[cabfpub] For Discussion: S/MIME Working Group Charter

Dimitris Zacharopoulos jimmy at it.auth.gr
Fri May 18 04:57:39 UTC 2018 


On 18/5/2018 2:51 πμ, Ryan Sleevi via Public wrote:
> I don't think it's a cross-EKU situation, though, but I'm glad we're 
> in agreement.
>
> An email server certificate is an id-kp-serverAuth EKU. That's already 
> covered by another WG

I sincerely hope that id-kp-clientAuth EKU will also be covered by this 
WG since there will be common validation requirements for Subject 
information, as with S/MIME. It seems too much overhead to spawn an 
entirely different WG to deal just with clientAuth.

If people agree, how about using the name "Client and S/MIME Certificate 
WG" which seems aligned with the "Server Certificate WG"?


Dimitris.


>
> On Thu, May 17, 2018 at 7:49 PM, Tim Hollebeek via Public 
> <public at cabforum.org <mailto:public at cabforum.org>> wrote:
>
>     My personal opinion is that cross-EKU chimeras should not exist. 
>     I realize they’re extremely common in the industry, but they’re bad.
>
>     DigiCert has had a long and vigorous internal discussion about the
>     correct number of EKUs in a certificate. I’m a strong proponent of
>     the “exactly one” position, but other people have differing opinions.
>
>     I see Ryan agreeing; I think we should do whatever we can to make
>     sure the Working Groups have disjoint and clearly defined scopes.
>
>     -Tim
>
>     *From:*Moudrick M. Dadashov [mailto:md at ssc.lt <mailto:md at ssc.lt>]
>     *Sent:* Thursday, May 17, 2018 7:30 PM
>     *To:* Tim Hollebeek <tim.hollebeek at digicert.com
>     <mailto:tim.hollebeek at digicert.com>>; CA/Browser Forum Public
>     Discussion List <public at cabforum.org <mailto:public at cabforum.org>>
>     *Subject:* Re: [cabfpub] For Discussion: S/MIME Working Group Charter
>
>     Email server certificates not included?
>
>     Thanks,
>     M.D.
>
>     On 5/18/2018 1:49 AM, Tim Hollebeek via Public wrote:
>
>         Oops, missed a spot:
>
>         1. To specify S/MIME Baseline Requirements, Extended
>         Validation Guidelines, Network and Certificate System Security
>         Requirements, and other acceptable practices for the issuance
>         and management of S/MIME certificates used to sign and encrypt
>         emails.
>
>
>
>
>         _______________________________________________
>
>         Public mailing list
>
>         Public at cabforum.org <mailto:Public at cabforum.org>
>
>         https://cabforum.org/mailman/listinfo/public
>         <https://cabforum.org/mailman/listinfo/public>
>
>
>     _______________________________________________
>     Public mailing list
>     Public at cabforum.org <mailto:Public at cabforum.org>
>     https://cabforum.org/mailman/listinfo/public
>     <https://cabforum.org/mailman/listinfo/public>
>
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20180518/b647d5a0/attachment-0003.html>

More information about the Public mailing list