[cabfpub] Urgent: BR Exceptions for Subordinate CA Certificates
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Thu Oct 31 20:59:42 UTC 2013
On 10/31/2013 09:35 PM, From Kathleen Wilson:
> These are the issues in play:
>
> * BR 9.1.3 says that the Issuer Organization Name (O) field must not
> contain a generic designation. The BIT legacy roots have the DN
> "o=admin,c=CH". However, Swiss law apparently reserves this particular
> string as a 'brand' to BIT. And, of course, this root was created long
> before the BRs were thought of.
Kathleen, if you recall at the time of the (initial) root inclusion
request regarding this root at Mozilla we had exactly the very same
issue and with an eye on exactly those types of names the BR does NOT
allow such names. This was also discussed at that time and I would
object (on our part should this come up for vote) to an exception for
these kinds of names. Exactly for this the BR was created to get rid of
such practices.
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20131031/da20fd81/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4540 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20131031/da20fd81/attachment-0001.p7s>
More information about the Public
mailing list