[Smcwg-public] Secure Mail Subject DN
Stephen.Davidson at digicert.com
Tue Nov 24 08:21:45 MST 2020
No you have not missed anything; this is a timely point.
Subject DN will be dealt with in two phases of our work; 1) now to identify
the fields in common use and then 2) later to identify the required
I have reserved the CABF OID 188.8.131.52.5 for the eventual S/MIME Baseline
My thinking had been similar to yours where:
* DV/email 184.108.40.206.5.1
* OV 220.127.116.11.5.2
* IV 18.104.22.168.5.3
There is a question whether the IV level should in fact be split into two for
personal vs org representative.
This may take some iterations, so I will add this to our agenda for tomorrow
at least to introduce the topic.
Best regards, Stephen
From: Smcwg-public <smcwg-public-bounces at cabforum.org> On Behalf Of Doug
Beattie via Smcwg-public
Sent: Tuesday, November 24, 2020 10:46 AM
To: SMIME Certificate Working Group <smcwg-public at cabforum.org>
Subject: [Smcwg-public] Secure Mail Subject DN
Maybe the group hasn’t yet progressed into Subject DN field definitions (I’ve
missed a few meetings and I didn’t see this in the Google spreadsheet profile
table), but are we planning to parallel the CABF BRs when it comes to this?
TLS DV: Could be the basis for an S/MIME profile with just an email somewhere
in the subject DN (CN or E) so that the subject is not empty
TLS OV: Could be the basis for an S/MIME profile with C, S, L, O and maybe OU
in the subject DN (and perhaps email in CN or E)
TLS IV: Could be the basis for an S/MIME profile with C, S, L and then
givenName and surname fields. The CA could optionally populate the name
values into the Org field when issuing to a natural person or DBA. That seems
like a reasonable approach and parallels the BRs.
When do you think we’ll dive into the subject DN field definitions?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Smcwg-public