[Smcwg-public] Secure Mail Subject DN

Stephen Davidson Stephen.Davidson at digicert.com
Tue Nov 24 08:21:45 MST 2020 

Hi Doug:



No you have not missed anything; this is a timely point.

Subject DN will be dealt with in two phases of our work; 1) now to identify 
the fields in common use and then 2) later to identify the required 
verification.

I have reserved the CABF OID 2.23.140.1.5 for the eventual S/MIME Baseline 
Requirements.

My thinking had been similar to yours where:

*	DV/email  2.23.140.1.5.1
*	OV 2.23.140.1.5.2
*	IV 2.23.140.1.5.3

There is a question whether the IV level should in fact be split into two for 
personal vs org representative.

This may take some iterations, so I will add this to our agenda for tomorrow 
at least to introduce the topic.



Best regards, Stephen







From: Smcwg-public <smcwg-public-bounces at cabforum.org> On Behalf Of Doug 
Beattie via Smcwg-public
Sent: Tuesday, November 24, 2020 10:46 AM
To: SMIME Certificate Working Group <smcwg-public at cabforum.org>
Subject: [Smcwg-public] Secure Mail Subject DN



Hi Stephen,



Maybe the group hasn’t yet progressed into Subject DN field definitions (I’ve 
missed a few meetings and I didn’t see this in the Google spreadsheet profile 
table), but are we planning to parallel the CABF BRs when it comes to this?



TLS DV: Could be the basis for an S/MIME profile with just an email somewhere 
in the subject DN (CN or E) so that the subject is not empty

TLS OV: Could be the basis for an S/MIME profile  with C, S, L, O and maybe OU 
in the subject DN (and perhaps email in CN or E)

TLS IV: Could be the basis for an S/MIME profile with C, S, L and then 
givenName and surname fields.  The CA could optionally populate the name 
values into the Org field when issuing to a natural person or DBA.  That seems 
like a reasonable approach and parallels the BRs.



When do you think we’ll dive into the subject DN field definitions?



Doug



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/smcwg-public/attachments/20201124/36e01f16/attachment.html>

More information about the Smcwg-public mailing list