[cabfpub] [cabfman] Clarification on self-proprietors with trade-name needed

Eddy Nigg (StartCom Ltd.) eddy_nigg at startcom.org
Wed Jun 6 08:01:22 MST 2012


On 05/29/2012 12:30 AM, From Eddy Nigg (StartCom Ltd.):
> Thanks for all for confirming the current EV guidelines and for the 
> background explanations as well. I believe that it's clear what the 
> guidelines require - those that think it should be changed can always 
> suggest an errata for ballot (I doubt this would go through based on 
> the comments I've seen, but it's the right of every member to suggest 
> a change).

The particular issue which made me start this thread is going to be 
solved and the relevant certificate(s) revoked. The particular CA with 
which I was in contact also confirmed to me that they'll make an 
inventory of any other certs that they might have issued incorrectly in 
order to ensure they've followed the guidelines correctly.

I want to take this as an opportunity to remind the fellow members and 
request to verify and check their issuance practices in respect to trade 
names and the correct naming convention. Below a summary of the 
responses by some of the software vendors:

Mozilla (Gerv):

    Going back to the original question: I don't think the guidelines
    section 8.1.1 are unclear here. "DBA Name (Real Name)" is what's required.

Opera (Yngve):

    IMO his name should be included in the parenthesis. He is Jon Smith Doing
    Business as Some Name.

Apple (Geoff):

    I think this means the certificate does need to list the specific owner of the name, otherwise it wouldn't be clear to whom the certificate is issued.

    The primary purposes of Extended Validation Certificates are to: 1) identify the legal entity that controls a Web or service site, 2) ...

    A DBA is not a 'legal entity', and it is not sufficient to uniquely identify a legal entity.  So, you can't have an EV certificate that just contains your DBA because that defeats a primary purpose of EV certificates.


Thank you for your attention!


Regards
Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cabforum.org/pipermail/public/attachments/20120606/cff220be/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4506 bytes
Desc: S/MIME Cryptographic Signature
Url : http://cabforum.org/pipermail/public/attachments/20120606/cff220be/attachment.bin 


More information about the Public mailing list