[Smcwg-public] Require proof-of-possession for SMIME certificate issuance
Ben Wilson
bwilson at mozilla.com
Tue Dec 29 17:52:39 UTC 2020
FWIW - I've created an "smime" label in GitHub so that anyone can find
pending Mozilla Policy issues related to SMIME certificates -
https://github.com/mozilla/pkipolicy/labels/smime
On Tue, Dec 29, 2020 at 9:36 AM Stephen Davidson <
Stephen.Davidson at digicert.com> wrote:
> Thank you Ben. Noted for further SMCWG discussion:
>
> - check proof of possession of private key
>
> - CAA checking
>
> Happy new year and best regards, Stephen
>
>
>
> *From:* Smcwg-public <smcwg-public-bounces at cabforum.org> *On Behalf Of *Ben
> Wilson via Smcwg-public
> *Sent:* Tuesday, December 29, 2020 12:05 PM
> *To:* SMIME Certificate Working Group <smcwg-public at cabforum.org>
> *Subject:* [Smcwg-public] Require proof-of-possession for SMIME
> certificate issuance
>
>
>
> The SMIME requirements document, which this WG is developing, should
> address the degree of verification needed to bind the email address to the
> key pair. The applicant and the CA should be required to use a secure
> process to establish that the entity controlling the email address also
> controls the public-private key pair. This is mentioned on the Mozilla
> GitHub policy issues board -
> https://github.com/mozilla/pkipolicy/issues/215
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20201229/8a3841f8/attachment.html>
More information about the Smcwg-public
mailing list