[cabfpub] For Discussion: S/MIME Working Group Charter

Phillip philliph at comodo.com
Thu May 17 18:53:30 MST 2018 

We seem to have a terminology issue here. What is a server? This is obvious in HTTP but far from obvious in the context of email because there is an inbound and an outbound ‘server’ and it acts as a client and a server at different times.

 

I agree that certificates used to authenticate Mail Transport Agents are properly part of what the Server WG is specifying. But they may be used by a host acting as a TLS ‘server’ or ‘client’.

 

 

Another little oddity is that we are assuming that the entity a CA validates and issues certificates to in the S/MIME world is properly the end user rather than the organization. That might not be the right approach. If what the CA is effectively validating is ‘example.com’, and not ‘alice@’, maybe it is better to perform validation on the organization.

 

 

From: Public <public-bounces at cabforum.org> On Behalf Of Ryan Sleevi via Public
Sent: Thursday, May 17, 2018 7:48 PM
To: Moudrick M. Dadashov <md at ssc.lt>; CA/Browser Forum Public Discussion List <public at cabforum.org>
Subject: Re: [cabfpub] For Discussion: S/MIME Working Group Charter

 

That's clearly the remit of the Server Certificate Working Group, and should remain so.

 

On Thu, May 17, 2018 at 7:29 PM, Moudrick M. Dadashov via Public <public at cabforum.org <mailto:public at cabforum.org> > wrote:

Email server certificates not included?

Thanks,
M.D.

On 5/18/2018 1:49 AM, Tim Hollebeek via Public wrote:

Oops, missed a spot:

 

1. To specify S/MIME Baseline Requirements, Extended Validation Guidelines, Network and Certificate System Security Requirements, and other acceptable practices for the issuance and management of S/MIME certificates used to sign and encrypt emails.

 

 

_______________________________________________
Public mailing list
Public at cabforum.org <mailto:Public at cabforum.org> 
https://cabforum.org/mailman/listinfo/public

 


_______________________________________________
Public mailing list
Public at cabforum.org <mailto:Public at cabforum.org> 
https://cabforum.org/mailman/listinfo/public

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/public/attachments/20180517/cefad84b/attachment-0001.html>

More information about the Public mailing list