<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Courier;
panose-1:2 7 4 9 2 2 5 2 4 4;}
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:"Yu Gothic";
panose-1:2 11 4 0 0 0 0 0 0 0;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:"Segoe UI";
panose-1:2 11 5 2 4 2 4 2 2 3;}
@font-face
{font-family:"\@Yu Gothic";
panose-1:2 11 4 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
code
{mso-style-priority:99;
font-family:"Courier New";}
pre
{mso-style-priority:99;
mso-style-link:"HTML con formato previo Car";
margin:0cm;
font-size:10.0pt;
font-family:"Courier New";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.HTMLconformatoprevioCar
{mso-style-name:"HTML con formato previo Car";
mso-style-priority:99;
mso-style-link:"HTML con formato previo";
font-family:Consolas;}
span.EstiloCorreo29
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1090931777;
mso-list-type:hybrid;
mso-list-template-ids:546201756 -1111482688 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
{mso-level-start-at:0;
mso-level-number-format:bullet;
mso-level-text:-;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-font-family:"Yu Gothic";}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:"Courier New";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:"Courier New";}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:"Courier New";}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-18.0pt;
font-family:Wingdings;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="ES" link="#0563C1" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-US">Hello,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">The use of ‘GE’ (Government Entity) followed by the character ‘:’ (colon) instead of the use of ‘GOV’ would be compliant with the European Regulation UE 910/2014.
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Option:<o:p></o:p></span></p>
<pre style="margin-left:35.4pt"><code><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm">* For Government Entities, the CA SHALL enter the Registration Scheme identifier ‘<b>GE</b>’</span></code><span lang="EN-US" style="color:#24292F;border:none windowtext 1.0pt;padding:0cm"> followed by the </span><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm">2 character ISO 3166 country code for the nation in which the Government Entity is located. If the Government Entity is verified at a subdivision (state or province) level, then a plus "+" (0x2B (ASCII), U+002B (UTF-8)) followed by a 2 character ISO 3166-2 identifier for the subdivision is added.</span><code><span style="font-family:Consolas"><o:p></o:p></span></code></pre>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">The European Regulation defines into the European Norm ETSI EN 319 412-1 the semantic for the organizationIdentifier for natural and legal persons.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">The legal person semantic is defined as:<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="EN-US" style="font-size:14.0pt;font-family:"Arial",sans-serif">5.1.4 Legal person semantics identifier<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">The semantics of
</span><span lang="EN-US" style="font-size:9.0pt;font-family:Courier">id-etsi-qcs-SemanticsId-Legal
</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">shall be as follows.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">When the legal person semantics identifier is included, any present
</span><span lang="EN-US" style="font-size:9.0pt;font-family:Courier">organizationIdentifier
</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">attribute in the subject<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">field shall contain information using the following structure in the presented order:<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span style="font-size:10.0pt;font-family:Symbol">-
</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">3 character legal person identity type reference;<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span style="font-size:10.0pt;font-family:Symbol">-
</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">2 character ISO 3166-1 [2] country code;<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span style="font-size:10.0pt;font-family:Symbol">-
</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">hyphen-minus "-" (0x2D (ASCII), U+002D (UTF-8)); and<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span style="font-size:10.0pt;font-family:Symbol">-
</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">identifier (according to country and identity type reference).<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">The three initial characters shall have one of the following defined values:<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">1) "VAT" for identification based on a national value added tax identification number.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">2) "NTR" for identification based on an identifier from a national trade register.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">3) "PSD" for identification based on national authorization number of a payment service provider under<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="FR" style="font-size:10.0pt;font-family:"Times New Roman",serif">Payments Services Directive (EU) 2015/2366 [i.13].
