[cabfpub] streetAddress

Ryan Sleevi sleevi at google.com
Wed May 17 14:53:32 UTC 2017


On Wed, May 17, 2017 at 6:08 AM, Adriano Santoni via Public <
public at cabforum.org> wrote:

> All, would like some opinions about the following question:
> Can it be considered "okay" if the streetAddress component of an OV (or
> EV) certificate Subject contains some more information than it's strictly
> specified (or, more exactly, exemplified) in ITU-T X.520 ?
>
> ITU-T X.520 (aka ISO/IEC 9594-6) reads:
> "The Street Address attribute type specifies a site for the local
> distribution and physical delivery in a postal address,
> i.e., the street name, place, avenue and house number"
>
> For instance, how would you consider a street Address that, in addition to
> street name and house number, also contains a country name: compliant?
> non-compliant? of dubious compliance?
>

I would argue "of dubious compliance".

More pessimistically, it seems like it would permit avoiding validating
that information - that is, 3.2.2.3 has requirements about the appearance
of the subject:countryName that this would seemingly be exempt from. It
would also seem to attempt to bypass the 7.1.4.2.2(h) requirement.

As noted, the subject:streetAddress needs to comply with 7.1.4.2.2(d),
which means it must be validated in accordance with Section 3.2.2.1. I
would argue that since 7.1.4.2.2(d) ["Number"], 7.1.4.2.2(e), (f), (g), and
(h) all refer back to 3.2.2.1, it's meant to be the defined place to enter
such information.

That's my initial take, and I'm curious whether folks would disagree. I can
understand how one could read X.520 and try to argue that "streetAddress"
could holistically encompass all of the street address, but I think that
reading would be suspect with the clear intent of the BRs in spelling out
(d)-(h) as the way of encoding the information validated from 3.2.2.1, and
the times in which they're required.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20170517/09fdcb6c/attachment-0003.html>


More information about the Public mailing list