[cabfpub] C=GR, C=UK exceptions in BRs

Dimitris Zacharopoulos jimmy at it.auth.gr
Fri Mar 17 19:53:31 UTC 2017



On 17/3/2017 9:09 μμ, Peter Bowen wrote:
>> On Mar 17, 2017, at 12:01 PM, Dimitris Zacharopoulos via Public <public at cabforum.org> wrote:
>>
>> For your consideration, please have a look at http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32015D1505 and specifically Annex II. This is an Implementing Decision for Regulation 910/2014 (eIDAS).
>>
>> "
>> The information to be notified by Member States under Article 4(1) of the present Decision shall contain the following data and any changes thereto:
>> (1)
>>
>> Member State, using ISO 3166-1 (1) Alpha 2 codes with the following exceptions:
>>
>> (a)
>>
>> The Country Code for United Kingdom shall be ‘UK’.
>>
>> (b)
>>
>> The Country Code for Greece shall be ‘EL’.
>>
>>>>
>> I believe Greece and Great Britain should be allowed their "right" to be represented by using the identifiers C=EL and C=UK respectively, if they wish to do so. The "spirit" of 9.16.3 is also to bring conflicting requirements to the CA/B Forum to consider possible revisions accordingly. This is exactly what I am doing, without violating the current BRs, but hoping that the CA/B Forum will read this as a conflicting requirement which could be resolved by adding a simple exception, without creating any risk in current practices.
>>
>> Is this only my reading? Do others read this in a similar way?
> The good news is we dodged a bullet here.  Annex II is "TEMPLATE FOR MEMBER STATES’ NOTIFICATIONS”.  It does not apply to certificates, just the trust lists.  So no issue; feel free to use C=EL in the trust list.
>
>

I realized from the beginning that Certificates used in the EU TSL are 
not used for SSL and probably not required to be BR-compliant. But, if 
these identifiers can be used in X.509 Certificates that represent 
"Trust Lists" for EU Member States, isn't this worthed to be considered 
for SSL Certificates? I see this as an improvement not something 
mandatory. I thought it was a rational thought.

Dimitris.





More information about the Public mailing list