[cabfcert_policy] IV certificates and orgranizationName
Kurt Roeckx
kurt at roeckx.be
Sun May 1 04:35:53 MST 2016
Hi,
In 7.1.6.1 it says:
If the Certificate asserts the policy identifier of 2.23.140.1.2.3,
then it MUST also include (i) either organizationName or givenName
and surname, (ii) localityName (to the extent such field is
required under Section 7.1.4.2.2), (iii) stateOrProvinceName (to
the extent required under Section 7.1.4.2.2), and (iv) countryName
in the Subject field.
And in 7.1.4.2.2 it has:
d. Certificate Field: subject:localityName (OID: 2.5.4.7)
Required if the subject:organizationName field is present and the
subject:stateOrProvinceName field is absent.
Optional if the subject:organizationName and
subject:stateOrProvinceName fields are present.
Prohibited if the subject:organizationName field is absent.
(And the same in e. for stateOrProvinceName)
Since IV certificates require localityName or stateOrProvinceName,
it also requires an organizationName, while it might make more
sense to use givenName and surname.
I also think that organizationName does not make much sense for
individuals.
Kurt
More information about the Policyreview
mailing list