[cabfpub] Section 9.2.3 modification

kirk_hall at trendmicro.com kirk_hall at trendmicro.com
Thu May 23 01:12:42 UTC 2013


Jeremy - as a practical matter, I don't understand what this sentence means: "The CA SHALL implement and follow a process that prevents a Domain Component field from including  information if the CA is unaware of the logical association between the Domain Component field information and the Certificate's Subject."

Can you give some practical examples of how and when a CA is supposed to take action?

From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Jeremy Rowley
Sent: Wednesday, May 22, 2013 4:32 PM
To: public at cabforum.org
Subject: [cabfpub] Section 9.2.3 modification

Hi everyone,

As mentioned there is an incompatibility between the Baseline Requirements and other industry groups on what information should be included in a Domain Component Field. I modified the motion slightly based on Ryan Sleevi's comments during last week's phone call.  Please let me know if you are willing to endorse or have suggestions.

---Motion Begins----
Replace Section 9.2.3

Certificate Field:  subject:domainComponent (OID 0.9.2342.19200300.100.1.25)
Required/Optional:  Optional.
Contents:  If present, this field MUST contain all components of the subject's Registered Domain Name in ordered sequence, with the most significant component, closest to the root of the namespace, written last.

With the following:

9.2.3 Subject Domain Component Field
Certificate Field: subject:domainComponent (OID 0.9.2342.19200300.100.1.25)
Required/Optional: Optional.
Contents: If present, this field MUST contain components of a Domain Name verified under Section 11.1.1 in ordered sequence, with the most significant component, closest to the root of the namespace, written last. The CA SHALL implement and follow a process that prevents a Domain Component field from including  information if the CA is unaware of the logical association between the Domain Component field information and the Certificate's Subject.

-----Motion Ends-----

Thanks,
Jeremy


<table class="TM_EMAIL_NOTICE"><tr><td><pre>
TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
</pre></td></tr></table>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130523/45adf8b1/attachment-0003.html>


More information about the Public mailing list