</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">This shall use the extended structure as defined in ETSI TS 119 495 [3], clause 5.2.1.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">4) "LEI" for a global Legal Entity Identifier as specified in ISO 17442 [4]. The 2 character ISO 3166-1 [2] country
code shall be set to 'XG'.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">5) Two characters according to local definition within the specified country and name registration authority,
identifying a national scheme that is considered appropriate for national and European level, followed by the character ":" (colon).<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">Other initial character sequences are reserved for future amendments of the present document. In case "VAT" legal
person identity type reference is used in combination with the "EU" transnational country code, the identifier value should comply with Council Directive 2006/112/EC [i.12], article 215.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">EXAMPLES: "VATBE-0876866142" and "EI:SE-5567971433".<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt;text-autospace:none"><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">When a locally defined identity type reference is provided (two characters followed by ":"), the
</span><span lang="EN-US" style="font-size:9.0pt;font-family:Courier">nameRegistrationAuthorities
</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">element of
</span><span lang="EN-US" style="font-size:9.0pt;font-family:Courier">SemanticsInformation
</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">(IETF RFC 3739 [1]) shall be present and shall contain at least a
</span><span lang="EN-US" style="font-size:9.0pt;font-family:Courier">uniformResourceIdentifier generalName</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">. The two letter identity type reference following the ":" character
shall be unique within the context of the specified </span><span lang="EN-US" style="font-size:9.0pt;font-family:Courier">uniformResourceIdentifier</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif">.</span><span lang="EN-US">
</span><span lang="EN-US" style="font-size:10.0pt;font-family:"Times New Roman",serif"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Best Regards<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Juan Ángel<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b>De:</b> Smcwg-public <smcwg-public-bounces@cabforum.org> <b>
En nombre de </b>Stephen Davidson via Smcwg-public<br>
<b>Enviado el:</b> martes, 9 de agosto de 2022 15:27<br>
<b>Para:</b> Corey Bonnell <Corey.Bonnell@digicert.com>; SMIME Certificate Working Group <smcwg-public@cabforum.org>; Tim Hollebeek <tim.hollebeek@digicert.com>; Adriano Santoni <adriano.santoni@staff.aruba.it><br>
<b>Asunto:</b> Re: [Smcwg-public] [External Sender] Re: OrganizationIdentifier for Gov and Treaty Orgs<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span lang="EN-US">Currently the text in 7.1.4.2.2 (d) says:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p style="mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;background:white">
<strong><span lang="EN-US" style="font-size:12.0pt;font-family:"Segoe UI",sans-serif;color:#24292F">Note 2</span></strong><span lang="EN-US" style="font-size:12.0pt;font-family:"Segoe UI",sans-serif;color:#24292F">: For the following types of entities that
do not have an identifier from the Registration Schemes listed in <a href="https://github.com/cabforum/smime/blob/preSBR/SBR.md#appendix-a---registration-schemes">Appendix A</a>:<o:p></o:p></span></p>
<pre style="background:white;box-sizing: border-box;overflow-wrap: normal;background-color:var(--color-canvas-subtle);border-radius: 6px;overflow:auto"><code><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm">* For Government Entities, the CA SHALL enter the text `Government Entity`.</span></code><code><span style="font-family:Consolas;border:none windowtext 1.0pt;padding:0cm"><o:p></o:p></span></code></pre>
<pre style="background:white"><code><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm">* For International Organization Entities, the CA SHALL enter the text `International Organization Entity`. An International Organization Entity is founded by a constituent document, e.g., a charter, treaty, convention or similar document, signed by, or on behalf of, a minimum of two Sovereign State governments.</span></code><o:p></o:p></pre>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p style="mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;background:white">
