<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Aug 21, 2017 at 2:10 PM, Doug Beattie <span dir="ltr"><<a href="mailto:doug.beattie@globalsign.com" target="_blank">doug.beattie@globalsign.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">





<div lang="EN-US">
<div class="gmail-m_6843892132555507863WordSection1">
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Should we have SSL or TLS in the name of the document since this does not apply to “All” publicly trusted certificates?
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">'The Baseline Requirements for the Issuance and Management of Publicly-Trusted
<u>SSL</u> Certificates'</span></p></div></div></blockquote><div><br></div><div> So, we haven't called it that (yet), so that'd be renaming it, rather than simply granting the editorial flexibility to correct the name and/or inconsistency that has emerged in other documents. We already renamed it once (Baseline Requirements Certificate Policy) in 1.3.0, except that name didn't fully reflect what was in, and of course, caused a further promulgation of inconsistencies.</div><div><br></div><div>Section 1.1 states "The<span style="white-space:pre">    </span>CP<span style="white-space:pre">   </span>for<span style="white-space:pre">  </span>the<span style="white-space:pre">  </span>Issuance<span style="white-space:pre">     </span>and<span style="white-space:pre">  </span>Management<span style="white-space:pre">   </span>of<span style="white-space:pre">   </span>Publicly‐Trusted<span style="white-space:pre">   </span>Certificates<span style="white-space:pre"> </span>describe<span style="white-space:pre">     </span>a<span style="white-space:pre">    </span>subset<span style="white-space:pre">       </span>of<span style="white-space:pre">   </span>the<span style="white-space:pre">  </span></div><div>requirements<span style="white-space:pre">  </span>that<span style="white-space:pre"> </span>a<span style="white-space:pre">    </span>Certification<span style="white-space:pre">        </span>Authority<span style="white-space:pre">    </span>must<span style="white-space:pre"> </span>meet<span style="white-space:pre"> </span>in<span style="white-space:pre">   </span>order<span style="white-space:pre">        </span>to<span style="white-space:pre">   </span>issue<span style="white-space:pre">        </span>Publicly<span style="white-space:pre">     </span>Trusted<span style="white-space:pre">      </span>Certificates" and "These<span style="white-space:pre">   </span>Requirements<span style="white-space:pre"> </span>only<span style="white-space:pre"> </span>address<span style="white-space:pre">      </span>Certificates<span style="white-space:pre"> </span>intended<span style="white-space:pre">     </span>to<span style="white-space:pre">   </span>be<span style="white-space:pre">   </span>used<span style="white-space:pre"> </span>for<span style="white-space:pre">  </span>authenticating<span style="white-space:pre">       </span>servers<span style="white-space:pre">      </span>accessible<span style="white-space:pre">   </span></div><div>through<span style="white-space:pre">       </span>the<span style="white-space:pre">  </span>Internet.<span style="white-space:pre">            </span>Similar<span style="white-space:pre">      </span>requirements<span style="white-space:pre"> </span>for<span style="white-space:pre">  </span>code<span style="white-space:pre"> </span>signing,<span style="white-space:pre">     </span>S/MIME,<span style="white-space:pre">      </span>time‐stamping,<span style="white-space:pre">     </span>VoIP,<span style="white-space:pre">        </span>IM,<span style="white-space:pre">  </span>Web<span style="white-space:pre">  </span>services,<span style="white-space:pre">    </span></div><div>etc.<span style="white-space:pre">  </span>may<span style="white-space:pre">  </span>be<span style="white-space:pre">   </span>covered<span style="white-space:pre">      </span>in<span style="white-space:pre">   </span>future<span style="white-space:pre">       </span>versions.<span style="white-space:pre">    </span>"</div><div><br></div><div>That said, we could also haggle over SSL, TLS, or SSL/TLS - and then haggle what constitutes an SSL certificate - is it having an EKU? a KU? a SAN of time dNSName or iPAddress?</div><div><br></div><div>These are all good questions to ask, but hopefully we can afford a little flexibility to just correct the documents to align on consistency, and then explore further renaming with the assurance that "someone" (the editor or maintainer) can have the flexibility to correct any issues that come up</div></div></div></div>