<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
It should be ISO 3166-1 for the alpha-2 character code. This was
probably an oversight.<br>
<br>
Stephen, is this something we could add to the upcoming ballot with
fixes?<br>
<br>
<br>
Thanks,<br>
Dimitris.<br>
<br>
<div class="moz-cite-prefix">On 30/3/2023 8:24 μ.μ., Bruce Morton
via Smcwg-public wrote:<br>
</div>
<blockquote type="cite"
cite="mid:01000187338d06f7-b716ffcf-cd30-4d44-80c6-f2ec5373e59a-000000@email.amazonses.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style>@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face
{font-family:DengXian;
panose-1:2 1 6 0 3 1 1 1 1 1;}@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}@font-face
{font-family:"\@DengXian";
panose-1:2 1 6 0 3 1 1 1 1 1;}p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}div.WordSection1
{page:WordSection1;}</style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal">Sorry I missed the call yesterday.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I am hoping the QIIS item can be added to
the erratum. In addition, we have the following observation.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">S/MIME BR 7.1.4.2.2.d. Note 2 states, “For
Government Entities, the CA SHALL enter the Registration
Scheme identifier ‘GOV’ followed by the 2 character ISO 3166
country code for the nation in which the Government Entity is
located. If the Government Entity is verified at a subdivision
(state or province) level, then a plus “+” (0x2B (ASCII),
U+002B (UTF‐8)) followed by a
<b>2 character ISO 3166‐2 identifier</b> for the subdivision
is added.”<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The wording is complicated as there are no
2 character 3166-2 identifiers as they start with the 2
character country code plus a hyphen. For California the code
is
<b>US-</b>CA, but we expect the result for the orgID to be
GOVUS+CA and not GOVUS+US-CA. For Czechia, they append 2 or 3
numerals such as CZ-201. I assume we want to show GOVCZ+201
(see
<a href="https://www.iso.org/obp/ui/#iso:code:3166:CZ"
moz-do-not-send="true" class="moz-txt-link-freetext">https://www.iso.org/obp/ui/#iso:code:3166:CZ</a>),
but this is adding more than 2 characters.
<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I am not sure how to state this but I think
we want these examples:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">OrgID GOVUS based on ISO 3166-1 US
indicator<o:p></o:p></p>
<p class="MsoNormal">OrgID GOVUS+CA based on ISO 3166-1 US
indicator and ISO3166-2 US-CA indicator<o:p></o:p></p>
<p class="MsoNormal">OrgID GOV CZ+201 based on ISO 3166-1 CZ
indicator and ISO3166-2 CZ-201 indicator<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">So could we add this to a clarification
ballot and change “followed by a 2 character ISO 3166<span
style="font-family:DengXian" lang="ZH-CN">‐</span>2
identifier for the subdivision added” to “followed by the ISO
3166-2 additional characters identified for the subdivision
added”? Then provide the examples.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks, Bruce.<o:p></o:p></p>
</div>
<i>Any email and files/attachments transmitted with it are
confidential and are intended solely for the use of the
individual or entity to whom they are addressed. If this message
has been sent to you in error, you must not copy, distribute or
disclose of the information it contains. <u>Please notify
Entrust immediately</u> and delete the message from your
system.</i>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Smcwg-public mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Smcwg-public@cabforum.org">Smcwg-public@cabforum.org</a>
<a class="moz-txt-link-freetext" href="https://lists.cabforum.org/mailman/listinfo/smcwg-public">https://lists.cabforum.org/mailman/listinfo/smcwg-public</a>
</pre>
</blockquote>
<br>
</body>
</html>