[cabfpub] Assumed names and organization names

Jeremy Rowley jeremy.rowley at digicert.com
Tue Mar 10 20:39:27 UTC 2015 

One time where a DBA-only would be preferred is where the certificates is issued in Europe for a site operated by a sole proprietor or individual. They won't want the individual's name in the certificate and there isn't a verified organization.

Jermey

From: Eddy Nigg [mailto:eddy_nigg at startcom.org]
Sent: Tuesday, March 10, 2015 2:35 PM
To: richard.smith at comodo.com; Jeremy Rowley; 'CABFPub'
Subject: Re: [cabfpub] Assumed names and organization names

Hi Rich,
On 03/10/2015 10:15 PM, Rich Smith wrote:
Eddy, not sure about all jurisdictions, but for the US DBA/trade names are generally registered, either at the state, county or city level, depending upon jurisdiction, so tracing them back to the legal entity is generally possible, it's just not in your face obvious, which these customers would call a feature, not a bug, and generally the reason why they register such a DBA/trade name in the first place.

OK, first of all lets work on the assumption that we are writing the guidelines for any part of the world, not just the US. This will probably help us to look at the issue better.

Now, can you (or anybody else) explain to me what were the reasons for the proposed naming convention for EV certificates? Assuming there are a couple of good reasons, why should this be a bad thing for non-EV certificates?

As somebody who was and is involved trying to confirm registered trade names (DBAs) I can tell you that this isn't always an easy thing, not even in the US. Now proposing to have a relying party doing the same thing, even if possible somehow defeats the purpose of a verification in my opinion.

For the record, we adopted the naming convention required for EV certificates also for non-EV verified SSL certificates. Of course not everybody likes it, but then there are many things potential subscribers (or existing subscribers) don't like very much, but nevertheless have to agree with it or use a different verification or certificate type.
--
Regards



Signer:

Eddy Nigg, COO/CTO



StartCom Ltd.<http://www.startcom.org>

XMPP:

startcom at startcom.org<xmpp:startcom at startcom.org>

Blog:

Join the Revolution!<http://blog.startcom.org>

Twitter:

Follow Me<http://twitter.com/eddy_nigg>




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150310/9d252081/attachment-0003.html>

More information about the Public mailing list