<span lang="EN-US" style="color:black">An option would be to change that text to:</span><span lang="EN-US"><o:p></o:p></span></p>
<p style="mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:12.0pt;margin-left:0cm;background:white">
<strong><span lang="EN-US" style="font-size:12.0pt;font-family:"Segoe UI",sans-serif;color:#24292F">Note 2</span></strong><span lang="EN-US" style="font-size:12.0pt;font-family:"Segoe UI",sans-serif;color:#24292F">: For the following types of entities that
do not have an identifier from the Registration Schemes listed in <a href="https://github.com/cabforum/smime/blob/preSBR/SBR.md#appendix-a---registration-schemes">Appendix A</a>:<o:p></o:p></span></p>
<pre style="box-sizing: border-box;overflow-wrap: normal;background-color:var(--color-canvas-subtle);border-radius: 6px;overflow:auto"><code><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm">* For Government Entities, the CA SHALL enter the Registration Scheme identifier ‘GOV’</span></code><span lang="EN-US" style="color:#24292F;border:none windowtext 1.0pt;padding:0cm"> followed by the </span><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm">2 character ISO 3166 country code for the nation in which the Government Entity is located. If the Government Entity is verified at a subdivision (state or province) level, then a plus "+" (0x2B (ASCII), U+002B (UTF-8)) followed by a 2 character ISO 3166-2 identifier for the subdivision is added.</span><code><span style="font-family:Consolas"><o:p></o:p></span></code></pre>
<pre style="background:white"><code><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm">* For International Organization Entities, the CA SHALL enter the Registration Scheme identifier ‘INTORG’</span></code><span lang="EN-US" style="color:#24292F;border:none windowtext 1.0pt;padding:0cm"> followed by the </span><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm">ISO 3166 code "XG". <code><span style="font-family:Consolas">An International Organization Entity is founded by a constituent document, e.g., a charter, treaty, convention or similar document, signed by, or on behalf of, a minimum of two Sovereign State governments.</span></code></span><o:p></o:p></pre>
<pre><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm"><o:p> </o:p></span></pre>
<pre><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm">For example:<o:p></o:p></span></pre>
<pre><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm">* GOVUS (Government Entity, United States)<o:p></o:p></span></pre>
<pre><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm">* GOVUS+CA (Government Entity, United States - California)<o:p></o:p></span></pre>
<pre><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm">* <code><span style="font-family:Consolas">INTORG</span></code>XG (<code><span style="font-family:Consolas">International Organization</span></code>)<o:p></o:p></span></pre>
<pre><span lang="EN-US" style="font-family:Consolas;color:#24292F;border:none windowtext 1.0pt;padding:0cm"><o:p> </o:p></span></pre>
<pre><span lang="EN-US" style="font-family:Consolas;color:#24292F">Thoughts?<o:p></o:p></span></pre>
<pre><span lang="EN-US" style="font-family:Consolas;color:#24292F">Regards, Stephen<o:p></o:p></span></pre>
<pre><span lang="EN-US" style="font-family:Consolas;color:#24292F"><o:p> </o:p></span></pre>
<pre><span lang="EN-US" style="font-family:Consolas;color:#24292F"><o:p> </o:p></span></pre>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Smcwg-public <<a href="mailto:smcwg-public-bounces@cabforum.org">smcwg-public-bounces@cabforum.org</a>>
<b>On Behalf Of </b>Corey Bonnell via Smcwg-public<br>
<b>Sent:</b> Tuesday, August 9, 2022 8:11 AM<br>
<b>To:</b> Tim Hollebeek <<a href="mailto:tim.hollebeek@digicert.com">tim.hollebeek@digicert.com</a>>; SMIME Certificate Working Group <<a href="mailto:smcwg-public@cabforum.org">smcwg-public@cabforum.org</a>>; Adriano Santoni <<a href="mailto:adriano.santoni@staff.aruba.it">adriano.santoni@staff.aruba.it</a>><br>
<b>Subject:</b> Re: [Smcwg-public] [External Sender] Re: OrganizationIdentifier for Gov and Treaty Orgs<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">We use “XG” to denote a Registration Scheme that is employed globally. Perhaps we can co-opt that for International Orgs.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Tim Hollebeek <<a href="mailto:tim.hollebeek@digicert.com">tim.hollebeek@digicert.com</a>>
