[cabfpub] Naming rules
Ryan Sleevi
sleevi at google.com
Mon Mar 6 09:17:38 MST 2017
On Mon, Mar 6, 2017 at 11:04 AM, Peter Bowen via Public <public at cabforum.org
> wrote:
>
> Li-Chun: Can you clarify? Is there any law in Taiwan that requires
> specific name forms or is this discussion about getting an existing
> established PKI to be BR-compliant by changing the BRs instead of changing
> the PKI?
>
More specifically: Is there any law in Taiwan that requires either _all_
CAs )operated within Taiwan) use the specific name forms identified in the
DIT and/or that requires Chunghwa Telecom specifically to conform to a
specific name type _and_ operate a publicly trusted root?
As Gerv highlighted, and as some members still have misunderstood, the
restrictions of 9.16.3 do not simply apply because the existence of a law,
but rather, only in the case where the only way to operate a
publicly-trusted, otherwise WebTrust/ETSI-audited CA, within a given
jurisdiction is by complying to said local law.
As a concrete example, the mere existence of a law that requires all
participants in a given PKI (whether the US FPKI or a Taiwanese national
PKI) to use a particular name form is not sufficient to trigger 9.16.3,
because there's no requirement that said PKI also be publicly trusted.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20170306/9d9b1d82/attachment.html>
More information about the Public
mailing list