[cabfpub] For Discussion: S/MIME Working Group Charter
Dimitris Zacharopoulos
jimmy at it.auth.gr
Fri May 18 04:57:39 UTC 2018
On 18/5/2018 2:51 πμ, Ryan Sleevi via Public wrote:
> I don't think it's a cross-EKU situation, though, but I'm glad we're
> in agreement.
>
> An email server certificate is an id-kp-serverAuth EKU. That's already
> covered by another WG
I sincerely hope that id-kp-clientAuth EKU will also be covered by this
WG since there will be common validation requirements for Subject
information, as with S/MIME. It seems too much overhead to spawn an
entirely different WG to deal just with clientAuth.
If people agree, how about using the name "Client and S/MIME Certificate
WG" which seems aligned with the "Server Certificate WG"?
Dimitris.
>
> On Thu, May 17, 2018 at 7:49 PM, Tim Hollebeek via Public
> <public at cabforum.org <mailto:public at cabforum.org>> wrote:
>
> My personal opinion is that cross-EKU chimeras should not exist.
> I realize they’re extremely common in the industry, but they’re bad.
>
> DigiCert has had a long and vigorous internal discussion about the
> correct number of EKUs in a certificate. I’m a strong proponent of
> the “exactly one” position, but other people have differing opinions.
>
> I see Ryan agreeing; I think we should do whatever we can to make
> sure the Working Groups have disjoint and clearly defined scopes.
>
> -Tim
>
> *From:*Moudrick M. Dadashov [mailto:md at ssc.lt <mailto:md at ssc.lt>]
> *Sent:* Thursday, May 17, 2018 7:30 PM
> *To:* Tim Hollebeek <tim.hollebeek at digicert.com
> <mailto:tim.hollebeek at digicert.com>>; CA/Browser Forum Public
> Discussion List <public at cabforum.org <mailto:public at cabforum.org>>
> *Subject:* Re: [cabfpub] For Discussion: S/MIME Working Group Charter
>
> Email server certificates not included?
>
> Thanks,
> M.D.
>
> On 5/18/2018 1:49 AM, Tim Hollebeek via Public wrote:
>
> Oops, missed a spot:
>
> 1. To specify S/MIME Baseline Requirements, Extended
> Validation Guidelines, Network and Certificate System Security
> Requirements, and other acceptable practices for the issuance
> and management of S/MIME certificates used to sign and encrypt
> emails.
>
>
>
>
> _______________________________________________
>
> Public mailing list
>
> Public at cabforum.org <mailto:Public at cabforum.org>
>
> https://cabforum.org/mailman/listinfo/public
> <https://cabforum.org/mailman/listinfo/public>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org <mailto:Public at cabforum.org>
> https://cabforum.org/mailman/listinfo/public
> <https://cabforum.org/mailman/listinfo/public>
>
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180518/b647d5a0/attachment-0002.html>
More information about the Public
mailing list