<br>
<b>Sent:</b> Friday, August 5, 2022 11:27 AM<br>
<b>To:</b> Corey Bonnell <<a href="mailto:Corey.Bonnell@digicert.com">Corey.Bonnell@digicert.com</a>>; SMIME Certificate Working Group <<a href="mailto:smcwg-public@cabforum.org">smcwg-public@cabforum.org</a>>; Adriano Santoni <<a href="mailto:adriano.santoni@staff.aruba.it">adriano.santoni@staff.aruba.it</a>><br>
<b>Subject:</b> RE: [Smcwg-public] [External Sender] Re: OrganizationIdentifier for Gov and Treaty Orgs<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">This is an interesting idea, and I like the fact that the disambiguation information is in a defined format and in a place that’s consistent with how we handle “normal” organizations, but how would it be extended to work
for international organizations? Just use something like “INTORG” for them? Or do we require naming of at least one valid jurisdictions (the requirements require two, so one is always available), like “INTORG+US”? Do we care that NORAD could be encoded
as “INTORG+CA” as well, violating encoding uniqueness? Do we go for “INTORG+US,CA” (probably not, the orgIDs are complicated enough already).<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I think just “INTORG” is probably fine, as hopefully names of international organizations are more likely to be globally unique, unlike things like “Ministry of Finance” which is likely to exist in many countries and
needs disambiguation.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">-Tim<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0cm 0cm 0cm 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Smcwg-public <<a href="mailto:smcwg-public-bounces@cabforum.org">smcwg-public-bounces@cabforum.org</a>>
<b>On Behalf Of </b>Corey Bonnell via Smcwg-public<br>
<b>Sent:</b> Friday, August 5, 2022 9:21 AM<br>
<b>To:</b> Adriano Santoni <<a href="mailto:adriano.santoni@staff.aruba.it">adriano.santoni@staff.aruba.it</a>>; SMIME Certificate Working Group <<a href="mailto:smcwg-public@cabforum.org">smcwg-public@cabforum.org</a>><br>
<b>Subject:</b> Re: [Smcwg-public] [External Sender] Re: OrganizationIdentifier for Gov and Treaty Orgs<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I agree there needs to disambiguating information contained within the certificate for these cases. However, mandating the use of the physical location attributes for this specific case would make the certificate profile
more complex.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">As an alternative approach, I suggest we define one or more orgID registration schemes and use the orgId attribute to convey the jurisdiction information. A few examples:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<ul style="margin-top:0cm" type="disc">
<li class="MsoListParagraph" style="margin-left:0cm;mso-list:l0 level1 lfo2"><span lang="EN-US">A Government Entity located in Japan would have an orgID of “GOVJP”<o:p></o:p></span></li><li class="MsoListParagraph" style="margin-left:0cm;mso-list:l0 level1 lfo2"><span lang="EN-US">A Government Entity located in California, United States would have an orgID of “GOVUS+CA”<o:p></o:p></span></li></ul>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">This will provide greater consistency in the certificate profile between those organizations which have registration numbers and those that do not.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Thanks,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Corey<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Smcwg-public <<a href="mailto:smcwg-public-bounces@cabforum.org">smcwg-public-bounces@cabforum.org</a>>
<b>On Behalf Of </b>Adriano Santoni via Smcwg-public<br>
<b>Sent:</b> Friday, August 5, 2022 3:04 AM<br>
<b>To:</b> <a href="mailto:smcwg-public@cabforum.org">smcwg-public@cabforum.org</a><br>
<b>Subject:</b> Re: [Smcwg-public] [External Sender] Re: OrganizationIdentifier for Gov and Treaty Orgs<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p><span lang="EN-US">I totally agree with Martijn Katerbarg.<o:p></o:p></span></p>
<p><span lang="EN-US">Adriano<o:p></o:p></span></p>
<p><span lang="EN-US">ACTALIS S.p.A.<o:p></o:p></span></p>
<p><span lang="EN-US"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><span lang="EN-US">Il 05/08/2022 09:02, Martijn Katerbarg via Smcwg-public ha scritto:<o:p></o:p></span></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span lang="EN-US">Should we at least subject:countryName to be present in these specific cases?
