votes must be cast by posting an on-list reply to this thread.<o:p class=""></o:p></span></p>
<p class="line862" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">A vote in favor of the motion must indicate a clear 'yes' in the response. A vote against must indicate a clear 'no' in the response. A vote to abstain must indicate a clear 'abstain' in the response. Unclear
responses will not be counted. The latest vote received from any representative of a voting member before the close of the voting period will be counted. Voting members are listed here:<span class="apple-converted-space"> </span><a href="https://cabforum.org/members/" class=""><span style="border:none windowtext 1.0pt;padding:0in" class="">https://cabforum.org/members/</span></a><o:p class=""></o:p></span></p>
<p class="line874" style="background:white;font-variant-ligatures: normal;font-variant-caps: normal;orphans: 2;text-align:start;widows: 2;-webkit-text-stroke-width: 0px;word-spacing:0px">
<span style="font-family: Arial, sans-serif;" class="">In order for the motion to be adopted, two thirds or more of the votes cast by members in the CA category and greater than 50% of the votes cast by members in the browser category must be in favor. Quorum
is currently ten (10) members– at least ten members must participate in the ballot, either by voting in favor, voting against, or abstaining.<o:p class=""></o:p></span></p>
<p class="MsoNormal"><o:p class=""> </o:p></p>
</div>
</div>
_______________________________________________<br class="">
Public mailing list<br class="">
<a href="mailto:Public@cabforum.org" class="">Public@cabforum.org</a><br class="">
https://cabforum.org/mailman/listinfo/public<br class="">
</div>
</blockquote>
</div>
<br class="">
</div>
</body>
</html>