[cabfpub] Misissuance of certificates
Dean Coclin
Dean_Coclin at symantec.com
Thu Jan 21 06:08:08 MST 2016
Yes, I confirmed that they do.
-----Original Message-----
From: Gervase Markham [mailto:gerv at mozilla.org]
Sent: Thursday, January 21, 2016 4:36 AM
To: Dean Coclin <Dean_Coclin at symantec.com>; Sigbjørn Vik <sigbjorn at opera.com>; public at cabforum.org
Subject: Re: [cabfpub] Misissuance of certificates
On 21/01/16 03:24, Dean Coclin wrote:
> The issue was that some certs have information as part of the CN which
> probably shouldn't be public -- in the HMRC cases, it's a tax-related
> ID number specific to a given company, which probably ought to be
> private between that company and the tax offices. But they need certs
> including that number to exchange information with the tax offices.
> (Arguably that's a poorly designed system but that's something to take
> up with HMRC -- the UK tax office)
And we are sure that, despite being a way of companies communicating with one specific entity, the system nevertheless uses certificates chaining to publicly trusted roots?
Gerv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5747 bytes
Desc: not available
Url : https://cabforum.org/pipermail/public/attachments/20160121/b37bdd9f/attachment-0001.bin
More information about the Public
mailing list