<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<br>
<br>
<div class="moz-cite-prefix">On 18/2/2021 6:25 μ.μ., Wendy Brown -
QT3LB-C via Smcwg-public wrote:<br>
</div>
<blockquote type="cite"
cite="mid:01000177b5f592f6-bb681f57-da13-4f29-be77-044595f39b01-000000@email.amazonses.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">also could a single validation of the email address
be used for issuance of both the signature & encryption
certs in the case of the dual certs vs single cert case?<br
clear="all">
</div>
</blockquote>
<br>
That makes perfect sense to me.<br>
<br>
Validations in general should be allowed to be reused as it is
allowed in other Certificate types. <br>
<br>
<br>
Dimitris.<br>
<br>
<blockquote type="cite"
cite="mid:01000177b5f592f6-bb681f57-da13-4f29-be77-044595f39b01-000000@email.amazonses.com">
<div dir="ltr">
<div>
<div dir="ltr" class="gmail_signature"
data-smartmail="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<p><span style="font-family:"Segoe
Script",sans-serif">Wendy</span></p>
<p><span style="font-size:12.8px">Wendy
Brown<br>
</span><span style="font-size:12.8px">Supporting
GSA FPKI<br>
</span><span style="font-size:12.8px">Protiviti
Government
Services</span></p>
<p> 703-965-2990 (cell)</p>
<p><a href="mailto:wendy.brown@gsa.gov"
style="font-size:12.8px"
target="_blank" moz-do-not-send="true">wendy.brown@gsa.gov</a><br>
<a
href="mailto:wendy.brown@protiviti.com"
style="font-family:Calibri,sans-serif"
target="_blank" moz-do-not-send="true">wendy.brown@protiviti.com</a></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Thu, Feb 18, 2021 at 10:54
AM Doug Beattie via Smcwg-public <<a
href="mailto:smcwg-public@cabforum.org"
moz-do-not-send="true">smcwg-public@cabforum.org</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div style="overflow-wrap: break-word;" lang="EN-US">
<div class="gmail-m_9096286012020023584WordSection1">
<p class="MsoNormal">Hi Stephen,</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">I’m not sure I agree with this
statement in section 3.2.2.2.2 Validating control over
email address via email</p>
<p class="MsoNormal"> </p>
<ul style="margin-top:0in" type="disc">
<li class="gmail-m_9096286012020023584MsoListParagraph"
style="margin-left:0in">Completed validations of
Applicant control over the email address must be
performed <u>for each Certificate issuance</u>.</li>
</ul>
<p class="MsoNormal"> </p>
<p class="MsoNormal">I’d like to permit re-use of that
validation over and over for the re-use period for that
subscriber if possible. Is there a reason we preclude
that? For example, an email gateway provider might
validate this email address and then want to replace
certificates more frequently than 397 days, but this
would require emails to the email box to act on that.</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Doug</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal"> </p>
<div>
<div
style="border-right:none;border-bottom:none;border-left:none;border-top:1pt
solid rgb(225,225,225);padding:3pt 0in 0in">
<p class="MsoNormal"><b>From:</b> Smcwg-public <<a
href="mailto:smcwg-public-bounces@cabforum.org"
target="_blank" moz-do-not-send="true">smcwg-public-bounces@cabforum.org</a>>
<b>On Behalf Of </b>Stephen Davidson via
Smcwg-public<br>
<b>Sent:</b> Wednesday, February 17, 2021 6:02 PM<br>
<b>To:</b> SMIME Certificate Working Group <<a
href="mailto:smcwg-public@cabforum.org"
target="_blank" moz-do-not-send="true">smcwg-public@cabforum.org</a>><br>
<b>Subject:</b> [Smcwg-public] Methods for email
verification</p>
</div>
</div>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Hello all:</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Following our discussion on the call
today, I attach draft text for section 3.2.2.2 of the
SMIME BR (SBR) that deals with 1) Validating authority
over email address via domain and 2) Validating control
over email address via email.</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">It aims to fulfill the requirements
of the Mozilla policy. It includes comments with some
questions that require further discussion. Additional
methods can be addressed in future versions of the SBR.</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Many thanks for Doug and Sebastian at
GlobalSign for their help in drafting this. We’ll
discuss this in a future meeting, but feel free to also
provide feedback here.</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Many thanks, Stephen</p>
</div>
</div>
_______________________________________________<br>
Smcwg-public mailing list<br>
<a href="mailto:Smcwg-public@cabforum.org" target="_blank"
moz-do-not-send="true">Smcwg-public@cabforum.org</a><br>
<a
href="https://lists.cabforum.org/mailman/listinfo/smcwg-public"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://lists.cabforum.org/mailman/listinfo/smcwg-public</a><br>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Smcwg-public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Smcwg-public@cabforum.org">Smcwg-public@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://lists.cabforum.org/mailman/listinfo/smcwg-public">https://lists.cabforum.org/mailman/listinfo/smcwg-public</a>
</pre>
</blockquote>
<br>
</body>
</html>