[cabfpub] Ambiguous use of MAY in 8.5.1 of the EV Guidelines
Ryan Sleevi
sleevi at google.com
Tue Nov 24 09:44:47 MST 2015
Reposting this in behalf of Mike MacCana:
Section 8.5.1 https://cabforum.org/wp-content/uploads/EV-V1_5_7.pdf reads:
8.5.1. General
The CA MAY only issue EV Certificates to Applicants that meet the
Private Organization, Government Entity, Business Entity and Non-Commercial
Entity requirements specified below.
Per RFC 2119 (which the EV guidelines use, see '6: Definitions'), 'may'
doesn't quite seem accurate for what's being conveyed.
Quoting RFC 2119:
MAY: This word, or the adjective "OPTIONAL", mean that an item is truly
optional.
Reading the EV guidelines here, I do not believe that 'truly optional' is
the intention of section 8.5.1.
Perhaps using the word 'must' and rewording would clarify the intention
here:
The CA MUST only issue EV Certificates to Applicants that meet at least
of one the Private Organization, Government Entity, Business Entity and
Non-Commercial Entity requirements specified below.
Thanks,
Mike
--
Mike MacCana
Founder, CertSimple <https://certsimple.com/>
M: +44 7547 004474
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20151124/24f39999/attachment.html
More information about the Public
mailing list