[cabfpub] [cabfman] Ballot 92 - Subject Alternative Names

Jeremy Rowley jeremy.rowley at digicert.com
Fri Nov 16 17:42:06 UTC 2012

I would say the intent is to ensure that there is a legitimate party behind each certificate and reduce the risks associated with what we consider a high risk practice (as shown in the example I previously provided).  OV is not required if the owner of the domain names listed in the certificate is the same.




From: management-bounces at cabforum.org [mailto:management-bounces at cabforum.org] On Behalf Of kirk_hall at trendmicro.com
Sent: Friday, November 16, 2012 10:24 AM
To: 'CABForum Management'; public at cabforum.org
Subject: Re: [cabfman] [cabfpub] Ballot 92 - Subject Alternative Names


To help members evaluate Ballot 92 we are attaching a side-by-side comparison of current Baseline Requirements language with the proposed new language.  As before, the intent of this ballot is to prohibit DV SANs certificates, which we will oppose.


Trend Micro does not issue DV certificates, but we think they serve a valuable security function in increasing the use of SSL.  Forcing customers to buy OV certs instead is anti-competitive and will likely lead to less use of SSL to secure sites.

The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20121116/1aab4a0f/attachment-0004.html>

More information about the Public mailing list