<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<br>
I believe this proposal prohibits <i>directoryName </i>values<i> </i>in
the subjectAltName extention. I remember that the intent of the
first version of S/MIME requirements was not to prohibit identity
information to be included in the Certificate Profile.<br>
<br>
Dimitris.<br>
<br>
<br>
<div class="moz-cite-prefix">On 20/11/2020 12:11 π.μ., Stephen
Davidson via Smcwg-public wrote:<br>
</div>
<blockquote type="cite"
cite="mid:DM6PR14MB3018C63C2AF58C3782FB67CBE5E00@DM6PR14MB3018.namprd14.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle20
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
font-family:"Calibri",sans-serif;}size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}</style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">To date our discussion related to email
addresses in S/MIME has been a general reference to rfc822Name
along the lines of:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="margin-left:.5in">Extension ID:
subjectAlternateName<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">Required?:
Yes<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">Critical:
Yes if the subject is an empty sequence; otherwise, SHOULD NOT
be critical<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">Permitted
Value(s): MUST contain at least one rfc822Name value.
MUST NOT contain values of type: dNSName, iPAddress,
uniformResourceIdentifier. otherName values (such as Microsoft
UPN) MAY be included if the value is identical to an
rfc822Name expressed in the SAN extension. Any rfc822Name and
otherName value in the Subject DN must be repeated in the SAN
extension. Each rfc822Name and otherName value must be
verified with publicly documented and audited measures in
accordance with Section 3.2.2.<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in">References:
RFC 5280, Section 4.2.1.6<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">S/MIME and rfc822Name has enjoyed a
proliferation of standards which leads to the question:<o:p></o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraph"
style="margin-left:0in;mso-list:l1 level1 lfo3">Do we wish
to summarise those rules relating to rfc822Name in this
standard or in an informative appendix?<o:p></o:p></li>
<li class="MsoListParagraph"
style="margin-left:0in;mso-list:l1 level1 lfo3">Or do wish
simply to provide a listing of the relevant standards?<o:p></o:p></li>
</ul>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">If the latter, I believe the most relevant
would include RFC 5322 (internet message format, sections
3.2.3 and 3.4.1), RFC 3696 (informational, checking of names),
and RFC 8398 (internationalized email addresses).<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Missing anything? Comments?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Best regards, Stephen<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">RFC 5322: <a
href="https://tools.ietf.org/html/rfc5322"
moz-do-not-send="true">https://tools.ietf.org/html/rfc5322</a><o:p></o:p></p>
<p class="MsoNormal">RFC 3696: <a
href="https://tools.ietf.org/html/rfc3696"
moz-do-not-send="true">https://tools.ietf.org/html/rfc3696</a><o:p></o:p></p>
<p class="MsoNormal">RFC 8398: <a
href="https://tools.ietf.org/html/rfc8398"
moz-do-not-send="true">https://tools.ietf.org/html/rfc8398</a><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Smcwg-public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Smcwg-public@cabforum.org">Smcwg-public@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://lists.cabforum.org/mailman/listinfo/smcwg-public">https://lists.cabforum.org/mailman/listinfo/smcwg-public</a>
</pre>
</blockquote>
<br>
</body>
</html>