[Smcwg-public] email addresses in S/MIME certificates

Dimitris Zacharopoulos (HARICA) dzacharo at harica.gr
Fri Nov 20 04:18:38 MST 2020


I believe this proposal prohibits /directoryName /values//in the 
subjectAltName extention. I remember that the intent of the first 
version of S/MIME requirements was not to prohibit identity information 
to be included in the Certificate Profile.

Dimitris.


On 20/11/2020 12:11 π.μ., Stephen Davidson via Smcwg-public wrote:
>
> To date our discussion related to email addresses in S/MIME has been a 
> general reference to rfc822Name along the lines of:
>
> Extension ID:                     subjectAlternateName
>
> Required?:                          Yes
>
> Critical: Yes if the subject is an empty sequence; otherwise, SHOULD 
> NOT be critical
>
> Permitted Value(s):        MUST contain at least one rfc822Name value. 
> MUST NOT contain values of type: dNSName, iPAddress, 
> uniformResourceIdentifier. otherName values (such as Microsoft UPN) 
> MAY be included if the value is identical to an rfc822Name expressed 
> in the SAN extension. Any rfc822Name and otherName value in the 
> Subject DN must be repeated in the SAN extension.  Each rfc822Name and 
> otherName value must be verified with publicly documented and audited 
> measures in accordance with Section 3.2.2.
>
> References: RFC 5280, Section 4.2.1.6
>
> S/MIME and rfc822Name has enjoyed a proliferation of standards which 
> leads to the question:
>
>   * Do we wish to summarise those rules relating to rfc822Name in this
>     standard or in an informative appendix?
>   * Or do wish simply to provide a listing of the relevant standards?
>
> If the latter, I believe the most relevant would include RFC 5322 
> (internet message format, sections 3.2.3 and 3.4.1), RFC 3696 
> (informational, checking of names), and RFC 8398 (internationalized 
> email addresses).
>
> Missing anything?  Comments?
>
> Best regards, Stephen
>
> RFC 5322: https://tools.ietf.org/html/rfc5322 
> <https://tools.ietf.org/html/rfc5322>
>
> RFC 3696: https://tools.ietf.org/html/rfc3696 
> <https://tools.ietf.org/html/rfc3696>
>
> RFC 8398: https://tools.ietf.org/html/rfc8398 
> <https://tools.ietf.org/html/rfc8398>
>
>
> _______________________________________________
> Smcwg-public mailing list
> Smcwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/smcwg-public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20201120/83157e95/attachment.html>


More information about the Smcwg-public mailing list