[Smcwg-public] Require proof-of-possession for SMIME certificate issuance
Stephen Davidson
Stephen.Davidson at digicert.com
Tue Dec 29 16:36:51 UTC 2020
Thank you Ben. Noted for further SMCWG discussion:
- check proof of possession of private key
- CAA checking
Happy new year and best regards, Stephen
From: Smcwg-public <smcwg-public-bounces at cabforum.org> On Behalf Of Ben Wilson via Smcwg-public
Sent: Tuesday, December 29, 2020 12:05 PM
To: SMIME Certificate Working Group <smcwg-public at cabforum.org>
Subject: [Smcwg-public] Require proof-of-possession for SMIME certificate issuance
The SMIME requirements document, which this WG is developing, should address the degree of verification needed to bind the email address to the key pair. The applicant and the CA should be required to use a secure process to establish that the entity controlling the email address also controls the public-private key pair. This is mentioned on the Mozilla GitHub policy issues board - https://github.com/mozilla/pkipolicy/issues/215
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20201229/5be4c784/attachment.html>
More information about the Smcwg-public
mailing list