[Smcwg-public] Sponsored profile overlap
Russ Housley
housley at vigilsec.com
Wed Aug 4 18:09:06 UTC 2021
I hear two other things during the discussion:
1. When an organization is validated, the domain name in the email address needs to be consistent with that organization.
2. The is a desire for a certificate that validates all three: mailbox, organization, and individual's name.
Russ
> On Aug 4, 2021, at 1:36 PM, Stefan Selbitschka via Smcwg-public <smcwg-public at cabforum.org> wrote:
>
> Hi,
>
> I want to continue our today's discussion about the sponsored validation
> overlap.
>
> From my understanding (till today) we had 4 profiles for different use
> cases and different validated content in the certificate:
> - Mailbox -> email must be validated
> - Organization -> email and organization must be validated
> - Individual -> email and givenname + surname must be validated
> - Sponsored -> organization must be validated, email and/or givenname +
> surname validation may be delegated to sponsor
>
> This leads me to this picture
> (https://next.rundquadrat.at/s/Rx8PXs3bBdyq9Ae) and it was quite clear
> for me.
>
> Now Stephen pointed out that we could have an organization within a
> certificate of individual profile I get confused.
>
> If we now mixing an organization to the individual profile I got puzzled:
> - which countryName will be applied, the country of residence of the
> individual or the country of juristiction of the organization?
> - are the businessCategory and juridsiction* fields included in an
> individual certificate including an organization?
>
> Maybe someone can find a better summary of the different profiles for me
> to solve my confusion?
>
> thanks
>
> regards
>
> stefan
> _______________________________________________
> Smcwg-public mailing list
> Smcwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/smcwg-public
More information about the Smcwg-public
mailing list