[cabfpub] Revised document for Ballot 89 - Adopt Requirements for the Processing of EV SSL Certificates v.2

Moudrick M. Dadashov md at ssc.lt
Wed Oct 17 01:33:04 MST 2012


On 10/17/2012 11:14 AM, Gervase Markham wrote:
> On 17/10/12 00:00, Jeremy Rowley wrote:
>> I imagine all CAs have a similar policy, which is why I found Gerv’s
>> question on the subject rather surprising.
> The question arose because I seem to remember in the past that there was
> a strong current of opinion that certificates were about identity, not
> trustworthiness, and that determining what is illegal in the
> jurisdiction of an abitrary website is not something CAs wanted to get
> into the business of doing. But perhaps I misremember, or perhaps the
> situation has changed.
I'm afraid you don't misremember and nothing actually has changed, 
certificates by their definition are still about identities that hold 
privet keys corresponding to the public keys in their certificates. So 
anybody can issue certificates and issuer's trustworthiness assessed by 
third parties using different trust mechanisms. Information in a 
certificate may help you to find those assessment bodies.

Things like what to do with an arbitrary website is subject to local 
jurisdiction regulation and/or contractual relationship between the cert 
issuer and the cert holder.

Thanks,
M.D.
>
> Gerv
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public



More information about the Public mailing list