[cabfpub] Ballot 175 - Addition of givenName and surname

Enric Castillo enric.castillo at anf.es
Mon Sep 5 15:06:57 UTC 2016


ANF Autoridad de Certificación votes yes.


El 23/08/2016 a las 22:18, Jeremy Rowley escribió:
>
> *Ballot 17**5- Addition of givenName/surname*
>
> The following motion has been proposed by Jeremy Rowley ofDigiCert 
> <https://cabforum.org/wiki/DigiCert>and endorsed by Richard Wang 
> ofWoSign <https://cabforum.org/wiki/WoSign>and Eddy Nigg ofStartCom 
> <https://cabforum.org/wiki/StartCom>:
>
> Background:
>
> The CAB Forum Baseline Requirements theoretically permit use of 
> givenName and surname under Section 7.1.4.2.2. However, the actual 
> language of Section 7.1.4.2.2 ends up prohibiting use of these fields. 
> This ballot permits use of givenName and surname to identify 
> individuals validated under Section 3.2.5.
>
> --Motion Begins--
>
> Insert a new (C) under 7.1.4.2.2, renumbering all subsequent bullets.
>
> _c. Certificate Field: subject:givenName (2.5.4.42) and 
> subject:surname (2.5.4.4)_
>
> ·_Optional._
>
> _Contents: If present, the subject:givenName field and subject:surname 
> field MUST contain an natural person Subject’s name as verified under 
> Section 3.2.3. A Certificate containing a subject:givenName field or 
> subject:surname field MUST contain the (2.23.140.1.2.3) Certificate 
> Policy OID._
>
> _d._Certificate Field: Number and street: subject:streetAddress (OID: 
> 2.5.4.9)
>
> ·Optional if the subject:organizationName field_, subject: givenName 
> field, or subject:surname field are_ispresent. Prohibited if the 
> subject:organizationName field_, subject:givenName, and 
> subject:surname field are_isabsent.
>
>   * Contents: If present, the subject:streetAddress field MUST contain
>     the Subject’s street address information as verified under Section
>     3.2.2.1.
>
> _e._Certificate Field: subject:localityName (OID: 2.5.4.7)
>
> Required if the subject:organizationName field_, subject:givenName 
> field, or subject:surname field are_ispresent and the 
> subject:stateOrProvinceName field is absent. Optional if the 
> subject:stateOrProvinceName field and the subject:organizationName 
> field_, subject:givenName field, or subject:surname field_are present. 
> Prohibited if the subject:organizationName field_, subject:givenName, 
> and subject:surname field are_isabsent.
>
> Contents: If present, the subject:localityName field MUST contain the 
> Subject’s locality information as verified under Section 3.2.2.1. If 
> the subject:countryName field specifies the ISO 3166‐1 user‐assigned 
> code of XX in accordance with Section 7.1.4.2.2(g), the localityName 
> field MAY contain the Subject’s locality and/or state or province 
> information as verified under Section 3.2.2.1.
>
> f. Certificate Field: subject:stateOrProvinceName (OID: 2.5.4.8)
>
> Required if the subject:organizationName field field_, 
> subject:givenName field, or subject:surname field are_ispresent and 
> the subject:localityName field is absent. Optional if the 
> subject:localityName field and the subject:organizationName field_, 
> the subject:givenName field, or subject:surname field_are present. 
> Prohibited if the subject:organizationName field_, subject:givenName 
> field , or subject:surname field are_isabsent.
>
> Contents: If present, the subject:stateOrProvinceName field MUST 
> contain the Subject’s state or province information as verified under 
> Section 3.2.2.1. If the subject:countryName field specifies the ISO 
> 3166‐1 user‐assigned code of XX in accordance with Section 
> 7.1.4.2.2(g), the subject:stateOrProvinceName field MAY contain the 
> full name of the Subject’s country information as verified under 
> Section 3.2.2.1.
>
> _g_. Certificate Field: subject:postalCode (OID: 2.5.4.17)
>
> Optional if the subject:organizationName_, subject:givenName field, or 
> subject:surname fields are_ispresent. Prohibited if the 
> subject:organizationName field_, subject:givenName field, or 
> subject:surname field are_isabsent.
>
> Contents: If present, the subject:postalCode field MUST contain the 
> Subject’s zip or postal information as verified under Section 3.2.2.1.
>
> _h_. Certificate Field: subject:countryName (OID: 2.5.4.6)
>
> Required if the subject:organizationName field_, subject:givenName, or 
> subject:surname field are_ispresent. Optional if the 
> subject:organizationName field_, subject:givenName field, and 
> subject:surname field are_isabsent.
>
> Contents: If the subject:organizationName field is present, the 
> subject:countryName MUST contain the two‐letter ISO 3166‐1 country 
> code associated with the location of the Subject verified under 
> Section 3.2.2.1. If the subject:organizationName, subject:givenName 
> field, and subject:surname field are is absent, the 
> subject:countryName field MAY contain the two‐letter ISO 3166‐1 
> country code associated with the Subject as verified in accordance 
> with Section 3.2.2.3. If a Country is not represented by an official 
> ISO 3166‐1 country code, the CA MAY specify the ISO 3166‐1 
> user‐assigned code of XX indicating that an official ISO 3166‐1 
> alpha‐2 code has not been assigned.
>
> _i_. Certificate Field: subject:organizationalUnitName
>
> Optional.
>
> _Contents_: The CA SHALL implement a process that prevents an OU 
> attribute from including a name, DBA, tradename, trademark, address, 
> location, or other text that refers to a specific natural person or 
> Legal Entity unless the CA has verified this information in accordance 
> with Section 3.2 and the Certificate also contains 
> subject:organizationName_, subject:givenName, subject:surname_, 
> subject:localityName, and subject:countryName attributes, also 
> verified in accordance with Section 3.2.2.1.
>
> 7.1.6.1
>
>>
> If the Certificate asserts the policy identifier of 2.23.140.1.2.1, 
> then it MUST NOT include organizationName_, givenName, surname_, 
> streetAddress, localityName, stateOrProvinceName, or postalCode in the 
> Subject field.
>
>>
> --Motion Ends--
>
> The review period for this ballot shall commence at 2200 UTC on 24 
> August 2016, and will close at 2200 UTC on 31 August 2016. Unless the 
> motion is withdrawn during the review period, the voting period will 
> start immediately thereafter and will close at 2200 UTC on 7 September 
> 2016. Votes must be cast by posting an on-list reply to this thread.
>
> A vote in favor of the motion must indicate a clear 'yes' in the 
> response. A vote against must indicate a clear 'no' in the response. A 
> vote to abstain must indicate a clear 'abstain' in the response. 
> Unclear responses will not be counted. The latest vote received from 
> any representative of a voting member before the close of the voting 
> period will be counted. Voting members are listed 
> here:https://cabforum.org/members/
>
> In order for the motion to be adopted, two thirds or more of the votes 
> cast by members in the CA category and greater than 50% of the votes 
> cast by members in the browser category must be in favor. Quorum is 
> currently ten (10) members– at least ten members must participate in 
> the ballot, either by voting in favor, voting against, or abstaining.
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-- 
ANF AC - Autoridad de certificación 	*Enric Castillo *
/Director Técnico /
ANF Autoridad de Certificación
[Teléfono] +34 626818285 /(Celular)/
[Dirección] Gran Vía de Les Corts Catalanes 996, Barcelona
[Teléfono] +593 0 996483798 /(Celular)/
[Teléfono] +593 2 2550002
[Dirección] Av. 12 de Octubre N24-562 y Luis Cordero, Edif. World Trade 
Center, Torre A, Piso 11, Ofi. 1102, Quito
[Dirección de Skype] castillo.enric
[Dirección de correo electrónico] enric.castillo at anf.es
[Dirección Web] www.anf.es

