[Smcwg-public] Sponsored profile overlap
Adriano Santoni
adriano.santoni at staff.aruba.it
Thu Aug 5 09:06:15 UTC 2021
I fully agree with Dimitris.
Thanks,
Adriano
Il 05/08/2021 09:55, Dimitris Zacharopoulos (HARICA) via Smcwg-public ha
scritto:
>
>
> On 5/8/2021 10:39 π.μ., Wiedenhorst, Matthias via Smcwg-public wrote:
>> - Natural person associated with a legal person ("Sponsored")
>> These unsurprisingly already match with the typical subject types and
>> for example also with the definition of possible subject as given in
>> ETSI EN 319 411-1.
>> In my opinion it should be up to the CA whether they want to sell all
>> of these profiles on a retail basis or if some are only available
>> through Enterprise RAs. But maybe in that case, "Sponsored" is not
>> the very best name for that profile anymore...
>
> I shared that same observation at yesterday's call.
>
> One could request a certificate that contains an organization name and
> individual information in the subject, including a validated email
> address. This doesn't need to be "sponsored".
>
> Stephen mentioned that this would fit under the "individual" profile,
> but with a "corporate" flavor.
>
> The responsibility of the CA is to "bind" a key with attributes of a
> specific natural person or legal entity. If the subject of the
> certificate is a "natural person, associated with a legal entity",
> after the CA validates control of a specific email address, the CA
> would need to bind the organization attributes (countryName,
> organizationName, etc) and personal attributes (givenName, surname)
> with the same Applicant.
>
> I had reservations about the "sponsored" title early in our
> discussions because whether it is "sponsored" or not, from a
> certificate profile perspective, is irrelevant. As Matthias pointed
> out, the "sponsored" flavor is more of a "delegation of validation
> duties" issue rather than a certificate profile issue.
>
> The word "Corporate" instead of "Sponsored" and a detailed description
> that it is related to an "Individual associated with an Organization"
> seems preferable.
>
>
> Thanks,
> Dimitris.
> _______________________________________________
> Smcwg-public mailing list
> Smcwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/smcwg-public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20210805/285e0ff4/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4557 bytes
Desc: Firma crittografica S/MIME
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20210805/285e0ff4/attachment.p7s>
More information about the Smcwg-public
mailing list