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Otherwise, we could end up having certificates with a subject looking like this (OV):<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> <o:p></o:p></span></p>
<p class="MsoNormal"><i><span lang="EN-US">subject:organizationName: Ministry of Finance</span></i><span lang="EN-US"><o:p></o:p></span></p>
<p class="MsoNormal"><i><span lang="EN-US"> </span></i><span lang="EN-US"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">This leaves no way of telling for which country and entity this is. Possibly the email address tld could tell someone, but that shouldn’t be relied upon.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I’ve done a comparison with EV certificates. There are currently EV certificates out there with O=Ministry of Finance and SN=Government Entity, spanning 12 different country codes.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> <o:p></o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Smcwg-public
<a href="mailto:smcwg-public-bounces@cabforum.org"><smcwg-public-bounces@cabforum.org></a>
<b>On Behalf Of </b>Stephen Davidson via Smcwg-public<br>
<b>Sent:</b> Thursday, 4 August 2022 16:49<br>
<b>To:</b> <a href="mailto:smcwg-public@cabforum.org">smcwg-public@cabforum.org</a><br>
<b>Subject:</b> [Smcwg-public] OrganizationIdentifier for Gov and Treaty Orgs<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"> <o:p></o:p></span></p>
<div style="border:solid black 1.0pt;padding:2.0pt 2.0pt 2.0pt 2.0pt">
<p class="MsoNormal" style="line-height:12.0pt;background:#FAFA03"><span lang="EN-US" style="font-size:10.0pt;color:black">CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender
and know the content is safe.</span><span lang="EN-US"><o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span lang="EN-US"> <o:p></o:p></span></p>
<div>
<p class="MsoNormal"><span lang="EN-US">Hello:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">In recent calls the group discussed that some Government and International Organization entities may not have identifiers.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">It was agreed to adopt a similar workaround to that provided in the EV Guidelines.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I have added text implementing that change as seen at
<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabforum%2Fsmime%2Fpull%2F158%2Ffiles&data=05%7C01%7Cmartijn.katerbarg%40sectigo.com%7C0f411c93c7404dfc94a008da76288a32%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637952213783726589%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=MZM2OTOjk5dUNo52UbgMZKk%2B5OSnE5l9SZvf7L0tYi8%3D&reserved=0">
https://github.com/cabforum/smime/pull/158/files</a><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Regards, Stephen<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> <o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><b><span lang="EN-US" style="font-family:"Arial",sans-serif;color:#0174C3">Stephen Davidson
</span></b><span lang="EN-US"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-US" style="font-family:"Arial",sans-serif;color:#686869">Governance, Risk & Compliance<br>
</span><span lang="EN-US"><a href="mailto:stephen.davidson@digicert.com"><span style="font-family:"Arial",sans-serif">stephen.davidson@digicert.com</span></a><o:p></o:p></span></p>
<p class="MsoNormal" style="text-autospace:none"><span lang="EN-US" style="font-family:"Arial",sans-serif;color:#686869">O 1.441.278.2803 | M 1.441.505.4908</span><span lang="EN-US"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><img border="0" width="350" height="75" style="width:3.6458in;height:.7847in" id="Picture_x0020_1" src="cid:image001.png@01D8AC95.3D49C920" alt="DigiCert_QuoVadis Logo Lockups_Phase
1_EmailSignatures_Phase1"></span><span lang="EN-US"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> <o:p></o:p></span></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span lang="EN-US"><o:p> </o:p></span></p>
<pre><span lang="EN-US">_______________________________________________<o:p></o:p></span></pre>
<pre><span lang="EN-US">Smcwg-public mailing list<o:p></o:p></span></pre>
<pre><span lang="EN-US"><a href="mailto:Smcwg-public@cabforum.org">Smcwg-public@cabforum.org</a><o:p></o:p></span></pre>
<pre><span lang="EN-US"><a href="https://lists.cabforum.org/mailman/listinfo/smcwg-public">https://lists.cabforum.org/mailman/listinfo/smcwg-public</a><o:p></o:p></span></pre>
</blockquote>
</div>
</div>
</body>
</html>