	

*AVISO*
Este mensaje se dirige exclusivamente a su destinatario y puede contener 
información privilegiada o confidencial y/o datos de carácter personal, 
cuya difusión está regulada por la Ley Orgánica de Protección de Datos y 
la Ley de Servicios de la Sociedad de la Información. Si usted no es el 
destinatario indicado (o el responsable de la entrega al mismo), no debe 
copiar o entregar este mensaje a terceros bajo ningún concepto. Si ha 
recibido este mensaje por error o lo ha conseguido por otros medios, le 
rogamos que nos lo comunique inmediatamente por esta misma vía y proceda 
a su eliminación irreversible. Las opiniones, conclusiones y demás 
informaciones incluidas en este mensaje que no estén relacionadas con 
asuntos profesionales de ANF Autoridad de Certificación no están 
respaldadas por la empresa.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160905/8b3c96f6/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: njoojpjedddaaecb.png
Type: image/png
Size: 4746 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160905/8b3c96f6/attachment-0021.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kbbfjledobbeljhd.png
Type: image/png
Size: 3311 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160905/8b3c96f6/attachment-0022.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: llakledlikpafnoe.png
Type: image/png
Size: 1822 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160905/8b3c96f6/attachment-0023.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: hoclinkfpfhbjnbh.png
Type: image/png
Size: 3873 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160905/8b3c96f6/attachment-0024.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gccjdjigjmoemcib.png
Type: image/png
Size: 3246 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160905/8b3c96f6/attachment-0025.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: llbbkopaabcgoein.png
Type: image/png
Size: 3712 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160905/8b3c96f6/attachment-0026.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pbfnmihjmhafekbi.png
Type: image/png
Size: 21794 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160905/8b3c96f6/attachment-0027.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6338 bytes
Desc: Firma criptogr��fica S/MIME
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160905/8b3c96f6/attachment-0001.p7s>


More information about the Public mailing list