[cabfpub] F2F Topic details: What should be represented in the "O" field?
gerv at mozilla.org
Tue Feb 9 16:30:11 UTC 2016
On 05/02/16 16:21, Doug Beattie wrote:
> I don’t think you’re asking the right question: “Who can request a cert
> for dean.example.com”. It’s not who can request it, but more the
> relationship between the Org field and the Domain in the CN or SAN,
> right? In reality you never know who is requesting the certificate,
> only what they put into their request.
Yes, Doug is exactly right. The "who can request a certificate for
dean.example.com" question would relate to e.g. validation methods. The
correct question here that one might ask is "how does the O field in the
OV or EV certificate for dean.example.com relate to the various parties
involved in running or operating that website?"
More information about the Public